Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/V_TF8_NGVjr_nkIHcFLPhXCviZM.roa
File:                     V_TF8_NGVjr_nkIHcFLPhXCviZM.roa (raw, json)
Hash identifier:          /ZIsLEW7VPIEjx5VR+MsMAVO+5NFQsORl+cIpIx0xH4=
Subject key identifier:   57:F4:C5:F3:F3:46:56:3A:FF:9E:42:07:70:52:CF:85:70:AF:89:93
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       0188B5A2C4FF84EDDCA73BC150CB07F95C25
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/V_TF8_NGVjr_nkIHcFLPhXCviZM.roa
Signing time:             Tue 13 Jun 2023 16:42:03 +0000
ROA not before:           Tue 13 Jun 2023 16:42:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.199.212.0/24 maxlen: 24
                          194.146.93.0/24 maxlen: 24
                          45.157.208.0/24 maxlen: 24
                          185.225.168.0/24 maxlen: 24
                          185.225.169.0/24 maxlen: 24
                          79.98.244.0/23 maxlen: 24
                          79.98.247.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 14 Jun 2023 09:24:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b5:a2:c4:ff:84:ed:dc:a7:3b:c1:50:cb:07:f9:5c:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Jun 13 16:42:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=57f4c5f3f346563aff9e42077052cf8570af8993
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:bd:7b:32:85:73:5a:89:41:5f:58:38:5e:da:
                    a5:c8:01:44:04:e2:30:c0:e2:b8:8b:61:7a:e8:d2:
                    f5:13:15:c7:36:98:1b:c5:7d:f5:50:56:75:57:f1:
                    6b:2b:39:5e:25:cf:b8:c5:db:fa:0e:13:61:3f:e3:
                    8b:3b:12:e0:fa:17:26:91:8e:af:48:16:0d:28:ae:
                    74:03:ec:67:67:22:9d:01:8f:25:c6:79:e4:73:8d:
                    51:fa:12:8f:49:c2:da:bb:55:5a:4e:44:a7:8b:13:
                    95:5b:15:c5:cd:91:5e:f9:e6:46:dc:eb:99:1d:45:
                    39:20:ea:3d:48:06:4a:74:a8:83:bc:f1:f4:63:db:
                    84:d4:26:14:74:2d:9a:6f:75:b0:b3:cd:aa:73:3d:
                    65:da:03:41:b3:3d:83:3d:bb:aa:90:66:49:d1:c5:
                    51:ad:58:9b:0d:b1:12:5d:d8:9f:fa:f7:ef:83:eb:
                    2f:a2:1d:87:6d:a2:44:4e:4f:6d:6d:52:de:f2:91:
                    d6:98:6b:1e:b3:34:ab:27:09:c3:89:97:99:15:2b:
                    f0:78:82:cd:cf:74:f5:cd:80:4b:15:b6:16:8d:50:
                    95:a1:9c:a9:8b:ea:fe:03:fd:d9:6a:00:78:57:ef:
                    07:32:5e:c1:c9:88:05:7e:89:ae:26:74:19:51:52:
                    28:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:F4:C5:F3:F3:46:56:3A:FF:9E:42:07:70:52:CF:85:70:AF:89:93
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/V_TF8_NGVjr_nkIHcFLPhXCviZM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.208.0/24
                  79.98.244.0/23
                  79.98.247.0/24
                  185.199.212.0/24
                  185.225.168.0/23
                  194.146.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:75:90:1b:36:3f:82:04:94:61:6c:17:42:8f:77:40:03:8d:
         3a:52:5e:71:af:1a:de:af:9e:7e:40:7c:88:d5:f9:94:3a:0f:
         6b:21:9b:04:92:be:ba:c6:ab:6d:fe:ba:52:69:66:80:e6:8d:
         6b:05:14:72:31:6c:b1:d0:f5:91:d7:fe:4b:7a:6b:65:7c:42:
         15:6e:63:79:10:51:2f:e6:33:5f:e5:ca:e2:4b:42:ed:6d:a9:
         c8:09:1c:a4:6f:2e:de:92:8a:f2:a4:14:b6:fb:4a:25:6b:95:
         b9:53:12:60:9c:68:8b:dd:1c:30:65:fc:2f:ee:fd:c8:57:30:
         94:61:55:f2:ee:45:e7:35:e7:f2:87:20:84:f8:c4:f8:22:42:
         a7:02:25:75:de:5b:b3:c9:13:9d:8e:4d:c7:68:0a:5b:95:60:
         9b:4a:1a:84:ae:ee:c9:1e:de:f2:85:c5:b0:e7:b9:4a:c1:8a:
         df:c8:e5:65:ad:a9:27:53:e3:59:a0:ff:c2:cc:7f:a8:68:f2:
         d3:9e:6b:b4:1b:41:e3:35:52:d6:73:e7:7e:27:bf:74:97:f4:
         43:50:d6:cc:ef:05:b8:7c:02:c7:e8:44:b2:c8:14:da:68:7d:
         df:b6:5d:dd:e1:80:1a:d5:fa:9e:43:38:b1:54:e5:fd:80:92:
         f7:a9:c7:5b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYi1osT/hO3cpzvBUMsH+VwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNjEzMTY0MjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2Y0YzVmM2YzNDY1NjNhZmY5ZTQyMDc3MDUyY2Y4NTcwYWY4OTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi717MoVzWolBX1g4XtqlyAFEBOIw
wOK4i2F66NL1ExXHNpgbxX31UFZ1V/FrKzleJc+4xdv6DhNhP+OLOxLg+hcmkY6v
SBYNKK50A+xnZyKdAY8lxnnkc41R+hKPScLau1VaTkSnixOVWxXFzZFe+eZG3OuZ
HUU5IOo9SAZKdKiDvPH0Y9uE1CYUdC2ab3Wws82qcz1l2gNBsz2DPbuqkGZJ0cVR
rVibDbESXdif+vfvg+svoh2HbaJETk9tbVLe8pHWmGseszSrJwnDiZeZFSvweILN
z3T1zYBLFbYWjVCVoZypi+r+A/3ZagB4V+8HMl7ByYgFfomuJnQZUVIoBwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFf0xfPzRlY6/55CB3BSz4Vwr4mTMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvVl9URjhfTkdWanJfbmtJSGNGTFBoWEN2aVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZ3QAwQB
T2L0AwQAT2L3AwQAucfUAwQBueGoAwQAwpJdMA0GCSqGSIb3DQEBCwUAA4IBAQBB
dZAbNj+CBJRhbBdCj3dAA406Ul5xrxrer55+QHyI1fmUOg9rIZsEkr66xqtt/rpS
aWaA5o1rBRRyMWyx0PWR1/5LemtlfEIVbmN5EFEv5jNf5criS0LtbanICRykby7e
korypBS2+0ola5W5UxJgnGiL3RwwZfwv7v3IVzCUYVXy7kXnNefyhyCE+MT4IkKn
AiV13luzyROdjk3HaApblWCbShqEru7JHt7yhcWw57lKwYrfyOVlraknU+NZoP/C
zH+oaPLTnmu0G0HjNVLWc+d+J790l/RDUNbM7wW4fALH6ESyyBTaaH3ftl3d4YAa
1fqeQzixVOX9gJL3qcdb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org