Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/9hhZxdUe8XYGXYGnwlpCEI3DnOI.roa
File:                     9hhZxdUe8XYGXYGnwlpCEI3DnOI.roa (raw, json)
Hash identifier:          dW1bo1QQIZN1EJPSNr8BKFeo/SUZ9T2qHpD/OrJsQFo=
Subject key identifier:   F6:18:59:C5:D5:1E:F1:76:06:5D:81:A7:C2:5A:42:10:8D:C3:9C:E2
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       018CC56E1C5119DC2C7A52D92683DC2121B0
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/9hhZxdUe8XYGXYGnwlpCEI3DnOI.roa
Signing time:             Mon 01 Jan 2024 14:29:36 +0000
ROA not before:           Mon 01 Jan 2024 14:29:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     264825
IP address blocks:        185.181.32.0/22 maxlen: 22
                          185.181.35.0/24 maxlen: 24
                          185.181.33.0/24 maxlen: 24
                          185.181.32.0/23 maxlen: 23
                          185.181.34.0/23 maxlen: 23
                          185.181.32.0/24 maxlen: 24
                          185.181.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 Jul 2024 15:05:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:1c:51:19:dc:2c:7a:52:d9:26:83:dc:21:21:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 14:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f61859c5d51ef176065d81a7c25a42108dc39ce2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:36:1f:0a:f2:b6:28:4d:b2:f0:f2:01:91:cd:
                    6d:69:79:e9:29:a9:43:71:af:6b:62:4a:16:0a:32:
                    2f:34:45:c8:61:74:95:49:bd:e7:15:14:8c:7c:4c:
                    ad:7a:c2:6e:90:1c:09:25:10:f9:e4:1b:e8:c7:18:
                    06:d0:82:bb:c5:29:e3:d6:a6:c5:64:44:f6:28:c0:
                    5f:07:16:9e:ca:44:a4:0c:c5:02:04:e4:10:73:f6:
                    f4:77:b3:31:3b:51:5e:20:c7:a0:6b:58:f9:50:8a:
                    e8:07:e9:15:eb:dd:4f:18:f7:7b:8b:a5:2a:9b:48:
                    f5:95:ab:ef:dd:db:66:46:8e:de:f7:cf:69:5d:5a:
                    0a:e6:30:e1:dd:d4:2f:5c:3c:43:60:35:90:76:a9:
                    b2:1f:dd:25:b4:2a:a6:b1:ec:74:da:28:30:7e:8d:
                    56:67:a2:d6:f0:ef:b9:10:90:14:c5:08:e4:b7:b8:
                    55:a4:c4:06:52:5d:c8:8a:94:0e:95:05:d5:56:1f:
                    06:6b:03:3e:cc:38:44:87:f8:bc:aa:e6:21:48:d3:
                    06:08:80:d1:5a:a7:49:a7:bc:08:6e:00:b3:6a:39:
                    99:e7:55:dc:93:b8:b7:95:be:8b:4b:74:39:78:20:
                    58:a9:65:87:38:45:a7:36:55:f3:08:46:34:32:aa:
                    50:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:18:59:C5:D5:1E:F1:76:06:5D:81:A7:C2:5A:42:10:8D:C3:9C:E2
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/9hhZxdUe8XYGXYGnwlpCEI3DnOI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.181.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:2c:a9:63:af:32:9b:d4:7a:c6:be:4b:d2:ff:a4:63:72:59:
         7b:9b:31:d2:9b:76:33:b6:3e:6e:c9:71:73:ce:1a:f1:d4:20:
         08:1b:de:d3:9f:0e:7a:09:b9:a7:93:b2:15:67:4a:f4:fc:a7:
         70:c7:dd:7e:8e:0f:70:88:8b:7a:82:3f:1a:d3:11:ea:dc:2e:
         ba:5f:3d:9e:0b:c2:cc:9f:37:58:21:d5:09:f4:54:f2:a9:cf:
         3f:4f:03:fd:67:ef:02:a8:bd:e5:da:ce:ce:64:1b:7b:f6:5e:
         a5:72:c9:75:aa:91:9d:1e:24:b5:29:9d:fa:65:df:c7:58:50:
         95:27:b8:cd:1e:c3:eb:37:09:c1:18:0a:84:22:80:2f:28:e0:
         da:75:48:85:09:59:0b:1e:cc:ba:91:5b:bb:bc:bf:b6:a9:24:
         b2:2a:f6:8a:e8:b2:57:e7:57:fd:f6:6e:2d:01:30:04:dd:6b:
         74:7f:79:bd:be:92:1d:ab:a8:43:ef:3c:d3:63:cd:93:5c:f2:
         24:94:92:a8:2e:05:70:8a:66:01:09:96:59:ee:99:2c:13:30:
         48:3c:52:43:80:9a:0a:aa:f6:42:0d:8e:5f:38:50:67:9a:1e:
         fe:dc:f6:43:02:c4:ad:c1:7b:c6:e9:db:19:79:85:75:5e:fc:
         9d:a5:ac:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbhxRGdwselLZJoPcISGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE4NTljNWQ1MWVmMTc2MDY1ZDgxYTdjMjVhNDIxMDhkYzM5Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzYfCvK2KE2y8PIBkc1taXnpKalD
ca9rYkoWCjIvNEXIYXSVSb3nFRSMfEytesJukBwJJRD55BvoxxgG0IK7xSnj1qbF
ZET2KMBfBxaeykSkDMUCBOQQc/b0d7MxO1FeIMega1j5UIroB+kV691PGPd7i6Uq
m0j1lavv3dtmRo7e989pXVoK5jDh3dQvXDxDYDWQdqmyH90ltCqmsex02igwfo1W
Z6LW8O+5EJAUxQjkt7hVpMQGUl3IipQOlQXVVh8GawM+zDhEh/i8quYhSNMGCIDR
WqdJp7wIbgCzajmZ51Xck7i3lb6LS3Q5eCBYqWWHOEWnNlXzCEY0MqpQgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPYYWcXVHvF2Bl2Bp8JaQhCNw5ziMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvOWhoWnhkVWU4WFlHWFlHbndscENFSTNEbk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubUgMA0G
CSqGSIb3DQEBCwUAA4IBAQByLKljrzKb1HrGvkvS/6Rjcll7mzHSm3Yztj5uyXFz
zhrx1CAIG97Tnw56Cbmnk7IVZ0r0/Kdwx91+jg9wiIt6gj8a0xHq3C66Xz2eC8LM
nzdYIdUJ9FTyqc8/TwP9Z+8CqL3l2s7OZBt79l6lcsl1qpGdHiS1KZ36Zd/HWFCV
J7jNHsPrNwnBGAqEIoAvKODadUiFCVkLHsy6kVu7vL+2qSSyKvaK6LJX51f99m4t
ATAE3Wt0f3m9vpIdq6hD7zzTY82TXPIklJKoLgVwimYBCZZZ7pksEzBIPFJDgJoK
qvZCDY5fOFBnmh7+3PZDAsStwXvG6dsZeYV1XvydpayP
-----END CERTIFICATE-----
Generated at Thu Jul 18 18:50:15 2024 by rpki-client on console-fra.rpki-client.org