Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/b58isJAIs2ldo_KsLaT1yG5isRQ.roa
File:                     b58isJAIs2ldo_KsLaT1yG5isRQ.roa (raw, json)
Hash identifier:          a8pKJ0jBVTjYfO9789G80Y31XzsRjszi1GqnC+fxAiU=
Subject key identifier:   6F:9F:22:B0:90:08:B3:69:5D:A3:F2:AC:2D:A4:F5:C8:6E:62:B1:14
Certificate issuer:       /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial:       018DCA8DB1E1A00B42A462A15432EA94939A
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/b58isJAIs2ldo_KsLaT1yG5isRQ.roa
Signing time:             Wed 21 Feb 2024 07:25:00 +0000
ROA not before:           Wed 21 Feb 2024 07:25:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     198252
IP address blocks:        94.250.37.0/24 maxlen: 24
                          94.250.38.0/24 maxlen: 24
                          94.250.39.0/24 maxlen: 24
                          94.250.40.0/22 maxlen: 22
                          94.250.40.0/23 maxlen: 23
                          94.250.42.0/23 maxlen: 23
                          94.250.44.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 11 Jun 2024 10:04:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ca:8d:b1:e1:a0:0b:42:a4:62:a1:54:32:ea:94:93:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
        Validity
            Not Before: Feb 21 07:25:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6f9f22b09008b3695da3f2ac2da4f5c86e62b114
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:00:14:fb:a7:49:d6:f2:bc:3f:0c:e4:f6:15:
                    e6:c7:dd:9d:b8:73:7b:f3:b6:ac:fe:9b:d6:21:c8:
                    cd:ab:aa:fa:1f:98:e0:19:02:34:dd:1b:24:96:f8:
                    78:06:86:50:70:d8:d3:03:ff:63:72:76:8f:62:91:
                    f9:6f:03:85:23:f0:8e:e7:c1:dc:7e:ee:7f:23:00:
                    79:a7:87:28:e2:b4:cf:57:a7:c3:26:aa:c7:bf:fc:
                    c6:57:35:3d:47:47:aa:e4:70:70:55:17:b6:ea:eb:
                    e8:92:42:71:7a:85:b9:13:44:76:89:33:d9:e0:d6:
                    7c:ad:b9:ee:94:db:e8:a3:16:a8:0c:32:be:ec:c1:
                    85:f2:b9:7d:96:6b:44:de:fa:f1:da:a2:4b:64:c8:
                    c0:c0:1a:dd:ad:72:39:ac:3b:32:23:2f:bf:96:7d:
                    d0:08:64:0c:61:36:0f:7b:39:76:96:2c:75:38:6c:
                    d4:82:f2:5c:1e:1d:12:27:a9:95:cc:9f:24:f7:1a:
                    53:02:55:87:9d:a8:ee:57:bd:8f:6d:7b:b1:ef:ab:
                    0a:d8:44:57:fc:d1:5f:f4:e9:57:7a:26:3f:0b:c1:
                    79:c1:56:31:b8:22:dd:22:58:f4:4b:a5:d3:a1:7c:
                    b0:5a:04:29:b9:34:d7:ed:f0:21:02:b0:58:85:2e:
                    be:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:9F:22:B0:90:08:B3:69:5D:A3:F2:AC:2D:A4:F5:C8:6E:62:B1:14
            X509v3 Authority Key Identifier:
                keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/b58isJAIs2ldo_KsLaT1yG5isRQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.250.37.0-94.250.47.255

    Signature Algorithm: sha256WithRSAEncryption
         7c:f2:65:38:be:6f:a2:e6:09:18:1c:6d:5b:32:49:c1:f0:c1:
         3b:0d:46:3e:23:2c:17:5d:3a:34:6d:0e:00:1f:e3:8a:9c:86:
         f4:47:75:66:5d:07:37:a7:26:99:80:ee:57:49:76:e2:a3:2b:
         67:34:a8:dd:76:a1:64:ed:b6:5a:71:88:2f:3d:e2:78:d7:96:
         7d:00:ea:10:c0:17:68:b6:2c:f8:02:c9:86:7e:f1:32:fe:e5:
         16:32:7a:2e:11:4a:e4:e2:a6:c4:e4:a0:91:69:c7:93:51:46:
         58:7a:b9:92:ee:48:fe:94:fd:01:8f:a0:07:26:ca:25:39:1c:
         d6:e0:79:ba:b7:60:34:c1:14:32:2c:ba:61:08:eb:a3:f0:76:
         49:21:f4:fd:8e:17:3a:5c:9e:19:1f:94:f0:19:90:45:35:3d:
         d7:30:0e:a7:08:d0:f8:16:3e:f0:e9:50:ed:76:a1:9f:7e:e4:
         7c:dc:7c:e1:33:53:1e:a8:b6:c9:96:2d:21:64:9f:3b:e9:02:
         e8:49:8f:3e:2d:b3:14:02:5a:2c:0a:03:f1:a1:82:a9:b4:1b:
         7d:81:ea:f4:d6:82:08:79:3c:e6:4a:bf:12:33:4f:9e:27:ab:
         b5:4e:8d:37:d7:5b:16:4d:85:cb:f4:fb:30:ad:82:1e:09:39:
         4d:20:93:3e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3KjbHhoAtCpGKhVDLqlJOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjQwMjIxMDcyNTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjlmMjJiMDkwMDhiMzY5NWRhM2YyYWMyZGE0ZjVjODZlNjJiMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gAU+6dJ1vK8Pwzk9hXmx92duHN7
87as/pvWIcjNq6r6H5jgGQI03Rsklvh4BoZQcNjTA/9jcnaPYpH5bwOFI/CO58Hc
fu5/IwB5p4co4rTPV6fDJqrHv/zGVzU9R0eq5HBwVRe26uvokkJxeoW5E0R2iTPZ
4NZ8rbnulNvooxaoDDK+7MGF8rl9lmtE3vrx2qJLZMjAwBrdrXI5rDsyIy+/ln3Q
CGQMYTYPezl2lix1OGzUgvJcHh0SJ6mVzJ8k9xpTAlWHnajuV72PbXux76sK2ERX
/NFf9OlXeiY/C8F5wVYxuCLdIlj0S6XToXywWgQpuTTX7fAhArBYhS6+UQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFG+fIrCQCLNpXaPyrC2k9chuYrEUMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvYjU4aXNKQUlzMmxkb19Lc0xhVDF5RzVpc1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABe+iUD
BARe+iAwDQYJKoZIhvcNAQELBQADggEBAHzyZTi+b6LmCRgcbVsyScHwwTsNRj4j
LBddOjRtDgAf44qchvRHdWZdBzenJpmA7ldJduKjK2c0qN12oWTttlpxiC894njX
ln0A6hDAF2i2LPgCyYZ+8TL+5RYyei4RSuTipsTkoJFpx5NRRlh6uZLuSP6U/QGP
oAcmyiU5HNbgebq3YDTBFDIsumEI66Pwdkkh9P2OFzpcnhkflPAZkEU1PdcwDqcI
0PgWPvDpUO12oZ9+5HzcfOEzUx6otsmWLSFknzvpAuhJjz4tsxQCWiwKA/Ghgqm0
G32B6vTWggh5POZKvxIzT54nq7VOjTfXWxZNhcv0+zCtgh4JOU0gkz4=
-----END CERTIFICATE-----
Generated at Tue Jun 11 13:12:50 2024 by rpki-client on console-fra.rpki-client.org