Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/rM9ULQ9b6X0hcFYjpMzRoC2up44.roa
File:                     rM9ULQ9b6X0hcFYjpMzRoC2up44.roa (raw, json)
Hash identifier:          4iVQs/KoKk1KICo9Vv13o5hG8EeMLElZ01+7CbNWSHo=
Subject key identifier:   AC:CF:54:2D:0F:5B:E9:7D:21:70:56:23:A4:CC:D1:A0:2D:AE:A7:8E
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       018C6CDE70CE908C09ED102516A61585212A
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/rM9ULQ9b6X0hcFYjpMzRoC2up44.roa
Signing time:             Fri 15 Dec 2023 09:46:06 +0000
ROA not before:           Fri 15 Dec 2023 09:46:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.155.255.0/24 maxlen: 24
                          185.199.212.0/23 maxlen: 24
                          45.157.210.0/24 maxlen: 24
                          45.157.211.0/24 maxlen: 24
                          185.199.151.0/24 maxlen: 24
                          185.250.26.0/24 maxlen: 24
                          185.199.148.0/24 maxlen: 24
                          185.199.149.0/24 maxlen: 24
                          45.155.252.0/24 maxlen: 24
                          194.146.92.0/24 maxlen: 24
                          194.146.93.0/24 maxlen: 24
                          79.98.246.0/23 maxlen: 24
                          79.98.247.0/24 maxlen: 24
                          176.125.251.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Dec 2023 01:23:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:6c:de:70:ce:90:8c:09:ed:10:25:16:a6:15:85:21:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Dec 15 09:46:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=accf542d0f5be97d21705623a4ccd1a02daea78e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3a:1c:6c:f3:e1:6e:e9:e4:f3:93:15:56:6b:
                    03:a6:aa:af:8b:38:5a:90:b6:1d:9f:a6:a9:ec:a0:
                    a7:96:e8:10:56:d1:d9:45:c5:29:6d:c9:48:b3:c6:
                    c3:ce:02:66:28:52:5e:9b:2c:12:f6:58:e3:da:48:
                    c7:89:ee:04:70:2e:49:cc:ac:dc:39:62:53:46:78:
                    b0:d7:bc:a4:4e:3c:34:ec:73:55:09:06:06:9b:65:
                    22:31:08:1a:d8:58:dc:af:0f:eb:d1:69:f9:c8:6c:
                    4f:23:39:08:db:a4:5f:12:67:9c:b1:85:6c:04:ef:
                    08:71:18:cc:0b:e1:46:ff:57:56:52:5f:45:5e:f7:
                    84:18:7d:cb:c3:7d:d5:f8:e9:20:51:7c:37:ec:92:
                    6c:ef:02:67:86:45:a8:e9:64:84:fe:c5:9e:73:a7:
                    2a:58:e4:94:33:58:bf:07:94:c1:d6:5d:af:c7:73:
                    fd:40:22:41:87:3c:9a:11:c3:d4:d4:3c:0e:85:31:
                    5f:44:5e:e7:00:9e:67:43:6a:64:fa:bc:ea:15:cc:
                    01:d1:b7:ef:09:27:07:c3:12:ea:e1:42:a4:b0:6d:
                    1a:84:56:44:03:5f:e6:9f:e0:3a:5c:63:9e:ef:68:
                    6a:42:cc:00:bf:3e:f9:0f:f5:5c:31:e3:6e:77:1e:
                    47:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:CF:54:2D:0F:5B:E9:7D:21:70:56:23:A4:CC:D1:A0:2D:AE:A7:8E
