Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/ao4Jg-YtBttsV6zsExoECx43KSc.roa
File:                     ao4Jg-YtBttsV6zsExoECx43KSc.roa (raw, json)
Hash identifier:          4K9Aa3ktmICTARrYFcOl07Qi/KMkxphC7wdjfBn3xyg=
Subject key identifier:   6A:8E:09:83:E6:2D:06:DB:6C:57:AC:EC:13:1A:04:0B:1E:37:29:27
Certificate issuer:       /CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Certificate serial:       0185C0787B5CDC3185C050E098B51186D562
Authority key identifier: A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/ao4Jg-YtBttsV6zsExoECx43KSc.roa
Signing time:             Tue 17 Jan 2023 16:03:19 +0000
ROA not before:           Tue 17 Jan 2023 16:03:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21419
IP address blocks:        185.4.3.0/24 maxlen: 24
                          185.4.1.0/24 maxlen: 24
                          185.4.2.0/24 maxlen: 24
                          178.21.167.0/29 maxlen: 29
                          178.21.164.0/24 maxlen: 24
                          178.21.166.0/24 maxlen: 24
                          178.21.163.0/24 maxlen: 24
                          178.21.160.0/21 maxlen: 21
                          178.21.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 May 2023 11:12:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:c0:78:7b:5c:dc:31:85:c0:50:e0:98:b5:11:86:d5:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
        Validity
            Not Before: Jan 17 16:03:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a8e0983e62d06db6c57acec131a040b1e372927
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a1:d7:b7:be:13:3b:74:0a:55:9b:f8:f8:b1:
                    ae:03:a7:59:e1:c6:c2:74:ff:50:17:de:42:ce:c0:
                    79:72:17:62:db:eb:24:ae:c5:68:d3:91:ed:ab:8b:
                    90:b4:68:b8:c0:69:09:9a:81:1b:15:76:47:84:04:
                    0c:83:50:86:35:c9:31:b6:57:ea:b9:7f:1b:74:04:
                    ed:34:b1:37:a8:d7:63:e0:31:30:78:7e:a3:3b:ad:
                    70:86:60:7e:ab:fe:54:0d:69:66:9c:13:d2:1d:92:
                    a1:91:a4:4f:de:a5:43:59:6d:ce:6a:20:79:f6:fc:
                    74:06:2a:dc:a5:9d:41:ab:d5:e9:5c:26:06:df:8c:
                    2e:7f:b9:f4:1b:aa:ae:b8:79:04:c6:2f:59:44:65:
                    c3:20:3b:7f:4b:7e:62:7c:e5:7d:1f:31:b7:f5:a7:
                    5e:d7:d8:df:5b:16:52:b7:bf:1e:cf:e2:a7:29:1a:
                    10:7e:4a:2e:cf:67:7e:ea:b1:e6:41:fc:73:c7:4d:
                    d8:95:6b:ba:b4:41:ff:ab:17:6b:79:48:b7:47:56:
                    bf:54:0f:9d:d8:64:4c:95:4b:ea:b3:da:d9:d6:ce:
                    a1:f0:bf:99:d1:b6:bf:5c:fb:ec:a5:fb:21:7c:c6:
                    2a:3f:3a:c0:c8:87:79:2d:d3:e3:a4:33:a6:b0:d5:
                    c8:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:8E:09:83:E6:2D:06:DB:6C:57:AC:EC:13:1A:04:0B:1E:37:29:27
