Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xqIm4w3mHh_xcrkZmyhIm04tXxM.roa
File:                     xqIm4w3mHh_xcrkZmyhIm04tXxM.roa (raw, json)
Hash identifier:          oAYRz2qGT+4KGp/1FXZX2vN0ZlA/07i1LU93RuWZix4=
Subject key identifier:   C6:A2:26:E3:0D:E6:1E:1F:F1:72:B9:19:9B:28:48:9B:4E:2D:5F:13
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       01877B69E691BF81721535E2B7FF9C0C6553
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xqIm4w3mHh_xcrkZmyhIm04tXxM.roa
Signing time:             Thu 13 Apr 2023 16:19:10 +0000
ROA not before:           Thu 13 Apr 2023 16:19:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200482
IP address blocks:        185.199.213.0/24 maxlen: 24
                          45.157.209.0/24 maxlen: 24
                          79.98.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 May 2023 11:39:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7b:69:e6:91:bf:81:72:15:35:e2:b7:ff:9c:0c:65:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Apr 13 16:19:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c6a226e30de61e1ff172b9199b28489b4e2d5f13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:66:bf:ff:7b:e1:90:96:8a:8f:9c:bc:9e:a2:
                    01:c8:72:c9:47:19:a7:7a:80:73:5e:d8:b5:b7:7a:
                    6e:9f:c8:02:c6:0f:20:8b:2e:5c:55:75:72:fa:c5:
                    ad:c5:c0:fa:39:cf:80:e4:7d:02:f9:4d:a4:74:4e:
                    03:de:d1:e4:ac:db:d3:3f:0c:9b:0b:7a:70:6b:ae:
                    b9:74:85:dc:b2:cd:a3:9e:a7:9b:c9:b6:ea:05:4c:
                    7a:9b:8c:14:d8:85:04:a3:27:33:63:51:c9:21:d7:
                    53:b5:37:12:dc:ac:34:ae:cc:78:d7:cd:7b:51:b5:
                    b1:38:5d:bf:96:a3:70:53:70:b8:1a:e8:0d:cf:fd:
                    69:c8:4d:51:5b:fb:ad:c2:f9:33:7e:c8:10:c5:99:
                    54:3e:c0:23:d3:c6:2a:00:ca:92:c8:19:de:98:47:
                    4a:53:c8:b7:ca:18:f3:8f:e2:3d:78:75:ba:f3:2e:
                    90:2e:c5:4c:39:13:c6:2e:ca:78:91:7b:1d:86:02:
                    0d:c1:18:a9:7d:cb:a6:e7:6c:6c:1a:ae:bc:2e:61:
                    a5:78:0a:4b:f6:a2:84:16:7b:b7:21:1d:83:cc:3a:
                    a6:d0:d1:6d:84:7c:4d:ab:93:f2:7c:1c:0a:b8:83:
                    e3:52:0f:14:74:92:56:3f:96:9a:85:35:7e:1e:12:
                    bf:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:A2:26:E3:0D:E6:1E:1F:F1:72:B9:19:9B:28:48:9B:4E:2D:5F:13
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/xqIm4w3mHh_xcrkZmyhIm04tXxM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.209.0/24
                  79.98.246.0/24
                  185.199.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:6e:8b:2a:b7:50:f8:22:a6:aa:a6:20:fb:b3:d2:f7:86:e2:
         5f:62:c0:3e:63:81:8e:69:fc:d2:cf:ab:18:08:ac:b9:ce:f0:
         8c:e3:f2:b3:f5:e8:e4:e1:f0:6c:d5:bb:5e:e1:15:a4:46:78:
         9d:04:b6:7f:81:75:dd:d1:a0:ee:14:6c:9a:af:17:74:50:11:
         e8:3f:4c:56:0e:d8:da:da:47:10:09:81:a5:85:f4:8d:79:91:
         6c:36:b9:a8:bf:e4:2f:67:59:24:9b:c0:c1:3f:6a:f7:c5:29:
         78:c9:3f:c5:69:27:f7:71:4b:c2:41:e7:02:92:e1:94:9e:c9:
         23:79:04:b9:d7:12:f1:d2:57:86:54:1e:6f:f2:13:42:86:61:
         fb:c6:22:72:81:d8:28:02:99:8d:26:7b:fc:c2:63:74:ee:12:
         92:0d:f7:aa:57:98:d7:c0:1e:b6:fe:ab:64:9c:b3:b7:d9:95:
         5f:80:e9:84:42:74:e7:e3:fd:28:ef:05:9e:99:8d:d3:4c:3c:
         9f:1d:20:3e:b5:e1:83:0d:ef:f4:22:57:08:4b:e6:07:84:0d:
         69:7f:2a:e2:bd:0c:e9:e8:03:1c:de:ef:ae:01:a9:0e:9e:d0:
         79:ab:f8:cf:86:63:8b:5e:ca:a7:a4:a9:e5:e2:b8:bc:57:fb:
         3d:ea:1d:47
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd7aeaRv4FyFTXit/+cDGVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDEzMTYxOTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmEyMjZlMzBkZTYxZTFmZjE3MmI5MTk5YjI4NDg5YjRlMmQ1ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2a//3vhkJaKj5y8nqIByHLJRxmn
eoBzXti1t3pun8gCxg8giy5cVXVy+sWtxcD6Oc+A5H0C+U2kdE4D3tHkrNvTPwyb
C3pwa665dIXcss2jnqebybbqBUx6m4wU2IUEoyczY1HJIddTtTcS3Kw0rsx41817
UbWxOF2/lqNwU3C4GugNz/1pyE1RW/utwvkzfsgQxZlUPsAj08YqAMqSyBnemEdK
U8i3yhjzj+I9eHW68y6QLsVMORPGLsp4kXsdhgINwRipfcum52xsGq68LmGleApL
9qKEFnu3IR2DzDqm0NFthHxNq5PyfBwKuIPjUg8UdJJWP5aahTV+HhK/UwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMaiJuMN5h4f8XK5GZsoSJtOLV8TMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEveHFJbTR3M21IaF94Y3JrWm15aEltMDR0WHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZ3RAwQA
T2L2AwQAucfVMA0GCSqGSIb3DQEBCwUAA4IBAQAjbosqt1D4IqaqpiD7s9L3huJf
YsA+Y4GOafzSz6sYCKy5zvCM4/Kz9ejk4fBs1bte4RWkRnidBLZ/gXXd0aDuFGya
rxd0UBHoP0xWDtja2kcQCYGlhfSNeZFsNrmov+QvZ1kkm8DBP2r3xSl4yT/FaSf3
cUvCQecCkuGUnskjeQS51xLx0leGVB5v8hNChmH7xiJygdgoApmNJnv8wmN07hKS
DfeqV5jXwB62/qtknLO32ZVfgOmEQnTn4/0o7wWemY3TTDyfHSA+teGDDe/0IlcI
S+YHhA1pfyrivQzp6AMc3u+uAakOntB5q/jPhmOLXsqnpKnl4ri8V/s96h1H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org