Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/3iwqxFHWlCd6nRJxjBhp6LacqDE.roa
File:                     3iwqxFHWlCd6nRJxjBhp6LacqDE.roa (raw, json)
Hash identifier:          VkjJoPAOj+mUrFDLfwwSpVu/TxxP2FfNzOCcgDj3Oas=
Subject key identifier:   DE:2C:2A:C4:51:D6:94:27:7A:9D:12:71:8C:18:69:E8:B6:9C:A8:31
Certificate issuer:       /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial:       018805C4E43D34810DCE3AA3598648E38B3D
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/3iwqxFHWlCd6nRJxjBhp6LacqDE.roa
Signing time:             Wed 10 May 2023 13:06:09 +0000
ROA not before:           Wed 10 May 2023 13:06:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29205
IP address blocks:        185.49.13.0/24 maxlen: 24
                          185.49.12.0/22 maxlen: 22
                          185.49.12.0/24 maxlen: 24
                          185.49.15.0/24 maxlen: 24
                          185.49.14.0/24 maxlen: 24
                          91.230.36.0/23 maxlen: 23
                          185.100.228.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 11 May 2023 12:31:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:05:c4:e4:3d:34:81:0d:ce:3a:a3:59:86:48:e3:8b:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
        Validity
            Not Before: May 10 13:06:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=de2c2ac451d694277a9d12718c1869e8b69ca831
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:4d:1a:a1:6c:06:bf:2e:e0:4d:5a:40:0a:41:
                    49:30:cd:3c:4d:da:28:db:c3:d7:83:22:4d:05:3e:
                    1b:d6:f5:fa:e8:4d:0f:3d:46:08:13:a6:ea:82:72:
                    9a:5d:bc:b2:5c:54:8a:80:68:54:03:d5:da:aa:fb:
                    00:ae:c5:37:d6:6f:1a:84:74:6a:2e:d4:73:6f:32:
                    50:a5:72:7c:44:26:c4:92:5e:c5:6d:5f:ad:5d:19:
                    d2:65:9c:f6:2f:af:40:94:6a:ea:0d:49:aa:0c:5d:
                    19:9f:bc:ba:43:f2:67:59:d2:21:10:0e:dc:80:f9:
                    16:35:70:e3:26:06:be:86:3d:c9:4c:3f:2e:8c:fa:
                    66:dc:d7:58:01:03:f8:42:af:5b:8a:7d:bf:62:cc:
                    df:8d:0d:81:da:e2:f8:23:68:64:78:d7:64:13:ce:
                    6f:c3:59:3e:c0:f4:00:bd:35:6d:eb:db:6f:ff:87:
                    a7:af:6f:6e:70:d3:0a:e5:5c:5c:5f:a3:15:af:72:
                    c7:48:d0:e3:bf:2d:cb:20:17:bf:a7:aa:11:fc:22:
                    60:94:fc:ea:27:de:fd:c6:78:f2:85:63:1a:66:e9:
                    b0:59:a9:a5:f6:34:a2:ee:bd:d7:14:ae:e4:38:5e:
                    84:68:85:2d:e5:be:3e:d7:29:dd:c1:69:59:63:23:
                    9f:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:2C:2A:C4:51:D6:94:27:7A:9D:12:71:8C:18:69:E8:B6:9C:A8:31
            X509v3 Authority Key Identifier:
                keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/3iwqxFHWlCd6nRJxjBhp6LacqDE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.230.36.0/23
                  185.49.12.0/22
                  185.100.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         56:09:71:27:45:95:de:ec:1a:41:77:d6:19:f8:01:90:56:6e:
         38:22:2a:58:f6:e1:ec:34:5f:8a:82:c2:9c:a2:b0:28:e6:2c:
         ea:e0:42:27:7b:8e:f9:d9:3d:72:8a:fc:8f:66:b5:b8:90:c2:
         e5:92:8f:c3:5d:25:8d:f9:20:ae:01:2e:91:4e:41:3d:05:d4:
         70:34:77:b2:aa:18:ae:6e:70:9d:07:4d:c9:91:2e:55:c3:e0:
         78:46:47:3f:16:b6:15:03:26:bd:81:1c:af:b7:ac:b3:79:17:
         0e:9e:cd:22:e8:2c:cc:7b:14:7a:43:af:b2:d6:05:0c:13:a5:
         a5:28:4e:7a:19:a3:95:3e:70:5c:34:7b:67:2e:e8:80:59:60:
         39:17:36:a3:1d:23:89:fd:fa:46:42:3a:eb:54:a2:85:d2:a4:
         65:b5:ea:bc:34:da:32:18:6b:d7:d8:d0:f4:78:60:eb:41:c9:
         eb:ee:30:29:d8:38:13:c1:79:a8:e3:00:83:30:35:a6:64:c9:
         34:e0:d6:fe:03:86:c7:af:63:c4:ee:73:7d:34:e0:0a:5c:aa:
         d2:26:80:2d:b1:70:2c:ee:f4:9c:78:25:04:8d:17:ac:b3:23:
         29:83:a2:d1:2c:36:51:09:74:ec:34:5a:ba:c1:57:bf:e2:06:
         b7:4a:0b:cf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgFxOQ9NIENzjqjWYZI44s9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjMwNTEwMTMwNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTJjMmFjNDUxZDY5NDI3N2E5ZDEyNzE4YzE4NjllOGI2OWNhODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo00aoWwGvy7gTVpACkFJMM08Tdoo
28PXgyJNBT4b1vX66E0PPUYIE6bqgnKaXbyyXFSKgGhUA9XaqvsArsU31m8ahHRq
LtRzbzJQpXJ8RCbEkl7FbV+tXRnSZZz2L69AlGrqDUmqDF0Zn7y6Q/JnWdIhEA7c
gPkWNXDjJga+hj3JTD8ujPpm3NdYAQP4Qq9bin2/YszfjQ2B2uL4I2hkeNdkE85v
w1k+wPQAvTVt69tv/4enr29ucNMK5VxcX6MVr3LHSNDjvy3LIBe/p6oR/CJglPzq
J979xnjyhWMaZumwWaml9jSi7r3XFK7kOF6EaIUt5b4+1yndwWlZYyOfKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN4sKsRR1pQnep0ScYwYaei2nKgxMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvM2l3cXhGSFdsQ2Q2blJKeGpCaHA2TGFjcURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+YkAwQC
uTEMAwQCuWTkMA0GCSqGSIb3DQEBCwUAA4IBAQBWCXEnRZXe7BpBd9YZ+AGQVm44
IipY9uHsNF+KgsKcorAo5izq4EIne4752T1yivyPZrW4kMLlko/DXSWN+SCuAS6R
TkE9BdRwNHeyqhiubnCdB03JkS5Vw+B4Rkc/FrYVAya9gRyvt6yzeRcOns0i6CzM
exR6Q6+y1gUME6WlKE56GaOVPnBcNHtnLuiAWWA5FzajHSOJ/fpGQjrrVKKF0qRl
teq8NNoyGGvX2ND0eGDrQcnr7jAp2DgTwXmo4wCDMDWmZMk04Nb+A4bHr2PE7nN9
NOAKXKrSJoAtsXAs7vSceCUEjRessyMpg6LRLDZRCXTsNFq6wVe/4ga3SgvP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:50 2024 by rpki-client on console-ams.rpki-client.org