Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tIwFIwfYtCoRq1U40OB9usP6Jm0.roa
File:                     tIwFIwfYtCoRq1U40OB9usP6Jm0.roa (raw, json)
Hash identifier:          xFkiMI+C0fNILfeP4XOkRaz/lNv+REY8PHo+6XwG+vk=
Subject key identifier:   B4:8C:05:23:07:D8:B4:2A:11:AB:55:38:D0:E0:7D:BA:C3:FA:26:6D
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018B29327AFBCC445A1BC191A9F8297B7CF0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tIwFIwfYtCoRq1U40OB9usP6Jm0.roa
Signing time:             Fri 13 Oct 2023 13:20:56 +0000
ROA not before:           Fri 13 Oct 2023 13:20:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205320
IP address blocks:        212.193.25.0/24 maxlen: 24
                          194.135.38.0/24 maxlen: 24
                          212.192.1.0/24 maxlen: 24
                          185.72.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 14 Oct 2023 09:23:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:29:32:7a:fb:cc:44:5a:1b:c1:91:a9:f8:29:7b:7c:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Oct 13 13:20:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b48c052307d8b42a11ab5538d0e07dbac3fa266d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bc:f4:cb:be:dc:79:be:67:21:fd:e4:8e:dc:
                    15:1e:f2:28:fc:1b:a3:b9:96:66:1c:37:36:1d:84:
                    67:58:d7:26:dd:72:59:b5:7f:b3:1f:18:b3:cb:ba:
                    23:4f:25:20:0f:d9:0d:ff:8f:77:7a:05:b2:d2:42:
                    6a:37:82:fb:99:67:d0:24:cf:6b:9c:0c:68:ee:95:
                    9e:9b:cb:85:15:03:23:26:5b:b1:c9:4b:43:6d:68:
                    11:f8:3f:f6:57:b6:38:ae:c6:3b:5b:60:d2:4b:bc:
                    1f:4e:14:d6:bb:c0:0d:d3:c6:8e:bf:d0:b0:8d:ef:
                    d8:69:e8:f5:b3:44:75:8c:1e:f1:1d:94:5d:e6:44:
                    b9:58:97:71:b6:03:a6:77:11:56:26:61:c7:b9:e0:
                    39:28:cf:ac:b1:32:99:b6:65:ce:19:03:92:78:6d:
                    23:d3:c7:1d:1e:49:bc:8f:fb:be:68:f6:b6:ff:dd:
                    9e:00:ec:7d:d9:a6:b5:29:8d:43:80:52:f9:17:d3:
                    a4:f3:ee:da:58:9b:d0:5a:d3:ed:79:65:a5:2c:5c:
                    a6:6b:f2:c2:83:26:67:9e:1b:7f:17:5d:5c:da:da:
                    ac:f3:af:74:62:63:80:b9:93:d0:e9:ac:33:6d:51:
                    8c:63:64:57:2f:9b:e4:e7:1a:97:97:e8:f9:34:f0:
                    ac:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:8C:05:23:07:D8:B4:2A:11:AB:55:38:D0:E0:7D:BA:C3:FA:26:6D
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tIwFIwfYtCoRq1U40OB9usP6Jm0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.72.10.0/24
                  194.135.38.0/24
                  212.192.1.0/24
                  212.193.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:ec:a3:df:dd:7f:c2:63:bb:8f:87:72:98:3c:d2:03:3b:27:
         da:e7:33:0e:63:79:9a:15:5c:07:3e:de:59:f1:09:9f:32:d9:
         f2:51:10:19:29:c6:e5:ca:e7:86:6a:94:7e:7e:18:7b:fd:46:
         21:eb:8d:73:f6:b7:f5:97:53:c8:9b:3f:43:ee:9d:a0:b4:bb:
         0e:52:d7:3f:f6:3a:63:94:93:9e:03:6a:c0:d2:30:f1:d7:b0:
         a0:a5:bc:6f:a4:26:d5:a5:68:34:fe:e3:84:94:8e:dc:66:9a:
         d8:91:e0:a7:99:4c:d2:da:c8:11:5a:95:1d:01:bf:cb:c1:a6:
         40:c5:14:38:fd:15:cd:fa:93:e1:7a:07:95:6a:7d:95:71:38:
         69:ec:c5:4e:a7:a2:f8:3f:3c:70:82:3e:fe:6c:22:31:40:e1:
         43:5e:8b:ac:85:d3:83:20:e4:50:6c:2c:33:3a:0c:d4:46:db:
         37:53:9f:85:cc:3c:1c:13:e0:4a:da:d1:69:bf:cc:c8:1a:5f:
         61:27:24:98:39:0e:9d:5a:d3:f9:66:d0:08:d7:28:85:5e:9f:
         1b:21:f6:15:b9:09:fd:ab:16:2c:7e:59:34:70:3b:82:41:2e:
         1c:f5:2b:e4:93:39:00:ce:53:4f:a8:7d:16:69:92:bb:57:c0:
         6a:91:ce:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYspMnr7zERaG8GRqfgpe3zwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDEzMTMyMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDhjMDUyMzA3ZDhiNDJhMTFhYjU1MzhkMGUwN2RiYWMzZmEyNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7z0y77ceb5nIf3kjtwVHvIo/Buj
uZZmHDc2HYRnWNcm3XJZtX+zHxizy7ojTyUgD9kN/493egWy0kJqN4L7mWfQJM9r
nAxo7pWem8uFFQMjJluxyUtDbWgR+D/2V7Y4rsY7W2DSS7wfThTWu8AN08aOv9Cw
je/Yaej1s0R1jB7xHZRd5kS5WJdxtgOmdxFWJmHHueA5KM+ssTKZtmXOGQOSeG0j
08cdHkm8j/u+aPa2/92eAOx92aa1KY1DgFL5F9Ok8+7aWJvQWtPteWWlLFyma/LC
gyZnnht/F11c2tqs8690YmOAuZPQ6awzbVGMY2RXL5vk5xqXl+j5NPCsOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLSMBSMH2LQqEatVONDgfbrD+iZtMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdEl3Rkl3Zll0Q29ScTFVNDBPQjl1c1A2Sm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUgKAwQA
wocmAwQA1MABAwQA1MEZMA0GCSqGSIb3DQEBCwUAA4IBAQCV7KPf3X/CY7uPh3KY
PNIDOyfa5zMOY3maFVwHPt5Z8QmfMtnyURAZKcblyueGapR+fhh7/UYh641z9rf1
l1PImz9D7p2gtLsOUtc/9jpjlJOeA2rA0jDx17CgpbxvpCbVpWg0/uOElI7cZprY
keCnmUzS2sgRWpUdAb/LwaZAxRQ4/RXN+pPhegeVan2VcThp7MVOp6L4Pzxwgj7+
bCIxQOFDXoushdODIORQbCwzOgzURts3U5+FzDwcE+BK2tFpv8zIGl9hJySYOQ6d
WtP5ZtAI1yiFXp8bIfYVuQn9qxYsflk0cDuCQS4c9SvkkzkAzlNPqH0WaZK7V8Bq
kc5Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:48 2024 by rpki-client on console-ams.rpki-client.org