Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/sJRlc6bbApKxP1ZgOGGm33lxZsE.roa
File:                     sJRlc6bbApKxP1ZgOGGm33lxZsE.roa (raw, json)
Hash identifier:          mgN9fmTNkJji2bqeLCmaICtg7XW8t8hdUs04/7YY44Q=
Subject key identifier:   B0:94:65:73:A6:DB:02:92:B1:3F:56:60:38:61:A6:DF:79:71:66:C1
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       018A473DC3C89BEBC883C94BB6093426935C
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/sJRlc6bbApKxP1ZgOGGm33lxZsE.roa
Signing time:             Wed 30 Aug 2023 16:19:04 +0000
ROA not before:           Wed 30 Aug 2023 16:19:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59432
IP address blocks:        45.157.209.0/24 maxlen: 24
                          185.225.171.0/24 maxlen: 24
                          185.250.25.0/24 maxlen: 24
                          79.98.244.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 31 Aug 2023 07:29:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:47:3d:c3:c8:9b:eb:c8:83:c9:4b:b6:09:34:26:93:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Aug 30 16:19:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0946573a6db0292b13f56603861a6df797166c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:9f:d4:d4:9f:f2:1f:9e:07:82:eb:63:c8:f0:
                    8f:17:33:5b:26:be:f2:e9:42:bd:ac:6f:6d:ac:4c:
                    36:c3:63:1c:b6:27:c0:7d:c0:63:98:a6:f4:34:64:
                    aa:71:65:b8:f5:27:40:f4:90:f9:4d:68:fd:73:ca:
                    9b:1b:bd:de:68:78:98:95:de:cb:f7:7b:dc:8e:ce:
                    67:1f:77:e6:8a:e3:70:8a:00:f2:38:39:23:d4:77:
                    ed:34:50:26:95:e3:e0:f0:9c:7a:6d:4b:7f:57:6f:
                    5c:c9:56:46:2e:55:85:25:46:2f:a5:af:86:4f:80:
                    78:55:22:6a:2c:6e:ef:9d:ff:28:a8:ad:c1:2d:4d:
                    6a:b2:5b:21:97:fd:f7:cf:2a:fd:ed:d2:15:e5:00:
                    6c:7f:60:55:07:91:66:af:b5:7c:77:07:26:1e:cf:
                    2b:62:91:d3:0e:6c:3b:52:2e:86:75:58:1b:c3:17:
                    21:10:83:62:d1:d4:9c:b1:18:61:db:47:cc:b9:d5:
                    7a:85:1f:f8:76:9c:25:bd:66:2b:15:0f:36:31:ed:
                    bc:42:56:fc:89:92:8f:a5:b6:59:2f:d6:36:a0:51:
                    bf:64:94:2d:06:e1:c6:45:51:fd:15:a4:0f:df:f4:
                    fe:48:2c:a9:36:4e:0b:79:90:06:d2:c5:83:29:1c:
                    76:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:94:65:73:A6:DB:02:92:B1:3F:56:60:38:61:A6:DF:79:71:66:C1
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/sJRlc6bbApKxP1ZgOGGm33lxZsE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.209.0/24
                  79.98.244.0/23
                  185.225.171.0/24
                  185.250.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ca:ea:0b:b8:aa:e3:5d:71:78:a7:65:f6:72:1a:bf:c8:94:22:
         3c:bb:2e:9a:dd:d5:1a:73:8e:0e:fa:f7:bf:8f:43:cd:bd:9c:
         db:bc:4a:17:97:71:18:79:83:cf:2e:77:5d:fd:f4:1c:a3:70:
         dd:97:22:48:ee:39:09:25:f8:34:fe:10:87:52:c6:c0:e5:99:
         52:72:33:be:90:04:5f:e5:d8:b9:8c:31:f4:e8:e1:69:9f:a3:
         b8:25:a3:06:7e:6d:af:7d:f4:3e:f1:07:b2:9d:00:fb:4c:10:
         83:b9:01:3c:1d:a4:cc:1f:73:57:f5:67:3f:34:9f:1b:42:a5:
         77:9b:40:7f:55:4a:cb:7f:c3:a9:34:fa:e3:e2:ed:49:00:e0:
         ab:55:cd:6a:e9:a9:ec:93:f3:70:fe:8d:a6:d0:cf:5e:a1:83:
         19:68:fa:5f:b9:0b:98:0a:6b:84:6c:79:15:82:12:5d:58:06:
         ad:24:80:28:b5:55:65:3d:a5:07:63:01:05:09:9b:ae:d9:9c:
         2a:ee:9e:92:9d:56:f0:5a:4d:a8:ec:6c:ff:7c:09:5e:34:26:
         14:e3:e7:99:74:73:f9:6f:ba:f1:4f:2f:01:00:90:1c:63:dd:
         fa:cd:4a:2f:db:01:bb:f4:14:0e:a0:b0:af:d2:8d:38:15:65:
         47:a2:60:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpHPcPIm+vIg8lLtgk0JpNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwODMwMTYxOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk0NjU3M2E2ZGIwMjkyYjEzZjU2NjAzODYxYTZkZjc5NzE2NmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5/U1J/yH54HgutjyPCPFzNbJr7y
6UK9rG9trEw2w2MctifAfcBjmKb0NGSqcWW49SdA9JD5TWj9c8qbG73eaHiYld7L
93vcjs5nH3fmiuNwigDyODkj1HftNFAmlePg8Jx6bUt/V29cyVZGLlWFJUYvpa+G
T4B4VSJqLG7vnf8oqK3BLU1qslshl/33zyr97dIV5QBsf2BVB5Fmr7V8dwcmHs8r
YpHTDmw7Ui6GdVgbwxchEINi0dScsRhh20fMudV6hR/4dpwlvWYrFQ82Me28Qlb8
iZKPpbZZL9Y2oFG/ZJQtBuHGRVH9FaQP3/T+SCypNk4LeZAG0sWDKRx2dQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLCUZXOm2wKSsT9WYDhhpt95cWbBMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvc0pSbGM2YmJBcEt4UDFaZ09HR20zM2x4WnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZ3RAwQB
T2L0AwQAueGrAwQAufoZMA0GCSqGSIb3DQEBCwUAA4IBAQDK6gu4quNdcXinZfZy
Gr/IlCI8uy6a3dUac44O+ve/j0PNvZzbvEoXl3EYeYPPLndd/fQco3DdlyJI7jkJ
Jfg0/hCHUsbA5ZlScjO+kARf5di5jDH06OFpn6O4JaMGfm2vffQ+8QeynQD7TBCD
uQE8HaTMH3NX9Wc/NJ8bQqV3m0B/VUrLf8OpNPrj4u1JAOCrVc1q6ansk/Nw/o2m
0M9eoYMZaPpfuQuYCmuEbHkVghJdWAatJIAotVVlPaUHYwEFCZuu2Zwq7p6SnVbw
Wk2o7Gz/fAleNCYU4+eZdHP5b7rxTy8BAJAcY936zUov2wG79BQOoLCv0o04FWVH
omBs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:36 2024 by rpki-client on console-ams.rpki-client.org