Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/lORzWHU6eGYpOrdQljnnSnCRifg.roa
File:                     lORzWHU6eGYpOrdQljnnSnCRifg.roa (raw, json)
Hash identifier:          xLrnA9heu6FGOjlUwaShNEgWikO8uHVdramvVkQsIMM=
Subject key identifier:   94:E4:73:58:75:3A:78:66:29:3A:B7:50:96:39:E7:4A:70:91:89:F8
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       018CC87151603A5655BFEBF9A3BBD0589119
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/lORzWHU6eGYpOrdQljnnSnCRifg.roa
Signing time:             Tue 02 Jan 2024 04:31:58 +0000
ROA not before:           Tue 02 Jan 2024 04:31:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50214
IP address blocks:        185.12.125.0/24 maxlen: 24
                          185.12.124.0/24 maxlen: 24
                          185.12.126.0/24 maxlen: 24
                          185.12.127.0/24 maxlen: 24
                          95.181.150.0/24 maxlen: 24
                          95.181.152.0/24 maxlen: 24
                          95.181.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Apr 2024 11:10:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:71:51:60:3a:56:55:bf:eb:f9:a3:bb:d0:58:91:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Jan  2 04:31:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=94e47358753a7866293ab7509639e74a709189f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:d4:2e:3d:3d:4c:06:fd:b1:90:68:70:fa:55:
                    2d:d1:a9:9a:ad:be:4f:d7:1a:55:73:4d:a6:34:20:
                    48:57:22:71:fc:54:96:33:6f:89:a1:ec:c3:88:95:
                    13:55:47:32:48:75:30:e5:8c:b1:13:bb:af:e9:9e:
                    05:41:6b:4b:a2:6c:01:3f:8f:4f:b3:03:da:34:4a:
                    b9:30:a5:31:26:07:5a:9e:39:64:bf:73:bb:ec:55:
                    45:42:13:2c:12:5f:7d:74:8c:31:2d:69:ad:35:44:
                    67:02:6d:3a:d4:0d:a2:f6:44:41:56:25:32:26:02:
                    33:b6:83:3a:f0:9c:b2:44:5b:3c:33:16:bf:bc:ae:
                    57:64:5d:ec:8b:e6:9c:5f:0b:74:c3:3b:89:4a:03:
                    3a:40:5a:3a:6e:c0:95:3d:ae:22:04:c4:ae:c1:73:
                    87:e2:ea:45:d2:28:27:c8:db:51:7a:e9:e1:e6:0c:
                    54:c0:d2:a9:09:e6:99:7c:3a:dd:19:e4:3f:36:4c:
                    ee:3b:3e:02:ea:b8:d2:b8:89:a4:02:1e:d0:f0:35:
                    18:e4:02:dd:76:70:1b:43:4c:bb:2b:77:bc:60:7f:
                    85:62:54:fd:12:9e:f6:36:af:86:e1:db:84:04:44:
                    12:96:09:99:99:6e:4f:d9:ed:39:ca:65:54:4c:a3:
                    6f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:E4:73:58:75:3A:78:66:29:3A:B7:50:96:39:E7:4A:70:91:89:F8
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/lORzWHU6eGYpOrdQljnnSnCRifg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.150.0/24
                  95.181.152.0/24
                  95.181.171.0/24
                  185.12.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:66:4b:b5:ac:b5:eb:8e:d4:26:86:be:3c:55:c8:5d:0f:7b:
         54:9e:a1:7c:fd:88:ef:9a:9d:5b:cd:07:4c:1c:c1:34:29:dd:
         7f:16:62:eb:41:f8:42:5a:9e:7a:55:f1:29:38:40:4a:ae:11:
         a4:60:76:c4:74:ea:6d:48:ac:b6:ca:9f:10:a0:38:f9:83:bb:
         a8:56:12:77:5c:52:a1:18:60:36:6a:f5:a0:b5:5e:6d:27:9c:
         25:b6:60:8d:94:cd:7a:1b:9b:fd:8e:be:19:8b:54:e2:83:96:
         32:4f:5b:aa:f0:3d:e3:2c:85:35:61:bc:7d:a8:e8:ac:a3:92:
         70:97:93:9e:3d:e3:93:a4:80:8f:58:eb:69:d0:16:3f:61:23:
         19:7b:4b:57:9a:91:fd:0b:03:98:2c:26:41:a1:7e:02:ab:26:
         36:67:b0:05:d4:06:8e:85:04:ed:6b:dc:77:b1:70:b8:6f:84:
         3d:4e:28:53:4b:d4:56:b2:df:b9:95:a8:5b:f3:e0:42:02:3d:
         2b:c5:ed:48:68:ce:69:3b:f0:42:81:df:86:3b:14:29:98:7c:
         15:5f:34:43:2a:30:f2:ce:f3:14:07:c4:39:3b:f4:a4:07:bf:
         8f:ef:e1:d0:f1:04:04:41:06:a2:1a:95:67:60:e7:9d:89:88:
         32:b5:30:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIcVFgOlZVv+v5o7vQWJEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjQwMTAyMDQzMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU0NzM1ODc1M2E3ODY2MjkzYWI3NTA5NjM5ZTc0YTcwOTE4OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtQuPT1MBv2xkGhw+lUt0amarb5P
1xpVc02mNCBIVyJx/FSWM2+JoezDiJUTVUcySHUw5YyxE7uv6Z4FQWtLomwBP49P
swPaNEq5MKUxJgdanjlkv3O77FVFQhMsEl99dIwxLWmtNURnAm061A2i9kRBViUy
JgIztoM68JyyRFs8Mxa/vK5XZF3si+acXwt0wzuJSgM6QFo6bsCVPa4iBMSuwXOH
4upF0ignyNtReunh5gxUwNKpCeaZfDrdGeQ/NkzuOz4C6rjSuImkAh7Q8DUY5ALd
dnAbQ0y7K3e8YH+FYlT9Ep72Nq+G4duEBEQSlgmZmW5P2e05ymVUTKNvdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJTkc1h1OnhmKTq3UJY550pwkYn4MB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvbE9SeldIVTZlR1lwT3JkUWxqbm5TbkNSaWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX7WWAwQA
X7WYAwQAX7WrAwQCuQx8MA0GCSqGSIb3DQEBCwUAA4IBAQAKZku1rLXrjtQmhr48
VchdD3tUnqF8/Yjvmp1bzQdMHME0Kd1/FmLrQfhCWp56VfEpOEBKrhGkYHbEdOpt
SKy2yp8QoDj5g7uoVhJ3XFKhGGA2avWgtV5tJ5wltmCNlM16G5v9jr4Zi1Tig5Yy
T1uq8D3jLIU1Ybx9qOiso5Jwl5OePeOTpICPWOtp0BY/YSMZe0tXmpH9CwOYLCZB
oX4CqyY2Z7AF1AaOhQTta9x3sXC4b4Q9TihTS9RWst+5lahb8+BCAj0rxe1IaM5p
O/BCgd+GOxQpmHwVXzRDKjDyzvMUB8Q5O/SkB7+P7+HQ8QQEQQaiGpVnYOediYgy
tTBY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org