Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/s2MGdYFfirTKD7hN5kHWj-SCQ-4.roa
File:                     s2MGdYFfirTKD7hN5kHWj-SCQ-4.roa (raw, json)
Hash identifier:          ANprvymbJPjOTEVyGQywSKey0zYRTM5t4AxPFhrqbi4=
Subject key identifier:   B3:63:06:75:81:5F:8A:B4:CA:0F:B8:4D:E6:41:D6:8F:E4:82:43:EE
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       018583447CBD08CC8182FC7038E8DA9524C4
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/s2MGdYFfirTKD7hN5kHWj-SCQ-4.roa
Signing time:             Thu 05 Jan 2023 18:49:41 +0000
ROA not before:           Thu 05 Jan 2023 18:49:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208485
IP address blocks:        45.143.98.0/24 maxlen: 24
                          185.148.243.0/24 maxlen: 24
                          185.148.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 05 Jan 2023 21:22:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:83:44:7c:bd:08:cc:81:82:fc:70:38:e8:da:95:24:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Jan  5 18:49:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b3630675815f8ab4ca0fb84de641d68fe48243ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b3:f1:35:d3:9c:be:2d:2f:96:77:91:7d:8f:
                    7d:32:9c:7b:3e:43:2e:94:80:2e:4b:75:9a:9b:83:
                    be:9d:a2:33:a7:95:77:17:85:14:28:e9:16:9c:9d:
                    64:26:9c:10:73:44:e9:97:02:3c:8a:65:3f:77:94:
                    e5:e5:ae:b8:93:13:bb:e8:a3:29:3b:4f:1b:d0:87:
                    04:ad:73:96:50:8c:32:e9:f8:8a:85:a7:f3:cb:ed:
                    5f:c3:ee:ea:af:e5:03:a7:85:df:3f:e5:40:78:e1:
                    16:a7:5d:28:3c:b6:8a:c3:c6:8d:5c:9c:80:c3:80:
                    23:36:59:c9:3e:4a:77:dc:63:e3:62:5e:4b:c2:7d:
                    8d:dd:f6:b9:6f:0c:cd:40:8e:64:a1:c4:73:f5:ed:
                    f4:17:b9:9d:50:30:a2:6d:b4:54:d2:2f:bf:d3:59:
                    0a:54:6b:48:80:60:12:fc:f9:b6:d6:c0:8d:a2:fb:
                    82:bd:b5:96:db:cc:cd:61:7c:08:8e:8e:0b:2a:77:
                    d2:ee:5a:e0:b8:15:d1:50:6c:ce:b4:37:02:07:d3:
                    5a:32:83:cd:9c:21:ed:d8:bd:b4:50:16:27:6f:d6:
                    12:46:bf:d4:5b:a1:c5:b7:a9:4a:ee:4d:2a:ff:4b:
                    f6:9c:f0:3f:63:27:23:9b:c4:4a:fd:7d:6b:25:78:
                    9c:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:63:06:75:81:5F:8A:B4:CA:0F:B8:4D:E6:41:D6:8F:E4:82:43:EE
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/s2MGdYFfirTKD7hN5kHWj-SCQ-4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.98.0/24
                  185.148.241.0/24
                  185.148.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:5c:2f:e4:f9:b5:52:26:21:e4:06:ac:80:62:70:5a:6e:22:
         2b:c8:5a:93:b7:7d:bd:a6:65:38:ee:dc:d8:00:60:1e:97:ab:
         a1:2c:d2:97:b6:bb:5a:78:a8:24:9a:5e:ca:43:b3:a4:e6:80:
         72:5f:d8:ad:2d:ac:10:ba:ee:85:e4:3a:40:65:b8:72:9c:15:
         57:c5:4b:06:f6:9f:67:1b:61:8e:55:f6:14:af:1d:7b:a4:6b:
         cd:95:d9:9e:c6:07:6e:b1:30:a0:81:15:32:80:bd:6b:ee:fc:
         da:7d:a1:d9:65:be:8b:9f:9f:ab:97:af:a8:d0:0c:dd:de:6a:
         6f:e8:87:05:6d:04:85:1a:7d:54:45:09:7d:ae:10:1b:10:99:
         11:ed:b4:ef:70:cf:40:8c:86:5c:63:9b:2c:6e:a0:16:10:d4:
         51:9f:c6:17:b8:6a:8e:fb:aa:81:88:c8:e0:49:c4:16:7a:d2:
         1c:23:84:bc:1d:81:c4:f2:c7:4e:37:51:af:90:02:94:65:c0:
         fa:c5:8a:15:90:77:0e:47:f4:02:ad:4a:f3:20:e4:17:2d:33:
         98:e0:ee:f8:09:e1:3d:04:47:49:14:9f:fa:97:8a:13:93:40:
         9c:1f:a8:2a:7a:00:ad:77:73:bc:f4:3e:0a:9a:48:08:66:cc:
         fd:8a:39:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWDRHy9CMyBgvxwOOjalSTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMwMTA1MTg0OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzYzMDY3NTgxNWY4YWI0Y2EwZmI4NGRlNjQxZDY4ZmU0ODI0M2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrPxNdOcvi0vlneRfY99Mpx7PkMu
lIAuS3Wam4O+naIzp5V3F4UUKOkWnJ1kJpwQc0TplwI8imU/d5Tl5a64kxO76KMp
O08b0IcErXOWUIwy6fiKhafzy+1fw+7qr+UDp4XfP+VAeOEWp10oPLaKw8aNXJyA
w4AjNlnJPkp33GPjYl5Lwn2N3fa5bwzNQI5kocRz9e30F7mdUDCibbRU0i+/01kK
VGtIgGAS/Pm21sCNovuCvbWW28zNYXwIjo4LKnfS7lrguBXRUGzOtDcCB9NaMoPN
nCHt2L20UBYnb9YSRr/UW6HFt6lK7k0q/0v2nPA/Yycjm8RK/X1rJXic5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLNjBnWBX4q0yg+4TeZB1o/kgkPuMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvczJNR2RZRmZpclRLRDdoTjVrSFdqLVNDUS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALY9iAwQA
uZTxAwQAuZTzMA0GCSqGSIb3DQEBCwUAA4IBAQCFXC/k+bVSJiHkBqyAYnBabiIr
yFqTt329pmU47tzYAGAel6uhLNKXtrtaeKgkml7KQ7Ok5oByX9itLawQuu6F5DpA
ZbhynBVXxUsG9p9nG2GOVfYUrx17pGvNldmexgdusTCggRUygL1r7vzafaHZZb6L
n5+rl6+o0Azd3mpv6IcFbQSFGn1URQl9rhAbEJkR7bTvcM9AjIZcY5ssbqAWENRR
n8YXuGqO+6qBiMjgScQWetIcI4S8HYHE8sdON1GvkAKUZcD6xYoVkHcOR/QCrUrz
IOQXLTOY4O74CeE9BEdJFJ/6l4oTk0CcH6gqegCtd3O89D4KmkgIZsz9ijlA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:49 2024 by rpki-client on console-fra.rpki-client.org