Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/RmQa1Tv8Jb4UWonjSWclg5v7nYY.roa
File:                     RmQa1Tv8Jb4UWonjSWclg5v7nYY.roa (raw, json)
Hash identifier:          xMgjGvjWPend76DvvuAwRvmSkb4yWu9/dXYKhFfMk6U=
Subject key identifier:   46:64:1A:D5:3B:FC:25:BE:14:5A:89:E3:49:67:25:83:9B:FB:9D:86
Certificate issuer:       /CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Certificate serial:       018BB446712DDEF09AE75E9D95219E28964F
Authority key identifier: 2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/RmQa1Tv8Jb4UWonjSWclg5v7nYY.roa
Signing time:             Thu 09 Nov 2023 13:29:57 +0000
ROA not before:           Thu 09 Nov 2023 13:29:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209523
IP address blocks:        185.97.140.0/24 maxlen: 24
                          185.97.140.0/22 maxlen: 22
                          185.97.141.0/24 maxlen: 24
                          45.158.68.0/22 maxlen: 22
                          5.198.192.0/19 maxlen: 19
                          2a02:e58::/32 maxlen: 32
                          2a02:e58:2::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b4:46:71:2d:de:f0:9a:e7:5e:9d:95:21:9e:28:96:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
        Validity
            Not Before: Nov  9 13:29:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=46641ad53bfc25be145a89e3496725839bfb9d86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:7f:e8:fe:79:15:48:01:06:22:b2:93:54:c5:
                    0c:fc:bb:ed:e1:93:e3:31:cf:00:e4:2a:ca:f7:be:
                    5a:d1:63:7c:c3:54:df:99:dd:a0:b9:37:84:6c:8c:
                    d1:75:df:fa:9f:0c:cb:6c:cc:b9:dd:3c:1f:92:ba:
                    8a:8b:da:90:c5:0d:bd:12:74:ed:02:77:30:78:33:
                    3f:5c:ed:91:bf:de:98:f6:f6:28:f5:1a:31:db:2a:
                    fb:00:a4:27:4c:4c:5f:a8:ea:ed:cb:59:ef:9a:79:
                    20:c9:d6:2a:81:07:bf:3a:00:e5:ea:9e:01:3d:e8:
                    d0:d0:d2:c1:7e:65:3c:32:40:b2:a6:4a:7d:26:08:
                    f5:d0:1e:11:48:2a:c1:cc:68:f5:85:6a:13:0f:2f:
                    34:e0:74:14:0e:3b:34:23:63:8c:2c:4a:e8:01:af:
                    71:2c:a7:20:30:a2:c3:87:f6:f8:d8:24:33:25:a2:
                    55:07:d3:b6:43:2e:96:6a:39:f7:22:4f:1d:a4:4a:
                    36:da:c3:28:8f:50:3a:03:ff:b6:9e:ea:d4:fa:30:
                    e7:12:e5:ba:e1:3f:7f:b5:40:19:71:43:c8:94:a5:
                    b2:95:72:e5:db:7b:0a:ce:88:47:94:5a:40:70:67:
                    81:b5:9b:84:07:38:f0:43:ba:bd:59:66:00:bb:21:
                    e2:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:64:1A:D5:3B:FC:25:BE:14:5A:89:E3:49:67:25:83:9B:FB:9D:86
            X509v3 Authority Key Identifier:
                keyid:2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/RmQa1Tv8Jb4UWonjSWclg5v7nYY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.198.192.0/19
                  45.158.68.0/22
                  185.97.140.0/22
                IPv6:
                  2a02:e58::/32

    Signature Algorithm: sha256WithRSAEncryption
         21:3b:54:11:7f:06:d3:d7:a1:eb:3c:14:8a:14:3b:f2:b7:6e:
         14:80:3e:8a:04:66:a0:59:e1:cd:b9:4d:8a:1c:92:34:d6:b2:
         b6:72:62:88:f0:02:59:94:44:a4:a5:0a:31:2a:ae:07:a7:7a:
         f8:a1:b1:12:a4:4e:01:55:79:13:8b:b7:30:83:b7:0b:92:e5:
         11:18:70:c9:05:56:c3:57:8f:06:48:26:01:ab:59:cf:e5:fc:
         1c:f3:d8:68:29:9f:82:5f:ef:da:f3:ac:9d:d2:42:59:9d:09:
         80:3b:28:f2:5d:4c:a1:be:ae:30:05:aa:b1:a7:67:f6:76:a8:
         59:0b:7b:96:34:e9:c1:be:ae:dc:09:4a:3c:33:d5:14:c4:e1:
         18:d7:c9:a4:cf:be:33:fe:97:8e:e6:4c:e1:b9:78:23:4b:63:
         fd:85:4a:c0:e9:20:e7:60:94:7d:d8:17:65:86:66:f8:96:c3:
         c9:d3:16:fc:21:6e:6b:56:31:74:ba:e8:ad:4c:74:c7:30:e4:
         a6:64:46:42:84:dc:57:0f:92:a6:db:bb:6d:28:6f:a7:f8:99:
         ba:c8:71:f4:27:11:fc:0a:8f:85:b1:3b:5b:45:88:77:8c:ac:
         bf:02:68:e0:60:90:a1:cb:9d:e2:f8:31:77:0d:b4:58:9d:8b:
         f0:2c:1d:8a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYu0RnEt3vCa516dlSGeKJZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOWUzMWM5MDI5ZWU0NGJkNjgxYjUxNTMzMDMzNWM2YTFj
ZmRlZWUwHhcNMjMxMTA5MTMyOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjY0MWFkNTNiZmMyNWJlMTQ1YTg5ZTM0OTY3MjU4MzliZmI5ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyn/o/nkVSAEGIrKTVMUM/Lvt4ZPj
Mc8A5CrK975a0WN8w1Tfmd2guTeEbIzRdd/6nwzLbMy53TwfkrqKi9qQxQ29EnTt
AncweDM/XO2Rv96Y9vYo9Rox2yr7AKQnTExfqOrty1nvmnkgydYqgQe/OgDl6p4B
PejQ0NLBfmU8MkCypkp9Jgj10B4RSCrBzGj1hWoTDy804HQUDjs0I2OMLEroAa9x
LKcgMKLDh/b42CQzJaJVB9O2Qy6Wajn3Ik8dpEo22sMoj1A6A/+2nurU+jDnEuW6
4T9/tUAZcUPIlKWylXLl23sKzohHlFpAcGeBtZuEBzjwQ7q9WWYAuyHiLQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEZkGtU7/CW+FFqJ40lnJYOb+52GMB8GA1UdIwQY
MBaAFC2eMckCnuRL1oG1FTMDNcahz97uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMt
MDhkYTY2NTJhODY3LzEvUm1RYTFUdjhKYjRVV29ualNXY2xnNXY3bllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMtMDhkYTY2NTJhODY3
LzEvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFBcbAAwQC
LZ5EAwQCuWGMMA0EAgACMAcDBQAqAg5YMA0GCSqGSIb3DQEBCwUAA4IBAQAhO1QR
fwbT16HrPBSKFDvyt24UgD6KBGagWeHNuU2KHJI01rK2cmKI8AJZlESkpQoxKq4H
p3r4obESpE4BVXkTi7cwg7cLkuURGHDJBVbDV48GSCYBq1nP5fwc89hoKZ+CX+/a
86yd0kJZnQmAOyjyXUyhvq4wBaqxp2f2dqhZC3uWNOnBvq7cCUo8M9UUxOEY18mk
z74z/peO5kzhuXgjS2P9hUrA6SDnYJR92Bdlhmb4lsPJ0xb8IW5rVjF0uuitTHTH
MOSmZEZChNxXD5Km27ttKG+n+Jm6yHH0JxH8Co+FsTtbRYh3jKy/AmjgYJChy53i
+DF3DbRYnYvwLB2K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:40 2024 by rpki-client on console-fra.rpki-client.org