Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/H5AWwMyfzMZjVy1nsiVNEzoUdI4.roa
File:                     H5AWwMyfzMZjVy1nsiVNEzoUdI4.roa (raw, json)
Hash identifier:          bbGMK9y1SWHy9FqutQSyjM9RhuG43J6HsqXihdxz7fU=
Subject key identifier:   1F:90:16:C0:CC:9F:CC:C6:63:57:2D:67:B2:25:4D:13:3A:14:74:8E
Certificate issuer:       /CN=1dd5cd2a0261e1e6069dd775894d826ee8836c1e
Certificate serial:       01856BEED23811DE921FE70BB9AAF1FC681D
Authority key identifier: 1D:D5:CD:2A:02:61:E1:E6:06:9D:D7:75:89:4D:82:6E:E8:83:6C:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/H5AWwMyfzMZjVy1nsiVNEzoUdI4.roa
Signing time:             Sun 01 Jan 2023 06:04:51 +0000
ROA not before:           Sun 01 Jan 2023 06:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204958
IP address blocks:        185.232.237.0/24 maxlen: 24
                          185.232.239.0/24 maxlen: 24
                          185.232.236.0/24 maxlen: 24
                          185.232.236.0/22 maxlen: 22
                          185.232.238.0/24 maxlen: 24
                          2a07:ff00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:d2:38:11:de:92:1f:e7:0b:b9:aa:f1:fc:68:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dd5cd2a0261e1e6069dd775894d826ee8836c1e
        Validity
            Not Before: Jan  1 06:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f9016c0cc9fccc663572d67b2254d133a14748e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e8:50:97:f2:d9:c2:bb:32:26:f0:a3:17:62:
                    b0:9c:07:11:6f:d6:bd:ba:65:c2:01:53:b7:7d:10:
                    68:c7:20:11:63:8b:fc:46:39:b0:93:ee:59:dc:8b:
                    80:7d:64:42:bc:14:be:04:da:f8:5a:a3:ab:0a:f1:
                    d8:5d:5a:4b:ab:5d:c8:13:83:9d:b4:88:d2:1b:26:
                    77:d6:36:92:cb:07:a8:10:b7:ec:80:2b:04:a5:2d:
                    cd:92:5f:3c:c3:27:85:ef:39:64:bd:b4:36:95:f6:
                    7e:50:86:2c:65:16:36:e9:cf:3b:f3:be:c6:33:b4:
                    d4:14:02:11:3b:d5:c2:ba:52:fc:3d:8f:19:b6:65:
                    46:7b:aa:c6:ea:d9:40:3e:3c:e8:05:cf:9c:ab:2e:
                    13:a2:74:51:af:50:5b:83:5c:8f:ae:6f:e9:f1:e8:
                    f6:c3:06:85:e5:cc:dd:d1:44:7d:0b:b6:d9:fc:c4:
                    46:09:ba:21:37:0c:57:b7:49:3b:92:40:9c:d1:90:
                    55:af:2e:69:c4:da:db:7c:86:fe:fa:80:05:09:b0:
                    75:87:33:a8:45:df:31:dd:5e:85:70:78:c8:06:4b:
                    68:82:6f:a9:2e:a6:bf:84:cb:89:1a:c9:2d:18:29:
                    3c:7b:eb:20:60:f6:7c:ab:d4:c7:b3:e0:e0:c5:18:
                    9f:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:90:16:C0:CC:9F:CC:C6:63:57:2D:67:B2:25:4D:13:3A:14:74:8E
            X509v3 Authority Key Identifier:
                keyid:1D:D5:CD:2A:02:61:E1:E6:06:9D:D7:75:89:4D:82:6E:E8:83:6C:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/H5AWwMyfzMZjVy1nsiVNEzoUdI4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.236.0/22
