Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/j25GvwnMUVDEDmIYkxGyqxJvaH0.roa
File:                     j25GvwnMUVDEDmIYkxGyqxJvaH0.roa (raw, json)
Hash identifier:          XtzcpNOjS16zRzZ+IDWWbd+ps7wm1mUc3ili9D0BJRg=
Subject key identifier:   8F:6E:46:BF:09:CC:51:50:C4:0E:62:18:93:11:B2:AB:12:6F:68:7D
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       018C5B3B0FEE2B42B915139A39A1BDADE29D
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/j25GvwnMUVDEDmIYkxGyqxJvaH0.roa
Signing time:             Mon 11 Dec 2023 23:34:06 +0000
ROA not before:           Mon 11 Dec 2023 23:34:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.155.255.0/24 maxlen: 24
                          185.199.212.0/23 maxlen: 24
                          45.157.211.0/24 maxlen: 24
                          185.199.151.0/24 maxlen: 24
                          185.250.26.0/24 maxlen: 24
                          185.199.148.0/24 maxlen: 24
                          185.199.149.0/24 maxlen: 24
                          45.155.252.0/24 maxlen: 24
                          194.146.92.0/24 maxlen: 24
                          194.146.93.0/24 maxlen: 24
                          79.98.246.0/23 maxlen: 24
                          79.98.247.0/24 maxlen: 24
                          176.125.251.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Dec 2023 10:57:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5b:3b:0f:ee:2b:42:b9:15:13:9a:39:a1:bd:ad:e2:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Dec 11 23:34:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f6e46bf09cc5150c40e62189311b2ab126f687d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:b5:b1:ab:f0:1b:36:8c:92:ad:4a:4a:10:c6:
                    1c:32:a6:c7:1c:80:ff:64:a1:44:1f:d0:1e:37:1b:
                    0a:e3:4b:42:e1:a4:31:3a:f6:9e:aa:d5:97:c3:bf:
                    4f:6e:5a:c7:b1:1b:95:24:3f:30:1d:e6:62:4f:c2:
                    d9:78:d4:32:1e:b5:2a:97:a5:a9:e7:06:ab:36:52:
                    95:66:2a:ce:88:2c:27:ae:7d:3d:11:f0:b8:c1:4b:
                    04:00:06:62:c4:11:a6:2d:74:bf:89:7d:40:d2:34:
                    99:5a:69:0c:f3:e0:8d:b9:18:de:a7:e3:72:98:9c:
                    30:62:e9:4c:2d:c9:51:1e:d0:c9:62:ff:dc:34:80:
                    93:5b:38:d1:07:e5:9c:b5:9f:ec:38:ac:60:30:b3:
                    f9:ab:f9:19:ee:ec:8b:f4:c5:c9:8e:76:96:f5:7f:
                    6d:23:ba:6b:a0:bb:87:15:a5:5c:4b:54:59:6a:59:
                    84:2c:6c:96:f1:11:a5:82:02:ef:28:29:ef:0b:43:
                    6f:e6:e3:a8:9d:6b:0f:c1:9c:3c:cd:a8:bd:b9:f9:
                    e0:00:1f:8b:eb:80:28:7d:38:80:88:61:39:0a:8f:
                    b5:f3:12:a8:98:1d:cc:4f:e0:fd:7f:c4:3e:ba:ac:
                    d2:60:9d:8b:71:76:ee:d6:7c:91:d3:77:c0:8e:a9:
