Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/4505ee-5fe0-448c-b621-8924850d95d6/1/P0CO3PAKu2CAYeovIP13cWY1xqs.roa
File:                     P0CO3PAKu2CAYeovIP13cWY1xqs.roa (raw, json)
Hash identifier:          lJVwh5sdqvNWr2KfRFoQzQP7PqjCnjcwRdfegj/jhuA=
Subject key identifier:   3F:40:8E:DC:F0:0A:BB:60:80:61:EA:2F:20:FD:77:71:66:35:C6:AB
Certificate issuer:       /CN=e8c3469d1e735ae4d60837b7709c33ff427c8e84
Certificate serial:       018570FBE0E3BB78742F89456CFA94AC279C
Authority key identifier: E8:C3:46:9D:1E:73:5A:E4:D6:08:37:B7:70:9C:33:FF:42:7C:8E:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6MNGnR5zWuTWCDe3cJwz_0J8joQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/4505ee-5fe0-448c-b621-8924850d95d6/1/P0CO3PAKu2CAYeovIP13cWY1xqs.roa
Signing time:             Mon 02 Jan 2023 05:37:13 +0000
ROA not before:           Mon 02 Jan 2023 05:37:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48903
IP address blocks:        185.140.4.0/24 maxlen: 24
                          185.140.4.0/22 maxlen: 22
                          185.92.4.0/22 maxlen: 22
                          185.140.5.0/24 maxlen: 24
                          185.140.7.0/24 maxlen: 24
                          185.140.6.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:fb:e0:e3:bb:78:74:2f:89:45:6c:fa:94:ac:27:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8c3469d1e735ae4d60837b7709c33ff427c8e84
        Validity
            Not Before: Jan  2 05:37:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3f408edcf00abb608061ea2f20fd77716635c6ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:60:f0:a2:14:81:cd:19:d9:fa:8d:8c:da:22:
                    b1:2e:30:88:e0:21:34:a3:a4:d8:92:1f:80:3b:26:
                    1c:fe:bd:36:68:0d:d4:d8:ed:99:b4:67:50:93:27:
                    58:39:58:f8:65:51:71:ea:20:3f:08:df:ac:1d:ef:
                    36:2c:fd:c3:03:47:50:de:20:65:61:76:d2:38:80:
                    a9:fd:03:af:f5:d0:ad:86:c3:c6:52:96:38:37:36:
                    18:92:42:b9:1e:f7:8f:85:0d:bf:3c:70:7f:fc:15:
                    fa:11:73:e0:7b:58:2e:ed:ad:14:02:b3:9d:43:e3:
                    c9:9a:a0:f4:c7:47:b2:e2:22:a1:e9:21:54:fe:22:
                    78:38:63:77:5f:e5:62:54:22:a6:74:8b:16:85:22:
                    40:a2:6b:82:75:cf:2b:7c:6e:95:c8:54:e7:df:23:
                    02:fa:56:6a:28:d2:df:3d:11:2c:97:e4:50:d3:f1:
                    bb:6a:bb:36:7f:a2:2c:62:b5:6c:b4:b3:e0:82:fe:
                    19:24:8c:99:94:99:26:4b:24:58:9c:f1:0d:f0:67:
                    a4:06:c2:88:bb:0e:cc:f6:c5:67:0d:fc:1d:75:83:
                    7f:cf:9a:78:e3:9e:cb:94:39:d8:14:64:fb:23:a9:
                    a6:04:4c:36:26:6c:fe:a3:eb:f7:b6:c4:5d:e1:c3:
                    58:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:40:8E:DC:F0:0A:BB:60:80:61:EA:2F:20:FD:77:71:66:35:C6:AB
            X509v3 Authority Key Identifier:
