Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/Ob9Up2c1LZQqQG9jvic4dWvh9WQ.roa
File:                     Ob9Up2c1LZQqQG9jvic4dWvh9WQ.roa (raw, json)
Hash identifier:          SzUtQouG7zARFYwHaH7gmkMCzwi9cxQTVAsVQXMYKiI=
Subject key identifier:   39:BF:54:A7:67:35:2D:94:2A:40:6F:63:BE:27:38:75:6B:E1:F5:64
Certificate issuer:       /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial:       01880ACB3431E450917517810CA97C96A00A
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/Ob9Up2c1LZQqQG9jvic4dWvh9WQ.roa
Signing time:             Thu 11 May 2023 12:31:09 +0000
ROA not before:           Thu 11 May 2023 12:31:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29205
IP address blocks:        185.49.12.0/22 maxlen: 24
                          91.230.36.0/23 maxlen: 23
                          185.100.228.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:0a:cb:34:31:e4:50:91:75:17:81:0c:a9:7c:96:a0:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
        Validity
            Not Before: May 11 12:31:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=39bf54a767352d942a406f63be2738756be1f564
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:dc:20:5c:c6:33:0e:4b:a2:61:2c:31:3e:ed:
                    4f:64:0f:5e:84:8c:53:28:37:82:87:3a:77:87:4f:
                    77:ec:46:3c:0c:fa:78:fb:50:82:dd:25:d5:68:56:
                    32:3d:a9:c7:1c:2f:d5:25:c2:85:3b:2a:37:d3:57:
                    78:ff:5d:20:bf:49:7e:1c:44:b1:84:70:53:17:39:
                    37:b0:35:0e:5d:5b:0b:1b:92:18:37:23:64:cc:fe:
                    a1:b3:f7:9e:4e:74:b6:e0:9a:e0:27:f9:61:11:3a:
                    e4:41:32:0d:34:09:8c:5e:24:0c:52:29:7b:44:c7:
                    8a:5a:16:01:56:05:90:48:69:07:60:fe:da:3e:90:
                    90:ec:b8:4d:aa:ac:f3:d8:99:26:86:6c:66:b2:2a:
                    a0:4c:4f:56:93:12:3e:61:3d:fa:62:42:4e:2e:46:
                    6b:a3:89:96:42:c0:50:50:6a:97:64:f1:63:a0:dc:
                    09:e3:3e:ac:67:b8:7f:d9:15:a0:2d:1f:a0:25:27:
                    fb:04:cf:1b:20:f5:b0:b2:a8:f3:68:0a:fb:7b:f2:
                    60:79:c3:d1:5f:ae:ec:7c:bd:4a:f0:2b:cb:69:98:
                    51:c6:74:f1:35:35:67:4c:30:21:0a:e3:85:08:f6:
                    1f:26:d4:d6:97:ff:eb:df:4b:80:46:42:37:6f:70:
                    01:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:BF:54:A7:67:35:2D:94:2A:40:6F:63:BE:27:38:75:6B:E1:F5:64
            X509v3 Authority Key Identifier:
                keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/Ob9Up2c1LZQqQG9jvic4dWvh9WQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.230.36.0/23
                  185.49.12.0/22
                  185.100.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:43:b1:95:73:0a:1e:87:a6:3b:65:ce:c7:97:8d:09:f6:50:
         b9:70:93:13:07:18:82:10:3b:f5:ee:e2:09:a4:e4:ab:53:e6:
         3f:a6:f8:81:24:4d:20:38:fe:95:97:a3:a9:70:63:73:d0:f9:
         57:30:eb:ef:95:fc:7e:64:68:0f:d6:07:3b:cb:0c:ab:d8:12:
         fd:db:2c:f9:4c:64:c3:32:e8:5f:63:ae:72:44:9c:d5:1f:3c:
         91:a6:7a:55:bb:16:a2:70:c3:27:60:28:e7:8c:6d:15:5f:32:
         95:02:1c:79:d3:2c:93:43:f7:b6:e7:f7:c3:49:38:bb:95:26:
         64:a1:8b:7e:b9:eb:9f:38:8d:b4:a2:5d:81:71:df:c9:91:be:
         c4:5e:70:2a:d0:72:b6:16:c0:63:92:49:61:5b:40:79:88:8c:
         b8:53:8d:79:ec:a7:c4:5f:9e:b6:1f:8f:48:79:f0:b9:b0:6f:
         ce:86:8d:c0:ce:43:d1:c6:4f:ea:fd:52:84:93:23:28:e7:2f:
         06:91:66:81:20:73:40:4c:93:02:36:c9:52:6f:90:4e:8f:15:
         e3:a2:07:f6:f4:c0:b2:41:90:60:4e:71:d8:98:71:91:da:0c:
         8e:f1:01:e2:0a:20:74:55:3a:fc:03:92:73:15:6e:15:7a:7d:
         75:29:29:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgKyzQx5FCRdReBDKl8lqAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjMwNTExMTIzMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWJmNTRhNzY3MzUyZDk0MmE0MDZmNjNiZTI3Mzg3NTZiZTFmNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNwgXMYzDkuiYSwxPu1PZA9ehIxT
KDeChzp3h0937EY8DPp4+1CC3SXVaFYyPanHHC/VJcKFOyo301d4/10gv0l+HESx
hHBTFzk3sDUOXVsLG5IYNyNkzP6hs/eeTnS24JrgJ/lhETrkQTINNAmMXiQMUil7
RMeKWhYBVgWQSGkHYP7aPpCQ7LhNqqzz2JkmhmxmsiqgTE9WkxI+YT36YkJOLkZr
o4mWQsBQUGqXZPFjoNwJ4z6sZ7h/2RWgLR+gJSf7BM8bIPWwsqjzaAr7e/JgecPR
X67sfL1K8CvLaZhRxnTxNTVnTDAhCuOFCPYfJtTWl//r30uARkI3b3ABKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDm/VKdnNS2UKkBvY74nOHVr4fVkMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvT2I5VXAyYzFMWlFxUUc5anZpYzRkV3ZoOVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+YkAwQC
uTEMAwQCuWTkMA0GCSqGSIb3DQEBCwUAA4IBAQCwQ7GVcwoeh6Y7Zc7Hl40J9lC5
cJMTBxiCEDv17uIJpOSrU+Y/pviBJE0gOP6Vl6OpcGNz0PlXMOvvlfx+ZGgP1gc7
ywyr2BL92yz5TGTDMuhfY65yRJzVHzyRpnpVuxaicMMnYCjnjG0VXzKVAhx50yyT
Q/e25/fDSTi7lSZkoYt+ueufOI20ol2Bcd/Jkb7EXnAq0HK2FsBjkklhW0B5iIy4
U4157KfEX562H49IefC5sG/Oho3AzkPRxk/q/VKEkyMo5y8GkWaBIHNATJMCNslS
b5BOjxXjogf29MCyQZBgTnHYmHGR2gyO8QHiCiB0VTr8A5JzFW4Ven11KSk/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:50 2024 by rpki-client on console-ams.rpki-client.org