Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4AfYxuPdHFc0CG1cafnEfuU_g8I.roa
File:                     4AfYxuPdHFc0CG1cafnEfuU_g8I.roa (raw, json)
Hash identifier:          XFaR39scTBu5HjZ1H0nMw6DTyXv93rkw9bZyLKZA0Hw=
Subject key identifier:   E0:07:D8:C6:E3:DD:1C:57:34:08:6D:5C:69:F9:C4:7E:E5:3F:83:C2
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       018D4504147E606C621072D17582E20AC044
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4AfYxuPdHFc0CG1cafnEfuU_g8I.roa
Signing time:             Fri 26 Jan 2024 09:05:11 +0000
ROA not before:           Fri 26 Jan 2024 09:05:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        45.155.255.0/24 maxlen: 24
                          45.157.209.0/24 maxlen: 24
                          45.157.211.0/24 maxlen: 24
                          79.98.247.0/24 maxlen: 24
                          185.199.151.0/24 maxlen: 24
                          185.199.213.0/24 maxlen: 24
                          185.226.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Jan 2024 11:06:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:45:04:14:7e:60:6c:62:10:72:d1:75:82:e2:0a:c0:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Jan 26 09:05:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e007d8c6e3dd1c5734086d5c69f9c47ee53f83c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:12:ca:e0:7f:5a:69:60:e5:3e:25:e0:5b:b2:
                    21:30:df:58:9e:68:f8:2e:81:b2:67:c0:20:21:9f:
                    1b:00:e7:06:c6:1f:d6:17:d9:1c:66:f0:3c:66:63:
                    07:ec:29:37:9c:69:d7:f3:d8:2d:89:31:bc:19:e1:
                    b0:41:c2:63:3e:b2:be:7a:ae:97:9d:05:e4:ff:b8:
                    00:00:8b:60:3a:4c:04:04:a4:eb:cd:47:ee:37:7c:
                    43:68:32:08:ba:f3:03:31:cb:88:66:9a:18:15:c1:
                    41:8c:ed:a5:32:83:63:0e:45:f6:a9:46:8c:3d:45:
                    dd:1e:17:a9:9e:4c:6e:3e:2a:5d:42:83:bf:04:13:
                    24:46:ed:c2:2a:4d:52:80:67:26:ec:16:19:37:93:
                    d5:50:7b:2a:51:9e:53:1e:8e:84:86:45:f3:a3:f8:
                    b0:7b:cf:e1:7e:44:29:03:34:fc:21:bb:dc:73:ee:
                    c4:3e:a6:6a:05:5d:89:94:11:f6:5f:44:98:9a:7c:
                    3f:73:01:54:1b:b7:46:ba:7a:93:db:e1:9a:8e:48:
                    ad:4c:38:8a:13:62:00:20:7b:b5:1f:ea:b0:f9:9d:
                    c4:bd:6e:70:3f:fd:33:7e:24:ac:ce:90:c5:75:47:
                    8f:df:9e:b3:c6:00:0f:36:ac:b4:c9:39:05:55:23:
                    8f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:07:D8:C6:E3:DD:1C:57:34:08:6D:5C:69:F9:C4:7E:E5:3F:83:C2
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/4AfYxuPdHFc0CG1cafnEfuU_g8I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.255.0/24
                  45.157.209.0/24
                  45.157.211.0/24
                  79.98.247.0/24
                  185.199.151.0/24
                  185.199.213.0/24
                  185.226.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:ed:3b:21:f3:40:6a:7e:3a:4c:42:c6:f2:ee:29:4b:b0:ff:
         5b:59:87:af:1e:67:18:cd:40:44:1d:ba:45:5c:b3:a2:f9:60:
         c9:4b:47:64:1b:53:cb:3b:4e:1b:99:01:fb:1b:fb:0c:97:19:
         22:d3:cd:ff:91:a4:17:07:35:82:6a:fb:f4:75:01:a1:4e:c5:
         e1:09:87:25:54:44:fd:aa:8a:49:51:c0:f8:be:e6:18:91:8e:
         f6:89:bd:e6:ea:f3:ff:cd:86:70:5c:65:f8:9a:d6:0e:90:f8:
         9d:5c:d0:90:5b:c0:ba:7f:37:76:bc:a0:e0:e1:0f:2a:95:dd:
         14:ac:bb:87:0e:e2:eb:8f:db:8a:92:b6:1a:5e:2c:2a:df:03:
         80:a9:3c:8c:2b:9d:de:07:16:e8:bb:9e:cf:eb:2b:8b:a4:72:
         c2:df:54:b3:06:1e:a5:bc:43:78:1a:10:74:43:d5:d7:b4:b1:
         6c:7f:7e:29:cc:5b:b5:1e:d0:69:9f:42:f3:f7:25:2c:26:1c:
         29:9b:55:47:cc:79:ee:78:ee:60:cb:7c:5b:df:fb:71:d8:8b:
         77:7d:87:dc:48:19:80:56:1d:68:01:96:9a:fa:39:86:ea:5c:
         19:df:36:05:97:c1:dc:f4:ee:56:74:7b:b5:ec:c7:47:c7:70:
         14:75:83:fe
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY1FBBR+YGxiEHLRdYLiCsBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTI2MDkwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDA3ZDhjNmUzZGQxYzU3MzQwODZkNWM2OWY5YzQ3ZWU1M2Y4M2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBLK4H9aaWDlPiXgW7IhMN9Ynmj4
LoGyZ8AgIZ8bAOcGxh/WF9kcZvA8ZmMH7Ck3nGnX89gtiTG8GeGwQcJjPrK+eq6X
nQXk/7gAAItgOkwEBKTrzUfuN3xDaDIIuvMDMcuIZpoYFcFBjO2lMoNjDkX2qUaM
PUXdHhepnkxuPipdQoO/BBMkRu3CKk1SgGcm7BYZN5PVUHsqUZ5THo6EhkXzo/iw
e8/hfkQpAzT8Ibvcc+7EPqZqBV2JlBH2X0SYmnw/cwFUG7dGunqT2+GajkitTDiK
E2IAIHu1H+qw+Z3EvW5wP/0zfiSszpDFdUeP356zxgAPNqy0yTkFVSOPIwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOAH2Mbj3RxXNAhtXGn5xH7lP4PCMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvNEFmWXh1UGRIRmMwQ0cxY2FmbkVmdVVfZzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZv/AwQA
LZ3RAwQALZ3TAwQAT2L3AwQAuceXAwQAucfVAwQAueK1MA0GCSqGSIb3DQEBCwUA
A4IBAQCK7Tsh80BqfjpMQsby7ilLsP9bWYevHmcYzUBEHbpFXLOi+WDJS0dkG1PL
O04bmQH7G/sMlxki083/kaQXBzWCavv0dQGhTsXhCYclVET9qopJUcD4vuYYkY72
ib3m6vP/zYZwXGX4mtYOkPidXNCQW8C6fzd2vKDg4Q8qld0UrLuHDuLrj9uKkrYa
Xiwq3wOAqTyMK53eBxbou57P6yuLpHLC31SzBh6lvEN4GhB0Q9XXtLFsf34pzFu1
HtBpn0Lz9yUsJhwpm1VHzHnueO5gy3xb3/tx2It3fYfcSBmAVh1oAZaa+jmG6lwZ
3zYFl8Hc9O5WdHu17MdHx3AUdYP+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org