Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/nS895ZULSbGZpawfRIsicRjBfeg.roa
File:                     nS895ZULSbGZpawfRIsicRjBfeg.roa (raw, json)
Hash identifier:          XTKubKlJ1JOdWPnqo6IJ29liHyRuI4GjvB9wJQUCGcw=
Subject key identifier:   9D:2F:3D:E5:95:0B:49:B1:99:A5:AC:1F:44:8B:22:71:18:C1:7D:E8
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       018C91AC027095E4A868AA2BFBC5039AFC10
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/nS895ZULSbGZpawfRIsicRjBfeg.roa
Signing time:             Fri 22 Dec 2023 13:16:58 +0000
ROA not before:           Fri 22 Dec 2023 13:16:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213122
IP address blocks:        2.58.201.0/24 maxlen: 24
                          2.58.202.0/24 maxlen: 24
                          45.134.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:91:ac:02:70:95:e4:a8:68:aa:2b:fb:c5:03:9a:fc:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Dec 22 13:16:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9d2f3de5950b49b199a5ac1f448b227118c17de8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:09:0b:c0:aa:0a:16:dd:22:40:0d:f1:59:2e:
                    0c:ec:73:e1:8f:72:62:57:b4:5c:fc:5e:ca:83:e1:
                    01:75:48:f6:e7:77:0d:17:f1:42:d1:c5:f7:82:cd:
                    fd:52:33:de:80:03:63:dd:ab:f0:4d:7b:46:bb:86:
                    87:ea:6c:90:d5:e1:15:25:41:91:a4:40:b9:d7:0c:
                    e7:a4:71:59:5d:69:95:0f:bd:aa:11:88:71:2b:53:
                    3f:86:4d:14:19:d6:22:f0:e8:97:0d:87:73:a8:d7:
                    0e:2a:03:cd:49:bb:86:bb:75:21:09:20:6c:e6:e2:
                    ca:03:14:5f:73:f6:71:68:ea:d5:3f:e3:3a:1e:73:
                    0c:c0:fc:6a:f2:1c:ea:f9:d0:d7:9c:c9:8c:ef:d6:
                    34:9c:68:42:d3:c2:b9:d5:94:d4:56:57:4e:19:ae:
                    01:cb:4f:74:56:68:12:37:a2:da:9c:c6:b0:50:0f:
                    cc:7c:09:ff:5b:02:5d:17:c3:ec:86:85:5b:2e:b5:
                    5a:00:32:17:ee:3d:83:81:3c:45:f5:90:27:69:74:
                    22:ac:5e:c9:b5:ec:4b:45:5f:b6:b6:d0:d1:51:dd:
                    40:94:ec:26:ed:69:33:f9:99:ce:1a:dc:e4:55:29:
                    d9:8e:94:ce:de:ce:4f:68:db:06:1c:18:ab:d3:b7:
                    89:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:2F:3D:E5:95:0B:49:B1:99:A5:AC:1F:44:8B:22:71:18:C1:7D:E8
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/nS895ZULSbGZpawfRIsicRjBfeg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.201.0-2.58.202.255
                  45.134.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:a0:59:21:d6:ff:e9:61:69:a7:bf:75:9a:35:43:23:32:ee:
         30:49:58:5f:d9:4b:8c:0d:84:1a:90:31:cb:54:6e:4a:9a:d8:
         bc:12:ff:23:67:3a:1b:25:d4:68:7e:bf:1d:aa:d3:6b:e6:b7:
         99:ca:70:d1:61:55:5d:13:98:6d:53:94:e2:d0:65:04:e7:14:
         0d:bc:15:24:ea:e0:bb:6e:25:53:29:94:98:ad:c0:5b:c6:3f:
         07:3e:46:ab:c0:f7:ef:dd:a0:62:0a:68:18:0e:d0:45:5c:b2:
         8f:b4:bd:7c:4b:f1:4f:26:c9:45:9b:87:24:7d:a9:59:35:2b:
         3a:3f:ba:bb:6e:6a:13:7a:2b:60:d3:cb:d5:a9:6e:b8:29:68:
         b6:48:3d:81:9c:82:fc:cb:d3:74:55:67:2f:ad:5a:07:85:6c:
         a8:72:d8:3e:0d:4f:44:40:b0:83:a6:00:61:11:8f:3d:87:e5:
         91:cf:b5:cd:7a:96:56:66:af:b7:82:8f:38:ce:79:1b:5d:f8:
         2a:db:8b:c6:b4:c8:b7:cd:03:37:b9:52:88:52:99:19:3f:54:
         09:0c:72:c6:e5:72:55:07:e8:23:4c:58:a2:87:43:4b:99:fb:
         52:55:6b:0a:50:f1:82:ce:42:61:a6:9b:db:f4:8f:d8:f5:60:
         33:a5:ff:47
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYyRrAJwleSoaKor+8UDmvwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMxMjIyMTMxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDJmM2RlNTk1MGI0OWIxOTlhNWFjMWY0NDhiMjI3MTE4YzE3ZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQkLwKoKFt0iQA3xWS4M7HPhj3Ji
V7Rc/F7Kg+EBdUj253cNF/FC0cX3gs39UjPegANj3avwTXtGu4aH6myQ1eEVJUGR
pEC51wznpHFZXWmVD72qEYhxK1M/hk0UGdYi8OiXDYdzqNcOKgPNSbuGu3UhCSBs
5uLKAxRfc/ZxaOrVP+M6HnMMwPxq8hzq+dDXnMmM79Y0nGhC08K51ZTUVldOGa4B
y090VmgSN6LanMawUA/MfAn/WwJdF8PshoVbLrVaADIX7j2DgTxF9ZAnaXQirF7J
texLRV+2ttDRUd1AlOwm7Wkz+ZnOGtzkVSnZjpTO3s5PaNsGHBir07eJeQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ0vPeWVC0mxmaWsH0SLInEYwX3oMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvblM4OTVaVUxTYkdacGF3ZlJJc2ljUmpCZmVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAACOskD
BAACOsoDBAAthm8wDQYJKoZIhvcNAQELBQADggEBABKgWSHW/+lhaae/dZo1QyMy
7jBJWF/ZS4wNhBqQMctUbkqa2LwS/yNnOhsl1Gh+vx2q02vmt5nKcNFhVV0TmG1T
lOLQZQTnFA28FSTq4LtuJVMplJitwFvGPwc+RqvA9+/doGIKaBgO0EVcso+0vXxL
8U8myUWbhyR9qVk1Kzo/urtuahN6K2DTy9WpbrgpaLZIPYGcgvzL03RVZy+tWgeF
bKhy2D4NT0RAsIOmAGERjz2H5ZHPtc16llZmr7eCjzjOeRtd+Crbi8a0yLfNAze5
UohSmRk/VAkMcsblclUH6CNMWKKHQ0uZ+1JVawpQ8YLOQmGmm9v0j9j1YDOl/0c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org