Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1N0TDhx8DbwEACK1wQaa8pJONa8.roa
File:                     1N0TDhx8DbwEACK1wQaa8pJONa8.roa (raw, json)
Hash identifier:          +SAGpxVUD9Gs8r1T1WoZ9HutYvE9UV+dWFoEvQfIU4Y=
Subject key identifier:   D4:DD:13:0E:1C:7C:0D:BC:04:00:22:B5:C1:06:9A:F2:92:4E:35:AF
Certificate issuer:       /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial:       0185EE48D1EBF9B2AF9E4CFA9BF5F0FC9E37
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1N0TDhx8DbwEACK1wQaa8pJONa8.roa
Signing time:             Thu 26 Jan 2023 13:33:47 +0000
ROA not before:           Thu 26 Jan 2023 13:33:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57433
IP address blocks:        185.14.92.0/24 maxlen: 24
                          185.14.93.0/24 maxlen: 24
                          94.154.51.0/24 maxlen: 24
                          94.154.49.0/24 maxlen: 24
                          94.154.50.0/24 maxlen: 24
                          94.154.48.0/24 maxlen: 24
                          94.154.48.0/21 maxlen: 24
                          94.154.52.0/24 maxlen: 24
                          94.154.53.0/24 maxlen: 24
                          94.154.54.0/24 maxlen: 24
                          94.154.55.0/24 maxlen: 24
                          37.114.32.0/19 maxlen: 24
                          37.114.37.0/24 maxlen: 24
                          37.114.32.0/24 maxlen: 24
                          37.114.58.0/24 maxlen: 24
                          43.251.161.0/24 maxlen: 24
                          43.251.162.0/24 maxlen: 24
                          43.251.160.0/24 maxlen: 24
                          43.251.163.0/24 maxlen: 24
                          176.100.32.0/21 maxlen: 21
                          176.100.32.0/24 maxlen: 24
                          176.100.39.0/24 maxlen: 24
                          2a00:ccc1::/48 maxlen: 48
                          2a00:ccc0::/32 maxlen: 32
                          2a00:ccc1:4::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 26 Jan 2023 15:45:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ee:48:d1:eb:f9:b2:af:9e:4c:fa:9b:f5:f0:fc:9e:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
        Validity
            Not Before: Jan 26 13:33:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4dd130e1c7c0dbc040022b5c1069af2924e35af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:f4:92:74:d3:0b:ed:47:5a:19:47:2d:65:5d:
                    45:c9:6f:b7:b6:ba:93:1c:60:74:61:5f:aa:63:e0:
                    b5:5f:6c:e7:51:7e:ca:f8:37:bc:f8:cc:22:e2:0b:
                    d5:58:c2:54:d3:db:88:8d:a3:0f:19:c8:e7:e5:3c:
                    52:6c:c6:c0:5a:fb:f3:84:d7:a2:15:ae:9f:fe:ae:
                    aa:c1:3e:0d:11:56:1c:b0:26:7e:27:5a:63:e2:7e:
                    52:df:91:89:02:61:38:fb:cb:d7:f7:21:cb:3c:1c:
                    c1:59:b5:fa:8e:ee:a3:74:ec:33:92:a8:5c:be:3b:
                    d5:d7:12:c0:4a:51:bd:c4:1d:14:17:32:d5:78:fd:
                    3d:2a:9e:c3:c6:3e:71:b6:9c:d1:2b:86:71:ca:b8:
                    92:8e:32:13:bd:e1:9a:f0:3a:f1:a0:93:af:a8:49:
                    92:d0:6c:fe:cb:15:03:23:38:83:62:ee:42:18:72:
                    c0:60:64:15:37:fa:dc:14:5d:e7:a2:00:aa:57:d8:
                    87:b4:d2:ea:76:dd:08:1b:c7:ea:13:a5:3a:21:35:
                    4c:ce:b3:95:ac:16:6b:27:b3:a6:65:59:4a:88:77:
                    98:82:23:e9:4b:e9:21:9a:ee:ed:f0:ed:ef:02:9b:
                    6f:db:e8:e0:86:64:25:26:ef:e3:10:00:a6:3d:34:
                    27:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:DD:13:0E:1C:7C:0D:BC:04:00:22:B5:C1:06:9A:F2:92:4E:35:AF
            X509v3 Authority Key Identifier:
                keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1N0TDhx8DbwEACK1wQaa8pJONa8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.114.32.0/19
                  43.251.160.0/22
                  94.154.48.0/21
                  176.100.32.0/21
                  185.14.92.0/23
                IPv6:
                  2a00:ccc0::-2a00:ccc1:0:ffff:ffff:ffff:ffff:ffff
                  2a00:ccc1:4::/48

    Signature Algorithm: sha256WithRSAEncryption
         64:79:99:39:77:a5:c7:84:c0:69:e4:b9:8c:82:b0:ba:80:ee:
         99:cc:ec:dd:30:4c:8e:22:c2:88:87:f9:8c:ba:5f:76:6c:b3:
         06:70:56:63:98:81:56:be:aa:4c:ce:12:fb:ea:86:41:a2:56:
         bf:1d:d2:71:8f:36:1c:b8:af:1e:8d:9d:f0:ab:fa:17:36:89:
         e1:c2:fe:cd:ab:6e:32:6d:6d:d4:18:51:24:09:e0:57:af:69:
         3c:cb:d4:c3:23:76:34:d1:d5:28:86:b0:b2:c2:e3:1b:ec:ea:
         a0:ff:1b:a2:e1:31:3e:2c:08:64:9c:30:84:ce:7b:ef:dd:9c:
         f9:ce:62:cf:70:bb:b3:b2:a7:44:79:1b:71:91:01:86:bf:49:
         38:74:5e:56:2f:73:64:f8:7b:26:11:b5:5a:e6:78:47:56:8d:
         7b:43:cf:01:a3:6e:32:b3:f6:6e:44:c5:c7:0d:30:13:c9:68:
         90:d7:d5:75:e4:e4:ad:c3:79:30:2f:6d:c1:26:bc:fb:20:bf:
         2b:99:24:ca:cc:75:67:e7:a6:f6:02:6f:39:86:f3:88:37:c7:
         f6:8b:eb:fe:cf:c2:e4:68:b1:0c:a0:21:fe:df:a7:b3:4d:88:
         63:2a:9b:a3:bd:02:0e:34:a3:07:c5:99:54:4f:12:65:f9:eb:
         a4:e1:57:57
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYXuSNHr+bKvnkz6m/Xw/J43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMwMTI2MTMzMzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGRkMTMwZTFjN2MwZGJjMDQwMDIyYjVjMTA2OWFmMjkyNGUzNWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/SSdNML7UdaGUctZV1FyW+3trqT
HGB0YV+qY+C1X2znUX7K+De8+Mwi4gvVWMJU09uIjaMPGcjn5TxSbMbAWvvzhNei
Fa6f/q6qwT4NEVYcsCZ+J1pj4n5S35GJAmE4+8vX9yHLPBzBWbX6ju6jdOwzkqhc
vjvV1xLASlG9xB0UFzLVeP09Kp7Dxj5xtpzRK4ZxyriSjjITveGa8DrxoJOvqEmS
0Gz+yxUDIziDYu5CGHLAYGQVN/rcFF3nogCqV9iHtNLqdt0IG8fqE6U6ITVMzrOV
rBZrJ7OmZVlKiHeYgiPpS+khmu7t8O3vAptv2+jghmQlJu/jEACmPTQntwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFNTdEw4cfA28BAAitcEGmvKSTjWvMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvMU4wVERoeDhEYndFQUNLMXdRYWE4cEpPTmE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAkBAIAATAeAwQFJXIgAwQC
K/ugAwQDXpowAwQDsGQgAwQBuQ5cMCEEAgACMBswEAMFBioAzMADBwAqAMzBAAAD
BwAqAMzBAAQwDQYJKoZIhvcNAQELBQADggEBAGR5mTl3pceEwGnkuYyCsLqA7pnM
7N0wTI4iwoiH+Yy6X3ZsswZwVmOYgVa+qkzOEvvqhkGiVr8d0nGPNhy4rx6NnfCr
+hc2ieHC/s2rbjJtbdQYUSQJ4FevaTzL1MMjdjTR1SiGsLLC4xvs6qD/G6LhMT4s
CGScMITOe+/dnPnOYs9wu7Oyp0R5G3GRAYa/STh0XlYvc2T4eyYRtVrmeEdWjXtD
zwGjbjKz9m5ExccNMBPJaJDX1XXk5K3DeTAvbcEmvPsgvyuZJMrMdWfnpvYCbzmG
84g3x/aL6/7PwuRosQygIf7fp7NNiGMqm6O9Ag40owfFmVRPEmX566ThV1c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org