Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/XSb6HHmvOB5H46zB42te-64yd5o.roa
File:                     XSb6HHmvOB5H46zB42te-64yd5o.roa (raw, json)
Hash identifier:          3BKLVyyQrgtFBdMmYSz/PSESW2rFPIklwFxdqUUUqXo=
Subject key identifier:   5D:26:FA:1C:79:AF:38:1E:47:E3:AC:C1:E3:6B:5E:FB:AE:32:77:9A
Certificate issuer:       /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial:       018710864196381FD48C4DD5513D3424F2B3
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/XSb6HHmvOB5H46zB42te-64yd5o.roa
Signing time:             Thu 23 Mar 2023 22:10:46 +0000
ROA not before:           Thu 23 Mar 2023 22:10:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        83.97.119.0/24 maxlen: 24
                          178.20.28.0/22 maxlen: 24
                          88.218.47.0/24 maxlen: 24
                          88.218.45.0/24 maxlen: 24
                          83.97.117.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 25 Mar 2023 21:12:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:10:86:41:96:38:1f:d4:8c:4d:d5:51:3d:34:24:f2:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
        Validity
            Not Before: Mar 23 22:10:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d26fa1c79af381e47e3acc1e36b5efbae32779a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:b5:18:d2:5d:30:8c:44:27:b8:20:a6:e7:70:
                    40:8d:9d:08:e1:04:0b:a2:49:2f:d1:42:0e:ab:5e:
                    7d:fe:e0:1c:22:f2:42:3b:e9:f9:4e:aa:4c:38:c8:
                    87:91:3b:a9:59:94:4e:35:a4:9a:5f:19:20:7e:c2:
                    67:19:eb:ce:0f:97:22:f6:2d:a4:ad:57:8d:df:24:
                    26:69:c6:80:2f:30:ce:8a:a3:e2:d1:f4:79:ee:92:
                    10:a8:af:c4:05:ad:d7:9e:90:f3:fa:32:32:19:c8:
                    0a:b5:b6:f0:71:81:9c:7c:a1:22:98:f1:a6:79:0f:
                    88:81:d1:4e:29:8f:d1:e7:a2:cd:e3:f5:cb:84:5f:
                    41:e1:a7:d0:58:2f:1b:16:3e:f5:c3:87:30:6c:33:
                    8b:90:73:6e:cd:51:c0:ec:1d:9c:3d:dd:f9:34:42:
                    e3:a8:ad:90:a3:4c:9c:b5:cc:0f:1b:2b:87:c3:77:
                    b6:b1:fe:7b:f7:57:2d:93:d8:b6:09:22:5f:8d:14:
                    34:b6:68:b0:c1:4e:96:5b:e3:d4:ce:cf:d3:92:d1:
                    17:f7:f7:43:07:66:31:8e:b5:06:2c:f4:c5:3c:4e:
                    b9:d5:66:f7:67:b9:b3:dd:5b:ee:e0:79:53:31:17:
                    23:0f:44:f0:10:69:89:91:22:0d:0f:3e:49:56:7b:
                    82:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:26:FA:1C:79:AF:38:1E:47:E3:AC:C1:E3:6B:5E:FB:AE:32:77:9A
            X509v3 Authority Key Identifier:
                keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/XSb6HHmvOB5H46zB42te-64yd5o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.97.117.0/24
                  83.97.119.0/24
                  88.218.45.0/24
                  88.218.47.0/24
                  178.20.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:0f:d6:b7:28:1a:f5:15:1f:81:7c:f1:9e:3f:ca:fd:13:25:
         fd:20:d3:11:b1:d2:e5:6b:62:c2:b7:35:90:cb:41:cb:70:36:
         ec:c1:5a:12:86:6e:7e:20:f6:bd:69:06:8e:2a:a6:74:19:d8:
         51:ab:ae:7a:12:aa:f2:33:93:37:34:41:f4:00:98:8a:98:03:
         83:1f:cb:d8:17:64:f6:88:e6:cd:e9:db:95:7d:f8:3e:d2:20:
         99:72:2e:e1:ae:ec:65:53:69:ee:d2:f7:d5:aa:fa:aa:74:b9:
         1d:54:6f:cc:c1:f5:a9:d2:f9:16:ef:17:c2:df:63:8a:51:b7:
         51:66:f5:d0:d4:ec:aa:d8:a0:7a:94:e7:b7:99:5a:c8:e9:07:
         d8:ed:a2:ca:ff:78:b5:09:b8:82:d1:c4:94:d8:13:06:9d:2a:
         a4:3f:7c:5b:81:5b:5d:c4:ae:62:41:68:f0:9c:96:43:30:58:
         0f:b8:5c:38:95:5a:84:84:51:1d:bf:07:69:6e:47:73:22:2f:
         26:22:8e:c4:e1:88:d4:81:22:ae:c7:d9:cc:e7:78:75:91:67:
         d9:52:bc:18:5e:d7:19:5d:3b:c4:3a:60:05:37:31:2e:64:62:
         d8:ee:03:55:82:36:83:6b:74:c3:68:d3:26:c6:23:44:f0:43:
         9f:2b:8c:38
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYcQhkGWOB/UjE3VUT00JPKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIzMjIxMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDI2ZmExYzc5YWYzODFlNDdlM2FjYzFlMzZiNWVmYmFlMzI3NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbUY0l0wjEQnuCCm53BAjZ0I4QQL
okkv0UIOq159/uAcIvJCO+n5TqpMOMiHkTupWZRONaSaXxkgfsJnGevOD5ci9i2k
rVeN3yQmacaALzDOiqPi0fR57pIQqK/EBa3XnpDz+jIyGcgKtbbwcYGcfKEimPGm
eQ+IgdFOKY/R56LN4/XLhF9B4afQWC8bFj71w4cwbDOLkHNuzVHA7B2cPd35NELj
qK2Qo0yctcwPGyuHw3e2sf5791ctk9i2CSJfjRQ0tmiwwU6WW+PUzs/TktEX9/dD
B2YxjrUGLPTFPE651Wb3Z7mz3Vvu4HlTMRcjD0TwEGmJkSINDz5JVnuC6wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF0m+hx5rzgeR+OsweNrXvuuMneaMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvWFNiNkhIbXZPQjVINDZ6QjQydGUtNjR5ZDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU2F1AwQA
U2F3AwQAWNotAwQAWNovAwQCshQcMA0GCSqGSIb3DQEBCwUAA4IBAQA4D9a3KBr1
FR+BfPGeP8r9EyX9INMRsdLla2LCtzWQy0HLcDbswVoShm5+IPa9aQaOKqZ0GdhR
q656EqryM5M3NEH0AJiKmAODH8vYF2T2iObN6duVffg+0iCZci7hruxlU2nu0vfV
qvqqdLkdVG/MwfWp0vkW7xfC32OKUbdRZvXQ1Oyq2KB6lOe3mVrI6QfY7aLK/3i1
CbiC0cSU2BMGnSqkP3xbgVtdxK5iQWjwnJZDMFgPuFw4lVqEhFEdvwdpbkdzIi8m
Io7E4YjUgSKux9nM53h1kWfZUrwYXtcZXTvEOmAFNzEuZGLY7gNVgjaDa3TDaNMm
xiNE8EOfK4w4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:20 2024 by rpki-client on console-ams.rpki-client.org