                IPv6:
                  2a07:ff00::/29

    Signature Algorithm: sha256WithRSAEncryption
         00:fb:c0:70:8f:50:32:d7:f4:2f:af:78:77:b7:97:6c:93:63:
         88:a9:fa:83:13:99:77:06:ec:39:a9:72:d4:41:ec:3c:8d:71:
         de:65:6c:4a:71:19:ab:60:b9:98:60:49:5d:37:5f:9e:9d:17:
         f3:cb:88:2f:dc:77:93:f0:f5:27:63:a8:bf:f1:87:e9:8c:da:
         2d:be:fd:fa:0a:11:1a:b8:34:5f:98:3f:5f:6f:88:95:80:5c:
         a4:f9:12:f2:29:9d:92:2b:51:f2:48:e6:c2:c3:d6:cf:a1:8b:
         f6:73:3c:37:6f:f6:ec:bf:1b:d3:6c:82:df:7e:35:52:37:7b:
         2b:66:99:83:69:a8:b2:c0:9a:dc:cb:3a:3c:aa:ef:0e:81:15:
         28:7b:57:a5:56:2d:06:be:e8:f8:48:8e:23:01:6a:4f:b2:62:
         32:21:1d:db:3a:c1:1b:4d:1e:55:78:d2:e5:de:8c:87:2c:9f:
         90:fc:ea:0e:20:62:9e:4c:6c:49:f6:dd:9c:69:b6:ae:a2:43:
         56:b1:47:c7:09:8d:12:b7:34:a9:d7:2e:a0:24:e2:c4:b8:2d:
         c7:9b:9f:0e:71:fe:62:b0:69:db:b0:c7:86:06:d4:fa:99:01:
         b8:0e:4c:21:cb:77:17:fc:26:1a:76:6d:b7:6b:dc:48:86:6b:
         b8:0c:e8:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr7tI4Ed6SH+cLuarx/GgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDVjZDJhMDI2MWUxZTYwNjlkZDc3NTg5NGQ4MjZlZTg4
MzZjMWUwHhcNMjMwMTAxMDYwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjkwMTZjMGNjOWZjY2M2NjM1NzJkNjdiMjI1NGQxMzNhMTQ3NDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmehQl/LZwrsyJvCjF2KwnAcRb9a9
umXCAVO3fRBoxyARY4v8Rjmwk+5Z3IuAfWRCvBS+BNr4WqOrCvHYXVpLq13IE4Od
tIjSGyZ31jaSyweoELfsgCsEpS3Nkl88wyeF7zlkvbQ2lfZ+UIYsZRY26c87877G
M7TUFAIRO9XCulL8PY8ZtmVGe6rG6tlAPjzoBc+cqy4TonRRr1Bbg1yPrm/p8ej2
wwaF5czd0UR9C7bZ/MRGCbohNwxXt0k7kkCc0ZBVry5pxNrbfIb++oAFCbB1hzOo
Rd8x3V6FcHjIBktogm+pLqa/hMuJGsktGCk8e+sgYPZ8q9THs+DgxRifvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB+QFsDMn8zGY1ctZ7IlTRM6FHSOMB8GA1UdIwQY
MBaAFB3VzSoCYeHmBp3XdYlNgm7og2weMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRYTktnSmg0ZVlHbmRkMWlVMkNidWlEYkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80ZmU5ODMtNzE1Mi00OTMzLTlmMzYt
ZDg2Y2FkZDYxMGI4LzEvSDVBV3dNeWZ6TVpqVnkxbnNpVk5Fem9VZEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80ZmU5ODMtNzE1Mi00OTMzLTlmMzYtZDg2Y2FkZDYxMGI4
LzEvSGRYTktnSmg0ZVlHbmRkMWlVMkNidWlEYkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuejsMA0E
AgACMAcDBQMqB/8AMA0GCSqGSIb3DQEBCwUAA4IBAQAA+8Bwj1Ay1/Qvr3h3t5ds
k2OIqfqDE5l3Buw5qXLUQew8jXHeZWxKcRmrYLmYYEldN1+enRfzy4gv3HeT8PUn
Y6i/8YfpjNotvv36ChEauDRfmD9fb4iVgFyk+RLyKZ2SK1HySObCw9bPoYv2czw3
b/bsvxvTbILffjVSN3srZpmDaaiywJrcyzo8qu8OgRUoe1elVi0Gvuj4SI4jAWpP
smIyIR3bOsEbTR5VeNLl3oyHLJ+Q/OoOIGKeTGxJ9t2cabauokNWsUfHCY0StzSp
1y6gJOLEuC3Hm58Ocf5isGnbsMeGBtT6mQG4Dkwhy3cX/CYadm23a9xIhmu4DOjN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:07 2024 by rpki-client on console-fra.rpki-client.org