Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/jSvsPtf55T2biIGuiigMqpN0oGQ.roa
File:                     jSvsPtf55T2biIGuiigMqpN0oGQ.roa (raw, json)
Hash identifier:          GFssGG9Ipx/9Ab+0vognnn7vjnWs2501pDexqJgIew4=
Subject key identifier:   8D:2B:EC:3E:D7:F9:E5:3D:9B:88:81:AE:8A:28:0C:AA:93:74:A0:64
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0186E000160F69507278D9C76A433E43118F
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/jSvsPtf55T2biIGuiigMqpN0oGQ.roa
Signing time:             Tue 14 Mar 2023 12:02:27 +0000
ROA not before:           Tue 14 Mar 2023 12:02:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35913
IP address blocks:        2.56.164.0/24 maxlen: 24
                          185.186.67.0/24 maxlen: 24
                          185.234.74.0/24 maxlen: 24
                          185.234.75.0/24 maxlen: 24
                          185.227.71.0/24 maxlen: 24
                          193.105.177.0/24 maxlen: 24
                          178.218.145.0/24 maxlen: 24
                          194.56.226.0/24 maxlen: 24
                          194.56.224.0/24 maxlen: 24
                          194.56.225.0/24 maxlen: 24
                          45.90.145.0/24 maxlen: 24
                          45.90.146.0/24 maxlen: 24
                          85.202.162.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 03 Apr 2023 12:21:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e0:00:16:0f:69:50:72:78:d9:c7:6a:43:3e:43:11:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Mar 14 12:02:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8d2bec3ed7f9e53d9b8881ae8a280caa9374a064
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:ca:0e:02:dd:e4:a0:d8:86:b8:f8:fb:2b:88:
                    e9:1f:f3:43:cf:84:a5:d6:13:ed:07:a7:f7:ae:33:
                    3f:a8:51:3e:1a:80:6a:3d:e2:b0:96:02:3c:40:f9:
                    af:34:84:ba:fd:ed:78:5b:a7:65:a2:ce:84:02:ff:
                    6e:60:9b:b8:62:f8:ff:5d:50:58:12:ea:f1:fc:36:
                    b7:f2:91:ff:50:dd:cc:0d:2e:c5:3c:fc:fb:45:66:
                    36:14:1b:bb:74:f4:df:d1:c0:8c:da:e6:c9:32:cf:
                    7e:46:e3:a4:ac:36:ed:0c:dd:07:db:49:50:3d:b1:
                    ce:d0:98:60:5a:8d:36:83:4f:bd:26:3b:46:a4:bf:
                    bb:b4:50:94:be:09:30:94:39:53:86:62:32:61:3d:
                    32:fe:3e:f5:85:43:59:91:cf:5b:24:f8:85:20:62:
                    79:9c:cc:d4:93:33:86:2b:b7:fb:9e:9e:07:98:d6:
                    fc:d2:42:9d:ba:69:09:4b:d5:d8:27:2f:61:60:b6:
                    ce:a7:62:f8:ec:e9:63:c1:b6:39:7a:d3:b7:27:0c:
                    9d:83:c5:77:7c:a0:71:2e:6b:e8:fd:c7:ec:ff:cf:
                    4f:e2:82:61:25:bb:ed:7c:88:8f:08:0b:d6:bc:56:
                    aa:cc:5b:e8:dc:b9:22:95:6a:a3:78:70:28:b4:d6:
