Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Rm2d-mwKdUJdlP-lKOrXyMFgwAk.roa
File:                     Rm2d-mwKdUJdlP-lKOrXyMFgwAk.roa (raw, json)
Hash identifier:          opLz47pj4N7TBAewzE0pW2KoJoIRaWF7bIKfOhHDWQY=
Subject key identifier:   46:6D:9D:FA:6C:0A:75:42:5D:94:FF:A5:28:EA:D7:C8:C1:60:C0:09
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018997D810575EBE05D80F6B09548AAA4352
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Rm2d-mwKdUJdlP-lKOrXyMFgwAk.roa
Signing time:             Thu 27 Jul 2023 14:54:26 +0000
ROA not before:           Thu 27 Jul 2023 14:54:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51722
IP address blocks:        194.135.30.0/24 maxlen: 24
                          212.192.0.0/24 maxlen: 24
                          212.192.251.0/24 maxlen: 24
                          194.87.181.0/24 maxlen: 24
                          212.192.250.0/24 maxlen: 24
                          212.192.248.0/24 maxlen: 24
                          193.124.201.0/24 maxlen: 24
                          193.124.94.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 02 Aug 2023 11:53:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:97:d8:10:57:5e:be:05:d8:0f:6b:09:54:8a:aa:43:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jul 27 14:54:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=466d9dfa6c0a75425d94ffa528ead7c8c160c009
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:55:18:6f:3c:fd:09:f8:7e:71:ff:ef:dc:fe:
                    ca:0f:a3:0b:fb:90:1e:14:b6:ca:3c:ed:0c:ec:35:
                    a5:72:60:aa:a9:09:9d:e1:68:82:13:9f:38:07:fa:
                    c6:1f:82:6f:b1:ff:33:78:97:1f:6c:72:fa:06:b8:
                    79:77:64:19:2a:3b:4d:1e:fb:c6:22:ef:95:02:9e:
                    64:1f:6d:55:44:8c:cb:c1:2d:d6:3b:eb:ac:63:11:
                    61:39:89:d1:87:a5:28:e2:49:32:1f:f2:e6:01:b9:
                    bb:08:9c:15:e0:c7:12:82:fa:f7:0f:4e:01:89:99:
                    a9:c2:5c:93:e4:c7:47:b7:25:03:fd:4a:7c:76:25:
                    d3:9c:16:f5:61:b5:34:d0:b4:28:2d:ac:61:84:17:
                    48:96:72:b1:08:72:90:0e:f3:3d:67:a1:a8:5f:7e:
                    c8:1c:e7:09:94:9b:e6:06:c2:76:9b:83:aa:7d:00:
                    7c:ee:32:ff:9e:62:1e:40:2e:d9:2b:84:e1:ee:ae:
                    b2:8a:36:34:d8:3b:96:f6:3f:88:48:98:90:83:44:
                    ba:d7:1a:b3:46:ec:5e:19:06:71:e4:fa:83:c7:a5:
                    1c:2a:d4:73:59:f6:b3:ce:6f:db:b0:22:e1:51:1d:
                    27:d1:11:a2:24:b0:69:29:7d:20:6b:e4:84:66:ce:
                    8e:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:6D:9D:FA:6C:0A:75:42:5D:94:FF:A5:28:EA:D7:C8:C1:60:C0:09
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Rm2d-mwKdUJdlP-lKOrXyMFgwAk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.94.0/24
                  193.124.201.0/24
                  194.87.181.0/24
                  194.135.30.0/24
                  212.192.0.0/24
                  212.192.248.0/24
                  212.192.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:99:1e:7d:f0:9d:49:0c:b4:6c:30:0e:f2:8a:b8:8f:e0:34:
         9b:3b:35:c8:78:fd:a1:a3:59:a8:91:96:7a:c9:b0:06:ee:3d:
         bb:83:09:91:86:10:1f:16:fb:90:97:fa:0d:24:6b:67:09:16:
         48:0b:a5:ce:42:d4:03:64:8e:a9:77:fe:28:a8:07:20:c8:4e:
         b7:6c:ca:8f:c6:75:78:e9:2d:d5:59:2c:12:7c:a3:ba:a7:c4:
         be:65:c4:5d:31:75:a0:e7:e9:9a:93:27:45:f1:02:bc:f8:71:
         ee:7e:ff:2b:54:5d:fb:51:2c:c0:af:62:15:2e:35:ed:b2:73:
         d9:e4:ec:10:8c:f8:96:4c:a7:7d:e0:c1:10:3f:3b:30:d6:66:
         f9:80:88:57:ff:43:5b:b2:40:04:41:0a:78:bf:a1:89:22:f6:
         5e:68:30:1e:72:a2:a0:4d:63:d1:38:be:97:cd:6f:62:10:9c:
         f7:39:66:0b:e7:21:26:db:5e:a9:f3:1e:4b:36:50:82:74:a8:
         32:7f:24:8e:77:51:49:97:97:cb:81:b7:84:9c:eb:4d:d6:2b:
         61:06:37:c9:9c:b1:cc:63:6c:4b:25:e7:ab:b2:db:da:c1:cb:
         a2:8f:ff:a4:02:3e:3b:c0:4a:b5:7f:00:a7:9e:54:f6:2e:cf:
         43:26:cc:35
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmX2BBXXr4F2A9rCVSKqkNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI3MTQ1NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjZkOWRmYTZjMGE3NTQyNWQ5NGZmYTUyOGVhZDdjOGMxNjBjMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlUYbzz9Cfh+cf/v3P7KD6ML+5Ae
FLbKPO0M7DWlcmCqqQmd4WiCE584B/rGH4Jvsf8zeJcfbHL6Brh5d2QZKjtNHvvG
Iu+VAp5kH21VRIzLwS3WO+usYxFhOYnRh6Uo4kkyH/LmAbm7CJwV4McSgvr3D04B
iZmpwlyT5MdHtyUD/Up8diXTnBb1YbU00LQoLaxhhBdIlnKxCHKQDvM9Z6GoX37I
HOcJlJvmBsJ2m4OqfQB87jL/nmIeQC7ZK4Th7q6yijY02DuW9j+ISJiQg0S61xqz
RuxeGQZx5PqDx6UcKtRzWfazzm/bsCLhUR0n0RGiJLBpKX0ga+SEZs6ORQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEZtnfpsCnVCXZT/pSjq18jBYMAJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUm0yZC1td0tkVUpkbFAtbEtPclh5TUZnd0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXxeAwQA
wXzJAwQAwle1AwQAwoceAwQA1MAAAwQA1MD4AwQB1MD6MA0GCSqGSIb3DQEBCwUA
A4IBAQAWmR598J1JDLRsMA7yiriP4DSbOzXIeP2ho1mokZZ6ybAG7j27gwmRhhAf
FvuQl/oNJGtnCRZIC6XOQtQDZI6pd/4oqAcgyE63bMqPxnV46S3VWSwSfKO6p8S+
ZcRdMXWg5+makydF8QK8+HHufv8rVF37USzAr2IVLjXtsnPZ5OwQjPiWTKd94MEQ
Pzsw1mb5gIhX/0NbskAEQQp4v6GJIvZeaDAecqKgTWPROL6XzW9iEJz3OWYL5yEm
216p8x5LNlCCdKgyfySOd1FJl5fLgbeEnOtN1ithBjfJnLHMY2xLJeerstvawcui
j/+kAj47wEq1fwCnnlT2Ls9DJsw1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:16 2024 by rpki-client on console-fra.rpki-client.org