Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/xMujRv4Nz3-QszCpB8ZO86t2Il4.roa
File:                     xMujRv4Nz3-QszCpB8ZO86t2Il4.roa (raw, json)
Hash identifier:          xXsoIHOfv0JzJOs8cekFlVGpigtAC98x0+3jlBPa/V8=
Subject key identifier:   C4:CB:A3:46:FE:0D:CF:7F:90:B3:30:A9:07:C6:4E:F3:AB:76:22:5E
Certificate issuer:       /CN=7b87f6b9119fa9dcd3e12e7e6bfb706dff978825
Certificate serial:       0185720C6F9B884DDA46C9C81B6845061E1D
Authority key identifier: 7B:87:F6:B9:11:9F:A9:DC:D3:E1:2E:7E:6B:FB:70:6D:FF:97:88:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e4f2uRGfqdzT4S5-a_twbf-XiCU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/xMujRv4Nz3-QszCpB8ZO86t2Il4.roa
Signing time:             Mon 02 Jan 2023 10:34:55 +0000
ROA not before:           Mon 02 Jan 2023 10:34:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12859
IP address blocks:        185.173.21.0/24 maxlen: 24
                          185.173.22.0/24 maxlen: 24
                          185.173.20.0/24 maxlen: 24
                          2a0b:3100:100::/40 maxlen: 48
                          2a0b:3100::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:0c:6f:9b:88:4d:da:46:c9:c8:1b:68:45:06:1e:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b87f6b9119fa9dcd3e12e7e6bfb706dff978825
        Validity
            Not Before: Jan  2 10:34:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c4cba346fe0dcf7f90b330a907c64ef3ab76225e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:ef:d3:02:f1:6b:cd:fb:32:71:55:e7:eb:ae:
                    6a:4a:ac:57:38:55:50:52:4a:7c:82:bf:75:b9:5f:
                    b2:39:f1:f6:81:61:f9:6b:e0:80:ed:93:b9:a3:62:
                    c9:71:b1:0d:4a:4a:ff:e6:8a:47:e7:b1:01:a7:9b:
                    7a:c5:12:7c:95:93:fb:66:6d:56:3c:d2:b3:c1:05:
                    c5:f6:a1:a5:15:d5:1c:15:4d:39:6e:84:96:66:66:
                    05:e2:89:50:5b:87:6d:11:e8:08:cf:8a:9d:17:02:
                    e9:23:72:ff:56:9d:ed:e7:29:5d:0d:16:ce:58:4f:
                    3c:89:3c:31:45:8b:ce:15:4a:4e:36:4f:b9:50:28:
                    34:81:eb:80:6b:45:58:5d:16:32:80:9a:dd:6f:7e:
                    45:b8:20:34:fb:b1:32:57:5f:88:ad:ce:09:88:3d:
                    8f:68:9d:b1:dd:68:a0:d6:02:85:94:b2:9d:d1:f9:
                    f8:15:fc:fa:64:40:41:a4:b5:f9:7b:01:a3:80:cb:
                    78:ee:29:ce:40:bd:9b:df:55:be:c2:ff:fa:80:05:
                    08:83:08:f5:0a:d9:7a:a6:a6:a2:af:78:5f:c1:42:
                    34:ec:12:c2:3f:07:2d:1d:ce:de:00:d7:87:e0:19:
                    43:28:7f:19:4b:2f:85:f4:af:0b:73:fc:23:39:3b:
                    a3:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:CB:A3:46:FE:0D:CF:7F:90:B3:30:A9:07:C6:4E:F3:AB:76:22:5E
            X509v3 Authority Key Identifier:
                keyid:7B:87:F6:B9:11:9F:A9:DC:D3:E1:2E:7E:6B:FB:70:6D:FF:97:88:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4f2uRGfqdzT4S5-a_twbf-XiCU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/xMujRv4Nz3-QszCpB8ZO86t2Il4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/e4f2uRGfqdzT4S5-a_twbf-XiCU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.173.20.0-185.173.22.255
                IPv6:
                  2a0b:3100::/39

    Signature Algorithm: sha256WithRSAEncryption
         b4:a0:5b:d0:3d:d6:76:45:8a:3c:14:50:1c:97:c9:41:b2:00:
         12:96:58:ce:86:9f:68:68:65:d4:e7:12:70:5b:06:45:b7:55:
         bf:e2:79:0a:09:42:bb:37:52:15:bf:26:79:d1:bb:5f:59:a2:
         b9:96:7c:b7:8a:ee:8e:0f:d1:a7:77:bd:ef:8c:f1:be:2f:85:
         9d:19:34:4d:5c:b5:50:cc:ed:ef:58:77:26:cd:d3:f6:b0:c8:
         ca:5e:55:13:12:6a:08:ed:a2:01:fb:0c:7c:dc:a1:7e:58:af:
         44:66:a1:f4:5d:14:05:fc:fd:2a:3b:a4:fa:13:0b:33:a9:ff:
         4c:88:e6:61:d1:53:08:03:fe:5f:26:d1:df:32:74:a6:53:d7:
         bd:31:e6:fb:de:bf:c0:fd:d7:2c:2e:18:4d:65:92:82:f9:42:
         eb:fa:ae:b9:10:2f:f3:ac:1e:02:4d:03:c6:87:e6:cd:c4:c6:
         df:2a:ab:bb:08:07:ad:ba:ec:7e:47:7c:1b:5c:77:38:eb:87:
         b3:62:c8:c9:84:b4:b1:d0:7a:5c:97:e8:68:f8:06:94:e4:01:
         30:c5:fe:8c:b8:90:09:fe:81:a5:a0:07:f3:4a:82:b7:73:bb:
         f1:9b:12:81:e3:73:53:16:ca:da:f9:a4:94:8e:40:53:ef:2a:
         d1:9f:0b:cd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVyDG+biE3aRsnIG2hFBh4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODdmNmI5MTE5ZmE5ZGNkM2UxMmU3ZTZiZmI3MDZkZmY5
Nzg4MjUwHhcNMjMwMTAyMTAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGNiYTM0NmZlMGRjZjdmOTBiMzMwYTkwN2M2NGVmM2FiNzYyMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+/TAvFrzfsycVXn665qSqxXOFVQ
Ukp8gr91uV+yOfH2gWH5a+CA7ZO5o2LJcbENSkr/5opH57EBp5t6xRJ8lZP7Zm1W
PNKzwQXF9qGlFdUcFU05boSWZmYF4olQW4dtEegIz4qdFwLpI3L/Vp3t5yldDRbO
WE88iTwxRYvOFUpONk+5UCg0geuAa0VYXRYygJrdb35FuCA0+7EyV1+Irc4JiD2P
aJ2x3Wig1gKFlLKd0fn4Ffz6ZEBBpLX5ewGjgMt47inOQL2b31W+wv/6gAUIgwj1
Ctl6pqair3hfwUI07BLCPwctHc7eANeH4BlDKH8ZSy+F9K8Lc/wjOTuj9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMTLo0b+Dc9/kLMwqQfGTvOrdiJeMB8GA1UdIwQY
MBaAFHuH9rkRn6nc0+Eufmv7cG3/l4glMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRmMnVSR2ZxZHpUNFM1LWFfdHdiZi1YaUNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZjNhYjEtNTk1OS00NWE4LWJjMGYt
ZDc4NTE0ZTllODEyLzEveE11alJ2NE56My1Rc3pDcEI4Wk84NnQySWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZjNhYjEtNTk1OS00NWE4LWJjMGYtZDc4NTE0ZTllODEy
LzEvZTRmMnVSR2ZxZHpUNFM1LWFfdHdiZi1YaUNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAK5rRQD
BAC5rRYwDgQCAAIwCAMGASoLMQAAMA0GCSqGSIb3DQEBCwUAA4IBAQC0oFvQPdZ2
RYo8FFAcl8lBsgASlljOhp9oaGXU5xJwWwZFt1W/4nkKCUK7N1IVvyZ50btfWaK5
lny3iu6OD9Gnd73vjPG+L4WdGTRNXLVQzO3vWHcmzdP2sMjKXlUTEmoI7aIB+wx8
3KF+WK9EZqH0XRQF/P0qO6T6Ewszqf9MiOZh0VMIA/5fJtHfMnSmU9e9Meb73r/A
/dcsLhhNZZKC+ULr+q65EC/zrB4CTQPGh+bNxMbfKqu7CAetuux+R3wbXHc464ez
YsjJhLSx0Hpcl+ho+AaU5AEwxf6MuJAJ/oGloAfzSoK3c7vxmxKB43NTFsra+aSU
jkBT7yrRnwvN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:33 2024 by rpki-client on console-ams.rpki-client.org