Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/b28d89-b89b-4682-b8c7-7ebb6b9e369d/1/U94esLuQmIpkztypkVdpc440S-o.roa
File:                     U94esLuQmIpkztypkVdpc440S-o.roa (raw, json)
Hash identifier:          V2e5W+zv9+Z9fQznvdn+J8piADm0ej1rKJEocsQMKBc=
Subject key identifier:   53:DE:1E:B0:BB:90:98:8A:64:CE:DC:A9:91:57:69:73:8E:34:4B:EA
Certificate issuer:       /CN=dffc49195a439d5b9d7112b336015eee2c944d89
Certificate serial:       0185728373AC3F076324F2DF11C3D8555658
Authority key identifier: DF:FC:49:19:5A:43:9D:5B:9D:71:12:B3:36:01:5E:EE:2C:94:4D:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3_xJGVpDnVudcRKzNgFe7iyUTYk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/b28d89-b89b-4682-b8c7-7ebb6b9e369d/1/U94esLuQmIpkztypkVdpc440S-o.roa
Signing time:             Mon 02 Jan 2023 12:44:55 +0000
ROA not before:           Mon 02 Jan 2023 12:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42398
IP address blocks:        185.193.58.0/24 maxlen: 24
                          185.193.57.0/24 maxlen: 24
                          185.193.56.0/24 maxlen: 24
                          185.193.56.0/22 maxlen: 22
                          185.193.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:83:73:ac:3f:07:63:24:f2:df:11:c3:d8:55:56:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dffc49195a439d5b9d7112b336015eee2c944d89
        Validity
            Not Before: Jan  2 12:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=53de1eb0bb90988a64cedca9915769738e344bea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:40:95:b9:d9:d5:88:4a:4f:2c:7b:a2:99:07:
                    6f:c0:b3:45:c7:95:0f:31:3e:98:fa:69:70:5e:bb:
                    de:7a:e4:6e:86:41:e6:85:1b:5f:a0:65:23:fd:94:
                    06:63:6d:05:c2:47:13:30:bc:a3:3c:20:0d:f0:2c:
                    ad:c7:35:64:ef:c7:60:64:93:04:fd:84:3b:14:af:
                    6e:93:02:0f:af:3b:4a:a1:a7:d3:94:1c:f3:34:46:
                    5d:15:5c:ef:c5:27:43:09:2c:33:89:83:e6:45:4c:
                    51:89:03:15:2a:9f:35:e0:60:b3:7f:61:d1:cb:10:
                    35:dd:c3:85:ff:00:f4:6f:89:36:7f:7f:09:da:51:
                    86:a5:19:09:36:df:d7:69:1a:d0:e7:75:16:94:0e:
                    d0:87:12:e5:7c:fc:f9:d5:11:eb:24:38:71:0b:0b:
                    22:e8:9b:8c:f0:0a:44:15:b2:8f:05:db:29:26:c1:
                    fc:e5:84:34:e7:0b:9d:76:47:47:ff:1a:14:09:51:
                    80:14:95:3b:71:6e:9a:d5:90:12:ff:1d:d5:59:5b:
                    b6:84:7f:42:97:6b:7d:db:ca:9a:78:77:58:82:c5:
                    e2:3d:b5:ec:a6:b6:af:b9:f8:30:59:64:7a:f5:b1:
                    b1:8e:46:91:ee:b0:5a:89:24:a8:3d:a3:1f:cc:26:
                    c2:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:DE:1E:B0:BB:90:98:8A:64:CE:DC:A9:91:57:69:73:8E:34:4B:EA
            X509v3 Authority Key Identifier:
                keyid:DF:FC:49:19:5A:43:9D:5B:9D:71:12:B3:36:01:5E:EE:2C:94:4D:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_xJGVpDnVudcRKzNgFe7iyUTYk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/b28d89-b89b-4682-b8c7-7ebb6b9e369d/1/U94esLuQmIpkztypkVdpc440S-o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/b28d89-b89b-4682-b8c7-7ebb6b9e369d/1/3_xJGVpDnVudcRKzNgFe7iyUTYk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.193.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3d:f7:3c:15:cc:0e:13:08:cb:5a:02:d1:ab:45:bf:c1:bd:fa:
         8e:a0:42:12:9c:cf:54:c3:50:eb:2f:5e:ee:16:ef:f5:c4:69:
         a1:53:2b:78:bf:1e:3a:89:62:f2:bd:c8:a7:34:1e:c7:6a:8f:
         64:35:5d:52:78:a3:f9:d7:9e:6d:61:e0:eb:e3:c4:76:df:af:
         e2:b8:47:ee:07:a3:ee:a5:8c:24:37:69:37:a3:b9:17:30:10:
         03:43:bc:27:c5:03:c2:7f:b9:08:4c:03:92:1c:14:e9:09:8f:
         53:e2:cf:bc:bf:b2:0d:50:ab:12:25:68:8a:37:f2:05:31:23:
         7f:55:4c:26:02:82:c6:d5:1b:25:4c:31:73:9c:be:9d:c3:b7:
         2a:f5:88:e6:b1:a3:0b:cc:cf:18:62:4b:f1:57:c4:25:df:91:
         f9:43:7b:1c:52:aa:35:83:43:58:c4:5e:06:e5:c8:eb:bd:36:
         72:4d:42:8d:7f:d3:10:b1:cf:39:d5:4e:e5:c6:5c:db:40:f2:
         64:d7:e0:e0:9c:a8:fb:ad:13:62:4b:ab:0d:9b:72:3e:33:cd:
         67:2b:71:0a:37:37:2f:c4:4a:31:30:1b:48:f8:bf:da:f8:fd:
         3e:2a:85:f8:cb:6e:45:ed:0d:7f:1a:13:75:e1:54:f1:da:b8:
         d8:f2:3f:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyg3OsPwdjJPLfEcPYVVZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZmM0OTE5NWE0MzlkNWI5ZDcxMTJiMzM2MDE1ZWVlMmM5
NDRkODkwHhcNMjMwMTAyMTI0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2RlMWViMGJiOTA5ODhhNjRjZWRjYTk5MTU3Njk3MzhlMzQ0YmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kCVudnViEpPLHuimQdvwLNFx5UP
MT6Y+mlwXrveeuRuhkHmhRtfoGUj/ZQGY20FwkcTMLyjPCAN8CytxzVk78dgZJME
/YQ7FK9ukwIPrztKoafTlBzzNEZdFVzvxSdDCSwziYPmRUxRiQMVKp814GCzf2HR
yxA13cOF/wD0b4k2f38J2lGGpRkJNt/XaRrQ53UWlA7QhxLlfPz51RHrJDhxCwsi
6JuM8ApEFbKPBdspJsH85YQ05wuddkdH/xoUCVGAFJU7cW6a1ZAS/x3VWVu2hH9C
l2t928qaeHdYgsXiPbXspravufgwWWR69bGxjkaR7rBaiSSoPaMfzCbClwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPeHrC7kJiKZM7cqZFXaXOONEvqMB8GA1UdIwQY
MBaAFN/8SRlaQ51bnXESszYBXu4slE2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM194SkdWcERuVnVkY1JLek5nRmU3aXlVVFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9iMjhkODktYjg5Yi00NjgyLWI4Yzct
N2ViYjZiOWUzNjlkLzEvVTk0ZXNMdVFtSXBrenR5cGtWZHBjNDQwUy1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9iMjhkODktYjg5Yi00NjgyLWI4YzctN2ViYjZiOWUzNjlk
LzEvM194SkdWcERuVnVkY1JLek5nRmU3aXlVVFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucE4MA0G
CSqGSIb3DQEBCwUAA4IBAQA99zwVzA4TCMtaAtGrRb/BvfqOoEISnM9Uw1DrL17u
Fu/1xGmhUyt4vx46iWLyvcinNB7Hao9kNV1SeKP5155tYeDr48R236/iuEfuB6Pu
pYwkN2k3o7kXMBADQ7wnxQPCf7kITAOSHBTpCY9T4s+8v7INUKsSJWiKN/IFMSN/
VUwmAoLG1RslTDFznL6dw7cq9YjmsaMLzM8YYkvxV8Ql35H5Q3scUqo1g0NYxF4G
5cjrvTZyTUKNf9MQsc851U7lxlzbQPJk1+DgnKj7rRNiS6sNm3I+M81nK3EKNzcv
xEoxMBtI+L/a+P0+KoX4y25F7Q1/GhN14VTx2rjY8j/J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:16 2024 by rpki-client on console-ams.rpki-client.org