Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/XogimH82DZtmIfU654VjK0qhikQ.roa
File:                     XogimH82DZtmIfU654VjK0qhikQ.roa (raw, json)
Hash identifier:          xj4zsgsLCZ8TLPQQkPMtauCvPNyKco/eq7sAT9iXs9Q=
Subject key identifier:   5E:88:22:98:7F:36:0D:9B:66:21:F5:3A:E7:85:63:2B:4A:A1:8A:44
Certificate issuer:       /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial:       018D070A6F52F3B5DC4FC3E1CE1D44B2AF39
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/XogimH82DZtmIfU654VjK0qhikQ.roa
Signing time:             Sun 14 Jan 2024 08:15:40 +0000
ROA not before:           Sun 14 Jan 2024 08:15:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48359
IP address blocks:        185.239.1.0/24 maxlen: 24
                          89.44.240.0/24 maxlen: 24
                          89.44.241.0/24 maxlen: 24
                          185.3.200.0/24 maxlen: 24
                          89.42.44.0/22 maxlen: 22
                          45.94.214.0/24 maxlen: 24
                          45.94.215.0/24 maxlen: 24
                          89.46.217.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 10:14:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:07:0a:6f:52:f3:b5:dc:4f:c3:e1:ce:1d:44:b2:af:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
        Validity
            Not Before: Jan 14 08:15:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5e8822987f360d9b6621f53ae785632b4aa18a44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:91:30:3d:be:be:f7:84:64:3c:cc:c2:d3:e0:
                    20:45:10:f9:8b:e0:3b:70:06:3f:9e:31:4d:95:9c:
                    1c:c7:70:f4:6b:ad:92:9c:29:a9:5d:b9:a9:8f:c7:
                    40:50:cd:e7:9f:b2:d1:8c:43:ca:c6:ca:9f:bb:e5:
                    c2:2f:52:4c:a3:57:0c:62:22:d1:97:52:43:f5:c6:
                    45:f4:c4:e6:78:e1:5d:9c:2c:d8:f4:81:52:d6:eb:
                    c0:72:26:db:13:0b:a2:86:75:06:df:35:dc:28:90:
                    15:c7:3c:59:9a:9c:62:1b:46:8e:6d:22:72:a9:66:
                    d6:e1:23:f1:ff:be:a9:d2:0f:ea:9d:b0:eb:e8:08:
                    cd:55:10:19:79:99:e2:59:2d:43:eb:ab:99:e4:33:
                    61:19:28:5e:c0:c7:f5:f9:20:3f:bd:ee:6b:bd:18:
                    5f:96:d5:8a:cb:aa:f1:84:64:f6:c1:48:70:75:d4:
                    b9:34:ff:80:06:cb:5f:83:84:98:bd:f5:51:b0:f3:
                    d0:ff:d7:8a:06:d3:9a:8d:cf:c2:be:5e:46:de:4e:
                    ea:14:e6:d3:7b:b6:af:02:26:4f:79:ae:3b:06:30:
                    d5:8f:c0:5c:82:87:3e:50:88:61:ec:c0:c6:a4:20:
                    4e:5a:99:a1:e8:82:a9:a2:b1:dc:d3:16:8d:9c:5d:
                    e9:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:88:22:98:7F:36:0D:9B:66:21:F5:3A:E7:85:63:2B:4A:A1:8A:44
            X509v3 Authority Key Identifier:
                keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/XogimH82DZtmIfU654VjK0qhikQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.214.0/23
                  89.42.44.0/22
                  89.44.240.0/23
                  89.46.217.0/24
                  185.3.200.0/24
                  185.239.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:f4:0f:3e:f5:c6:45:da:ec:2a:6e:f5:7f:ad:8e:67:a0:96:
         49:98:40:9e:61:b3:43:f4:5e:b7:54:2f:9a:44:78:57:80:b1:
         d1:2c:07:b8:07:99:81:e0:dc:b1:49:6d:15:a5:8c:6a:8e:05:
         11:74:a4:9f:3f:f5:2c:7c:52:b4:bc:41:65:fa:e0:b9:06:b6:
         44:c5:5b:b6:fb:f9:91:5d:3c:35:67:6c:93:56:3c:6a:bc:31:
         9c:6e:6b:00:32:aa:6a:a6:b1:da:ad:64:5c:d1:19:13:30:bd:
         4d:a8:94:cc:64:64:43:ed:fd:67:43:4e:cb:cf:05:86:84:88:
         58:f2:12:ca:e6:8d:e6:a4:8e:d8:22:d8:80:e8:21:a6:f7:46:
         e9:b6:57:db:96:81:f3:0c:bd:8b:9e:d8:ed:06:d9:fd:78:d9:
         ef:6d:f8:d9:f8:cb:05:71:3e:cb:64:90:c4:1b:c4:42:e9:1d:
         ac:20:b9:bd:35:11:20:16:c0:ab:07:37:ec:75:ff:61:49:41:
         fd:b2:03:c5:33:9e:71:c8:19:33:2b:3d:7d:0e:13:ce:d8:78:
         98:91:dd:2f:83:f4:53:04:e7:9a:ab:16:d6:32:c0:95:a1:db:
         ca:3d:99:08:8b:61:3f:0e:30:1a:80:c9:34:e9:cc:5f:04:f5:
         22:73:0a:71
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY0HCm9S87XcT8Phzh1Esq85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMTE0MDgxNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTg4MjI5ODdmMzYwZDliNjYyMWY1M2FlNzg1NjMyYjRhYTE4YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5EwPb6+94RkPMzC0+AgRRD5i+A7
cAY/njFNlZwcx3D0a62SnCmpXbmpj8dAUM3nn7LRjEPKxsqfu+XCL1JMo1cMYiLR
l1JD9cZF9MTmeOFdnCzY9IFS1uvAcibbEwuihnUG3zXcKJAVxzxZmpxiG0aObSJy
qWbW4SPx/76p0g/qnbDr6AjNVRAZeZniWS1D66uZ5DNhGShewMf1+SA/ve5rvRhf
ltWKy6rxhGT2wUhwddS5NP+ABstfg4SYvfVRsPPQ/9eKBtOajc/Cvl5G3k7qFObT
e7avAiZPea47BjDVj8Bcgoc+UIhh7MDGpCBOWpmh6IKporHc0xaNnF3pEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF6IIph/Ng2bZiH1OueFYytKoYpEMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvWG9naW1IODJEWnRtSWZVNjU0VmpLMHFoaWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLV7WAwQC
WSosAwQBWSzwAwQAWS7ZAwQAuQPIAwQAue8BMA0GCSqGSIb3DQEBCwUAA4IBAQAW
9A8+9cZF2uwqbvV/rY5noJZJmECeYbND9F63VC+aRHhXgLHRLAe4B5mB4NyxSW0V
pYxqjgURdKSfP/UsfFK0vEFl+uC5BrZExVu2+/mRXTw1Z2yTVjxqvDGcbmsAMqpq
prHarWRc0RkTML1NqJTMZGRD7f1nQ07LzwWGhIhY8hLK5o3mpI7YItiA6CGm90bp
tlfbloHzDL2LntjtBtn9eNnvbfjZ+MsFcT7LZJDEG8RC6R2sILm9NREgFsCrBzfs
df9hSUH9sgPFM55xyBkzKz19DhPO2HiYkd0vg/RTBOeaqxbWMsCVodvKPZkIi2E/
DjAagMk06cxfBPUicwpx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org