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/rM9ULQ9b6X0hcFYjpMzRoC2up44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.252.0/24
                  45.155.255.0/24
                  45.157.210.0/23
                  79.98.246.0/23
                  176.125.251.0/24
                  185.199.148.0/23
                  185.199.151.0/24
                  185.199.212.0/23
                  185.250.26.0/24
                  194.146.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         84:17:61:27:0a:52:5a:bd:53:ab:91:f0:a0:78:7c:70:85:58:
         ef:cd:42:cf:60:03:13:1d:54:81:7a:27:f0:bd:2d:9f:94:b1:
         82:85:ca:07:84:49:51:5b:6a:4d:76:1d:b1:91:06:a5:52:0f:
         9a:6f:2a:66:37:2f:e4:31:48:eb:db:7f:85:c4:b2:6c:1f:54:
         6a:75:d6:9e:a7:f3:15:f4:be:61:ed:bf:16:cb:14:f1:ea:37:
         e6:28:51:ce:78:1b:3e:5e:e7:93:1e:8f:f1:6c:8c:a4:f2:7a:
         53:1e:68:86:3d:7b:4d:61:4a:de:4e:dc:f2:ff:59:62:66:e1:
         4b:87:46:ec:05:86:84:29:dd:06:a2:5e:2e:3e:81:83:a8:35:
         19:8a:84:e2:5f:74:60:9d:78:df:65:2c:59:e9:40:4a:c3:56:
         62:bb:c6:c6:9e:45:96:e5:b1:3f:a8:0d:65:53:e0:4d:cf:7c:
         57:af:ae:86:fa:dc:ff:5d:b1:9a:2a:60:bb:2c:21:06:6b:07:
         dc:3b:35:ae:71:08:a8:29:d8:47:6e:9e:4e:cb:cf:04:88:dd:
         3f:52:df:fb:8a:8a:83:a0:12:09:96:44:fc:6d:15:05:e0:4e:
         21:e9:5c:e3:8e:5f:15:33:e2:e1:4f:45:27:12:ff:23:fb:eb:
         c7:a8:87:24
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYxs3nDOkIwJ7RAlFqYVhSEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjE1MDk0NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2NmNTQyZDBmNWJlOTdkMjE3MDU2MjNhNGNjZDFhMDJkYWVhNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzocbPPhbunk85MVVmsDpqqvizha
kLYdn6ap7KCnlugQVtHZRcUpbclIs8bDzgJmKFJemywS9ljj2kjHie4EcC5JzKzc
OWJTRniw17ykTjw07HNVCQYGm2UiMQga2Fjcrw/r0Wn5yGxPIzkI26RfEmecsYVs
BO8IcRjMC+FG/1dWUl9FXveEGH3Lw33V+OkgUXw37JJs7wJnhkWo6WSE/sWec6cq
WOSUM1i/B5TB1l2vx3P9QCJBhzyaEcPU1DwOhTFfRF7nAJ5nQ2pk+rzqFcwB0bfv
CScHwxLq4UKksG0ahFZEA1/mn+A6XGOe72hqQswAvz75D/VcMeNudx5HSwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKzPVC0PW+l9IXBWI6TM0aAtrqeOMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvck05VUxROWI2WDBoY0ZZanBNelJvQzJ1cDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALZv8AwQA
LZv/AwQBLZ3SAwQBT2L2AwQAsH37AwQBuceUAwQAuceXAwQBucfUAwQAufoaAwQB
wpJcMA0GCSqGSIb3DQEBCwUAA4IBAQCEF2EnClJavVOrkfCgeHxwhVjvzULPYAMT
HVSBeifwvS2flLGChcoHhElRW2pNdh2xkQalUg+abypmNy/kMUjr23+FxLJsH1Rq
ddaep/MV9L5h7b8WyxTx6jfmKFHOeBs+XueTHo/xbIyk8npTHmiGPXtNYUreTtzy
/1liZuFLh0bsBYaEKd0Gol4uPoGDqDUZioTiX3RgnXjfZSxZ6UBKw1Ziu8bGnkWW
5bE/qA1lU+BNz3xXr66G+tz/XbGaKmC7LCEGawfcOzWucQioKdhHbp5Oy88EiN0/
Ut/7ioqDoBIJlkT8bRUF4E4h6Vzjjl8VM+LhT0UnEv8j++vHqIck
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:36 2024 by rpki-client on console-ams.rpki-client.org