            X509v3 Authority Key Identifier:
                keyid:A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/ao4Jg-YtBttsV6zsExoECx43KSc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/oJzYxxpuMygsBF2PiMOzeKz0G9k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.21.160.0/21
                  185.4.1.0-185.4.3.255

    Signature Algorithm: sha256WithRSAEncryption
         04:fc:42:5a:04:76:7b:74:b9:37:48:38:1d:25:44:64:2e:0b:
         c4:e0:0f:56:1c:73:5c:85:ad:2a:46:c3:28:7c:25:e4:5f:88:
         4c:28:5a:21:5c:05:b4:6d:9c:d5:04:df:1b:47:64:29:ab:1a:
         a2:00:ac:c1:cb:8a:76:60:e4:d0:d0:01:06:37:15:08:8a:2a:
         8a:fa:a6:c9:04:97:24:f0:eb:d7:9c:ad:d7:4c:85:bd:40:59:
         9e:cc:a2:e2:89:b3:9a:a5:7f:72:cb:a4:1d:1c:b3:86:05:27:
         b9:54:5b:49:90:ff:36:c4:ab:b9:1e:f2:87:fd:fd:70:df:5a:
         c8:25:76:e8:17:eb:6f:c9:5f:d7:a3:7d:ad:7f:81:d5:48:f9:
         5d:4f:4e:cf:1c:ad:32:4c:be:21:5d:6b:e0:6f:df:06:67:5d:
         d5:6b:f9:0c:9e:c6:b7:4f:fe:32:5b:b3:a2:9d:25:7b:39:4c:
         18:1d:dc:ff:2b:0c:b3:2c:eb:b6:c8:c9:f3:42:29:85:66:b6:
         75:5b:f5:ba:10:2b:1c:7a:1b:f9:87:9f:13:06:94:3a:bb:cf:
         23:6c:d2:59:b6:e7:1f:7c:11:c4:f4:fd:e3:e4:8a:c8:27:c8:
         8d:50:20:7f:0a:d0:dd:89:5d:12:ab:d0:74:da:ad:24:b6:bf:
         16:15:0c:19
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYXAeHtc3DGFwFDgmLURhtViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWNkOGM3MWE2ZTMzMjgyYzA0NWQ4Zjg4YzNiMzc4YWNm
NDFiZDkwHhcNMjMwMTE3MTYwMzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YThlMDk4M2U2MmQwNmRiNmM1N2FjZWMxMzFhMDQwYjFlMzcyOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaHXt74TO3QKVZv4+LGuA6dZ4cbC
dP9QF95CzsB5chdi2+skrsVo05Htq4uQtGi4wGkJmoEbFXZHhAQMg1CGNckxtlfq
uX8bdATtNLE3qNdj4DEweH6jO61whmB+q/5UDWlmnBPSHZKhkaRP3qVDWW3OaiB5
9vx0BircpZ1Bq9XpXCYG34wuf7n0G6quuHkExi9ZRGXDIDt/S35ifOV9HzG39ade
19jfWxZSt78ez+KnKRoQfkouz2d+6rHmQfxzx03YlWu6tEH/qxdreUi3R1a/VA+d
2GRMlUvqs9rZ1s6h8L+Z0ba/XPvspfshfMYqPzrAyId5LdPjpDOmsNXIvQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGqOCYPmLQbbbFes7BMaBAseNyknMB8GA1UdIwQY
MBaAFKCc2McabjMoLARdj4jDs3is9BvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMt
NmU4ZTA3ZDY2YzliLzEvYW80SmctWXRCdHRzVjZ6c0V4b0VDeDQzS1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMtNmU4ZTA3ZDY2Yzli
LzEvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDshWgMAwD
BAC5BAEDBAK5BAAwDQYJKoZIhvcNAQELBQADggEBAAT8QloEdnt0uTdIOB0lRGQu
C8TgD1Ycc1yFrSpGwyh8JeRfiEwoWiFcBbRtnNUE3xtHZCmrGqIArMHLinZg5NDQ
AQY3FQiKKor6pskElyTw69ecrddMhb1AWZ7MouKJs5qlf3LLpB0cs4YFJ7lUW0mQ
/zbEq7ke8of9/XDfWsgldugX62/JX9ejfa1/gdVI+V1PTs8crTJMviFda+Bv3wZn
XdVr+QyexrdP/jJbs6KdJXs5TBgd3P8rDLMs67bIyfNCKYVmtnVb9boQKxx6G/mH
nxMGlDq7zyNs0lm25x98EcT0/ePkisgnyI1QIH8K0N2JXRKr0HTarSS2vxYVDBk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:57 2024 by rpki-client on console-ams.rpki-client.org