Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f5873a-8932-426f-8175-38c8dafb3e4f/1/S645Lbv4x-VLqcQgnl0xXQo7Ndc.roa
File:                     S645Lbv4x-VLqcQgnl0xXQo7Ndc.roa (raw, json)
Hash identifier:          foG1KKs6EpdEQxjhvvbygxFJmh3jQa0v/NW6lzHh/zE=
Subject key identifier:   4B:AE:39:2D:BB:F8:C7:E5:4B:A9:C4:20:9E:5D:31:5D:0A:3B:35:D7
Certificate issuer:       /CN=65e226bcf4a830b2f448fd6ea9976b152087dd45
Certificate serial:       0188529B3AAE36F84B558C6EA5F75C16D1EF
Authority key identifier: 65:E2:26:BC:F4:A8:30:B2:F4:48:FD:6E:A9:97:6B:15:20:87:DD:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZeImvPSoMLL0SP1uqZdrFSCH3UU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/f5873a-8932-426f-8175-38c8dafb3e4f/1/S645Lbv4x-VLqcQgnl0xXQo7Ndc.roa
Signing time:             Thu 25 May 2023 11:11:24 +0000
ROA not before:           Thu 25 May 2023 11:11:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6830
IP address blocks:        188.126.30.0/23 maxlen: 23
                          185.134.192.0/22 maxlen: 22
                          188.126.2.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:52:9b:3a:ae:36:f8:4b:55:8c:6e:a5:f7:5c:16:d1:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65e226bcf4a830b2f448fd6ea9976b152087dd45
        Validity
            Not Before: May 25 11:11:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4bae392dbbf8c7e54ba9c4209e5d315d0a3b35d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:b2:8f:82:3c:5c:38:15:56:8f:6c:f5:ed:dd:
                    62:eb:e6:b6:82:84:0b:65:63:9d:55:80:ba:01:13:
                    97:36:96:8b:7a:d0:33:c1:fd:04:62:94:87:ec:e1:
                    b5:0e:d2:32:fa:3c:01:8b:6d:27:f7:8c:30:d0:54:
                    e8:39:38:a6:95:78:b9:1b:cd:02:d6:f6:11:77:1e:
                    99:68:a5:da:0c:ab:22:23:d5:ca:b7:2c:0c:dd:d3:
                    31:f8:0d:bb:a6:41:78:cf:fd:a5:e3:27:58:f8:31:
                    d5:19:72:6f:4b:3a:64:1e:f1:56:81:8e:47:f8:1c:
                    cc:57:a0:6f:14:15:81:d1:3b:d9:85:22:6f:90:1c:
                    ca:e3:b2:7a:7b:e4:35:79:c2:74:4e:99:85:83:6c:
                    62:df:2b:8f:2e:d9:b3:f2:42:fd:26:33:00:30:eb:
                    4c:09:a8:ee:f4:bb:7e:32:94:b4:8d:ac:14:7e:93:
                    55:62:b6:06:a4:82:a5:92:ea:ff:87:a8:a8:12:cf:
                    55:e8:25:66:b9:69:3e:53:66:92:99:b2:4b:1c:92:
                    61:c8:fe:7f:c6:37:3f:1d:03:ba:bf:f5:b4:9a:d8:
                    bc:e0:44:cd:0d:32:c0:5d:ac:93:1f:93:f7:ca:1c:
                    e8:1c:74:a8:2f:c6:f4:c9:f9:08:fb:19:e7:20:d1:
                    0f:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:AE:39:2D:BB:F8:C7:E5:4B:A9:C4:20:9E:5D:31:5D:0A:3B:35:D7
            X509v3 Authority Key Identifier:
                keyid:65:E2:26:BC:F4:A8:30:B2:F4:48:FD:6E:A9:97:6B:15:20:87:DD:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZeImvPSoMLL0SP1uqZdrFSCH3UU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f5873a-8932-426f-8175-38c8dafb3e4f/1/S645Lbv4x-VLqcQgnl0xXQo7Ndc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f5873a-8932-426f-8175-38c8dafb3e4f/1/ZeImvPSoMLL0SP1uqZdrFSCH3UU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.134.192.0/22
