Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/Kxx94HR0dUJVI3pYC8PgzP_5Dvg.roa
File:                     Kxx94HR0dUJVI3pYC8PgzP_5Dvg.roa (raw, json)
Hash identifier:          NjZwXDtQFDj9zujt/0hIKVKahNV4Vuw3iBpm+t3Onbo=
Subject key identifier:   2B:1C:7D:E0:74:74:75:42:55:23:7A:58:0B:C3:E0:CC:FF:F9:0E:F8
Certificate issuer:       /CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Certificate serial:       018570303724906AF259019F97D22A5B0900
Authority key identifier: 54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/Kxx94HR0dUJVI3pYC8PgzP_5Dvg.roa
Signing time:             Mon 02 Jan 2023 01:54:46 +0000
ROA not before:           Mon 02 Jan 2023 01:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49544
IP address blocks:        185.189.181.0/24 maxlen: 24
                          185.189.180.0/24 maxlen: 24
                          185.189.183.0/24 maxlen: 24
                          185.189.182.0/24 maxlen: 24
                          2a0b:f380::/48 maxlen: 48
                          2a0b:f380:3e8::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:30:37:24:90:6a:f2:59:01:9f:97:d2:2a:5b:09:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
        Validity
            Not Before: Jan  2 01:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2b1c7de07474754255237a580bc3e0ccfff90ef8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:2b:0a:6d:31:d5:0e:55:0c:85:1d:a3:d9:48:
                    0c:d7:4b:c5:04:14:15:ff:6b:cd:90:46:d7:85:e1:
                    8c:12:d8:e2:e5:9a:14:0d:60:a1:9f:00:2c:8c:48:
                    de:56:0e:29:a3:8e:00:e9:4f:e9:df:d2:cf:69:9e:
                    68:06:3d:bf:45:a7:85:e6:d6:5d:30:5d:c0:c5:ff:
                    2a:e4:92:38:f5:ec:9a:0b:b0:cf:82:ec:73:a7:c2:
                    2d:4a:e5:cd:75:03:a4:ca:d7:2a:8d:bb:91:56:cd:
                    fe:af:42:97:b0:2e:60:24:b5:e8:9b:23:cf:28:a2:
                    d0:7e:26:02:eb:da:61:08:aa:c9:02:ec:99:6d:4a:
                    74:9a:e6:74:0a:04:4c:a1:1a:23:2f:4d:60:95:cf:
                    59:4c:09:c9:d9:78:04:37:5b:9b:c4:4f:e5:6f:1e:
                    75:95:e1:56:a5:77:96:fb:06:9d:6c:27:6f:e2:49:
                    59:7b:ef:e3:31:93:da:ad:49:a6:ba:85:39:99:f4:
                    1f:9f:f8:72:c0:9c:02:30:eb:72:e3:d6:88:53:4c:
                    94:2d:bd:37:a3:b9:f3:2c:4b:b9:da:f8:eb:50:e3:
                    3e:cf:c0:35:c9:45:b8:7a:44:fc:39:45:45:58:84:
                    76:f1:12:2c:9c:69:35:83:d3:a2:b3:bd:ba:19:eb:
                    30:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:1C:7D:E0:74:74:75:42:55:23:7A:58:0B:C3:E0:CC:FF:F9:0E:F8
            X509v3 Authority Key Identifier:
                keyid:54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/Kxx94HR0dUJVI3pYC8PgzP_5Dvg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.189.180.0/22
