Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/shwmKiZJtMEb85_hDe4fHovXTDQ.roa
File:                     shwmKiZJtMEb85_hDe4fHovXTDQ.roa (raw, json)
Hash identifier:          ZRTwC8LYPL5qCBVB4+9MCa/zOwIfufh7ElseZD44tps=
Subject key identifier:   B2:1C:26:2A:26:49:B4:C1:1B:F3:9F:E1:0D:EE:1F:1E:8B:D7:4C:34
Certificate issuer:       /CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b
Certificate serial:       01856C0A62AD0EE69B8F7AC931CB81183972
Authority key identifier: 8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/shwmKiZJtMEb85_hDe4fHovXTDQ.roa
Signing time:             Sun 01 Jan 2023 06:34:57 +0000
ROA not before:           Sun 01 Jan 2023 06:34:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51497
IP address blocks:        109.105.138.0/24 maxlen: 24
                          109.105.152.0/22 maxlen: 22
                          109.105.156.0/23 maxlen: 23
                          109.105.153.0/24 maxlen: 24
                          185.47.156.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:0a:62:ad:0e:e6:9b:8f:7a:c9:31:cb:81:18:39:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b
        Validity
            Not Before: Jan  1 06:34:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b21c262a2649b4c11bf39fe10dee1f1e8bd74c34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:95:ea:4e:78:4a:b4:b9:0a:cc:9d:f8:75:7e:
                    77:48:69:4b:c0:01:8b:a7:80:83:36:c8:66:c1:84:
                    02:29:fe:30:36:39:44:e3:a0:3f:30:4b:05:c0:6d:
                    6b:5c:b0:97:23:e9:ba:4b:62:01:61:ec:60:56:fe:
                    de:8f:ce:7f:f0:87:0e:fd:36:58:88:44:16:36:a8:
                    21:f1:0d:30:0a:95:6e:cc:94:11:a6:23:97:1c:b2:
                    9b:63:b6:7d:36:37:fb:89:af:9b:64:7a:ad:bf:fb:
                    c5:6a:39:ff:54:99:b7:f9:89:3c:c0:7d:69:a2:75:
                    82:28:e3:8b:7d:e2:5c:29:03:37:75:e0:27:1f:41:
                    26:ba:43:ba:9a:9d:2d:31:c5:56:86:4e:57:e4:1e:
                    9f:98:be:48:bb:7f:fc:55:5e:a1:b3:92:8a:20:7b:
                    2b:30:76:8c:b7:4f:69:d7:92:b5:40:77:84:83:22:
                    b5:41:17:48:98:57:cc:64:21:64:b9:a7:44:84:23:
                    56:0e:41:67:63:d9:33:7b:80:d4:eb:06:32:32:ad:
                    e6:97:0e:ae:e4:fd:c4:d6:04:4b:dd:94:a4:d3:20:
                    9c:01:40:e3:08:f6:49:b8:b6:be:66:ee:5d:64:7c:
                    6a:24:9e:63:9f:70:67:ae:26:6d:4b:56:a3:f9:53:
                    30:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:1C:26:2A:26:49:B4:C1:1B:F3:9F:E1:0D:EE:1F:1E:8B:D7:4C:34
            X509v3 Authority Key Identifier:
                keyid:8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/shwmKiZJtMEb85_hDe4fHovXTDQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.105.138.0/24
