Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/FV4zHIgWYXCbd7cumRFW2BiiWok.roa
File:                     FV4zHIgWYXCbd7cumRFW2BiiWok.roa (raw, json)
Hash identifier:          HzqMBYJJtliwA/6l74zMuTR6KrzdUKWB0yVXr+lA8SM=
Subject key identifier:   15:5E:33:1C:88:16:61:70:9B:77:B7:2E:99:11:56:D8:18:A2:5A:89
Certificate issuer:       /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial:       018CC50064B076B4C2332D4B4A846BFC7320
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/FV4zHIgWYXCbd7cumRFW2BiiWok.roa
Signing time:             Mon 01 Jan 2024 12:29:46 +0000
ROA not before:           Mon 01 Jan 2024 12:29:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47820
IP address blocks:        185.148.224.0/22 maxlen: 24
                          109.234.0.0/21 maxlen: 24
                          91.205.116.0/22 maxlen: 24
                          193.242.174.0/23 maxlen: 24
                          2a07:6200::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 27 May 2024 14:25:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:64:b0:76:b4:c2:33:2d:4b:4a:84:6b:fc:73:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
        Validity
            Not Before: Jan  1 12:29:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=155e331c881661709b77b72e991156d818a25a89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:30:39:7a:e6:fc:5f:7d:c4:e5:9f:80:a3:92:
                    b5:b4:c6:c9:2a:d1:73:81:16:a1:a3:a0:48:3d:fa:
                    3d:8f:c6:94:8f:c3:94:8a:cf:2e:50:21:36:a3:bf:
                    5c:56:4e:c2:5d:8d:cf:cd:c0:be:89:d2:e8:59:68:
                    ce:ef:36:e0:9a:5f:97:01:af:9e:04:27:2f:91:32:
                    a6:1d:c7:c4:64:16:85:f1:40:3c:f8:d0:aa:2d:1a:
                    40:44:f8:b0:b0:4b:b7:5d:78:fb:00:7f:92:2f:ad:
                    bf:a6:1f:a8:25:93:6b:80:c6:ec:89:86:3c:3e:c8:
                    b0:b0:dd:e8:88:7c:a0:15:8f:76:88:19:be:99:0d:
                    24:a5:e5:c6:e1:9a:1f:04:b2:e1:4f:bb:c2:74:ed:
                    13:70:bb:7c:af:79:66:b3:03:e5:77:51:ec:5b:15:
                    2d:00:80:23:b7:72:09:b8:a5:ad:80:3d:92:66:46:
                    24:e8:82:32:b7:d6:12:89:55:8c:36:22:22:50:b6:
                    20:20:49:d9:a3:49:d5:fd:5b:23:c0:81:f2:3f:0b:
                    c4:57:4d:2b:ba:69:db:95:bf:33:50:22:c1:71:9d:
                    74:15:34:87:d2:02:d4:71:e3:93:8b:f8:d2:aa:b3:
                    cc:89:fc:58:53:5f:9d:cd:74:3e:4c:f5:d2:76:dc:
                    3f:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:5E:33:1C:88:16:61:70:9B:77:B7:2E:99:11:56:D8:18:A2:5A:89
            X509v3 Authority Key Identifier:
                keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/FV4zHIgWYXCbd7cumRFW2BiiWok.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.205.116.0/22
                  109.234.0.0/21
                  185.148.224.0/22
                  193.242.174.0/23
                IPv6:
                  2a07:6200::/29

    Signature Algorithm: sha256WithRSAEncryption
         98:6c:92:5b:59:81:67:d4:b6:8d:66:68:c5:22:f6:e2:fe:0b:
         4e:a0:90:31:db:4b:4d:2d:b5:53:82:56:0a:b9:7a:6a:db:a9:
         dc:c5:3c:7b:c1:ca:42:ea:ca:b7:e7:68:e8:c3:67:f3:68:4f:
         1f:bb:fe:c4:e3:cb:e3:b6:7f:f4:cd:ff:66:9b:29:d8:bd:25:
         cd:af:e5:ee:5e:83:93:a1:82:f0:95:ac:45:eb:1e:ed:85:61:
         0a:4b:e8:93:e1:4a:f9:e8:64:0a:71:27:13:9a:1f:73:d5:fc:
         70:51:6f:a7:c6:a9:2d:98:e3:2a:96:cc:e1:86:e9:ca:32:88:
         ff:8a:58:d8:a3:a7:9f:7c:d3:30:06:83:13:c0:0f:12:f0:62:
         17:48:4a:8a:f7:e9:b4:45:3b:6f:23:6b:f2:5a:5c:1d:bf:83:
         db:2b:eb:6f:9b:be:fb:03:81:5d:99:83:65:4b:7c:cd:bc:09:
         39:b4:6c:59:22:ed:9b:b5:07:49:24:5b:6e:4a:e0:90:4a:ce:
         f2:dd:04:82:eb:6f:75:66:95:02:6b:0d:40:11:59:fd:bc:7e:
         ec:12:eb:bb:c7:a1:1a:df:54:f5:02:ec:29:5a:88:c2:ce:b5:
         37:3e:ea:17:21:59:60:25:e2:a6:f3:6d:19:81:fe:e5:56:cc:
         e6:8c:27:79
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAGSwdrTCMy1LSoRr/HMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjQwMTAxMTIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTVlMzMxYzg4MTY2MTcwOWI3N2I3MmU5OTExNTZkODE4YTI1YTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujA5eub8X33E5Z+Ao5K1tMbJKtFz
gRaho6BIPfo9j8aUj8OUis8uUCE2o79cVk7CXY3PzcC+idLoWWjO7zbgml+XAa+e
BCcvkTKmHcfEZBaF8UA8+NCqLRpARPiwsEu3XXj7AH+SL62/ph+oJZNrgMbsiYY8
PsiwsN3oiHygFY92iBm+mQ0kpeXG4ZofBLLhT7vCdO0TcLt8r3lmswPld1HsWxUt
AIAjt3IJuKWtgD2SZkYk6IIyt9YSiVWMNiIiULYgIEnZo0nV/VsjwIHyPwvEV00r
umnblb8zUCLBcZ10FTSH0gLUceOTi/jSqrPMifxYU1+dzXQ+TPXSdtw/3QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBVeMxyIFmFwm3e3LpkRVtgYolqJMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvRlY0ekhJZ1dZWENiZDdjdW1SRlcyQmlpV29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA0EAgACMAcDBQMqB2IAMA0GCSqGSIb3DQEBCwUAA4IB
AQCYbJJbWYFn1LaNZmjFIvbi/gtOoJAx20tNLbVTglYKuXpq26ncxTx7wcpC6sq3
52jow2fzaE8fu/7E48vjtn/0zf9mmynYvSXNr+XuXoOToYLwlaxF6x7thWEKS+iT
4Ur56GQKcScTmh9z1fxwUW+nxqktmOMqlszhhunKMoj/iljYo6effNMwBoMTwA8S
8GIXSEqK9+m0RTtvI2vyWlwdv4PbK+tvm777A4FdmYNlS3zNvAk5tGxZIu2btQdJ
JFtuSuCQSs7y3QSC6291ZpUCaw1AEVn9vH7sEuu7x6Ea31T1AuwpWojCzrU3PuoX
IVlgJeKm820Zgf7lVszmjCd5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:51 2024 by rpki-client on console-fra.rpki-client.org