Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/ApmUwD6Tw0N8MSJag9BGqh8L_pQ.roa
File:                     ApmUwD6Tw0N8MSJag9BGqh8L_pQ.roa (raw, json)
Hash identifier:          puV7rbsnMb76i6QXQ8HXdmJtgUnYAMbe8LI0gNkwuOs=
Subject key identifier:   02:99:94:C0:3E:93:C3:43:7C:31:22:5A:83:D0:46:AA:1F:0B:FE:94
Certificate issuer:       /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial:       0187A545B469975208113882FAA500B5BED2
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/ApmUwD6Tw0N8MSJag9BGqh8L_pQ.roa
Signing time:             Fri 21 Apr 2023 19:23:41 +0000
ROA not before:           Fri 21 Apr 2023 19:23:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     32475
IP address blocks:        185.225.236.0/22 maxlen: 24
                          185.197.129.0/24 maxlen: 24
                          185.197.130.0/24 maxlen: 24
                          185.197.128.0/24 maxlen: 24
                          185.197.131.0/24 maxlen: 24
                          2a04:f280::/40 maxlen: 64

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:a5:45:b4:69:97:52:08:11:38:82:fa:a5:00:b5:be:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
        Validity
            Not Before: Apr 21 19:23:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=029994c03e93c3437c31225a83d046aa1f0bfe94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:93:4c:9e:52:7a:a1:77:cd:04:79:70:f3:ef:
                    68:a4:e8:94:04:35:7a:95:7f:89:bf:a7:f8:3e:41:
                    c0:7e:16:be:29:3d:49:f8:ac:4e:90:ed:07:a4:8e:
                    bb:1d:94:bf:c3:56:ba:89:90:8c:d0:ff:28:d8:97:
                    be:1e:e4:f8:d1:f7:8d:56:e2:d1:73:db:19:d8:b3:
                    ce:d1:32:c3:97:3e:51:b2:85:78:87:5b:3f:0a:47:
                    c8:91:13:3f:12:e4:17:02:bd:60:d8:16:9c:c5:60:
                    11:9b:7b:3c:dd:18:5b:ff:de:7b:86:e3:3e:cb:73:
                    37:4d:95:97:27:15:a3:4b:b2:f3:02:81:30:c6:fc:
                    5b:eb:cd:01:78:99:da:e2:d6:f5:0f:95:5a:12:4c:
                    ce:78:b4:1b:f1:25:d5:f3:3c:08:54:fb:3f:29:8a:
                    48:6d:75:d8:d6:f6:9f:2e:b4:28:8c:a1:f6:c4:9d:
                    1d:2c:5e:8e:0d:21:9c:ea:6f:c8:8c:e5:bd:a1:54:
                    40:55:14:78:99:2e:76:be:35:23:ad:fc:4b:0e:f7:
                    e1:e6:37:1d:70:9c:b0:d8:c2:cf:83:ab:7f:cc:57:
                    1a:9e:a9:11:9b:f6:b9:4a:ae:9e:f0:70:83:ee:d4:
                    92:e9:3e:ec:7b:89:51:b5:cb:ff:4e:d1:4d:76:9a:
                    68:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:99:94:C0:3E:93:C3:43:7C:31:22:5A:83:D0:46:AA:1F:0B:FE:94
            X509v3 Authority Key Identifier:
                keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/ApmUwD6Tw0N8MSJag9BGqh8L_pQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.197.128.0/22
                  185.225.236.0/22
                IPv6:
                  2a04:f280::/40

    Signature Algorithm: sha256WithRSAEncryption
         02:1b:f2:4e:f3:99:fd:e6:bf:54:a5:33:80:41:f2:bf:3a:ae:
         a1:50:f6:e4:e0:03:db:af:27:1f:1c:27:16:2a:c3:b5:21:5b:
         9a:e5:27:a8:67:5e:94:9c:fe:49:18:80:69:57:bf:4b:91:87:
         74:37:fc:16:73:06:39:5c:d8:14:5f:44:12:b9:2c:d6:3d:32:
         f5:49:f2:c6:e2:18:19:1e:0e:98:6a:85:1a:97:66:6c:fe:b5:
         9a:67:8b:cc:bc:e4:58:5a:39:df:3b:70:ab:89:53:08:dc:50:
         a9:ae:db:51:52:69:a4:4d:5e:f1:1c:0f:e1:b4:bd:18:96:1e:
         4f:08:c6:5b:94:ed:bb:1f:cb:27:59:00:95:be:05:b9:52:22:
         a0:c1:6e:24:65:2c:f6:ce:32:72:d1:46:9b:f9:bd:bb:8c:21:
         07:74:cd:43:39:df:18:67:e4:29:45:6c:b8:a1:38:9f:1c:70:
         d3:fd:20:8a:c3:b1:88:81:90:c7:2a:fc:27:d9:db:fc:78:36:
         6d:e7:d2:55:1b:59:f4:c0:b1:f8:17:41:d6:0b:34:6f:db:e4:
         43:d4:1d:55:55:3a:7f:0a:8f:2c:cf:12:e1:d2:4f:fc:df:95:
         7e:82:65:59:2d:c1:a2:07:7e:96:61:5a:b2:6a:85:90:0f:1a:
         d3:8c:43:18
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYelRbRpl1IIETiC+qUAtb7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODhlYjczMGFiMWE1MDFlYTM2ZWEzNDgyZDc2NDU0NGUx
NDExMTEwHhcNMjMwNDIxMTkyMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjk5OTRjMDNlOTNjMzQzN2MzMTIyNWE4M2QwNDZhYTFmMGJmZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpNMnlJ6oXfNBHlw8+9opOiUBDV6
lX+Jv6f4PkHAfha+KT1J+KxOkO0HpI67HZS/w1a6iZCM0P8o2Je+HuT40feNVuLR
c9sZ2LPO0TLDlz5RsoV4h1s/CkfIkRM/EuQXAr1g2BacxWARm3s83Rhb/957huM+
y3M3TZWXJxWjS7LzAoEwxvxb680BeJna4tb1D5VaEkzOeLQb8SXV8zwIVPs/KYpI
bXXY1vafLrQojKH2xJ0dLF6ODSGc6m/IjOW9oVRAVRR4mS52vjUjrfxLDvfh5jcd
cJyw2MLPg6t/zFcanqkRm/a5Sq6e8HCD7tSS6T7se4lRtcv/TtFNdppo7QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAKZlMA+k8NDfDEiWoPQRqofC/6UMB8GA1UdIwQY
MBaAFE2I63MKsaUB6jbqNILXZFROFBERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQt
NzI2ZjgzZDIzODkyLzEvQXBtVXdENlR3ME44TVNKYWc5QkdxaDhMX3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQtNzI2ZjgzZDIzODky
LzEvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCucWAAwQC
ueHsMA4EAgACMAgDBgAqBPKAADANBgkqhkiG9w0BAQsFAAOCAQEAAhvyTvOZ/ea/
VKUzgEHyvzquoVD25OAD268nHxwnFirDtSFbmuUnqGdelJz+SRiAaVe/S5GHdDf8
FnMGOVzYFF9EErks1j0y9UnyxuIYGR4OmGqFGpdmbP61mmeLzLzkWFo53ztwq4lT
CNxQqa7bUVJppE1e8RwP4bS9GJYeTwjGW5Ttux/LJ1kAlb4FuVIioMFuJGUs9s4y
ctFGm/m9u4whB3TNQznfGGfkKUVsuKE4nxxw0/0gisOxiIGQxyr8J9nb/Hg2befS
VRtZ9MCx+BdB1gs0b9vkQ9QdVVU6fwqPLM8S4dJP/N+VfoJlWS3Bogd+lmFasmqF
kA8a04xDGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:48 2024 by rpki-client on console-fra.rpki-client.org