Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/Vy52QdxvLHKxP2nF5ozuQlrTvb8.roa
File:                     Vy52QdxvLHKxP2nF5ozuQlrTvb8.roa (raw, json)
Hash identifier:          JdJ7A8o/MrptoHZxFqUKT4vXOFMHZCplRnehVZMZ36o=
Subject key identifier:   57:2E:76:41:DC:6F:2C:72:B1:3F:69:C5:E6:8C:EE:42:5A:D3:BD:BF
Certificate issuer:       /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial:       018AC146CCD6B5902F91951E4876DAF451B3
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/Vy52QdxvLHKxP2nF5ozuQlrTvb8.roa
Signing time:             Sat 23 Sep 2023 09:02:37 +0000
ROA not before:           Sat 23 Sep 2023 09:02:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62454
IP address blocks:        176.100.38.0/24 maxlen: 24
                          176.100.39.0/24 maxlen: 24
                          185.14.93.0/24 maxlen: 24
                          185.14.92.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:c1:46:cc:d6:b5:90:2f:91:95:1e:48:76:da:f4:51:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
        Validity
            Not Before: Sep 23 09:02:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=572e7641dc6f2c72b13f69c5e68cee425ad3bdbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:15:eb:31:3d:63:a8:04:fe:9d:d9:95:4f:1b:
                    b7:f1:09:a8:3c:17:18:57:09:41:16:75:f6:79:d4:
                    ec:d4:50:f8:4e:fe:45:be:0e:c2:b0:f7:0e:0a:d4:
                    98:c3:01:81:f7:d6:2f:92:75:3c:88:5a:90:8a:9e:
                    a2:87:c0:72:5b:e0:18:77:48:42:5e:a3:d8:0a:f8:
                    a1:37:b2:38:fb:b7:78:47:58:fe:b3:7a:7b:b5:79:
                    e7:a1:80:4f:91:9d:b1:1f:1e:61:3b:2b:72:83:1c:
                    28:d0:57:19:33:a1:44:07:52:63:fb:89:41:16:ad:
                    52:60:65:c8:c4:c0:ed:2b:9c:fa:17:5d:05:24:c6:
                    ad:83:1c:07:43:65:f0:b0:60:eb:67:80:9f:3d:25:
                    27:ff:51:9d:8c:e6:ab:41:8b:06:81:f6:f6:dd:d8:
                    d0:86:2e:cc:51:ac:ed:79:6f:52:3d:33:b4:7a:03:
                    a4:63:19:02:9b:34:0b:33:07:32:09:fb:9d:c1:78:
                    b3:9c:f9:0f:37:f4:7e:3b:c6:6c:7b:4b:9f:6c:4a:
                    88:54:63:69:f5:a5:34:06:06:24:c9:29:17:08:4f:
                    ec:e9:37:77:b8:58:fe:ed:69:fe:73:fd:b2:c0:01:
                    46:95:be:b6:9c:21:71:0c:ef:4d:12:f8:ec:39:b1:
                    08:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:2E:76:41:DC:6F:2C:72:B1:3F:69:C5:E6:8C:EE:42:5A:D3:BD:BF
            X509v3 Authority Key Identifier:
                keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/Vy52QdxvLHKxP2nF5ozuQlrTvb8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.100.38.0/23
                  185.14.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2e:96:a0:60:05:6e:cf:59:a3:a6:f2:c4:7f:23:25:b4:cc:30:
         14:3e:b0:30:ad:dc:53:e5:ce:13:92:f4:02:b6:8a:69:32:80:
         26:bc:e1:c0:df:db:25:91:dd:2c:49:49:3d:e2:00:6f:6e:0a:
         a0:74:71:ca:93:f5:ac:06:5d:d5:2a:84:fb:40:9a:f9:a4:58:
         e1:c6:ef:d5:6f:13:a5:a4:8a:0a:ce:ac:4d:a3:04:fe:11:91:
         96:b9:00:24:6f:96:d0:33:e1:2e:c1:61:9b:4e:95:6e:0c:b0:
         6d:30:a8:5c:bf:45:d7:17:16:a7:4e:32:ec:32:e2:39:81:0d:
         56:cb:a2:c1:cc:10:93:a4:80:6e:c6:67:99:7e:92:16:f3:ae:
         a9:eb:c1:7e:f6:f2:bd:0a:9f:e7:94:bd:a1:df:9d:ec:d5:ee:
         65:fb:e2:7e:d0:cb:b4:22:c4:44:b3:50:a1:f0:d5:7b:39:16:
         e2:cc:fb:ab:9f:c3:4b:8e:c3:89:3e:eb:22:42:fd:98:87:9f:
         ba:6d:d5:cb:ac:67:a9:26:ab:a3:67:0c:b2:26:84:2b:97:9b:
         6e:89:ff:96:4e:8c:d7:29:c6:6d:4f:8e:e7:75:fb:6b:f5:fe:
         6d:42:03:ae:3d:5c:73:42:de:23:87:59:b4:54:a7:78:a1:e6:
         85:b6:41:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrBRszWtZAvkZUeSHba9FGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMwOTIzMDkwMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzJlNzY0MWRjNmYyYzcyYjEzZjY5YzVlNjhjZWU0MjVhZDNiZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBXrMT1jqAT+ndmVTxu38QmoPBcY
VwlBFnX2edTs1FD4Tv5Fvg7CsPcOCtSYwwGB99YvknU8iFqQip6ih8ByW+AYd0hC
XqPYCvihN7I4+7d4R1j+s3p7tXnnoYBPkZ2xHx5hOytygxwo0FcZM6FEB1Jj+4lB
Fq1SYGXIxMDtK5z6F10FJMatgxwHQ2XwsGDrZ4CfPSUn/1GdjOarQYsGgfb23djQ
hi7MUazteW9SPTO0egOkYxkCmzQLMwcyCfudwXiznPkPN/R+O8Zse0ufbEqIVGNp
9aU0BgYkySkXCE/s6Td3uFj+7Wn+c/2ywAFGlb62nCFxDO9NEvjsObEIFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFcudkHcbyxysT9pxeaM7kJa072/MB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvVnk1MlFkeHZMSEt4UDJuRjVvenVRbHJUdmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBsGQmAwQB
uQ5cMA0GCSqGSIb3DQEBCwUAA4IBAQAulqBgBW7PWaOm8sR/IyW0zDAUPrAwrdxT
5c4TkvQCtoppMoAmvOHA39slkd0sSUk94gBvbgqgdHHKk/WsBl3VKoT7QJr5pFjh
xu/VbxOlpIoKzqxNowT+EZGWuQAkb5bQM+EuwWGbTpVuDLBtMKhcv0XXFxanTjLs
MuI5gQ1Wy6LBzBCTpIBuxmeZfpIW866p68F+9vK9Cp/nlL2h353s1e5l++J+0Mu0
IsREs1Ch8NV7ORbizPurn8NLjsOJPusiQv2Yh5+6bdXLrGepJqujZwyyJoQrl5tu
if+WTozXKcZtT47ndftr9f5tQgOuPVxzQt4jh1m0VKd4oeaFtkEh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:18 2024 by rpki-client on console-ams.rpki-client.org