                keyid:E8:C3:46:9D:1E:73:5A:E4:D6:08:37:B7:70:9C:33:FF:42:7C:8E:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MNGnR5zWuTWCDe3cJwz_0J8joQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4505ee-5fe0-448c-b621-8924850d95d6/1/P0CO3PAKu2CAYeovIP13cWY1xqs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4505ee-5fe0-448c-b621-8924850d95d6/1/6MNGnR5zWuTWCDe3cJwz_0J8joQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.92.4.0/22
                  185.140.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:c2:0f:2d:16:f3:c0:1f:79:40:c5:91:5b:ae:b5:2d:93:47:
         97:0a:f4:cb:dc:62:fb:24:e3:9f:10:8d:74:f0:72:63:64:f5:
         9c:a6:b4:47:95:ae:e2:1f:2b:07:96:1c:1e:52:51:1d:d1:35:
         f3:9c:11:9b:3f:d2:42:76:34:5f:6c:98:32:44:b7:e8:67:72:
         fc:db:1a:69:2c:60:3b:04:b7:c7:ad:6f:16:8c:20:f0:a5:fc:
         df:8f:3b:bc:78:44:2f:c7:f4:f6:f6:6b:77:07:96:83:ee:27:
         fe:78:e2:d9:d1:33:f4:2e:50:2b:58:7d:43:70:00:97:37:19:
         c5:d2:ae:14:d2:40:af:d5:f6:17:ce:3c:eb:fb:99:5c:87:d2:
         8b:a1:d3:32:88:11:ad:41:e5:bd:a4:e1:2b:f2:99:39:54:a7:
         75:8f:25:ab:17:f9:c7:13:96:10:9a:68:0c:9b:53:21:91:9a:
         cb:a3:84:69:25:34:8e:7c:5e:fb:99:c5:49:aa:e9:dc:a0:f0:
         6c:26:bd:04:5e:a5:95:7f:45:47:74:3e:1d:9e:33:cb:3a:85:
         fd:f6:da:30:d3:34:6b:76:24:04:68:1d:0b:99:a6:7a:8b:2a:
         29:f2:e7:77:1a:a5:3c:fe:44:5a:79:2f:d6:fb:76:d8:04:83:
         59:10:94:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw++Dju3h0L4lFbPqUrCecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YzM0NjlkMWU3MzVhZTRkNjA4MzdiNzcwOWMzM2ZmNDI3
YzhlODQwHhcNMjMwMTAyMDUzNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjQwOGVkY2YwMGFiYjYwODA2MWVhMmYyMGZkNzc3MTY2MzVjNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmDwohSBzRnZ+o2M2iKxLjCI4CE0
o6TYkh+AOyYc/r02aA3U2O2ZtGdQkydYOVj4ZVFx6iA/CN+sHe82LP3DA0dQ3iBl
YXbSOICp/QOv9dCthsPGUpY4NzYYkkK5HvePhQ2/PHB//BX6EXPge1gu7a0UArOd
Q+PJmqD0x0ey4iKh6SFU/iJ4OGN3X+ViVCKmdIsWhSJAomuCdc8rfG6VyFTn3yMC
+lZqKNLfPREsl+RQ0/G7ars2f6IsYrVstLPggv4ZJIyZlJkmSyRYnPEN8GekBsKI
uw7M9sVnDfwddYN/z5p4457LlDnYFGT7I6mmBEw2Jmz+o+v3tsRd4cNYIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD9AjtzwCrtggGHqLyD9d3FmNcarMB8GA1UdIwQY
MBaAFOjDRp0ec1rk1gg3t3CcM/9CfI6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1OR25SNXpXdVRXQ0RlM2NKd3pfMEo4am9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS80NTA1ZWUtNWZlMC00NDhjLWI2MjEt
ODkyNDg1MGQ5NWQ2LzEvUDBDTzNQQUt1MkNBWWVvdklQMTNjV1kxeHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS80NTA1ZWUtNWZlMC00NDhjLWI2MjEtODkyNDg1MGQ5NWQ2
LzEvNk1OR25SNXpXdVRXQ0RlM2NKd3pfMEo4am9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVwEAwQC
uYwEMA0GCSqGSIb3DQEBCwUAA4IBAQCKwg8tFvPAH3lAxZFbrrUtk0eXCvTL3GL7
JOOfEI108HJjZPWcprRHla7iHysHlhweUlEd0TXznBGbP9JCdjRfbJgyRLfoZ3L8
2xppLGA7BLfHrW8WjCDwpfzfjzu8eEQvx/T29mt3B5aD7if+eOLZ0TP0LlArWH1D
cACXNxnF0q4U0kCv1fYXzjzr+5lch9KLodMyiBGtQeW9pOEr8pk5VKd1jyWrF/nH
E5YQmmgMm1MhkZrLo4RpJTSOfF77mcVJquncoPBsJr0EXqWVf0VHdD4dnjPLOoX9
9tow0zRrdiQEaB0LmaZ6iyop8ud3GqU8/kRaeS/W+3bYBINZEJR+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:00 2024 by rpki-client on console-fra.rpki-client.org