Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/rTAwpJVUSOcQsKFCoEhT86JCGb4.roa
File:                     rTAwpJVUSOcQsKFCoEhT86JCGb4.roa (raw, json)
Hash identifier:          H8qPSlIfrYoxOeh7ms/Dm2JtiT7l/RQuWB9srdV+XjE=
Subject key identifier:   AD:30:30:A4:95:54:48:E7:10:B0:A1:42:A0:48:53:F3:A2:42:19:BE
Certificate issuer:       /CN=47b80caa97c13147d680c80976f8a4b15cade04f
Certificate serial:       018CC4930C441A2ABC3E599E6A180F7D4F78
Authority key identifier: 47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/rTAwpJVUSOcQsKFCoEhT86JCGb4.roa
Signing time:             Mon 01 Jan 2024 10:30:20 +0000
ROA not before:           Mon 01 Jan 2024 10:30:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44547
IP address blocks:        185.161.122.0/24 maxlen: 24
                          185.171.88.0/24 maxlen: 24
                          185.171.91.0/24 maxlen: 24
                          2a0c:f500::/29 maxlen: 29
                          2a07:5dc0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 22 Oct 2024 16:28:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:0c:44:1a:2a:bc:3e:59:9e:6a:18:0f:7d:4f:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47b80caa97c13147d680c80976f8a4b15cade04f
        Validity
            Not Before: Jan  1 10:30:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ad3030a4955448e710b0a142a04853f3a24219be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:89:7a:24:ed:24:d4:56:24:08:db:2c:1e:3e:
                    9b:8e:14:25:7f:a0:71:d0:f2:48:b9:fa:57:1a:cd:
                    75:5c:a2:14:a5:e6:85:76:13:44:92:0a:1b:56:29:
                    e6:1a:42:34:18:85:2d:64:6f:52:5a:31:b9:80:cc:
                    32:35:67:59:03:c7:70:cc:28:82:bf:08:86:ca:10:
                    91:af:9f:fd:5e:3f:f1:03:d6:6c:61:d1:5a:e3:dd:
                    0d:e9:32:54:7d:08:81:4b:dd:15:c3:10:92:22:44:
                    4b:0c:27:c5:94:f0:b9:6f:45:2c:85:c9:8d:b2:b7:
                    17:79:96:1d:e4:7e:5b:02:d7:c0:b3:d3:60:6b:f9:
                    b9:40:32:3c:04:0a:5b:39:5d:4f:a2:68:96:24:67:
                    c4:79:a0:14:3b:78:92:84:5b:d1:c1:ee:93:1e:9c:
                    58:41:7a:a4:db:48:56:37:db:5c:19:14:de:5f:88:
                    ec:95:bc:9e:ac:3f:2e:cd:42:98:e0:62:08:49:61:
                    c8:7e:98:78:c7:20:52:00:56:84:21:c9:70:df:a2:
                    1e:c0:03:9c:e3:e3:9b:42:2e:05:5e:1e:f7:d2:53:
                    aa:6f:4e:5f:8f:a1:90:5d:d6:b3:42:72:e6:7b:05:
                    12:7d:5a:ca:26:aa:d1:40:7e:32:a7:f2:d1:55:49:
                    45:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:30:30:A4:95:54:48:E7:10:B0:A1:42:A0:48:53:F3:A2:42:19:BE
            X509v3 Authority Key Identifier:
                keyid:47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/rTAwpJVUSOcQsKFCoEhT86JCGb4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/R7gMqpfBMUfWgMgJdviksVyt4E8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.161.122.0/24
