Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/xyKzEo8BIUbNixIRYj3lpGqvRlI.roa
File:                     xyKzEo8BIUbNixIRYj3lpGqvRlI.roa (raw, json)
Hash identifier:          nU9sVJjrZpuQ+xEKeT34C9loB1CJX/hzTlivm7XsiQM=
Subject key identifier:   C7:22:B3:12:8F:01:21:46:CD:8B:12:11:62:3D:E5:A4:6A:AF:46:52
Certificate issuer:       /CN=82b136e6820d94f03b1c5d71eee3d4b22191528f
Certificate serial:       018CC79514000169DCD1B4B11D04E255261E
Authority key identifier: 82:B1:36:E6:82:0D:94:F0:3B:1C:5D:71:EE:E3:D4:B2:21:91:52:8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/grE25oINlPA7HF1x7uPUsiGRUo8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/xyKzEo8BIUbNixIRYj3lpGqvRlI.roa
Signing time:             Tue 02 Jan 2024 00:31:25 +0000
ROA not before:           Tue 02 Jan 2024 00:31:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213035
IP address blocks:        193.56.104.0/24 maxlen: 24
                          193.56.105.0/24 maxlen: 24
                          185.37.33.0/24 maxlen: 24
                          185.37.34.0/24 maxlen: 24
                          185.37.35.0/24 maxlen: 24
                          185.37.32.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 Apr 2024 13:07:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:14:00:01:69:dc:d1:b4:b1:1d:04:e2:55:26:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82b136e6820d94f03b1c5d71eee3d4b22191528f
        Validity
            Not Before: Jan  2 00:31:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c722b3128f012146cd8b1211623de5a46aaf4652
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:6d:3b:75:e4:2f:96:9b:a7:34:57:cc:a2:89:
                    20:2e:f2:22:40:f1:f0:ea:64:f6:e8:bc:6d:a3:8b:
                    5d:27:1d:36:cb:21:36:91:26:f9:ce:88:af:a1:43:
                    da:46:80:fe:a2:fb:f2:66:69:5e:a5:ad:92:d7:0a:
                    cc:e7:76:2b:f7:a3:3f:37:37:7a:20:e1:81:40:20:
                    a1:ef:e0:98:8b:88:7e:e1:08:0f:de:a2:6b:c9:51:
                    b3:ec:8d:63:1c:15:1a:06:b0:8f:30:25:d7:ed:a3:
                    22:51:5c:18:f4:01:75:df:4c:dd:0b:15:d6:7a:b7:
                    0b:20:89:44:aa:31:40:99:39:18:bc:9e:81:e6:d0:
                    a2:65:29:d7:f2:c2:12:ae:cf:c9:f4:1e:ee:1e:ad:
                    1e:f8:ed:5e:6c:e5:e6:5b:54:e5:0d:af:ef:d4:0f:
                    63:b0:03:1f:c8:4d:d1:e1:cd:f0:d9:75:87:12:a1:
                    c9:f5:2d:15:a0:62:15:9e:83:c6:73:2f:89:12:fe:
                    5e:4f:51:aa:36:90:4d:ec:6c:7b:c0:08:c4:ce:a9:
                    c4:68:ed:41:54:f0:7c:20:b8:8b:2d:99:ed:16:fc:
                    07:9c:7b:02:bc:c8:33:a7:1a:88:be:20:fd:78:87:
                    20:4c:16:c8:01:18:db:da:db:79:c8:81:62:dc:8b:
                    f1:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:22:B3:12:8F:01:21:46:CD:8B:12:11:62:3D:E5:A4:6A:AF:46:52
            X509v3 Authority Key Identifier:
