Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rB3nsVG231XnOYXuQ2XhKphSQbg.roa
File:                     rB3nsVG231XnOYXuQ2XhKphSQbg.roa (raw, json)
Hash identifier:          uI+HBjj0fR/uy468shCktOmv8jXEau7E8ztZtTnICm8=
Subject key identifier:   AC:1D:E7:B1:51:B6:DF:55:E7:39:85:EE:43:65:E1:2A:98:52:41:B8
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       018EF2FB671845C0CC9972595B551CEAD935
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rB3nsVG231XnOYXuQ2XhKphSQbg.roa
Signing time:             Thu 18 Apr 2024 20:52:25 +0000
ROA not before:           Thu 18 Apr 2024 20:52:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206119
IP address blocks:        45.133.37.0/24 maxlen: 24
                          185.169.182.0/24 maxlen: 24
                          185.169.183.0/24 maxlen: 24
                          185.174.21.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 May 2024 11:04:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:f2:fb:67:18:45:c0:cc:99:72:59:5b:55:1c:ea:d9:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Apr 18 20:52:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ac1de7b151b6df55e73985ee4365e12a985241b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:4a:5e:83:26:fb:3b:53:6d:4b:39:ae:75:5e:
                    38:bc:18:10:8c:9b:56:b5:ad:cc:26:1f:86:5e:07:
                    2e:e7:fb:20:a7:d6:b6:a3:90:37:e4:99:a2:cb:b9:
                    6b:18:53:f1:8a:5a:85:3c:e3:bb:0e:cf:90:c9:d4:
                    63:49:a1:ef:80:e9:18:8c:d3:a5:8e:3b:78:2c:9e:
                    2a:01:ff:d2:2c:59:29:7e:d3:8e:ca:55:d0:ea:5a:
                    02:e6:ea:1c:de:98:f8:32:f2:79:42:39:e0:2e:f8:
                    aa:ac:b1:55:50:f5:0c:46:2d:fb:1b:64:9f:8c:3f:
                    fd:36:8c:22:48:4d:b0:db:08:f2:5c:c5:9e:a8:c4:
                    db:d2:f7:3b:29:a7:8b:56:8e:e4:f4:ed:e4:51:41:
                    b7:34:1b:ac:46:c5:98:7c:0a:3f:d9:fb:95:6a:e5:
                    1f:1e:5b:85:85:d6:45:8c:a1:45:71:52:99:4a:6e:
                    07:f1:6e:d9:26:5e:cd:04:e6:23:40:80:a3:f7:dd:
                    68:fc:22:8a:41:32:01:19:67:47:3d:5a:86:05:86:
                    20:ef:f2:0a:fc:82:eb:4d:de:37:82:d0:21:e4:84:
                    41:90:50:7f:05:0e:61:a1:64:91:18:7d:ab:14:3e:
                    57:23:63:01:1a:b0:a5:22:d0:3e:36:41:69:00:9f:
                    7e:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:1D:E7:B1:51:B6:DF:55:E7:39:85:EE:43:65:E1:2A:98:52:41:B8
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rB3nsVG231XnOYXuQ2XhKphSQbg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.37.0/24
                  185.169.182.0/23
                  185.174.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:32:f7:76:7c:5b:56:88:15:2d:8f:ac:b7:58:02:03:98:bd:
         7b:d9:c7:03:9e:ee:cc:e8:27:68:f7:80:1d:e3:d7:68:b5:d2:
         26:ff:de:d0:b7:10:a7:6d:41:f2:4b:a1:36:64:be:2e:cd:47:
         0b:ab:07:8c:44:31:66:e2:1a:80:9b:e1:73:ad:cc:28:7b:22:
         79:88:a8:b5:f5:f1:1a:7e:49:82:51:4f:99:ed:d5:85:87:e5:
         71:7a:7a:52:33:83:39:34:0b:1c:fe:2a:14:cb:ec:87:6b:14:
         a4:41:2a:6a:b4:32:b1:87:f2:2f:a6:18:6c:2a:a1:26:8b:34:
         ff:9d:48:bb:37:54:bf:e3:f4:b2:c1:a2:0a:9f:62:34:b4:65:
         bc:b7:df:30:91:36:2a:ad:3e:cc:c4:41:ea:95:35:dc:03:30:
         66:1e:f5:0a:6b:b2:21:97:3a:76:f9:da:fa:73:ee:76:07:a2:
         4a:92:a8:68:d2:0a:96:93:51:38:7a:9d:a2:10:12:a1:f8:bf:
         02:34:c3:8b:4b:ff:44:95:88:2c:86:7c:56:80:69:84:6c:22:
         e0:d7:b4:d3:bc:93:d8:4c:a3:a7:bf:bd:f1:4a:99:18:c1:76:
         dc:d7:a1:63:2b:a3:6f:85:51:0f:ba:ec:61:e1:20:f5:8e:c0:
         03:99:cc:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7y+2cYRcDMmXJZW1Uc6tk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwNDE4MjA1MjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzFkZTdiMTUxYjZkZjU1ZTczOTg1ZWU0MzY1ZTEyYTk4NTI0MWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEpegyb7O1NtSzmudV44vBgQjJtW
ta3MJh+GXgcu5/sgp9a2o5A35Jmiy7lrGFPxilqFPOO7Ds+QydRjSaHvgOkYjNOl
jjt4LJ4qAf/SLFkpftOOylXQ6loC5uoc3pj4MvJ5QjngLviqrLFVUPUMRi37G2Sf
jD/9NowiSE2w2wjyXMWeqMTb0vc7KaeLVo7k9O3kUUG3NBusRsWYfAo/2fuVauUf
HluFhdZFjKFFcVKZSm4H8W7ZJl7NBOYjQICj991o/CKKQTIBGWdHPVqGBYYg7/IK
/ILrTd43gtAh5IRBkFB/BQ5hoWSRGH2rFD5XI2MBGrClItA+NkFpAJ9+xQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKwd57FRtt9V5zmF7kNl4SqYUkG4MB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvckIzbnNWRzIzMVhuT1lYdVEyWGhLcGhTUWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYUlAwQB
uam2AwQAua4VMA0GCSqGSIb3DQEBCwUAA4IBAQBPMvd2fFtWiBUtj6y3WAIDmL17
2ccDnu7M6Cdo94Ad49dotdIm/97QtxCnbUHyS6E2ZL4uzUcLqweMRDFm4hqAm+Fz
rcwoeyJ5iKi19fEafkmCUU+Z7dWFh+VxenpSM4M5NAsc/ioUy+yHaxSkQSpqtDKx
h/IvphhsKqEmizT/nUi7N1S/4/SywaIKn2I0tGW8t98wkTYqrT7MxEHqlTXcAzBm
HvUKa7Ihlzp2+dr6c+52B6JKkqho0gqWk1E4ep2iEBKh+L8CNMOLS/9ElYgshnxW
gGmEbCLg17TTvJPYTKOnv73xSpkYwXbc16FjK6NvhVEPuuxh4SD1jsADmcxF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:49 2024 by rpki-client on console-fra.rpki-client.org