Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/a0hvPX27dDzt_VwF-WdZm2IjO7c.roa
File:                     a0hvPX27dDzt_VwF-WdZm2IjO7c.roa (raw, json)
Hash identifier:          gZkL9IOKh+dxnXB1LQ1g0DOS7h7g7VvDIDf4toHMsp0=
Subject key identifier:   6B:48:6F:3D:7D:BB:74:3C:ED:FD:5C:05:F9:67:59:9B:62:23:3B:B7
Certificate issuer:       /CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Certificate serial:       018DAE3442C6AD0DACD281DDA8F7CA6B627A
Authority key identifier: AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/a0hvPX27dDzt_VwF-WdZm2IjO7c.roa
Signing time:             Thu 15 Feb 2024 19:17:57 +0000
ROA not before:           Thu 15 Feb 2024 19:17:57 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2872
IP address blocks:        2.58.40.0/22 maxlen: 22
                          2.58.40.0/24 maxlen: 24
                          2.58.41.0/24 maxlen: 24
                          2.58.42.0/24 maxlen: 24
                          89.43.206.0/24 maxlen: 24
                          89.43.207.0/24 maxlen: 24
                          185.123.0.0/22 maxlen: 22
                          185.123.0.0/24 maxlen: 24
                          185.123.1.0/24 maxlen: 24
                          185.123.2.0/24 maxlen: 24
                          185.123.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 23 Sep 2024 11:27:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ae:34:42:c6:ad:0d:ac:d2:81:dd:a8:f7:ca:6b:62:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
        Validity
            Not Before: Feb 15 19:17:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6b486f3d7dbb743cedfd5c05f967599b62233bb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:16:39:5a:6a:5f:35:76:f7:60:45:be:4e:a5:
                    51:cc:84:03:9a:4d:f1:0d:a9:54:34:a2:ed:a5:e8:
                    bc:e7:bb:84:e4:5b:44:2a:72:34:7d:77:80:13:e9:
                    c3:fd:b0:c0:5a:53:05:17:2f:71:5d:2e:35:f3:c3:
                    30:d3:ad:b5:fe:b3:eb:db:01:0e:63:f0:13:5c:6f:
                    ee:37:d7:7e:68:8c:34:e5:7c:8a:a0:cc:3f:a8:3e:
                    46:33:88:76:42:48:85:4c:1e:46:e3:76:de:31:7c:
                    26:a5:54:99:9a:37:ad:19:2b:0f:05:95:f3:67:4d:
                    25:52:47:fb:cb:32:f5:03:08:e1:1b:56:3f:eb:b6:
                    21:ec:fc:d5:74:15:34:70:4d:c9:66:06:70:b8:73:
                    72:32:d8:6c:34:47:68:3a:88:de:3c:b7:01:95:72:
                    01:f7:9e:23:d7:70:2c:60:0e:ca:3d:6c:96:54:86:
                    84:c4:e2:b0:d0:d0:6c:53:b7:07:f3:87:8b:d8:23:
                    f2:a6:28:ee:a3:ff:ee:79:74:95:87:22:57:43:b9:
                    00:23:fc:f1:fb:ed:44:7d:f1:b9:bc:32:6c:69:5d:
                    6b:cf:a3:88:f9:4a:0a:94:b4:b1:dc:14:ae:c1:be:
                    ac:ab:f2:89:c2:04:21:f5:ea:8d:53:3c:5e:64:f7:
