Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/MIM65gi5DIe52xPq0p8ukb4VnZU.roa
File:                     MIM65gi5DIe52xPq0p8ukb4VnZU.roa (raw, json)
Hash identifier:          IMR4CS/3hnCfRBdkCscyLgKiC85sgJAa2/r55oouMhs=
Subject key identifier:   30:83:3A:E6:08:B9:0C:87:B9:DB:13:EA:D2:9F:2E:91:BE:15:9D:95
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       018BDC9A4D0AFA2FCA8B1F90D80A3E7DF339
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/MIM65gi5DIe52xPq0p8ukb4VnZU.roa
Signing time:             Fri 17 Nov 2023 09:26:21 +0000
ROA not before:           Fri 17 Nov 2023 09:26:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30823
IP address blocks:        45.89.124.0/23 maxlen: 23
                          45.89.126.0/23 maxlen: 23
                          185.117.1.0/24 maxlen: 24
                          185.117.2.0/24 maxlen: 24
                          204.11.1.0/24 maxlen: 24
                          45.91.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:dc:9a:4d:0a:fa:2f:ca:8b:1f:90:d8:0a:3e:7d:f3:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Nov 17 09:26:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=30833ae608b90c87b9db13ead29f2e91be159d95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d6:cb:37:d2:13:a1:c5:b8:b6:b0:03:ac:f0:
                    9a:c3:b4:64:2d:9d:42:d6:57:8a:55:c6:bd:7a:00:
                    a3:c8:49:9f:70:ab:84:b2:3c:fb:e2:d7:81:ec:6f:
                    7a:03:74:7d:3f:be:11:43:68:d3:24:f8:98:bf:6c:
                    2b:88:e6:10:57:3a:1e:86:63:cb:43:66:c1:ac:94:
                    12:60:d9:e8:50:b4:19:27:08:db:37:a2:f7:f1:1f:
                    92:7f:b7:d8:f1:1d:87:b6:bb:f9:d0:71:16:46:5e:
                    02:39:52:d0:13:a8:57:d6:3f:77:08:3f:81:b9:f6:
                    4a:71:27:8b:39:f2:dc:98:34:fb:4b:e8:63:06:a0:
                    f5:38:e0:1c:d5:3b:f6:cd:d5:f5:30:9e:ea:91:04:
                    9e:2a:76:d7:b7:e3:54:2c:10:9d:c4:bc:95:e3:3a:
                    ad:83:f6:d6:a7:84:77:67:b0:7b:6e:0c:25:10:75:
                    9b:de:4d:49:76:84:78:eb:40:48:b5:89:1b:d0:54:
                    a5:e1:e1:c5:9b:eb:9d:f6:8e:49:bc:c5:57:7b:8c:
                    cc:e8:9c:35:16:aa:f1:a0:e3:56:28:9c:b4:d2:e1:
                    c6:d6:10:86:0c:e2:d4:16:5f:34:3e:1c:ec:d9:72:
                    2e:69:24:54:c4:c4:3c:03:5a:61:21:de:c1:f0:2b:
                    d2:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:83:3A:E6:08:B9:0C:87:B9:DB:13:EA:D2:9F:2E:91:BE:15:9D:95
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/MIM65gi5DIe52xPq0p8ukb4VnZU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.124.0/22
                  45.91.250.0/24
                  185.117.1.0-185.117.2.255
                  204.11.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:f3:28:53:78:af:c3:75:d2:3e:66:cc:ae:5a:05:ef:a1:06:
         8c:db:a5:10:ce:33:ca:1c:58:49:b8:d9:b9:4e:04:9c:b9:ae:
         79:79:45:ff:29:e4:f9:e1:ee:8b:8d:c7:05:2f:ed:40:f1:52:
         df:52:f6:c1:52:e5:b4:41:b8:c0:28:1c:75:73:b6:49:bb:b7:
         10:bc:95:b6:57:34:78:ef:4f:67:0a:a4:66:cd:25:8f:20:c3:
         59:7d:9b:06:75:e1:02:df:a7:11:c4:b9:87:c8:06:ec:1f:72:
         2d:d4:fd:63:71:79:e7:b3:59:a3:d4:41:77:68:f6:d4:49:ec:
         0c:54:b5:f0:b5:71:61:24:36:32:ff:01:c7:a3:55:64:48:f8:
         e8:1e:45:d9:89:52:03:71:97:54:88:e0:fd:f0:37:74:d6:27:
         f0:f1:e1:d3:f0:20:cf:95:cf:e2:83:9e:82:41:da:ed:68:19:
         e4:7e:3a:39:df:da:ff:1e:56:71:1b:dd:da:24:25:c9:66:c6:
         df:47:0a:26:a3:bb:bf:cf:72:57:63:6e:37:33:c7:c3:37:b9:
         09:00:65:81:e5:e9:ff:62:80:74:b9:89:8f:9e:e4:dd:8d:40:
         47:c0:21:d8:ae:1f:55:f0:7f:3d:a5:09:3a:c2:36:40:cd:44:
         bf:b3:8c:05
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYvcmk0K+i/Kix+Q2Ao+ffM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMxMTE3MDkyNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDgzM2FlNjA4YjkwYzg3YjlkYjEzZWFkMjlmMmU5MWJlMTU5ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9bLN9ITocW4trADrPCaw7RkLZ1C
1leKVca9egCjyEmfcKuEsjz74teB7G96A3R9P74RQ2jTJPiYv2wriOYQVzoehmPL
Q2bBrJQSYNnoULQZJwjbN6L38R+Sf7fY8R2Htrv50HEWRl4COVLQE6hX1j93CD+B
ufZKcSeLOfLcmDT7S+hjBqD1OOAc1Tv2zdX1MJ7qkQSeKnbXt+NULBCdxLyV4zqt
g/bWp4R3Z7B7bgwlEHWb3k1JdoR460BItYkb0FSl4eHFm+ud9o5JvMVXe4zM6Jw1
FqrxoONWKJy00uHG1hCGDOLUFl80Phzs2XIuaSRUxMQ8A1phId7B8CvSVQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDCDOuYIuQyHudsT6tKfLpG+FZ2VMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvTUlNNjVnaTVESWU1MnhQcTBwOHVrYjRWblpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCLVl8AwQA
LVv6MAwDBAC5dQEDBAC5dQIDBADMCwEwDQYJKoZIhvcNAQELBQADggEBAFHzKFN4
r8N10j5mzK5aBe+hBozbpRDOM8ocWEm42blOBJy5rnl5Rf8p5Pnh7ouNxwUv7UDx
Ut9S9sFS5bRBuMAoHHVztkm7txC8lbZXNHjvT2cKpGbNJY8gw1l9mwZ14QLfpxHE
uYfIBuwfci3U/WNxeeezWaPUQXdo9tRJ7AxUtfC1cWEkNjL/AcejVWRI+OgeRdmJ
UgNxl1SI4P3wN3TWJ/Dx4dPwIM+Vz+KDnoJB2u1oGeR+Ojnf2v8eVnEb3dokJclm
xt9HCiaju7/Pcldjbjczx8M3uQkAZYHl6f9igHS5iY+e5N2NQEfAIdiuH1Xwfz2l
CTrCNkDNRL+zjAU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org