                IPv6:
                  2a0b:f380::/48
                  2a0b:f380:3e8::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:ec:46:89:f5:c6:a5:1b:c2:fc:7b:d0:e3:c5:83:2a:8d:73:
         52:ff:38:9f:48:87:bc:27:9c:df:9f:6b:41:1c:32:54:49:27:
         05:ed:03:0c:11:0e:6b:f3:ab:11:fa:40:1a:36:8b:39:33:3a:
         ab:4e:4c:86:1f:98:92:b7:09:52:3b:8d:a1:ef:7c:2a:38:22:
         8d:59:df:a7:14:7a:68:72:6c:be:35:fb:fa:62:29:b2:4d:f1:
         a1:01:08:25:66:ad:81:aa:33:d4:f7:ec:79:6e:a4:d4:76:1e:
         ea:69:cf:3a:7f:5e:42:73:75:f5:fd:72:be:93:ac:7e:61:56:
         fe:49:bb:aa:0c:49:1b:d5:12:3a:a0:a8:0f:b3:6b:43:f5:93:
         e3:a7:8d:8a:44:0e:bc:79:c6:4c:31:82:8d:d4:ae:ac:bc:f4:
         ab:78:5d:ea:fe:c4:35:1a:86:0d:b8:be:f2:d5:f7:b9:3a:37:
         61:cc:2c:13:4c:bc:bc:28:58:bf:4d:1e:25:31:eb:f6:3a:83:
         3b:df:dd:ce:d4:5c:0c:27:08:a2:cd:4d:35:3e:86:45:a3:22:
         3e:f5:8f:20:43:e1:57:d3:e9:d0:a2:46:6b:2b:5f:0d:1f:11:
         12:c2:cd:7f:a9:09:ea:3d:bb:d5:b1:f2:6a:a3:47:f5:81:1a:
         99:e5:e1:b7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVwMDckkGryWQGfl9IqWwkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDNlNWY4NDA1ZDYwODViOGRmNGJmY2UxZGQ5YmIzZTc4
YzIxOTkwHhcNMjMwMTAyMDE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjFjN2RlMDc0NzQ3NTQyNTUyMzdhNTgwYmMzZTBjY2ZmZjkwZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiisKbTHVDlUMhR2j2UgM10vFBBQV
/2vNkEbXheGMEtji5ZoUDWChnwAsjEjeVg4po44A6U/p39LPaZ5oBj2/RaeF5tZd
MF3Axf8q5JI49eyaC7DPguxzp8ItSuXNdQOkytcqjbuRVs3+r0KXsC5gJLXomyPP
KKLQfiYC69phCKrJAuyZbUp0muZ0CgRMoRojL01glc9ZTAnJ2XgEN1ubxE/lbx51
leFWpXeW+wadbCdv4klZe+/jMZParUmmuoU5mfQfn/hywJwCMOty49aIU0yULb03
o7nzLEu52vjrUOM+z8A1yUW4ekT8OUVFWIR28RIsnGk1g9Ois726Gesw9wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCscfeB0dHVCVSN6WAvD4Mz/+Q74MB8GA1UdIwQY
MBaAFFQD5fhAXWCFuN9L/OHdm7PnjCGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAt
MTVhNDJhYzllZmE4LzEvS3h4OTRIUjBkVUpWSTNwWUM4UGd6UF81RHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hZWU4ZDktMjFlZC00ZGI3LWJkNzAtMTVhNDJhYzllZmE4
LzEvVkFQbC1FQmRZSVc0MzB2ODRkMmJzLWVNSVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCub20MBgE
AgACMBIDBwAqC/OAAAADBwAqC/OAA+gwDQYJKoZIhvcNAQELBQADggEBAEDsRon1
xqUbwvx70OPFgyqNc1L/OJ9Ih7wnnN+fa0EcMlRJJwXtAwwRDmvzqxH6QBo2izkz
OqtOTIYfmJK3CVI7jaHvfCo4Io1Z36cUemhybL41+/piKbJN8aEBCCVmrYGqM9T3
7HlupNR2Huppzzp/XkJzdfX9cr6TrH5hVv5Ju6oMSRvVEjqgqA+za0P1k+OnjYpE
Drx5xkwxgo3Urqy89Kt4Xer+xDUahg24vvLV97k6N2HMLBNMvLwoWL9NHiUx6/Y6
gzvf3c7UXAwnCKLNTTU+hkWjIj71jyBD4VfT6dCiRmsrXw0fERLCzX+pCeo9u9Wx
8mqjR/WBGpnl4bc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:29 2024 by rpki-client on console-ams.rpki-client.org