                    62:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:48:6F:3D:7D:BB:74:3C:ED:FD:5C:05:F9:67:59:9B:62:23:3B:B7
            X509v3 Authority Key Identifier:
                keyid:AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/a0hvPX27dDzt_VwF-WdZm2IjO7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.40.0/22
                  89.43.206.0/23
                  185.123.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         74:8f:4f:ea:a4:fa:e1:a3:e8:f5:be:c4:7e:ac:93:e0:aa:66:
         1e:60:1f:07:b8:ba:8b:86:44:e4:7a:f0:67:61:57:4f:a1:f3:
         93:bc:ff:30:f7:0f:77:45:d9:0c:78:69:42:87:93:46:16:19:
         ee:2d:0f:ff:58:9b:ed:62:9d:03:71:33:b9:2c:fb:d8:85:d0:
         bd:24:15:ed:a5:34:52:eb:7b:9f:36:b9:3f:b9:aa:26:87:4d:
         8c:35:ae:76:f3:d6:d1:b3:02:4e:77:4b:e0:ef:a1:06:c4:6e:
         5b:4c:e5:a7:81:a7:c0:28:c1:61:9e:12:54:87:39:89:78:49:
         b3:7d:e1:44:7b:61:87:6c:ae:6a:ab:47:28:68:5d:6b:6a:3e:
         28:5f:0f:90:37:5a:d3:ea:39:28:99:60:ca:cc:d1:28:1f:aa:
         14:82:0f:06:ce:41:c9:77:83:52:92:ce:15:72:8f:ea:71:dc:
         54:37:89:32:a0:af:ab:c4:8c:2b:0d:52:a6:c4:09:ee:91:bb:
         26:ac:f1:c2:ea:3c:67:f4:f8:9b:9a:10:b0:1d:47:f8:e2:96:
         a1:9d:5a:f5:21:15:b8:17:f6:59:9b:a4:5d:97:c0:42:19:b6:
         b7:dc:e8:72:6e:d1:66:95:cd:55:da:14:08:56:4f:9d:3e:5c:
         60:bc:87:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2uNELGrQ2s0oHdqPfKa2J6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGY1NDM4MDczYTYyMWFlYTc3MmY1Y2I3YTRlZmQ1OGM2
Yjc3NGMwHhcNMjQwMjE1MTkxNzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQ4NmYzZDdkYmI3NDNjZWRmZDVjMDVmOTY3NTk5YjYyMjMzYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBY5WmpfNXb3YEW+TqVRzIQDmk3x
DalUNKLtpei857uE5FtEKnI0fXeAE+nD/bDAWlMFFy9xXS4188Mw0621/rPr2wEO
Y/ATXG/uN9d+aIw05XyKoMw/qD5GM4h2QkiFTB5G43beMXwmpVSZmjetGSsPBZXz
Z00lUkf7yzL1AwjhG1Y/67Yh7PzVdBU0cE3JZgZwuHNyMthsNEdoOojePLcBlXIB
954j13AsYA7KPWyWVIaExOKw0NBsU7cH84eL2CPypijuo//ueXSVhyJXQ7kAI/zx
++1EffG5vDJsaV1rz6OI+UoKlLSx3BSuwb6sq/KJwgQh9eqNUzxeZPdiYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGtIbz19u3Q87f1cBflnWZtiIzu3MB8GA1UdIwQY
MBaAFK2PVDgHOmIa6ncvXLek79WMa3dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2Yt
MTc3OGJhMjVkOGI5LzEvYTBodlBYMjdkRHp0X1Z3Ri1XZFptMklqTzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2YtMTc3OGJhMjVkOGI5
LzEvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjooAwQB
WSvOAwQCuXsAMA0GCSqGSIb3DQEBCwUAA4IBAQB0j0/qpPrho+j1vsR+rJPgqmYe
YB8HuLqLhkTkevBnYVdPofOTvP8w9w93RdkMeGlCh5NGFhnuLQ//WJvtYp0DcTO5
LPvYhdC9JBXtpTRS63ufNrk/uaomh02MNa5289bRswJOd0vg76EGxG5bTOWngafA
KMFhnhJUhzmJeEmzfeFEe2GHbK5qq0coaF1raj4oXw+QN1rT6jkomWDKzNEoH6oU
gg8GzkHJd4NSks4Vco/qcdxUN4kyoK+rxIwrDVKmxAnukbsmrPHC6jxn9PibmhCw
HUf44pahnVr1IRW4F/ZZm6Rdl8BCGba33OhybtFmlc1V2hQIVk+dPlxgvIf1
-----END CERTIFICATE-----
Generated at Mon Sep 23 18:04:06 2024 by rpki-client on console-ams.rpki-client.org