Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/iec8DO3SBKR6Nk0JCD1BTgfzf7o.roa
File:                     iec8DO3SBKR6Nk0JCD1BTgfzf7o.roa (raw, json)
Hash identifier:          TvYX56LKC/qYxKbYPJRaq3l15j5ZLe7Xa8QqY1XOa+M=
Subject key identifier:   89:E7:3C:0C:ED:D2:04:A4:7A:36:4D:09:08:3D:41:4E:07:F3:7F:BA
Certificate issuer:       /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial:       018570152FC6E1AA4F4655F69FB07042F733
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/iec8DO3SBKR6Nk0JCD1BTgfzf7o.roa
Signing time:             Mon 02 Jan 2023 01:25:14 +0000
ROA not before:           Mon 02 Jan 2023 01:25:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198414
IP address blocks:        185.25.148.0/22 maxlen: 24
                          185.5.96.0/22 maxlen: 24
                          193.17.184.0/24 maxlen: 24
                          91.234.146.0/24 maxlen: 24
                          91.239.66.0/23 maxlen: 24
                          91.228.196.0/22 maxlen: 24
                          185.180.204.0/22 maxlen: 24
                          185.201.112.0/22 maxlen: 24
                          185.193.112.0/22 maxlen: 22
                          91.237.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 16 Aug 2023 23:03:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:15:2f:c6:e1:aa:4f:46:55:f6:9f:b0:70:42:f7:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
        Validity
            Not Before: Jan  2 01:25:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=89e73c0cedd204a47a364d09083d414e07f37fba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:f3:be:cf:d9:52:4e:c1:0a:29:ad:1c:a2:3b:
                    06:45:89:01:da:1f:47:20:0f:1f:da:ac:98:df:25:
                    a0:d5:a0:43:a4:27:0d:ef:d4:e7:e5:9c:7c:48:7d:
                    45:89:bc:86:db:63:0a:54:87:1b:f8:8f:16:6a:53:
                    ed:0e:bd:08:f4:d1:c1:76:5e:47:a6:8d:b0:c5:6e:
                    d3:d5:d0:b6:21:17:26:0c:8c:b9:1b:bf:b3:02:3f:
                    0d:a8:25:f8:3c:57:f2:31:35:6d:87:eb:b4:7b:f3:
                    f3:38:c5:8a:f3:ec:80:f2:9a:0e:55:65:ca:e6:5c:
                    45:be:98:dc:0e:62:c1:01:c2:f1:19:3f:aa:bc:23:
                    01:d6:35:9b:af:35:06:73:54:a5:e0:93:23:08:88:
                    67:1e:01:19:c1:1a:f0:75:3c:e8:ad:2d:88:c1:b1:
                    d3:e2:0a:59:bd:dd:2b:db:dd:4a:ee:1e:22:79:29:
                    7b:31:19:66:1f:75:7f:53:96:4a:fc:22:57:0f:3c:
                    e8:b7:ce:30:75:25:34:2a:6e:92:31:47:32:95:99:
                    6c:8c:16:8c:cb:7c:91:0a:cc:a2:68:f6:66:63:44:
                    e3:f7:77:d8:be:2d:08:94:70:02:9d:dd:97:a1:dc:
                    e0:1d:01:67:30:75:5a:d3:ef:66:4c:fe:06:c0:39:
                    20:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:E7:3C:0C:ED:D2:04:A4:7A:36:4D:09:08:3D:41:4E:07:F3:7F:BA
