Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/modBM2WYB5lUBZYsFXwerAPUnhw.roa
File:                     modBM2WYB5lUBZYsFXwerAPUnhw.roa (raw, json)
Hash identifier:          GFVEGBfSxHS17fpcH7/j/KHMjauJejxFYhHZoEaz68s=
Subject key identifier:   9A:87:41:33:65:98:07:99:54:05:96:2C:15:7C:1E:AC:03:D4:9E:1C
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B938F7BD850B2B412A15872B638C92601
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/modBM2WYB5lUBZYsFXwerAPUnhw.roa
Signing time:             Fri 03 Nov 2023 05:02:15 +0000
ROA not before:           Fri 03 Nov 2023 05:02:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2118
IP address blocks:        194.87.208.0/23 maxlen: 24
                          194.87.222.0/23 maxlen: 24
                          212.192.0.0/23 maxlen: 24
                          194.58.46.0/23 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          195.58.56.0/21 maxlen: 24
                          195.133.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:93:8f:7b:d8:50:b2:b4:12:a1:58:72:b6:38:c9:26:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Nov  3 05:02:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9a874133659807995405962c157c1eac03d49e1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:41:45:00:7e:7d:dc:48:10:bd:83:16:a2:eb:
                    22:30:d7:85:1c:01:9d:32:26:57:f2:a5:2c:9d:b0:
                    e5:2a:41:34:7a:82:2f:b0:d4:2f:1e:b2:cc:3f:e2:
                    37:03:ee:ad:00:9a:56:b5:33:32:f9:dc:c2:90:e5:
                    8a:4f:d6:c7:f3:46:bc:53:f3:00:97:ab:3a:67:b6:
                    42:85:4c:40:70:30:12:16:38:f8:fc:51:93:ac:87:
                    10:cf:9d:ea:3c:80:3e:f9:70:7d:e5:5f:f1:d9:43:
                    97:ba:bf:a8:43:22:0a:87:20:2f:4e:81:c0:a3:51:
                    01:c8:ea:f0:29:82:e0:0d:3a:ee:a9:07:41:99:99:
                    d9:6d:83:49:7d:f2:82:d7:a9:f6:f8:71:52:1c:b4:
                    b0:ff:31:b4:b8:61:97:55:36:33:92:3d:15:16:c0:
                    b2:42:c4:da:ae:9d:8d:3b:98:2e:54:40:29:fe:b4:
                    39:98:f9:a9:b4:4f:db:67:f5:7b:fb:59:19:00:54:
                    98:78:ea:5a:8e:0d:25:0b:e1:e2:0b:4e:db:f6:02:
                    b7:01:e8:e8:98:4a:55:fc:0d:47:82:fe:18:59:ad:
                    7f:42:24:03:7c:80:7b:6b:0f:28:10:ad:a1:ac:93:
                    a1:d7:3e:d3:08:dd:58:44:b5:a0:de:3d:c6:da:97:
                    3b:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:87:41:33:65:98:07:99:54:05:96:2C:15:7C:1E:AC:03:D4:9E:1C
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/modBM2WYB5lUBZYsFXwerAPUnhw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.58.45.0-194.58.47.255
                  194.87.208.0/23
                  194.87.222.0/23
                  195.58.56.0/21
                  195.133.55.0/24
                  212.192.0.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2d:68:d5:e6:33:28:cb:00:d6:fa:e9:89:2e:b0:61:8e:95:2c:
         34:f0:01:ba:f8:11:c4:e7:33:a8:0a:8d:fb:e4:02:66:27:5f:
         ed:f5:44:cc:b4:3d:a1:a3:2e:fc:ca:c6:cf:71:97:6c:2a:a1:
         10:8e:3a:18:5e:34:00:a2:f3:79:25:ef:d4:a7:bd:1d:63:62:
         ce:65:0c:62:f5:75:3e:66:3b:d1:3d:5a:75:b1:80:8d:f5:3a:
         c0:1a:71:f3:b8:28:42:bd:8a:3d:f7:4e:31:bf:dc:cd:8a:d7:
         cf:66:6a:e1:b9:3b:29:52:af:97:ee:e0:62:ce:a1:c5:a3:a9:
         65:e1:42:12:40:a5:da:76:84:00:70:d4:76:9b:1b:e5:67:09:
         ce:67:fa:8f:2f:fd:f6:9b:28:16:63:78:ff:78:f5:10:20:f4:
         a6:b4:85:aa:1b:8e:68:1a:42:64:4f:34:c9:09:e5:e4:69:67:
         8f:7b:1a:94:9c:a4:9f:02:f2:b0:7c:30:55:7f:1d:8e:1e:d3:
         80:b3:5f:b9:26:fa:4c:3a:6e:e8:86:09:71:34:aa:ea:5b:ae:
         1a:d9:db:3a:3c:56:58:22:04:26:8d:3f:0f:fe:c6:43:70:35:
         c5:e7:89:5c:3e:be:51:9e:3f:8d:a9:21:fd:fc:9c:7d:9b:05:
         3f:09:89:75
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYuTj3vYULK0EqFYcrY4ySYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTAzMDUwMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTg3NDEzMzY1OTgwNzk5NTQwNTk2MmMxNTdjMWVhYzAzZDQ5ZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkFFAH593EgQvYMWousiMNeFHAGd
MiZX8qUsnbDlKkE0eoIvsNQvHrLMP+I3A+6tAJpWtTMy+dzCkOWKT9bH80a8U/MA
l6s6Z7ZChUxAcDASFjj4/FGTrIcQz53qPIA++XB95V/x2UOXur+oQyIKhyAvToHA
o1EByOrwKYLgDTruqQdBmZnZbYNJffKC16n2+HFSHLSw/zG0uGGXVTYzkj0VFsCy
QsTarp2NO5guVEAp/rQ5mPmptE/bZ/V7+1kZAFSYeOpajg0lC+HiC07b9gK3Aejo
mEpV/A1Hgv4YWa1/QiQDfIB7aw8oEK2hrJOh1z7TCN1YRLWg3j3G2pc7VwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJqHQTNlmAeZVAWWLBV8HqwD1J4cMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbW9kQk0yV1lCNWxVQlpZc0ZYd2VyQVBVbmh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBADCOi0D
BATCOiADBAHCV9ADBAHCV94DBAPDOjgDBADDhTcDBAHUwAAwDQYJKoZIhvcNAQEL
BQADggEBAC1o1eYzKMsA1vrpiS6wYY6VLDTwAbr4EcTnM6gKjfvkAmYnX+31RMy0
PaGjLvzKxs9xl2wqoRCOOhheNACi83kl79SnvR1jYs5lDGL1dT5mO9E9WnWxgI31
OsAacfO4KEK9ij33TjG/3M2K189mauG5OylSr5fu4GLOocWjqWXhQhJApdp2hABw
1HabG+VnCc5n+o8v/fabKBZjeP949RAg9Ka0haobjmgaQmRPNMkJ5eRpZ497GpSc
pJ8C8rB8MFV/HY4e04CzX7km+kw6buiGCXE0qupbrhrZ2zo8VlgiBCaNPw/+xkNw
NcXniVw+vlGeP42pIf38nH2bBT8JiXU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:45 2024 by rpki-client on console-ams.rpki-client.org