Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1umzFiFwlQszamoTXng6HC8NFFs.roa
File:                     1umzFiFwlQszamoTXng6HC8NFFs.roa (raw, json)
Hash identifier:          1c178jOBfqgOSdEwIbZJEjbkbvOtRwrV5vQYvwp0M9k=
Subject key identifier:   D6:E9:B3:16:21:70:95:0B:33:6A:6A:13:5E:78:3A:1C:2F:0D:14:5B
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       0187F7797709F5DB979C1A96C7CD73BC41F3
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1umzFiFwlQszamoTXng6HC8NFFs.roa
Signing time:             Sun 07 May 2023 18:29:05 +0000
ROA not before:           Sun 07 May 2023 18:29:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        194.146.92.0/24 maxlen: 24
                          185.225.170.0/24 maxlen: 24
                          185.225.171.0/24 maxlen: 24
                          79.98.246.0/24 maxlen: 24
                          185.199.148.0/24 maxlen: 24
                          79.98.247.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 May 2023 06:44:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:f7:79:77:09:f5:db:97:9c:1a:96:c7:cd:73:bc:41:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: May  7 18:29:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d6e9b3162170950b336a6a135e783a1c2f0d145b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:0a:bd:28:40:ac:fc:65:c9:86:25:c4:17:7d:
                    4c:b3:f8:e8:38:e5:c6:ac:c1:34:5b:95:c8:4e:e5:
                    c0:e0:cb:c4:f2:56:c8:03:4c:de:93:34:69:5c:c9:
                    e0:35:ea:b9:3e:de:88:4e:3d:b8:49:6c:ef:22:7d:
                    dc:38:a1:26:2f:18:74:ca:8b:63:f5:ec:34:10:24:
                    98:e7:52:92:4a:d5:58:62:22:9e:04:31:b4:87:a4:
                    ac:e8:72:d8:75:6e:8e:84:bf:68:88:30:1f:a5:17:
                    1b:ad:8b:17:67:cf:a5:f3:60:51:ff:7c:1d:86:68:
                    88:e1:5d:0a:6f:a3:98:9f:3e:d3:9b:53:0f:87:2d:
                    30:5f:63:9c:f1:a2:2b:69:68:b3:70:f6:aa:df:28:
                    96:66:09:97:60:c1:68:41:23:9c:bb:d6:d2:b9:8d:
                    b5:1b:e3:5a:1b:bf:5e:e9:6d:b9:d9:3a:1c:14:bd:
                    a4:80:c0:df:dd:7c:6b:7b:7f:ef:26:7d:32:44:e6:
                    e5:5e:5e:f6:0f:9b:31:b9:0f:06:3f:a6:44:b6:f5:
                    af:81:53:d8:8b:0d:1c:dc:6f:e2:68:b8:6c:9b:ef:
                    3f:93:64:d2:e2:a4:fe:98:06:27:fc:2c:fd:ba:23:
                    00:74:83:52:c8:1f:2d:25:50:35:29:91:96:9a:28:
                    9e:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:E9:B3:16:21:70:95:0B:33:6A:6A:13:5E:78:3A:1C:2F:0D:14:5B
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/1umzFiFwlQszamoTXng6HC8NFFs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.98.246.0/23
                  185.199.148.0/24
                  185.225.170.0/23
                  194.146.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:73:8f:02:e3:0d:8e:67:9a:65:41:1c:29:b7:5d:13:a3:d9:
         84:bd:89:85:2e:16:c3:f8:55:c7:3d:0a:34:d5:92:a4:54:5b:
         6d:fe:0e:5b:a4:e1:7a:9a:e4:81:0b:5c:40:5f:43:45:52:9c:
         ab:2b:49:c3:36:30:fa:6a:e8:d3:20:3c:4d:62:0f:d9:46:86:
         e0:3f:e5:6f:e2:ec:fa:17:cc:a6:09:ed:22:60:59:62:63:7f:
         da:f3:c5:08:14:87:e3:2e:2e:7e:e4:19:cb:42:c7:49:b9:2f:
         46:ed:2c:98:29:cb:e5:86:58:5a:5c:a5:fc:86:4e:07:cc:55:
         a5:3e:e0:0d:04:b6:05:f8:ce:f8:25:47:62:5e:b2:33:f7:76:
         32:37:9e:37:a6:01:44:4b:66:3c:99:3d:e0:5a:08:8a:06:b8:
         33:10:13:9a:65:de:d8:f1:9b:64:74:bd:09:83:c7:c2:ef:ac:
         fe:ba:32:3b:0b:b9:25:2f:35:b1:9b:bb:7a:5b:9b:a1:a1:41:
         7f:75:13:5d:d4:20:3b:3e:17:de:74:51:f0:43:41:02:b7:5e:
         08:de:7e:c1:f4:a8:46:85:30:37:ba:45:71:f3:60:1e:0f:7e:
         66:2b:32:85:a9:61:a5:4e:89:6f:0d:0c:57:2b:a0:84:08:4b:
         70:c6:17:6d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYf3eXcJ9duXnBqWx81zvEHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNTA3MTgyOTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmU5YjMxNjIxNzA5NTBiMzM2YTZhMTM1ZTc4M2ExYzJmMGQxNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgq9KECs/GXJhiXEF31Ms/joOOXG
rME0W5XITuXA4MvE8lbIA0zekzRpXMngNeq5Pt6ITj24SWzvIn3cOKEmLxh0yotj
9ew0ECSY51KSStVYYiKeBDG0h6Ss6HLYdW6OhL9oiDAfpRcbrYsXZ8+l82BR/3wd
hmiI4V0Kb6OYnz7Tm1MPhy0wX2Oc8aIraWizcPaq3yiWZgmXYMFoQSOcu9bSuY21
G+NaG79e6W252TocFL2kgMDf3Xxre3/vJn0yROblXl72D5sxuQ8GP6ZEtvWvgVPY
iw0c3G/iaLhsm+8/k2TS4qT+mAYn/Cz9uiMAdINSyB8tJVA1KZGWmiiemwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNbpsxYhcJULM2pqE154OhwvDRRbMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMXVtekZpRndsUXN6YW1vVFhuZzZIQzhORkZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBT2L2AwQA
uceUAwQBueGqAwQAwpJcMA0GCSqGSIb3DQEBCwUAA4IBAQAac48C4w2OZ5plQRwp
t10To9mEvYmFLhbD+FXHPQo01ZKkVFtt/g5bpOF6muSBC1xAX0NFUpyrK0nDNjD6
aujTIDxNYg/ZRobgP+Vv4uz6F8ymCe0iYFliY3/a88UIFIfjLi5+5BnLQsdJuS9G
7SyYKcvlhlhaXKX8hk4HzFWlPuANBLYF+M74JUdiXrIz93YyN543pgFES2Y8mT3g
WgiKBrgzEBOaZd7Y8ZtkdL0Jg8fC76z+ujI7C7klLzWxm7t6W5uhoUF/dRNd1CA7
PhfedFHwQ0ECt14I3n7B9KhGhTA3ukVx82AeD35mKzKFqWGlTolvDQxXK6CECEtw
xhdt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org