Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/nVsh54zCsqWklGz_aASzTbQTU40.roa
File:                     nVsh54zCsqWklGz_aASzTbQTU40.roa (raw, json)
Hash identifier:          ISY6o+XqfoNsw/GycMNsdal9afS64Gxvh4dOn/SYENE=
Subject key identifier:   9D:5B:21:E7:8C:C2:B2:A5:A4:94:6C:FF:68:04:B3:4D:B4:13:53:8D
Certificate issuer:       /CN=042ac382689687b60fce5ce9db887b21d68a6abc
Certificate serial:       01856CF83532840C0CA8F6C58C853F977A42
Authority key identifier: 04:2A:C3:82:68:96:87:B6:0F:CE:5C:E9:DB:88:7B:21:D6:8A:6A:BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BCrDgmiWh7YPzlzp24h7IdaKarw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/nVsh54zCsqWklGz_aASzTbQTU40.roa
Signing time:             Sun 01 Jan 2023 10:54:43 +0000
ROA not before:           Sun 01 Jan 2023 10:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57152
IP address blocks:        185.226.92.0/24 maxlen: 24
                          185.226.95.0/24 maxlen: 24
                          185.226.94.0/24 maxlen: 24
                          185.226.93.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:f8:35:32:84:0c:0c:a8:f6:c5:8c:85:3f:97:7a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=042ac382689687b60fce5ce9db887b21d68a6abc
        Validity
            Not Before: Jan  1 10:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9d5b21e78cc2b2a5a4946cff6804b34db413538d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:19:61:13:ad:25:68:20:a4:b2:be:28:2b:ab:
                    af:e2:ce:ef:64:cb:f8:13:2f:5d:f4:aa:e8:fa:ff:
                    19:b9:ed:13:d5:93:de:72:4c:c3:a5:e4:d9:e3:f9:
                    05:37:48:62:fa:39:9c:db:51:6a:8b:53:80:b0:a0:
                    3c:b1:bb:ef:83:3e:47:b6:3f:70:2b:ce:2d:9e:20:
                    c1:d8:04:83:56:db:c4:9f:e6:16:99:93:94:34:5a:
                    6a:32:91:1b:aa:f4:80:11:51:fd:6f:88:07:57:bd:
                    53:c0:eb:eb:f7:fe:0e:ec:16:99:bb:eb:13:49:e9:
                    c0:bf:f5:c5:75:5f:40:c1:a9:9b:bd:47:3b:b7:45:
                    55:a3:32:be:eb:79:7f:00:81:63:90:0d:f3:8b:cc:
                    e7:10:f6:6c:00:17:ab:30:10:fd:6f:61:f0:9b:6d:
                    7e:fe:4d:72:21:21:93:15:e0:65:00:b7:a2:88:d2:
                    8d:79:ea:16:df:96:9d:0a:74:a0:de:bb:24:bd:b3:
                    ea:bd:86:98:a6:82:e7:5f:9a:04:55:aa:e0:f9:00:
                    27:dc:08:47:4a:ce:83:8a:51:41:45:85:09:04:6f:
                    2e:3d:e7:18:90:04:d7:02:2f:f6:80:75:4a:2f:73:
                    2a:64:f0:5a:b7:35:aa:b8:7a:65:b3:5c:21:f2:85:
                    37:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:5B:21:E7:8C:C2:B2:A5:A4:94:6C:FF:68:04:B3:4D:B4:13:53:8D
            X509v3 Authority Key Identifier:
