Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/Sw_6PWzpB-LoYdsHdVg6WHdfNEs.roa
File:                     Sw_6PWzpB-LoYdsHdVg6WHdfNEs.roa (raw, json)
Hash identifier:          dswEpmN0sqC/uJ0fotXyNz1t4gukAIBaBFJVW69gNn8=
Subject key identifier:   4B:0F:FA:3D:6C:E9:07:E2:E8:61:DB:07:75:58:3A:58:77:5F:34:4B
Certificate issuer:       /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial:       0191E6294065A7186E0B68E30285A51F2E71
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/Sw_6PWzpB-LoYdsHdVg6WHdfNEs.roa
Signing time:             Thu 12 Sep 2024 12:15:48 +0000
ROA not before:           Thu 12 Sep 2024 12:15:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        91.216.138.0/24 maxlen: 24
                          91.229.228.0/24 maxlen: 24
                          93.180.208.0/22 maxlen: 24
                          119.13.224.0/20 maxlen: 20
                          193.37.136.0/24 maxlen: 24
                          193.105.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 15 Sep 2024 11:50:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:e6:29:40:65:a7:18:6e:0b:68:e3:02:85:a5:1f:2e:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
        Validity
            Not Before: Sep 12 12:15:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4b0ffa3d6ce907e2e861db0775583a58775f344b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:c0:e1:57:6d:72:81:b0:16:3f:9b:2a:1b:bc:
                    14:6d:f5:60:15:4a:d9:85:dc:03:01:53:79:5b:e5:
                    fb:e2:59:58:3f:d0:06:d8:b9:b7:aa:22:32:8a:44:
                    a8:93:03:58:0b:c2:f1:18:ac:ea:17:f0:78:4b:2b:
                    41:60:80:2c:7a:0f:0e:8f:9b:56:31:2d:c8:35:9c:
                    4f:85:93:9c:8a:a4:59:53:d7:9f:f2:38:03:ef:34:
                    8d:b7:54:b2:00:a0:ec:eb:e4:6f:1a:7b:4b:5c:38:
                    44:ec:ae:d0:9e:cd:85:dd:ad:ee:96:ce:5b:32:8a:
                    42:61:54:c6:3d:61:90:de:d9:54:18:7a:47:b4:77:
                    19:72:99:14:43:95:a2:bc:5e:7f:c7:58:a7:73:16:
                    fd:2d:30:01:3c:0b:0c:6d:72:52:df:a2:be:eb:a8:
                    f9:6c:29:28:1f:f7:f0:7c:47:57:42:a8:d7:39:bb:
                    bf:0d:dc:9d:10:27:05:79:d1:fe:74:66:78:86:76:
                    9a:3f:d2:ee:74:87:7a:52:7f:ab:a6:6d:72:f2:ce:
                    6b:74:b7:f1:0e:86:95:74:20:7f:4f:60:a8:12:ef:
                    8e:fa:68:62:31:b8:03:c6:97:88:f1:d4:a4:b3:09:
                    81:54:1f:60:78:ce:8c:86:49:9e:43:33:aa:a5:51:
                    89:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:0F:FA:3D:6C:E9:07:E2:E8:61:DB:07:75:58:3A:58:77:5F:34:4B
            X509v3 Authority Key Identifier:
                keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/Sw_6PWzpB-LoYdsHdVg6WHdfNEs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.216.138.0/24
                  91.229.228.0/24
                  93.180.208.0/22
                  119.13.224.0/20
                  193.37.136.0/24
                  193.105.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:c4:2a:f3:a4:b7:34:43:20:89:8a:b0:a9:cd:57:4e:f3:d2:
         57:d8:e3:30:84:f3:d0:9d:42:7a:e5:73:c9:2f:58:f6:17:04:
         8a:f3:14:77:5d:f6:dd:9d:04:85:6a:90:5a:cc:28:6e:9f:04:
         e9:9f:58:c9:a5:12:fe:14:e9:aa:de:30:67:be:54:57:ca:79:
         0e:f4:76:6a:5a:36:d6:a9:a7:f3:cc:f3:fc:62:65:c6:ff:df:
         7a:e4:e1:bf:92:fd:03:ac:00:42:ac:1e:8e:3b:b5:8b:eb:f6:
         ae:ca:fe:f9:f7:01:09:bd:83:c8:b3:65:6c:4f:c4:51:7b:13:
         51:1a:3a:d3:26:8e:0d:fa:02:ed:6f:c5:94:db:00:cb:57:00:
         78:e8:66:dc:a8:62:4f:be:28:a5:9b:8d:f4:3b:90:8b:6c:11:
         09:8c:35:32:e8:97:54:0b:f5:17:57:2e:2f:c6:80:77:68:cd:
         34:22:84:6d:78:ee:59:70:2f:26:03:13:c0:35:96:12:f8:20:
         91:34:ea:b9:3c:ba:07:90:2f:b6:9e:07:88:10:3d:0a:47:3e:
         78:20:4d:9d:11:6f:5f:96:e8:48:7e:b3:b3:c7:d2:4a:2f:b7:
         2b:0a:83:bd:83:19:04:68:ce:cb:4f:47:c7:ca:16:9a:56:c5:
         53:ab:ba:55
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZHmKUBlpxhuC2jjAoWlHy5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjQwOTEyMTIxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjBmZmEzZDZjZTkwN2UyZTg2MWRiMDc3NTU4M2E1ODc3NWYzNDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8DhV21ygbAWP5sqG7wUbfVgFUrZ
hdwDAVN5W+X74llYP9AG2Lm3qiIyikSokwNYC8LxGKzqF/B4SytBYIAseg8Oj5tW
MS3INZxPhZOciqRZU9ef8jgD7zSNt1SyAKDs6+RvGntLXDhE7K7Qns2F3a3uls5b
MopCYVTGPWGQ3tlUGHpHtHcZcpkUQ5WivF5/x1incxb9LTABPAsMbXJS36K+66j5
bCkoH/fwfEdXQqjXObu/DdydECcFedH+dGZ4hnaaP9LudId6Un+rpm1y8s5rdLfx
DoaVdCB/T2CoEu+O+mhiMbgDxpeI8dSkswmBVB9geM6MhkmeQzOqpVGJnQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEsP+j1s6Qfi6GHbB3VYOlh3XzRLMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvU3dfNlBXenBCLUxvWWRzSGRWZzZXSGRmTkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW9iKAwQA
W+XkAwQCXbTQAwQEdw3gAwQAwSWIAwQAwWmwMA0GCSqGSIb3DQEBCwUAA4IBAQCg
xCrzpLc0QyCJirCpzVdO89JX2OMwhPPQnUJ65XPJL1j2FwSK8xR3XfbdnQSFapBa
zChunwTpn1jJpRL+FOmq3jBnvlRXynkO9HZqWjbWqafzzPP8YmXG/9965OG/kv0D
rABCrB6OO7WL6/auyv759wEJvYPIs2VsT8RRexNRGjrTJo4N+gLtb8WU2wDLVwB4
6GbcqGJPviilm430O5CLbBEJjDUy6JdUC/UXVy4vxoB3aM00IoRteO5ZcC8mAxPA
NZYS+CCRNOq5PLoHkC+2ngeIED0KRz54IE2dEW9fluhIfrOzx9JKL7crCoO9gxkE
aM7LT0fHyhaaVsVTq7pV
-----END CERTIFICATE-----
Generated at Sun Sep 15 17:46:39 2024 by rpki-client on console-ams.rpki-client.org