Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/ex8hwMVG98PkPwkpbRc2ehEFcRw.roa
File:                     ex8hwMVG98PkPwkpbRc2ehEFcRw.roa (raw, json)
Hash identifier:          3mra5uo/vOaHkEs+EPZsnHLJiYqvvJWmCNCWpkGCf1A=
Subject key identifier:   7B:1F:21:C0:C5:46:F7:C3:E4:3F:09:29:6D:17:36:7A:11:05:71:1C
Certificate issuer:       /CN=adb365acf6f918499707dda13f033e2cd6110308
Certificate serial:       0185711E80AB258F96A9A25DF1FC7CB94DB9
Authority key identifier: AD:B3:65:AC:F6:F9:18:49:97:07:DD:A1:3F:03:3E:2C:D6:11:03:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rbNlrPb5GEmXB92hPwM-LNYRAwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/ex8hwMVG98PkPwkpbRc2ehEFcRw.roa
Signing time:             Mon 02 Jan 2023 06:15:02 +0000
ROA not before:           Mon 02 Jan 2023 06:15:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15600
IP address blocks:        91.138.0.0/18 maxlen: 24
                          185.90.108.0/22 maxlen: 22
                          2a05:dcc0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:80:ab:25:8f:96:a9:a2:5d:f1:fc:7c:b9:4d:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=adb365acf6f918499707dda13f033e2cd6110308
        Validity
            Not Before: Jan  2 06:15:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b1f21c0c546f7c3e43f09296d17367a1105711c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:81:a0:cf:36:ca:15:eb:42:bc:bb:91:d9:0e:
                    0d:65:6d:76:64:74:0d:15:11:c1:e0:b1:97:84:5d:
                    9b:89:7b:66:54:0a:43:fd:33:ed:68:12:68:0b:17:
                    d7:5c:c7:25:17:ed:19:ff:b7:a5:79:79:fa:6f:70:
                    50:a3:cc:a6:fc:56:37:8f:de:33:98:e6:b7:23:2e:
                    ef:11:be:d8:36:81:eb:9e:98:cd:d1:ac:f0:19:6c:
                    04:71:20:f6:a4:a9:0b:e7:09:d1:0a:e5:1f:80:33:
                    0a:97:bf:d5:ff:9e:59:a2:c1:41:c2:33:9d:e2:48:
                    a0:47:c9:68:6c:23:d5:8f:99:74:95:7d:cf:0a:97:
                    8a:73:9f:c0:a4:fb:3d:20:b1:99:74:81:c7:d4:03:
                    7b:af:10:fb:b7:06:a3:f6:83:3e:47:81:c2:bb:c4:
                    8a:8c:2d:88:b1:87:87:8a:c1:ca:84:58:a1:be:4a:
                    be:e4:74:00:55:2b:ce:86:b0:d0:27:97:d5:a8:71:
                    49:66:c2:b1:a6:7b:af:d4:28:88:94:a5:8b:f7:2b:
                    6e:19:66:8d:79:d5:17:28:26:fd:94:b4:42:f1:81:
                    be:81:e1:7a:8d:e3:a3:f7:3e:da:87:c6:f6:bd:17:
                    72:73:15:8f:32:42:ad:96:45:0d:c3:27:48:e3:78:
                    f9:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:1F:21:C0:C5:46:F7:C3:E4:3F:09:29:6D:17:36:7A:11:05:71:1C
            X509v3 Authority Key Identifier:
                keyid:AD:B3:65:AC:F6:F9:18:49:97:07:DD:A1:3F:03:3E:2C:D6:11:03:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rbNlrPb5GEmXB92hPwM-LNYRAwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/ex8hwMVG98PkPwkpbRc2ehEFcRw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a68387-861a-4b93-a3fc-adadd6295822/1/rbNlrPb5GEmXB92hPwM-LNYRAwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.138.0.0/18