                    fb:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:2B:EC:3E:D7:F9:E5:3D:9B:88:81:AE:8A:28:0C:AA:93:74:A0:64
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/jSvsPtf55T2biIGuiigMqpN0oGQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.164.0/24
                  45.90.145.0-45.90.146.255
                  85.202.162.0/24
                  178.218.145.0/24
                  185.186.67.0/24
                  185.227.71.0/24
                  185.234.74.0/23
                  193.105.177.0/24
                  194.56.224.0-194.56.226.255

    Signature Algorithm: sha256WithRSAEncryption
         0c:2e:ff:f4:e4:a4:7b:77:40:5d:30:17:10:5a:38:04:9c:16:
         79:6c:78:66:5e:16:ef:29:11:b4:26:ad:c3:3d:ea:da:fb:11:
         31:e9:ca:6d:39:6f:6b:fb:ff:4a:a8:53:25:0a:45:bf:24:ea:
         d1:90:d1:82:af:48:31:0c:e3:09:d3:83:15:e4:3f:3b:ed:4e:
         e1:91:4f:7a:25:bc:6e:31:2f:69:80:2f:a0:29:64:23:92:b3:
         73:16:5d:07:40:cd:98:12:47:70:fa:14:17:fa:c1:90:0e:fd:
         fa:04:bc:b3:56:84:a8:2c:83:24:da:6c:f8:ec:89:9e:af:9e:
         ef:89:84:11:f3:83:5a:0b:39:b7:19:cf:e5:a7:f2:f7:af:0b:
         15:24:18:81:9e:60:b8:e6:34:a5:90:ef:97:40:82:24:c4:85:
         f5:3f:3c:4f:7e:3b:5a:9c:5a:43:0e:d1:08:1b:2a:3f:a4:d3:
         7a:c9:5e:2e:74:1d:f6:6a:c4:a7:c9:7b:1b:b5:c8:bd:10:90:
         22:60:bf:e8:af:29:b3:1b:d3:8f:e0:91:bc:7c:88:4a:f9:85:
         58:f5:c7:ed:1a:9e:f5:11:b6:27:5b:90:56:c6:3b:60:fe:0e:
         0b:98:55:89:c1:70:29:f3:e7:72:ca:32:a5:fc:9c:18:ac:59:
         91:b7:67:7e
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYbgABYPaVByeNnHakM+QxGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMzE0MTIwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDJiZWMzZWQ3ZjllNTNkOWI4ODgxYWU4YTI4MGNhYTkzNzRhMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisoOAt3koNiGuPj7K4jpH/NDz4Sl
1hPtB6f3rjM/qFE+GoBqPeKwlgI8QPmvNIS6/e14W6dlos6EAv9uYJu4Yvj/XVBY
Eurx/Da38pH/UN3MDS7FPPz7RWY2FBu7dPTf0cCM2ubJMs9+RuOkrDbtDN0H20lQ
PbHO0JhgWo02g0+9JjtGpL+7tFCUvgkwlDlThmIyYT0y/j71hUNZkc9bJPiFIGJ5
nMzUkzOGK7f7np4HmNb80kKdumkJS9XYJy9hYLbOp2L47OljwbY5etO3Jwydg8V3
fKBxLmvo/cfs/89P4oJhJbvtfIiPCAvWvFaqzFvo3LkilWqjeHAotNb70wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFI0r7D7X+eU9m4iBroooDKqTdKBkMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvalN2c1B0ZjU1VDJiaUlHdWlpZ01xcE4wb0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAAjikMAwD
BAAtWpEDBAAtWpIDBABVyqIDBACy2pEDBAC5ukMDBAC540cDBAG56koDBADBabEw
DAMEBcI44AMEAMI44jANBgkqhkiG9w0BAQsFAAOCAQEADC7/9OSke3dAXTAXEFo4
BJwWeWx4Zl4W7ykRtCatwz3q2vsRMenKbTlva/v/SqhTJQpFvyTq0ZDRgq9IMQzj
CdODFeQ/O+1O4ZFPeiW8bjEvaYAvoClkI5KzcxZdB0DNmBJHcPoUF/rBkA79+gS8
s1aEqCyDJNps+OyJnq+e74mEEfODWgs5txnP5afy968LFSQYgZ5guOY0pZDvl0CC
JMSF9T88T347WpxaQw7RCBsqP6TTesleLnQd9mrEp8l7G7XIvRCQImC/6K8psxvT
j+CRvHyISvmFWPXH7Rqe9RG2J1uQVsY7YP4OC5hVicFwKfPncsoypfycGKxZkbdn
fg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org