Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/I2Zp3O9GuDESzIwxuBXNNbCUHWA.roa
File:                     I2Zp3O9GuDESzIwxuBXNNbCUHWA.roa (raw, json)
Hash identifier:          i4xbPROXGr1QwiuclNofMJ1nTFliZgNrRGwoO4JJ3bc=
Subject key identifier:   23:66:69:DC:EF:46:B8:31:12:CC:8C:31:B8:15:CD:35:B0:94:1D:60
Certificate issuer:       /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial:       018CC794E81C4F26576D185D0CBFB26FEA17
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/I2Zp3O9GuDESzIwxuBXNNbCUHWA.roa
Signing time:             Tue 02 Jan 2024 00:31:13 +0000
ROA not before:           Tue 02 Jan 2024 00:31:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1239
IP address blocks:        194.28.156.0/24 maxlen: 24
                          194.28.158.0/24 maxlen: 24
                          194.104.4.0/24 maxlen: 24
                          194.104.5.0/24 maxlen: 24
                          194.104.6.0/24 maxlen: 24
                          212.69.132.0/24 maxlen: 24
                          212.69.133.0/24 maxlen: 24
                          212.69.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 21 Sep 2024 07:19:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:e8:1c:4f:26:57:6d:18:5d:0c:bf:b2:6f:ea:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
        Validity
            Not Before: Jan  2 00:31:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=236669dcef46b83112cc8c31b815cd35b0941d60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:94:28:05:69:ac:13:11:05:30:2f:b9:d8:6d:
                    01:ef:c7:61:17:8b:6e:6a:f7:df:fb:0c:5d:15:69:
                    7a:2d:ef:e6:bf:f2:82:5f:91:81:62:ce:77:dc:5c:
                    16:50:d8:78:6a:74:a3:6a:e3:f2:99:c0:bb:7b:25:
                    e3:f7:f0:eb:85:24:6d:94:47:16:ed:c6:84:c0:8c:
                    25:8d:89:f3:ef:49:e9:a9:56:d6:38:04:a9:aa:d1:
                    63:1c:0c:47:a4:65:6a:97:16:20:58:16:fb:21:ca:
                    b2:98:08:64:69:2e:5a:e2:86:60:91:a5:6b:28:d5:
                    e3:48:e0:8e:50:41:68:fb:e2:c3:9e:5f:16:4c:5f:
                    a1:b7:93:11:22:26:c5:c1:1e:fa:12:93:8a:f1:a0:
                    c3:f2:10:fc:63:47:03:d7:14:f2:68:14:ac:90:a6:
                    59:66:2b:50:6e:af:a6:47:4a:59:09:12:95:af:5e:
                    15:ef:fa:18:9c:21:31:72:d7:70:39:38:3f:ab:45:
                    29:29:9e:71:2f:fd:02:0b:b6:e8:ca:fa:80:28:28:
                    74:37:1f:74:ca:d5:fc:9b:c7:a6:40:74:40:d2:e7:
                    dd:dd:7c:4f:4b:34:90:ea:9c:34:4f:e7:ae:03:24:
                    d1:8f:d0:28:85:b9:32:05:86:72:d1:0c:1b:bd:55:
                    90:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:66:69:DC:EF:46:B8:31:12:CC:8C:31:B8:15:CD:35:B0:94:1D:60
            X509v3 Authority Key Identifier:
                keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/I2Zp3O9GuDESzIwxuBXNNbCUHWA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.28.156.0/24
                  194.28.158.0/24
                  194.104.4.0-194.104.6.255
                  212.69.132.0-212.69.134.255

    Signature Algorithm: sha256WithRSAEncryption
         84:08:15:a0:88:af:9f:d8:fb:5a:3a:d3:7a:7a:9b:44:1f:f0:
         c1:47:0d:cf:ba:44:e7:29:eb:73:40:34:73:5d:f1:45:20:db:
         68:36:eb:d9:9d:92:1a:6b:93:41:48:ca:1e:5d:e7:ec:84:59:
         a5:3d:ae:ff:e8:fa:b7:8f:10:b9:22:57:f8:a3:d6:dc:03:2d:
         c5:29:3f:bb:c3:cf:58:96:bb:0b:f4:23:e4:98:cb:ac:0f:8e:
         93:2c:46:91:60:76:a5:c5:f4:f9:bf:33:a4:91:70:99:5e:04:
         0c:8d:bb:71:13:df:a9:37:cb:36:c6:0f:c8:69:04:f1:c4:4d:
         db:fb:77:99:8d:8a:76:86:b2:cc:16:b5:89:c5:02:61:d2:e6:
         83:5b:6a:f2:69:fe:6e:59:e8:8a:90:fb:bf:40:43:56:47:42:
         03:13:85:74:a0:73:3d:0e:c5:f8:2a:3a:9a:c0:17:4b:8d:66:
         92:12:1e:1c:c9:eb:2f:8c:5b:5d:ba:13:e7:2d:39:13:eb:7d:
         04:d2:d9:f2:48:b3:93:d3:34:9b:b0:9e:d1:9f:c1:52:a2:15:
         5c:33:ac:97:18:54:66:c1:c0:67:99:c8:cc:83:6b:f7:ee:4e:
         78:ce:89:d9:1e:47:3c:fa:d4:b3:77:51:18:1f:5c:48:14:3c:
         b2:f2:8f:22
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzHlOgcTyZXbRhdDL+yb+oXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjQwMTAyMDAzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzY2NjlkY2VmNDZiODMxMTJjYzhjMzFiODE1Y2QzNWIwOTQxZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpQoBWmsExEFMC+52G0B78dhF4tu
avff+wxdFWl6Le/mv/KCX5GBYs533FwWUNh4anSjauPymcC7eyXj9/DrhSRtlEcW
7caEwIwljYnz70npqVbWOASpqtFjHAxHpGVqlxYgWBb7IcqymAhkaS5a4oZgkaVr
KNXjSOCOUEFo++LDnl8WTF+ht5MRIibFwR76EpOK8aDD8hD8Y0cD1xTyaBSskKZZ
ZitQbq+mR0pZCRKVr14V7/oYnCExctdwOTg/q0UpKZ5xL/0CC7boyvqAKCh0Nx90
ytX8m8emQHRA0ufd3XxPSzSQ6pw0T+euAyTRj9AohbkyBYZy0QwbvVWQmQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCNmadzvRrgxEsyMMbgVzTWwlB1gMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvSTJacDNPOUd1REVTekl3eHVCWE5OYkNVSFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAwhycAwQA
whyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0BAQsFAAOC
AQEAhAgVoIivn9j7WjrTenqbRB/wwUcNz7pE5ynrc0A0c13xRSDbaDbr2Z2SGmuT
QUjKHl3n7IRZpT2u/+j6t48QuSJX+KPW3AMtxSk/u8PPWJa7C/Qj5JjLrA+OkyxG
kWB2pcX0+b8zpJFwmV4EDI27cRPfqTfLNsYPyGkE8cRN2/t3mY2KdoayzBa1icUC
YdLmg1tq8mn+blnoipD7v0BDVkdCAxOFdKBzPQ7F+Co6msAXS41mkhIeHMnrL4xb
XboT5y05E+t9BNLZ8kizk9M0m7Ce0Z/BUqIVXDOslxhUZsHAZ5nIzINr9+5OeM6J
2R5HPPrUs3dRGB9cSBQ8svKPIg==
-----END CERTIFICATE-----
Generated at Sat Sep 21 09:13:56 2024 by rpki-client on console-fra.rpki-client.org