                  185.90.108.0/22
                IPv6:
                  2a05:dcc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         2b:eb:9c:dd:03:76:d2:1b:8f:7f:71:df:bf:cc:c8:86:aa:e8:
         ad:82:03:b0:61:fd:c5:b1:5a:b4:4b:87:3e:d3:4d:9d:dd:98:
         c6:da:a8:76:76:c6:2d:a5:1e:93:3e:3d:2f:23:a4:c0:58:b5:
         47:c4:24:4c:66:fa:a9:93:4c:11:3c:e7:4d:16:ec:f7:36:65:
         5c:47:02:ee:d2:f9:1e:b2:99:fb:50:c1:ff:c2:7b:8b:db:32:
         7a:20:a1:e3:af:6c:f4:e6:f7:24:09:07:8a:6d:db:66:bb:26:
         33:3a:ae:f1:eb:0d:09:3e:19:09:9e:e2:1c:43:69:54:32:83:
         f7:a9:59:df:9d:4a:25:b5:97:47:ef:cb:e1:92:db:dd:14:ad:
         ed:05:5d:ad:8e:f0:4f:1b:1c:9c:b8:13:37:ca:e6:ec:02:6e:
         79:1b:71:3b:f0:49:2e:0a:f5:da:03:8b:23:56:5c:2b:1c:99:
         2e:04:8d:6e:70:e9:c5:f8:07:a5:fb:75:ef:d7:2f:bd:13:fe:
         bf:ac:19:ff:49:25:28:cf:18:81:0d:9c:01:ca:42:6b:30:9c:
         fe:c0:1d:26:81:cd:9a:c5:44:20:96:61:43:07:cd:5b:70:51:
         d9:af:de:1a:64:e5:fd:f2:06:eb:f5:5b:c4:11:58:a7:f6:6b:
         51:61:cd:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxHoCrJY+WqaJd8fx8uU25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYjM2NWFjZjZmOTE4NDk5NzA3ZGRhMTNmMDMzZTJjZDYx
MTAzMDgwHhcNMjMwMTAyMDYxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFmMjFjMGM1NDZmN2MzZTQzZjA5Mjk2ZDE3MzY3YTExMDU3MTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YGgzzbKFetCvLuR2Q4NZW12ZHQN
FRHB4LGXhF2biXtmVApD/TPtaBJoCxfXXMclF+0Z/7eleXn6b3BQo8ym/FY3j94z
mOa3Iy7vEb7YNoHrnpjN0azwGWwEcSD2pKkL5wnRCuUfgDMKl7/V/55ZosFBwjOd
4kigR8lobCPVj5l0lX3PCpeKc5/ApPs9ILGZdIHH1AN7rxD7twaj9oM+R4HCu8SK
jC2IsYeHisHKhFihvkq+5HQAVSvOhrDQJ5fVqHFJZsKxpnuv1CiIlKWL9ytuGWaN
edUXKCb9lLRC8YG+geF6jeOj9z7ah8b2vRdycxWPMkKtlkUNwydI43j5rwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHsfIcDFRvfD5D8JKW0XNnoRBXEcMB8GA1UdIwQY
MBaAFK2zZaz2+RhJlwfdoT8DPizWEQMIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmJObHJQYjVHRW1YQjkyaFB3TS1MTllSQXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hNjgzODctODYxYS00YjkzLWEzZmMt
YWRhZGQ2Mjk1ODIyLzEvZXg4aHdNVkc5OFBrUHdrcGJSYzJlaEVGY1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hNjgzODctODYxYS00YjkzLWEzZmMtYWRhZGQ2Mjk1ODIy
LzEvcmJObHJQYjVHRW1YQjkyaFB3TS1MTllSQXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGW4oAAwQC
uVpsMA0EAgACMAcDBQMqBdzAMA0GCSqGSIb3DQEBCwUAA4IBAQAr65zdA3bSG49/
cd+/zMiGquitggOwYf3FsVq0S4c+002d3ZjG2qh2dsYtpR6TPj0vI6TAWLVHxCRM
Zvqpk0wRPOdNFuz3NmVcRwLu0vkespn7UMH/wnuL2zJ6IKHjr2z05vckCQeKbdtm
uyYzOq7x6w0JPhkJnuIcQ2lUMoP3qVnfnUoltZdH78vhktvdFK3tBV2tjvBPGxyc
uBM3yubsAm55G3E78EkuCvXaA4sjVlwrHJkuBI1ucOnF+Ael+3Xv1y+9E/6/rBn/
SSUozxiBDZwBykJrMJz+wB0mgc2axUQglmFDB81bcFHZr94aZOX98gbr9VvEEVin
9mtRYc2h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:04 2024 by rpki-client on console-fra.rpki-client.org