                    4f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:6E:46:BF:09:CC:51:50:C4:0E:62:18:93:11:B2:AB:12:6F:68:7D
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/j25GvwnMUVDEDmIYkxGyqxJvaH0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.252.0/24
                  45.155.255.0/24
                  45.157.211.0/24
                  79.98.246.0/23
                  176.125.251.0/24
                  185.199.148.0/23
                  185.199.151.0/24
                  185.199.212.0/23
                  185.250.26.0/24
                  194.146.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a1:26:09:ee:4f:57:10:61:4c:d4:ef:01:7a:02:7c:99:cc:f0:
         9b:61:68:a2:5d:46:e1:4b:48:fe:6c:51:30:2e:fb:d9:4a:74:
         ac:fc:6d:b3:eb:24:ac:3c:b2:17:a1:10:c5:67:94:9e:72:c5:
         a8:9c:62:9b:14:d0:91:a7:4d:31:14:3d:c9:b6:49:85:10:53:
         b6:3f:2c:01:11:bc:ff:64:69:d6:f9:cd:35:1d:bb:a9:56:e8:
         de:f8:0f:5a:64:ff:35:60:d7:b9:0b:f1:5d:b7:b6:06:fc:42:
         f3:63:5b:8b:c2:5f:1c:dd:55:2e:90:a5:d3:79:cc:51:f7:fd:
         4f:44:d3:64:a0:91:6e:96:ca:db:32:3f:fc:58:db:a0:a2:70:
         35:7f:42:5b:3a:75:b4:32:9c:9f:9f:a8:ba:91:28:48:06:dc:
         68:20:94:4d:e7:c4:6f:44:91:0f:15:ae:4f:45:65:b9:64:bc:
         3e:ee:ac:41:d0:d6:01:87:6a:af:1b:3f:68:d0:3f:26:21:03:
         4f:67:99:35:fa:c9:51:56:fe:2a:35:9b:ae:34:c6:63:20:69:
         27:43:2f:08:20:16:fa:55:6b:9c:fa:88:72:fd:15:e0:81:9e:
         da:3d:68:c3:52:b0:c1:1c:75:2b:f7:d9:8b:01:ab:96:fc:cf:
         fc:34:fc:17
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYxbOw/uK0K5FROaOaG9reKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjExMjMzNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjZlNDZiZjA5Y2M1MTUwYzQwZTYyMTg5MzExYjJhYjEyNmY2ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27Wxq/AbNoySrUpKEMYcMqbHHID/
ZKFEH9AeNxsK40tC4aQxOvaeqtWXw79PblrHsRuVJD8wHeZiT8LZeNQyHrUql6Wp
5warNlKVZirOiCwnrn09EfC4wUsEAAZixBGmLXS/iX1A0jSZWmkM8+CNuRjep+Ny
mJwwYulMLclRHtDJYv/cNICTWzjRB+WctZ/sOKxgMLP5q/kZ7uyL9MXJjnaW9X9t
I7proLuHFaVcS1RZalmELGyW8RGlggLvKCnvC0Nv5uOonWsPwZw8zai9ufngAB+L
64AofTiAiGE5Co+18xKomB3MT+D9f8Q+uqzSYJ2LcXbu1nyR03fAjqlPvQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFI9uRr8JzFFQxA5iGJMRsqsSb2h9MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvajI1R3Z3bk1VVkRFRG1JWWt4R3lxeEp2YUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALZv8AwQA
LZv/AwQALZ3TAwQBT2L2AwQAsH37AwQBuceUAwQAuceXAwQBucfUAwQAufoaAwQB
wpJcMA0GCSqGSIb3DQEBCwUAA4IBAQChJgnuT1cQYUzU7wF6AnyZzPCbYWiiXUbh
S0j+bFEwLvvZSnSs/G2z6ySsPLIXoRDFZ5SecsWonGKbFNCRp00xFD3JtkmFEFO2
PywBEbz/ZGnW+c01HbupVuje+A9aZP81YNe5C/Fdt7YG/ELzY1uLwl8c3VUukKXT
ecxR9/1PRNNkoJFulsrbMj/8WNugonA1f0JbOnW0Mpyfn6i6kShIBtxoIJRN58Rv
RJEPFa5PRWW5ZLw+7qxB0NYBh2qvGz9o0D8mIQNPZ5k1+slRVv4qNZuuNMZjIGkn
Qy8IIBb6VWuc+ohy/RXggZ7aPWjDUrDBHHUr99mLAauW/M/8NPwX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org