Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_2-Jnz9nLjrndT4wX4JN7yTpz2Q.roa
File:                     _2-Jnz9nLjrndT4wX4JN7yTpz2Q.roa (raw, json)
Hash identifier:          Um7RUlXgO+rschmAZleXXqMhtLUl2OV+jaTNTV6ioSc=
Subject key identifier:   FF:6F:89:9F:3F:67:2E:3A:E7:75:3E:30:5F:82:4D:EF:24:E9:CF:64
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       018C91CDE2B62A38F6D45D23BAE8E32C8819
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_2-Jnz9nLjrndT4wX4JN7yTpz2Q.roa
Signing time:             Fri 22 Dec 2023 13:53:58 +0000
ROA not before:           Fri 22 Dec 2023 13:53:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.155.255.0/24 maxlen: 24
                          185.199.212.0/23 maxlen: 24
                          194.146.92.0/24 maxlen: 24
                          194.146.93.0/24 maxlen: 24
                          45.157.211.0/24 maxlen: 24
                          185.199.151.0/24 maxlen: 24
                          185.250.26.0/24 maxlen: 24
                          185.199.149.0/24 maxlen: 24
                          176.125.251.0/24 maxlen: 24
                          45.155.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 24 Dec 2023 10:14:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:91:cd:e2:b6:2a:38:f6:d4:5d:23:ba:e8:e3:2c:88:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Dec 22 13:53:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ff6f899f3f672e3ae7753e305f824def24e9cf64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c6:4f:0b:ca:b1:66:b6:cb:d3:17:3c:0d:7d:
                    11:06:b1:74:f9:e1:3c:c5:d6:d0:93:91:c0:74:7e:
                    d8:86:5a:3d:51:af:3f:3c:63:9a:e9:c6:e0:de:ce:
                    b0:46:a2:f4:7b:14:63:f1:eb:e2:df:03:be:93:57:
                    fa:4c:60:3e:b3:2f:d9:21:bb:3f:86:c3:bf:e9:09:
                    58:46:c2:ae:38:1c:3f:50:a3:6f:26:03:8b:71:ae:
                    84:77:68:96:d9:11:7c:13:92:a4:cb:fb:18:3f:80:
                    30:15:25:53:ed:c2:9c:f1:98:80:68:c5:37:61:f0:
                    1c:31:b4:6d:3e:57:15:e5:29:ff:f4:71:e2:29:45:
                    36:ea:88:45:39:c2:33:c6:42:55:e3:b4:1c:e7:47:
                    73:e9:c5:ac:c0:e8:b5:e5:76:13:c1:5c:1c:f9:73:
                    26:26:a1:be:8f:fd:26:e4:f0:aa:2c:82:0f:24:51:
                    49:8f:1e:70:9f:83:bb:1e:0a:8b:de:94:77:df:14:
                    2b:6e:8d:43:79:bc:79:df:60:43:f3:a6:d6:3d:26:
                    b3:4e:fe:5c:75:01:cb:5e:cc:4c:14:ee:62:c7:83:
                    80:de:cf:3c:3a:b5:57:5e:75:c1:36:a5:33:8b:a9:
                    34:48:22:86:12:3e:de:13:c4:b2:30:ac:bb:aa:66:
                    d4:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:6F:89:9F:3F:67:2E:3A:E7:75:3E:30:5F:82:4D:EF:24:E9:CF:64
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/_2-Jnz9nLjrndT4wX4JN7yTpz2Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.252.0/24
                  45.155.255.0/24
                  45.157.211.0/24
                  176.125.251.0/24
                  185.199.149.0/24
                  185.199.151.0/24
                  185.199.212.0/23
                  185.250.26.0/24
                  194.146.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9a:9e:8c:30:04:8c:3e:5b:d8:1c:1c:b5:6e:44:f1:cc:15:7f:
         ed:24:3e:af:54:d1:7c:fb:07:c8:e6:b7:27:b5:72:20:6f:11:
         1a:5e:f7:6d:a3:20:46:da:a5:9d:05:77:51:a0:cc:66:31:9d:
         19:87:bf:92:b6:bc:94:99:7f:32:fa:6e:4c:86:15:d9:ed:70:
         af:f6:d5:27:46:5a:3f:39:d7:e0:49:02:6c:db:d6:42:6c:7e:
         c3:20:2d:3c:df:78:4e:9a:f6:5e:7a:de:ba:a8:55:9a:db:e3:
         74:49:da:ed:e8:4f:2f:7f:23:6e:e8:85:7e:9c:aa:71:67:99:
         15:57:af:8d:fc:ef:19:68:5b:5b:26:48:ff:45:0b:51:df:4b:
         25:14:4b:85:07:75:df:de:2d:cd:df:09:11:d2:65:26:45:40:
         de:02:8c:ea:9a:87:47:56:e1:94:89:f6:4e:40:c5:c7:80:a5:
         39:2c:93:5d:15:d2:c0:e2:1b:74:2c:11:05:b3:d0:42:52:f1:
         18:d3:7b:f3:a5:ea:47:07:1c:8e:eb:8d:5c:58:fc:db:e5:73:
         43:a7:54:8b:5b:81:49:d4:b4:c0:a0:8c:4f:1a:40:66:fe:bb:
         98:41:03:8b:18:ae:75:6b:37:5d:89:15:51:25:ba:8e:53:4b:
         15:3e:a8:46
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYyRzeK2Kjj21F0juujjLIgZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjIyMTM1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjZmODk5ZjNmNjcyZTNhZTc3NTNlMzA1ZjgyNGRlZjI0ZTljZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsZPC8qxZrbL0xc8DX0RBrF0+eE8
xdbQk5HAdH7Yhlo9Ua8/PGOa6cbg3s6wRqL0exRj8evi3wO+k1f6TGA+sy/ZIbs/
hsO/6QlYRsKuOBw/UKNvJgOLca6Ed2iW2RF8E5Kky/sYP4AwFSVT7cKc8ZiAaMU3
YfAcMbRtPlcV5Sn/9HHiKUU26ohFOcIzxkJV47Qc50dz6cWswOi15XYTwVwc+XMm
JqG+j/0m5PCqLIIPJFFJjx5wn4O7HgqL3pR33xQrbo1Debx532BD86bWPSazTv5c
dQHLXsxMFO5ix4OA3s88OrVXXnXBNqUzi6k0SCKGEj7eE8SyMKy7qmbUlwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFP9viZ8/Zy4653U+MF+CTe8k6c9kMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvXzItSm56OW5ManJuZFQ0d1g0Sk43eVRwejJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZv8AwQA
LZv/AwQALZ3TAwQAsH37AwQAuceVAwQAuceXAwQBucfUAwQAufoaAwQBwpJcMA0G
CSqGSIb3DQEBCwUAA4IBAQCanowwBIw+W9gcHLVuRPHMFX/tJD6vVNF8+wfI5rcn
tXIgbxEaXvdtoyBG2qWdBXdRoMxmMZ0Zh7+StryUmX8y+m5MhhXZ7XCv9tUnRlo/
OdfgSQJs29ZCbH7DIC0833hOmvZeet66qFWa2+N0Sdrt6E8vfyNu6IV+nKpxZ5kV
V6+N/O8ZaFtbJkj/RQtR30slFEuFB3Xf3i3N3wkR0mUmRUDeAozqmodHVuGUifZO
QMXHgKU5LJNdFdLA4ht0LBEFs9BCUvEY03vzpepHBxyO641cWPzb5XNDp1SLW4FJ
1LTAoIxPGkBm/ruYQQOLGK51azddiRVRJbqOU0sVPqhG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org