                keyid:82:B1:36:E6:82:0D:94:F0:3B:1C:5D:71:EE:E3:D4:B2:21:91:52:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grE25oINlPA7HF1x7uPUsiGRUo8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/xyKzEo8BIUbNixIRYj3lpGqvRlI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/grE25oINlPA7HF1x7uPUsiGRUo8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.37.32.0/22
                  193.56.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b6:9b:4d:29:2a:81:b7:12:0e:e1:be:18:38:45:6d:0b:78:5f:
         15:de:53:42:72:30:4a:31:89:6d:e4:af:ac:92:16:2e:8b:e7:
         bf:a1:26:23:74:68:2e:bd:a5:eb:d9:f6:bd:76:8b:cd:9a:2e:
         85:1b:96:1d:1b:84:86:47:11:02:ff:71:45:18:5e:f3:20:9a:
         bc:94:78:30:a6:d3:cd:7d:0b:69:a6:92:20:64:4a:31:c4:8a:
         8a:2c:b0:46:b1:35:3c:25:d5:7f:04:c5:10:d8:ce:de:3b:8b:
         96:07:f3:99:c3:bd:1d:d3:8a:c2:11:29:c1:bf:d8:f0:55:15:
         7c:61:0d:c5:ad:b8:72:1d:cb:9d:29:69:2c:55:8d:bd:11:31:
         7d:41:a3:86:72:65:9b:0e:94:7e:88:cc:ce:47:ff:d1:8c:d5:
         a9:1a:8c:13:66:84:c8:65:82:6d:d5:40:f4:55:40:68:ec:47:
         46:36:cd:e2:29:c9:96:29:4c:ef:3d:ae:46:db:25:e3:a0:83:
         0d:e4:1f:46:6f:af:e5:a3:dc:c0:72:98:50:eb:27:69:23:d9:
         ca:6f:da:1a:dd:3f:ba:1c:a3:57:57:5a:88:8d:f8:30:1e:b8:
         69:25:63:77:5d:92:39:ab:44:bc:ff:82:3e:4c:08:8d:8c:01:
         95:a7:48:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlRQAAWnc0bSxHQTiVSYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjEzNmU2ODIwZDk0ZjAzYjFjNWQ3MWVlZTNkNGIyMjE5
MTUyOGYwHhcNMjQwMTAyMDAzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzIyYjMxMjhmMDEyMTQ2Y2Q4YjEyMTE2MjNkZTVhNDZhYWY0NjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqW07deQvlpunNFfMookgLvIiQPHw
6mT26Lxto4tdJx02yyE2kSb5zoivoUPaRoD+ovvyZmlepa2S1wrM53Yr96M/Nzd6
IOGBQCCh7+CYi4h+4QgP3qJryVGz7I1jHBUaBrCPMCXX7aMiUVwY9AF130zdCxXW
ercLIIlEqjFAmTkYvJ6B5tCiZSnX8sISrs/J9B7uHq0e+O1ebOXmW1TlDa/v1A9j
sAMfyE3R4c3w2XWHEqHJ9S0VoGIVnoPGcy+JEv5eT1GqNpBN7Gx7wAjEzqnEaO1B
VPB8ILiLLZntFvwHnHsCvMgzpxqIviD9eIcgTBbIARjb2tt5yIFi3IvxswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMcisxKPASFGzYsSEWI95aRqr0ZSMB8GA1UdIwQY
MBaAFIKxNuaCDZTwOxxdce7j1LIhkVKPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JFMjVvSU5sUEE3SEYxeDd1UFVzaUdSVW84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yMjExMmUtNGUxMy00M2QwLTllYjEt
MGRhM2NhYTkxNDI5LzEveHlLekVvOEJJVWJOaXhJUllqM2xwR3F2UmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yMjExMmUtNGUxMy00M2QwLTllYjEtMGRhM2NhYTkxNDI5
LzEvZ3JFMjVvSU5sUEE3SEYxeDd1UFVzaUdSVW84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSUgAwQB
wThoMA0GCSqGSIb3DQEBCwUAA4IBAQC2m00pKoG3Eg7hvhg4RW0LeF8V3lNCcjBK
MYlt5K+skhYui+e/oSYjdGguvaXr2fa9dovNmi6FG5YdG4SGRxEC/3FFGF7zIJq8
lHgwptPNfQtpppIgZEoxxIqKLLBGsTU8JdV/BMUQ2M7eO4uWB/OZw70d04rCESnB
v9jwVRV8YQ3FrbhyHcudKWksVY29ETF9QaOGcmWbDpR+iMzOR//RjNWpGowTZoTI
ZYJt1UD0VUBo7EdGNs3iKcmWKUzvPa5G2yXjoIMN5B9Gb6/lo9zAcphQ6ydpI9nK
b9oa3T+6HKNXV1qIjfgwHrhpJWN3XZI5q0S8/4I+TAiNjAGVp0h7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:43 2024 by rpki-client on console-fra.rpki-client.org