                  109.105.152.0-109.105.157.255
                  185.47.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         24:4a:9d:b6:4f:25:42:4d:ee:05:c8:29:8a:a0:a8:af:9f:2c:
         d9:e4:e9:47:b7:a0:54:b7:12:39:68:1c:48:26:b0:25:fb:b3:
         ea:db:c4:ce:24:7a:9c:39:f8:6e:d1:11:26:74:26:21:77:4f:
         18:5e:15:94:b3:aa:51:8a:fd:de:3e:51:51:f1:1d:57:e6:ef:
         68:9a:37:1d:f5:85:ad:9b:41:b0:48:98:42:99:9d:6e:43:9a:
         68:65:91:b4:b0:db:8e:0c:df:59:1e:9b:6c:87:8e:3e:fc:91:
         e1:ed:24:87:3d:94:14:d3:45:bf:ce:5d:83:91:9c:6c:24:be:
         83:31:e9:dd:67:50:e5:23:31:5d:40:a5:6d:5c:d1:ab:b6:37:
         b3:b6:7c:5f:f7:b4:86:6b:71:ef:85:6e:8d:33:a4:a0:82:5e:
         03:16:52:32:f0:86:15:fa:92:98:55:16:8c:1f:fb:c9:1c:2b:
         6c:95:62:b3:2f:c6:32:e3:32:c0:9c:6f:a5:32:4f:f7:a4:fd:
         fe:3c:92:80:de:6b:9e:f3:17:a5:da:44:9b:99:40:d2:75:93:
         10:6f:7f:1c:05:4a:5f:7c:70:00:2b:e9:c4:6f:3d:3d:d7:85:
         d1:ca:ad:d1:27:6e:85:15:05:55:1e:c9:15:57:4f:49:50:2c:
         37:9b:cc:e9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVsCmKtDuabj3rJMcuBGDlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZWIyM2UyYzVkOWYyYzczNDQ4ODkwNDUwNTgzNWVmMjgw
OWZiM2IwHhcNMjMwMTAxMDYzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjFjMjYyYTI2NDliNGMxMWJmMzlmZTEwZGVlMWYxZThiZDc0YzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5XqTnhKtLkKzJ34dX53SGlLwAGL
p4CDNshmwYQCKf4wNjlE46A/MEsFwG1rXLCXI+m6S2IBYexgVv7ej85/8IcO/TZY
iEQWNqgh8Q0wCpVuzJQRpiOXHLKbY7Z9Njf7ia+bZHqtv/vFajn/VJm3+Yk8wH1p
onWCKOOLfeJcKQM3deAnH0EmukO6mp0tMcVWhk5X5B6fmL5Iu3/8VV6hs5KKIHsr
MHaMt09p15K1QHeEgyK1QRdImFfMZCFkuadEhCNWDkFnY9kze4DU6wYyMq3mlw6u
5P3E1gRL3ZSk0yCcAUDjCPZJuLa+Zu5dZHxqJJ5jn3BnriZtS1aj+VMwGwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLIcJiomSbTBG/Of4Q3uHx6L10w0MB8GA1UdIwQY
MBaAFIzrI+LF2fLHNEiJBFBYNe8oCfs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak9zajRzWFo4c2MwU0lrRVVGZzE3eWdKLXpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82OTkyOTItM2RhMC00NzcyLWFmODIt
ODMzNGUzNjIyMzZkLzEvc2h3bUtpWkp0TUViODVfaERlNGZIb3ZYVERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82OTkyOTItM2RhMC00NzcyLWFmODItODMzNGUzNjIyMzZk
LzEvak9zajRzWFo4c2MwU0lrRVVGZzE3eWdKLXpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAbWmKMAwD
BANtaZgDBAFtaZwDBAK5L5wwDQYJKoZIhvcNAQELBQADggEBACRKnbZPJUJN7gXI
KYqgqK+fLNnk6Ue3oFS3EjloHEgmsCX7s+rbxM4kepw5+G7RESZ0JiF3TxheFZSz
qlGK/d4+UVHxHVfm72iaNx31ha2bQbBImEKZnW5DmmhlkbSw244M31kem2yHjj78
keHtJIc9lBTTRb/OXYORnGwkvoMx6d1nUOUjMV1ApW1c0au2N7O2fF/3tIZrce+F
bo0zpKCCXgMWUjLwhhX6kphVFowf+8kcK2yVYrMvxjLjMsCcb6UyT/ek/f48koDe
a57zF6XaRJuZQNJ1kxBvfxwFSl98cAAr6cRvPT3XhdHKrdEnboUVBVUeyRVXT0lQ
LDebzOk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org