Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/uWbFdpJiGgdXe9hqcjhLN5wStMY.roa
File:                     uWbFdpJiGgdXe9hqcjhLN5wStMY.roa (raw, json)
Hash identifier:          lcLmaq5m0wjkkE4CN7R99XIW8F+EcKZ3LDY1u8VbK6g=
Subject key identifier:   B9:66:C5:76:92:62:1A:07:57:7B:D8:6A:72:38:4B:37:9C:12:B4:C6
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       0188D8CE13CADC2C2F4DD4EEB2915E846553
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/uWbFdpJiGgdXe9hqcjhLN5wStMY.roa
Signing time:             Tue 20 Jun 2023 12:36:04 +0000
ROA not before:           Tue 20 Jun 2023 12:36:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.155.255.0/24 maxlen: 24
                          194.146.93.0/24 maxlen: 24
                          45.157.209.0/24 maxlen: 24
                          79.98.247.0/24 maxlen: 24
                          176.125.250.0/24 maxlen: 24
                          176.125.251.0/24 maxlen: 24
                          45.155.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 21 Jun 2023 14:19:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d8:ce:13:ca:dc:2c:2f:4d:d4:ee:b2:91:5e:84:65:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Jun 20 12:36:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b966c57692621a07577bd86a72384b379c12b4c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ea:ca:0d:f2:cd:e6:da:b8:94:ba:d0:e7:00:
                    cc:98:15:06:12:8e:e9:bf:62:8f:93:61:3b:9f:c0:
                    c9:af:6d:1c:26:6f:09:31:c5:46:6e:df:ce:e0:02:
                    ab:c6:7a:ad:c4:f4:d5:c0:f2:f9:19:62:96:95:a0:
                    ca:5f:14:b4:21:d3:3a:e2:b3:7b:e2:4c:1a:6d:ad:
                    05:45:00:3f:0a:7a:0d:34:b9:b6:73:6c:d2:f5:71:
                    28:5f:a2:40:58:ed:b4:85:68:c5:da:fe:5a:27:ae:
                    44:25:97:ff:b6:0e:e1:d3:2e:3f:e8:22:f6:53:a1:
                    fa:65:11:17:31:95:a2:c3:9e:57:37:e7:4d:ee:a6:
                    7f:13:87:5f:15:60:b1:ad:f0:52:cf:6a:27:71:35:
                    a5:08:e7:8e:15:fd:8c:1e:96:8b:4a:a8:7d:14:12:
                    b7:47:f1:4b:54:83:5d:46:f8:31:0f:05:b1:ad:90:
                    ec:47:5b:b0:91:dc:8b:e2:d1:99:44:8c:6d:9d:87:
                    f2:34:ed:29:38:ee:ab:42:44:35:17:3b:4d:21:46:
                    ec:b2:4b:9e:5c:5f:fb:e3:91:63:cc:23:4f:1e:ca:
                    63:03:8e:d1:54:ee:ff:fc:2e:a4:77:59:5a:97:57:
                    d0:e1:aa:c6:26:5d:59:1e:f6:29:c7:45:ff:1c:c3:
                    5c:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:66:C5:76:92:62:1A:07:57:7B:D8:6A:72:38:4B:37:9C:12:B4:C6
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/uWbFdpJiGgdXe9hqcjhLN5wStMY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.155.252.0/24
                  45.155.255.0/24
                  45.157.209.0/24
                  79.98.247.0/24
                  176.125.250.0/23
                  194.146.93.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:12:e0:74:09:a5:22:f0:01:0d:1e:64:f6:e5:eb:01:24:03:
         6e:60:91:5f:83:32:3c:59:df:47:14:26:37:bc:2b:26:f8:ba:
         13:e5:38:fe:9f:6f:6a:11:85:7f:4e:4f:bb:a6:ef:46:aa:4b:
         77:61:d9:d3:cd:6b:df:da:ff:fd:40:c7:2b:b8:39:84:57:84:
         22:8f:70:e4:e7:9a:14:c2:40:ff:06:e5:1e:36:01:84:a6:20:
         fc:23:77:df:e9:b6:90:4e:75:80:c7:a5:ad:a0:31:2f:1f:68:
         8f:21:03:e5:e8:37:51:e0:ac:67:73:f2:2d:d9:bd:c6:16:82:
         ef:4f:20:ea:32:fb:11:d9:88:af:46:8d:0c:12:80:8d:a0:a9:
         f8:32:fd:f0:06:51:9d:72:58:6a:dd:2d:07:cc:ff:f9:04:41:
         70:41:dc:18:17:3b:10:bc:b4:26:c9:f8:7d:d2:28:e0:62:a2:
         3c:d7:16:b5:0d:ff:cc:82:5b:ae:60:a6:67:01:de:e2:62:72:
         4f:2c:07:bb:85:1d:91:df:00:c2:12:30:d8:3e:c9:86:28:e5:
         de:05:17:ca:62:aa:9a:83:ef:32:8f:3f:b1:35:fc:01:6e:ef:
         45:40:08:1a:5c:46:9b:62:c9:dc:48:55:01:4c:ec:7e:9d:bd:
         8c:76:0a:b3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYjYzhPK3CwvTdTuspFehGVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNjIwMTIzNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTY2YzU3NjkyNjIxYTA3NTc3YmQ4NmE3MjM4NGIzNzljMTJiNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOrKDfLN5tq4lLrQ5wDMmBUGEo7p
v2KPk2E7n8DJr20cJm8JMcVGbt/O4AKrxnqtxPTVwPL5GWKWlaDKXxS0IdM64rN7
4kwaba0FRQA/CnoNNLm2c2zS9XEoX6JAWO20hWjF2v5aJ65EJZf/tg7h0y4/6CL2
U6H6ZREXMZWiw55XN+dN7qZ/E4dfFWCxrfBSz2oncTWlCOeOFf2MHpaLSqh9FBK3
R/FLVINdRvgxDwWxrZDsR1uwkdyL4tGZRIxtnYfyNO0pOO6rQkQ1FztNIUbsskue
XF/745FjzCNPHspjA47RVO7//C6kd1lal1fQ4arGJl1ZHvYpx0X/HMNcewIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLlmxXaSYhoHV3vYanI4SzecErTGMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvdVdiRmRwSmlHZ2RYZTlocWNqaExONXdTdE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZv8AwQA
LZv/AwQALZ3RAwQAT2L3AwQBsH36AwQAwpJdMA0GCSqGSIb3DQEBCwUAA4IBAQBU
EuB0CaUi8AENHmT25esBJANuYJFfgzI8Wd9HFCY3vCsm+LoT5Tj+n29qEYV/Tk+7
pu9Gqkt3YdnTzWvf2v/9QMcruDmEV4Qij3Dk55oUwkD/BuUeNgGEpiD8I3ff6baQ
TnWAx6WtoDEvH2iPIQPl6DdR4Kxnc/It2b3GFoLvTyDqMvsR2YivRo0MEoCNoKn4
Mv3wBlGdclhq3S0HzP/5BEFwQdwYFzsQvLQmyfh90ijgYqI81xa1Df/MgluuYKZn
Ad7iYnJPLAe7hR2R3wDCEjDYPsmGKOXeBRfKYqqag+8yjz+xNfwBbu9FQAgaXEab
YsncSFUBTOx+nb2Mdgqz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org