                  188.126.2.0/23
                  188.126.30.0/23

    Signature Algorithm: sha256WithRSAEncryption
         96:50:b0:ac:1d:74:43:e8:32:c0:09:92:26:93:31:d5:d2:5b:
         36:95:5c:a8:f2:88:74:6f:14:ca:a6:15:63:0b:dc:0c:ad:57:
         6e:2c:c5:ab:32:dd:80:2c:e2:c6:81:00:b1:c7:42:cf:ae:de:
         c5:2f:50:aa:48:2e:5d:f3:68:5f:e9:13:8d:7c:f9:76:1f:cf:
         b3:8a:7e:df:48:88:e9:41:34:e5:29:f6:b0:89:e4:ef:6b:bb:
         7e:ac:fb:d4:77:3c:28:12:5b:d3:d9:9e:8a:d9:0f:33:e2:9e:
         16:56:6b:cb:41:ea:62:44:ad:fe:41:60:64:65:66:65:2e:5b:
         8a:11:65:4c:f8:e8:d1:11:39:ba:cd:ec:f6:2f:2c:8e:35:ba:
         df:7d:da:3b:48:82:28:56:93:85:64:e3:76:f6:41:3a:8f:25:
         53:ad:a7:5d:ad:cf:5e:0a:83:fb:d3:ab:c8:5d:f9:fa:d5:d4:
         8e:c5:68:59:e1:36:cb:2c:35:49:b1:a3:20:f5:ab:04:21:cd:
         29:1a:4d:c1:f1:e2:42:c3:3e:e7:3f:63:75:19:03:87:f0:d8:
         a2:29:7f:6d:af:54:12:3c:a5:d6:03:e5:51:bc:89:38:ab:17:
         a8:27:72:91:33:97:d6:93:68:d8:8b:89:34:44:e0:64:32:82:
         79:bc:b4:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhSmzquNvhLVYxupfdcFtHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZTIyNmJjZjRhODMwYjJmNDQ4ZmQ2ZWE5OTc2YjE1MjA4
N2RkNDUwHhcNMjMwNTI1MTExMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmFlMzkyZGJiZjhjN2U1NGJhOWM0MjA5ZTVkMzE1ZDBhM2IzNWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbKPgjxcOBVWj2z17d1i6+a2goQL
ZWOdVYC6AROXNpaLetAzwf0EYpSH7OG1DtIy+jwBi20n94ww0FToOTimlXi5G80C
1vYRdx6ZaKXaDKsiI9XKtywM3dMx+A27pkF4z/2l4ydY+DHVGXJvSzpkHvFWgY5H
+BzMV6BvFBWB0TvZhSJvkBzK47J6e+Q1ecJ0TpmFg2xi3yuPLtmz8kL9JjMAMOtM
Caju9Lt+MpS0jawUfpNVYrYGpIKlkur/h6ioEs9V6CVmuWk+U2aSmbJLHJJhyP5/
xjc/HQO6v/W0mti84ETNDTLAXayTH5P3yhzoHHSoL8b0yfkI+xnnINEPDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEuuOS27+MflS6nEIJ5dMV0KOzXXMB8GA1UdIwQY
MBaAFGXiJrz0qDCy9Ej9bqmXaxUgh91FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmVJbXZQU29NTEwwU1AxdXFaZHJGU0NIM1VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mNTg3M2EtODkzMi00MjZmLTgxNzUt
MzhjOGRhZmIzZTRmLzEvUzY0NUxidjR4LVZMcWNRZ25sMHhYUW83TmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mNTg3M2EtODkzMi00MjZmLTgxNzUtMzhjOGRhZmIzZTRm
LzEvWmVJbXZQU29NTEwwU1AxdXFaZHJGU0NIM1VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuYbAAwQB
vH4CAwQBvH4eMA0GCSqGSIb3DQEBCwUAA4IBAQCWULCsHXRD6DLACZImkzHV0ls2
lVyo8oh0bxTKphVjC9wMrVduLMWrMt2ALOLGgQCxx0LPrt7FL1CqSC5d82hf6RON
fPl2H8+zin7fSIjpQTTlKfawieTva7t+rPvUdzwoElvT2Z6K2Q8z4p4WVmvLQepi
RK3+QWBkZWZlLluKEWVM+OjRETm6zez2LyyONbrffdo7SIIoVpOFZON29kE6jyVT
raddrc9eCoP706vIXfn61dSOxWhZ4TbLLDVJsaMg9asEIc0pGk3B8eJCwz7nP2N1
GQOH8NiiKX9tr1QSPKXWA+VRvIk4qxeoJ3KRM5fWk2jYi4k0ROBkMoJ5vLQ/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:08 2024 by rpki-client on console-ams.rpki-client.org