Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/dweZDde6L7j7XqNwC6AvRhFjEoE.roa
File:                     dweZDde6L7j7XqNwC6AvRhFjEoE.roa (raw, json)
Hash identifier:          XTRBzypaFb9R+2c/aGlzC5NMNHfSP/mHa6mwYkAPRXQ=
Subject key identifier:   77:07:99:0D:D7:BA:2F:B8:FB:5E:A3:70:0B:A0:2F:46:11:63:12:81
Certificate issuer:       /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial:       018CC348EBDD203F2474CCBE3C996D267201
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/dweZDde6L7j7XqNwC6AvRhFjEoE.roa
Signing time:             Mon 01 Jan 2024 04:29:45 +0000
ROA not before:           Mon 01 Jan 2024 04:29:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6810
IP address blocks:        85.130.192.0/19 maxlen: 24
                          85.130.192.0/18 maxlen: 24
                          85.130.128.0/18 maxlen: 24
                          31.168.36.0/23 maxlen: 24
                          109.67.128.0/18 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Sep 2024 13:57:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:eb:dd:20:3f:24:74:cc:be:3c:99:6d:26:72:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
        Validity
            Not Before: Jan  1 04:29:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7707990dd7ba2fb8fb5ea3700ba02f4611631281
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:63:f1:ad:57:5c:9b:61:b3:cd:10:b7:f9:df:
                    53:c5:69:d7:34:85:33:10:c8:80:f9:e6:34:de:41:
                    b8:03:75:e3:27:f8:19:6e:a7:a7:13:d7:1d:8a:59:
                    e2:57:34:28:63:ce:fa:ed:3f:dc:c6:fb:67:1c:79:
                    d6:6a:dd:80:1b:56:4e:f1:87:f2:26:cd:ca:43:6c:
                    b1:e2:a7:9d:8b:66:22:4b:b4:16:43:3f:0e:54:a7:
                    e1:0d:08:14:d1:e8:57:f4:f3:08:5f:8c:4b:fc:81:
                    19:a3:43:ec:02:d0:22:2a:29:ca:6f:a9:0f:28:7a:
                    28:e3:2c:40:28:8d:c3:ec:f9:97:0a:7a:19:af:70:
                    c6:ad:e8:71:4b:fe:a4:20:01:93:67:b6:c4:c6:49:
                    94:3a:50:bd:94:3a:da:8c:50:91:0c:d3:1c:ca:37:
                    22:29:bc:07:8d:67:8e:44:b5:78:ac:29:2e:a0:26:
                    cf:64:0f:1c:c1:bc:0e:56:04:f8:86:1f:72:62:5b:
                    03:8d:34:12:b7:a9:57:08:9d:03:e6:d0:e9:5a:1e:
                    e8:e5:27:b3:3d:79:6e:33:e2:38:aa:93:92:73:20:
                    41:da:b0:c2:5f:53:94:bd:63:75:9e:68:67:d2:61:
                    32:62:5c:8d:17:49:9b:ca:4a:55:16:89:e1:d0:b8:
                    63:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:07:99:0D:D7:BA:2F:B8:FB:5E:A3:70:0B:A0:2F:46:11:63:12:81
            X509v3 Authority Key Identifier:
                keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/dweZDde6L7j7XqNwC6AvRhFjEoE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.168.36.0/23
                  85.130.128.0/17
                  109.67.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         4f:8a:c3:d1:fa:f9:db:82:98:a6:02:ff:58:72:19:3e:08:c5:
         f7:75:a2:ce:29:68:66:db:39:d9:83:0e:7d:32:8e:bb:2a:08:
         c9:57:0f:e5:f9:d3:e5:a1:9b:ea:b6:0f:df:b5:90:3a:2a:01:
         66:02:a2:ef:55:09:b0:75:92:0e:d5:ab:17:2e:9a:e0:4b:ff:
         16:b9:28:29:af:f7:11:d7:40:12:ab:e1:b9:ee:5d:6c:bd:83:
         43:70:bf:d7:54:53:85:f9:56:46:05:bb:84:6f:1c:29:9f:c1:
         fd:a1:95:8e:06:5a:5e:b1:7d:55:f0:47:a0:cb:22:e3:ba:d6:
         a3:c0:c1:9e:e0:a8:f2:48:20:75:b8:f7:2a:ae:01:9c:19:11:
         eb:2c:1f:0f:6e:af:f8:24:ea:ba:bc:d4:ee:7d:61:b0:c6:4d:
         1f:1d:67:67:de:5a:6e:68:84:55:13:3c:19:30:66:1a:78:d5:
         b8:ee:1b:f6:8d:28:c8:a3:f8:a3:62:19:7a:3c:cf:9c:37:04:
         f8:71:d4:e5:29:73:8a:32:95:bc:79:dc:1e:e1:b9:e2:4e:e4:
         15:53:45:5d:4a:03:b2:eb:27:3f:d4:85:aa:fd:71:1a:ef:f9:
         39:83:de:ac:2e:a2:c7:7c:09:ad:36:e4:aa:2a:07:d4:51:f3:
         f4:80:50:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSOvdID8kdMy+PJltJnIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjQwMTAxMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzA3OTkwZGQ3YmEyZmI4ZmI1ZWEzNzAwYmEwMmY0NjExNjMxMjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimPxrVdcm2GzzRC3+d9TxWnXNIUz
EMiA+eY03kG4A3XjJ/gZbqenE9cdilniVzQoY8767T/cxvtnHHnWat2AG1ZO8Yfy
Js3KQ2yx4qedi2YiS7QWQz8OVKfhDQgU0ehX9PMIX4xL/IEZo0PsAtAiKinKb6kP
KHoo4yxAKI3D7PmXCnoZr3DGrehxS/6kIAGTZ7bExkmUOlC9lDrajFCRDNMcyjci
KbwHjWeORLV4rCkuoCbPZA8cwbwOVgT4hh9yYlsDjTQSt6lXCJ0D5tDpWh7o5Sez
PXluM+I4qpOScyBB2rDCX1OUvWN1nmhn0mEyYlyNF0mbykpVFonh0Lhj9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHcHmQ3Xui+4+16jcAugL0YRYxKBMB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvZHdlWkRkZTZMN2o3WHFOd0M2QXZSaEZqRW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH6gkAwQH
VYKAAwQGbUOAMA0GCSqGSIb3DQEBCwUAA4IBAQBPisPR+vnbgpimAv9Ychk+CMX3
daLOKWhm2znZgw59Mo67KgjJVw/l+dPloZvqtg/ftZA6KgFmAqLvVQmwdZIO1asX
LprgS/8WuSgpr/cR10ASq+G57l1svYNDcL/XVFOF+VZGBbuEbxwpn8H9oZWOBlpe
sX1V8EegyyLjutajwMGe4KjySCB1uPcqrgGcGRHrLB8Pbq/4JOq6vNTufWGwxk0f
HWdn3lpuaIRVEzwZMGYaeNW47hv2jSjIo/ijYhl6PM+cNwT4cdTlKXOKMpW8edwe
4bniTuQVU0VdSgOy6yc/1IWq/XEa7/k5g96sLqLHfAmtNuSqKgfUUfP0gFC2
-----END CERTIFICATE-----
Generated at Thu Sep 12 16:40:44 2024 by rpki-client on console-fra.rpki-client.org