            X509v3 Authority Key Identifier:
                keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/iec8DO3SBKR6Nk0JCD1BTgfzf7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.228.196.0/22
                  91.234.146.0/24
                  91.237.52.0/24
                  91.239.66.0/23
                  185.5.96.0/22
                  185.25.148.0/22
                  185.180.204.0/22
                  185.193.112.0/22
                  185.201.112.0/22
                  193.17.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:6e:84:a6:8c:81:4d:5f:4a:67:dc:b9:5d:1b:57:9d:10:c0:
         7e:27:48:e1:27:af:56:ee:e0:f3:60:3d:23:52:75:40:7a:5f:
         02:0b:77:ba:ce:2e:10:12:d5:d2:76:16:51:5a:6c:9e:79:18:
         9f:d6:e5:13:c5:3c:6e:b7:e3:48:d3:7c:a8:3d:4d:7b:8e:41:
         35:d3:b1:8d:5e:ae:d1:30:f5:93:84:a2:1c:07:c5:a2:af:c9:
         1f:b3:99:ce:75:48:86:3c:00:95:d1:0c:a1:1a:54:47:4f:42:
         a6:fc:d0:35:66:7c:cd:47:c4:da:ee:2a:cc:8c:28:6c:31:95:
         29:a7:41:8d:92:25:02:4e:02:ec:77:82:17:a2:6b:d3:84:dd:
         12:6f:09:74:68:e5:68:6c:63:80:fd:63:ec:e6:02:c4:c5:e5:
         b7:7c:97:1a:6a:23:a0:c3:cc:19:c4:4d:b2:ba:77:29:07:8b:
         64:bf:67:37:37:93:bf:e6:f7:91:1a:08:aa:16:90:9e:ff:a5:
         ed:9f:0e:6e:52:a9:1d:d0:75:da:38:da:c4:3c:c0:f3:76:54:
         cc:a1:8d:11:96:02:cb:ad:1b:8f:bd:b0:42:8a:2f:3c:bb:22:
         77:59:8a:25:94:db:21:9a:d4:91:70:92:14:bd:47:df:76:32:
         b0:a0:89:eb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVwFS/G4apPRlX2n7BwQvczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjMwMTAyMDEyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWU3M2MwY2VkZDIwNGE0N2EzNjRkMDkwODNkNDE0ZTA3ZjM3ZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPO+z9lSTsEKKa0cojsGRYkB2h9H
IA8f2qyY3yWg1aBDpCcN79Tn5Zx8SH1FibyG22MKVIcb+I8WalPtDr0I9NHBdl5H
po2wxW7T1dC2IRcmDIy5G7+zAj8NqCX4PFfyMTVth+u0e/PzOMWK8+yA8poOVWXK
5lxFvpjcDmLBAcLxGT+qvCMB1jWbrzUGc1Sl4JMjCIhnHgEZwRrwdTzorS2IwbHT
4gpZvd0r291K7h4ieSl7MRlmH3V/U5ZK/CJXDzzot84wdSU0Km6SMUcylZlsjBaM
y3yRCsyiaPZmY0Tj93fYvi0IlHACnd2XodzgHQFnMHVa0+9mTP4GwDkgZQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFInnPAzt0gSkejZNCQg9QU4H83+6MB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvaWVjOERPM1NCS1I2TmswSkNEMUJUZ2Z6ZjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCW+TEAwQA
W+qSAwQAW+00AwQBW+9CAwQCuQVgAwQCuRmUAwQCubTMAwQCucFwAwQCuclwAwQA
wRG4MA0GCSqGSIb3DQEBCwUAA4IBAQABboSmjIFNX0pn3LldG1edEMB+J0jhJ69W
7uDzYD0jUnVAel8CC3e6zi4QEtXSdhZRWmyeeRif1uUTxTxut+NI03yoPU17jkE1
07GNXq7RMPWThKIcB8Wir8kfs5nOdUiGPACV0QyhGlRHT0Km/NA1ZnzNR8Ta7irM
jChsMZUpp0GNkiUCTgLsd4IXomvThN0Sbwl0aOVobGOA/WPs5gLExeW3fJcaaiOg
w8wZxE2yuncpB4tkv2c3N5O/5veRGgiqFpCe/6Xtnw5uUqkd0HXaONrEPMDzdlTM
oY0RlgLLrRuPvbBCii88uyJ3WYollNshmtSRcJIUvUffdjKwoInr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:10 2024 by rpki-client on console-ams.rpki-client.org