                  185.171.88.0/24
                  185.171.91.0/24
                IPv6:
                  2a07:5dc0::/29
                  2a0c:f500::/29

    Signature Algorithm: sha256WithRSAEncryption
         21:da:54:37:df:9e:fb:27:f3:b5:1c:46:84:64:57:a9:29:fc:
         0a:3f:93:d2:2f:16:5b:75:e8:cf:6f:ae:fb:d8:1f:12:68:9e:
         25:20:4d:e8:2b:c3:8e:8b:ff:9d:09:dd:06:df:76:a7:eb:dd:
         89:29:e0:b5:ba:95:6e:51:1d:9a:d8:fb:80:fa:b3:11:c7:d8:
         69:bc:0c:12:b0:d8:c1:e9:cd:cc:ab:ca:78:08:85:b8:62:d8:
         6d:19:23:08:0c:68:77:6c:0a:5c:08:c8:bf:e7:76:1f:e0:6c:
         0f:a2:d9:91:61:5d:9a:ae:2f:e0:7c:70:fe:49:8c:e2:55:e7:
         0e:22:ea:53:bd:ec:89:fc:79:39:a1:a7:bd:88:78:75:55:18:
         89:5a:80:9b:4d:56:45:4e:63:ee:67:ea:cd:24:2a:8a:89:b5:
         b1:6e:b4:5d:1f:95:1d:ef:28:9d:d0:2f:06:ec:3c:81:05:59:
         c7:3b:2a:65:a6:9e:6f:7b:26:d0:9c:bb:dd:a2:fd:a0:71:48:
         88:19:ee:9b:52:4f:b2:a4:47:5d:22:48:84:c7:fd:a7:71:d8:
         c7:7a:51:04:1d:a8:66:81:57:a1:03:24:b5:72:11:e8:fa:1d:
         9d:17:3b:01:09:f2:48:4e:de:79:f8:b9:d1:bd:a6:61:4e:a8:
         12:02:f2:f4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzEkwxEGiq8PlmeahgPfU94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjgwY2FhOTdjMTMxNDdkNjgwYzgwOTc2ZjhhNGIxNWNh
ZGUwNGYwHhcNMjQwMTAxMTAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDMwMzBhNDk1NTQ0OGU3MTBiMGExNDJhMDQ4NTNmM2EyNDIxOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIl6JO0k1FYkCNssHj6bjhQlf6Bx
0PJIufpXGs11XKIUpeaFdhNEkgobVinmGkI0GIUtZG9SWjG5gMwyNWdZA8dwzCiC
vwiGyhCRr5/9Xj/xA9ZsYdFa490N6TJUfQiBS90VwxCSIkRLDCfFlPC5b0UshcmN
srcXeZYd5H5bAtfAs9Nga/m5QDI8BApbOV1PomiWJGfEeaAUO3iShFvRwe6THpxY
QXqk20hWN9tcGRTeX4jslbyerD8uzUKY4GIISWHIfph4xyBSAFaEIclw36IewAOc
4+ObQi4FXh730lOqb05fj6GQXdazQnLmewUSfVrKJqrRQH4yp/LRVUlFnwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFK0wMKSVVEjnELChQqBIU/OiQhm+MB8GA1UdIwQY
MBaAFEe4DKqXwTFH1oDICXb4pLFcreBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAt
MTBlMjRlOWQwZmE3LzEvclRBd3BKVlVTT2NRc0tGQ29FaFQ4NkpDR2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAtMTBlMjRlOWQwZmE3
LzEvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAuaF6AwQA
uatYAwQAuatbMBQEAgACMA4DBQMqB13AAwUDKgz1ADANBgkqhkiG9w0BAQsFAAOC
AQEAIdpUN9+e+yfztRxGhGRXqSn8Cj+T0i8WW3Xoz2+u+9gfEmieJSBN6CvDjov/
nQndBt92p+vdiSngtbqVblEdmtj7gPqzEcfYabwMErDYwenNzKvKeAiFuGLYbRkj
CAxod2wKXAjIv+d2H+BsD6LZkWFdmq4v4Hxw/kmM4lXnDiLqU73sifx5OaGnvYh4
dVUYiVqAm01WRU5j7mfqzSQqiom1sW60XR+VHe8ondAvBuw8gQVZxzsqZaaeb3sm
0Jy73aL9oHFIiBnum1JPsqRHXSJIhMf9p3HYx3pRBB2oZoFXoQMktXIR6PodnRc7
AQnySE7eefi50b2mYU6oEgLy9A==
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:33:53 2024 by rpki-client on console-ams.rpki-client.org