                keyid:04:2A:C3:82:68:96:87:B6:0F:CE:5C:E9:DB:88:7B:21:D6:8A:6A:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCrDgmiWh7YPzlzp24h7IdaKarw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/nVsh54zCsqWklGz_aASzTbQTU40.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/4663bb-c509-4a9a-bcae-70bc66893e5c/1/BCrDgmiWh7YPzlzp24h7IdaKarw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:31:42:63:54:32:e2:86:d1:cf:cf:99:a6:80:88:c7:f5:8f:
         90:c1:30:86:0c:40:9a:88:c9:68:72:f8:75:05:b6:66:de:67:
         22:b5:56:7f:f1:c1:59:37:19:6b:4b:59:73:0d:8d:08:31:b1:
         2a:5e:8b:43:0d:d9:61:db:66:69:c5:06:aa:0b:ac:7d:45:bc:
         4b:8f:e6:3e:9d:e7:f9:73:95:02:3b:47:bb:57:c9:2a:e1:a9:
         a4:0d:90:0f:4e:b0:e8:64:fa:67:e2:fc:52:f2:4f:63:40:01:
         44:44:bd:5b:84:10:36:b4:cc:aa:f1:f0:2a:ba:bb:ec:9e:d5:
         58:c9:03:55:fc:2b:f1:0d:48:71:79:eb:07:02:b0:04:44:29:
         4f:cb:8f:8b:51:27:ed:fd:7b:95:f7:a3:05:ce:84:a2:a4:50:
         c1:ec:ce:b3:2c:5b:cf:aa:c8:80:bb:da:74:54:be:70:62:95:
         51:f2:ac:be:e6:f2:51:26:60:7b:70:d3:33:f5:29:bb:28:b6:
         06:c4:ff:65:5b:51:84:12:46:60:25:8f:98:04:16:bb:a9:8e:
         54:fb:a0:a3:ad:22:f0:b9:8d:03:4c:7f:73:2a:c9:88:3a:bc:
         bd:5a:86:d4:02:ed:e2:79:d3:a7:8c:55:54:a1:58:9b:e8:4e:
         36:bc:e9:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+DUyhAwMqPbFjIU/l3pCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MmFjMzgyNjg5Njg3YjYwZmNlNWNlOWRiODg3YjIxZDY4
YTZhYmMwHhcNMjMwMTAxMTA1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDViMjFlNzhjYzJiMmE1YTQ5NDZjZmY2ODA0YjM0ZGI0MTM1MzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxlhE60laCCksr4oK6uv4s7vZMv4
Ey9d9Kro+v8Zue0T1ZPeckzDpeTZ4/kFN0hi+jmc21Fqi1OAsKA8sbvvgz5Htj9w
K84tniDB2ASDVtvEn+YWmZOUNFpqMpEbqvSAEVH9b4gHV71TwOvr9/4O7BaZu+sT
SenAv/XFdV9AwambvUc7t0VVozK+63l/AIFjkA3zi8znEPZsABerMBD9b2Hwm21+
/k1yISGTFeBlALeiiNKNeeoW35adCnSg3rskvbPqvYaYpoLnX5oEVarg+QAn3AhH
Ss6DilFBRYUJBG8uPecYkATXAi/2gHVKL3MqZPBatzWquHpls1wh8oU3QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1bIeeMwrKlpJRs/2gEs020E1ONMB8GA1UdIwQY
MBaAFAQqw4Joloe2D85c6duIeyHWimq8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkNyRGdtaVdoN1lQemx6cDI0aDdJZGFLYXJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC80NjYzYmItYzUwOS00YTlhLWJjYWUt
NzBiYzY2ODkzZTVjLzEvblZzaDU0ekNzcVdrbEd6X2FBU3pUYlFUVTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC80NjYzYmItYzUwOS00YTlhLWJjYWUtNzBiYzY2ODkzZTVj
LzEvQkNyRGdtaVdoN1lQemx6cDI0aDdJZGFLYXJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueJcMA0G
CSqGSIb3DQEBCwUAA4IBAQAQMUJjVDLihtHPz5mmgIjH9Y+QwTCGDECaiMlocvh1
BbZm3mcitVZ/8cFZNxlrS1lzDY0IMbEqXotDDdlh22ZpxQaqC6x9RbxLj+Y+nef5
c5UCO0e7V8kq4amkDZAPTrDoZPpn4vxS8k9jQAFERL1bhBA2tMyq8fAqurvsntVY
yQNV/CvxDUhxeesHArAERClPy4+LUSft/XuV96MFzoSipFDB7M6zLFvPqsiAu9p0
VL5wYpVR8qy+5vJRJmB7cNMz9Sm7KLYGxP9lW1GEEkZgJY+YBBa7qY5U+6CjrSLw
uY0DTH9zKsmIOry9WobUAu3iedOnjFVUoVib6E42vOm+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:39 2024 by rpki-client on console-ams.rpki-client.org