Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OwD5f7c8RBD8hyr2KiBeqPUmt5s.roa
File:                     OwD5f7c8RBD8hyr2KiBeqPUmt5s.roa (raw, json)
Hash identifier:          GTxoEFxH+gXAgH9deQADj9l+CIqrNCrD2fOlQOq1/Zo=
Subject key identifier:   3B:00:F9:7F:B7:3C:44:10:FC:87:2A:F6:2A:20:5E:A8:F5:26:B7:9B
Certificate issuer:       /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial:       01856CAEFC11BFE85A505A004655197E0FA1
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OwD5f7c8RBD8hyr2KiBeqPUmt5s.roa
Signing time:             Sun 01 Jan 2023 09:34:45 +0000
ROA not before:           Sun 01 Jan 2023 09:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39326
IP address blocks:        37.235.54.0/24 maxlen: 24
                          151.236.19.0/24 maxlen: 24
                          2a03:f80:441::/48 maxlen: 48
                          2a03:f80:44::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ae:fc:11:bf:e8:5a:50:5a:00:46:55:19:7e:0f:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
        Validity
            Not Before: Jan  1 09:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b00f97fb73c4410fc872af62a205ea8f526b79b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:1b:c3:6f:9a:27:7e:02:b5:98:69:96:7a:2e:
                    01:13:38:a2:f0:fe:e7:28:1f:7d:e2:4a:8b:55:fe:
                    0b:5b:e1:c8:ee:4a:93:15:3c:55:01:1e:97:09:e4:
                    b8:85:af:c0:9f:b1:d2:9f:77:95:d4:92:d0:94:72:
                    28:b2:ff:db:ba:71:43:1a:3b:53:8b:3b:cd:84:bf:
                    f1:8f:50:1b:92:b9:1a:50:5e:a6:ab:ee:f8:4e:95:
                    9f:a1:87:14:41:00:b7:c8:e0:a3:8f:43:43:96:07:
                    8f:21:7c:0b:9c:76:20:60:61:9d:07:9f:f2:67:1f:
                    5e:d5:58:c8:8b:4d:60:d7:58:d1:64:4e:d2:5b:b1:
                    ef:6b:63:42:ae:7e:89:7e:78:4a:d4:93:2f:07:38:
                    bf:fc:da:60:19:d9:8f:7b:36:22:88:4d:05:2b:75:
                    2d:e3:18:7b:fa:68:10:b5:02:bb:89:16:7e:57:b6:
                    ff:ab:e1:57:64:69:e0:5f:0b:e5:b2:ac:f8:3d:87:
                    18:9e:3e:3a:1f:60:06:5a:27:08:b8:01:76:27:e3:
                    03:67:67:a8:31:0f:40:e2:69:42:73:71:26:58:bf:
                    6d:b8:0a:79:b4:2c:2d:b2:63:de:10:de:02:97:a2:
                    67:35:44:a4:4e:96:ab:63:bd:bc:2f:18:43:c9:00:
                    e7:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:00:F9:7F:B7:3C:44:10:FC:87:2A:F6:2A:20:5E:A8:F5:26:B7:9B
            X509v3 Authority Key Identifier:
                keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OwD5f7c8RBD8hyr2KiBeqPUmt5s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.235.54.0/24
                  151.236.19.0/24
                IPv6:
                  2a03:f80:44::/48
                  2a03:f80:441::/48

    Signature Algorithm: sha256WithRSAEncryption
         34:70:4c:98:7d:2a:6f:5c:a0:5b:d7:24:ed:07:f3:f0:b0:4d:
         da:a2:6b:f8:a8:45:9e:9d:1e:ea:b4:eb:6d:1b:9b:ff:bc:e4:
         59:b0:31:73:4b:89:fd:2a:92:3f:ed:a7:04:3b:87:15:80:8a:
         b3:e7:cb:22:d3:0b:35:8b:28:78:28:39:5e:72:78:44:81:52:
         b4:a0:cd:84:8b:2f:7e:0a:c3:04:25:2f:38:87:e8:6d:d0:cb:
         5e:1a:1d:97:e1:ef:94:b2:7a:58:ce:75:ec:33:ef:4b:e2:93:
         a5:cb:f1:9f:3f:6b:49:b6:96:56:5c:6a:ca:47:68:15:24:be:
         ee:fe:63:88:8f:04:40:fe:54:85:5c:67:6e:1c:2f:3b:04:49:
         86:35:08:ac:23:6f:02:bf:48:67:5f:47:f1:87:32:89:20:2f:
         99:65:3d:04:8b:75:91:13:77:02:9e:a8:fa:c1:42:5c:5c:39:
         e9:0f:42:41:70:c4:d0:62:93:74:7b:0a:a1:71:0d:e4:26:a2:
         86:8a:ae:16:13:1c:17:7b:2f:ba:d9:fe:29:52:ea:8e:02:8a:
         39:51:f7:74:40:c2:21:6c:56:9a:cd:da:1a:5b:ba:c2:e1:5d:
         f8:a8:30:37:41:02:f0:69:1a:4b:f4:4a:26:84:ec:5d:c1:6c:
         d8:d0:2b:5a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVsrvwRv+haUFoARlUZfg+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjAwZjk3ZmI3M2M0NDEwZmM4NzJhZjYyYTIwNWVhOGY1MjZiNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRvDb5onfgK1mGmWei4BEzii8P7n
KB994kqLVf4LW+HI7kqTFTxVAR6XCeS4ha/An7HSn3eV1JLQlHIosv/bunFDGjtT
izvNhL/xj1AbkrkaUF6mq+74TpWfoYcUQQC3yOCjj0NDlgePIXwLnHYgYGGdB5/y
Zx9e1VjIi01g11jRZE7SW7Hva2NCrn6JfnhK1JMvBzi//NpgGdmPezYiiE0FK3Ut
4xh7+mgQtQK7iRZ+V7b/q+FXZGngXwvlsqz4PYcYnj46H2AGWicIuAF2J+MDZ2eo
MQ9A4mlCc3EmWL9tuAp5tCwtsmPeEN4Cl6JnNUSkTparY728LxhDyQDnfQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDsA+X+3PEQQ/Icq9iogXqj1JrebMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvT3dENWY3YzhSQkQ4aHlyMktpQmVxUFVtdDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAJes2AwQA
l+wTMBgEAgACMBIDBwAqAw+AAEQDBwAqAw+ABEEwDQYJKoZIhvcNAQELBQADggEB
ADRwTJh9Km9coFvXJO0H8/CwTdqia/ioRZ6dHuq0620bm/+85FmwMXNLif0qkj/t
pwQ7hxWAirPnyyLTCzWLKHgoOV5yeESBUrSgzYSLL34KwwQlLziH6G3Qy14aHZfh
75SyeljOdewz70vik6XL8Z8/a0m2llZcaspHaBUkvu7+Y4iPBED+VIVcZ24cLzsE
SYY1CKwjbwK/SGdfR/GHMokgL5llPQSLdZETdwKeqPrBQlxcOekPQkFwxNBik3R7
CqFxDeQmooaKrhYTHBd7L7rZ/ilS6o4CijlR93RAwiFsVprN2hpbusLhXfioMDdB
AvBpGkv0SiaE7F3BbNjQK1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:28 2024 by rpki-client on console-fra.rpki-client.org