Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/JtFnIziIm-8IDJcsW-dQJ2woujU.roa
File:                     JtFnIziIm-8IDJcsW-dQJ2woujU.roa (raw, json)
Hash identifier:          D69kJbEwR1DX6+gVkGC5zhyvuDuZW68RvZP9iEvPGUk=
Subject key identifier:   26:D1:67:23:38:88:9B:EF:08:0C:97:2C:5B:E7:50:27:6C:28:BA:35
Certificate issuer:       /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial:       018CC5003ACC267003C62DEECDC7ACADD420
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/JtFnIziIm-8IDJcsW-dQJ2woujU.roa
Signing time:             Mon 01 Jan 2024 12:29:35 +0000
ROA not before:           Mon 01 Jan 2024 12:29:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213301
IP address blocks:        185.174.68.0/24 maxlen: 24
                          185.174.70.0/24 maxlen: 24
                          185.78.85.0/24 maxlen: 24
                          185.78.84.0/24 maxlen: 24
                          185.78.87.0/24 maxlen: 24
                          185.78.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 07 Feb 2024 13:36:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:3a:cc:26:70:03:c6:2d:ee:cd:c7:ac:ad:d4:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
        Validity
            Not Before: Jan  1 12:29:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=26d1672338889bef080c972c5be750276c28ba35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:77:9f:38:52:2f:ac:be:2a:f3:72:92:34:6c:
                    81:14:b7:fa:4e:56:78:9b:4f:f2:b9:5c:10:78:54:
                    42:83:2b:c8:ef:63:be:06:c2:1d:69:b9:7b:aa:a6:
                    5c:07:8c:cc:cc:90:4a:16:35:ca:b3:11:de:70:a1:
                    00:f8:ca:34:34:65:4d:b7:c2:67:0e:ac:ab:8d:66:
                    aa:33:37:a1:ee:e6:60:89:94:29:be:ad:b8:46:6d:
                    86:66:5a:a8:a2:1b:51:20:8e:8d:cb:a3:6b:72:00:
                    57:39:c2:72:63:1b:eb:79:92:7a:22:2c:06:a5:60:
                    31:07:d9:70:35:a5:aa:2a:93:c4:e5:66:37:dc:f9:
                    46:64:19:20:e5:67:09:9d:9b:c5:80:f2:d1:46:f4:
                    fc:18:d7:e5:18:f3:17:86:a1:db:9f:d2:50:8b:93:
                    cf:78:31:3f:6c:59:7a:89:7d:bf:dd:dd:b5:81:56:
                    40:cc:da:39:f3:e6:7b:c4:30:bb:f0:d3:e4:28:50:
                    be:d2:37:b9:09:a0:2a:3a:2e:ea:f0:65:e3:48:13:
                    4d:88:a5:a9:5b:50:6b:de:ff:dc:f7:e9:47:cc:a1:
                    7d:37:22:ab:27:78:42:71:10:61:07:5c:31:d0:d1:
                    ab:95:a1:93:ec:7b:5a:9d:a7:c0:d6:6c:1c:cc:f5:
                    6b:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:D1:67:23:38:88:9B:EF:08:0C:97:2C:5B:E7:50:27:6C:28:BA:35
            X509v3 Authority Key Identifier:
                keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/JtFnIziIm-8IDJcsW-dQJ2woujU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.78.84.0/22
                  185.174.68.0/24
                  185.174.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:f8:0e:9a:9f:a6:95:9d:e3:88:b1:06:e8:6c:46:08:1f:33:
         df:82:41:fb:e7:8c:99:e5:02:ea:fe:9c:a7:39:d4:89:09:36:
         9c:14:2a:13:d6:2a:f1:72:ce:28:10:6a:49:18:87:7d:7f:1f:
         ec:90:fc:a6:88:09:0c:2e:66:e3:4a:26:e7:40:51:43:93:4b:
         73:b7:9b:99:03:09:d2:48:0f:6c:e4:8b:d5:64:41:85:f6:ec:
         47:98:b9:ce:ad:02:5b:cc:ed:17:00:e8:41:a1:5b:50:c5:c5:
         97:62:1e:11:b1:f9:7a:6e:4a:21:b5:59:1a:2b:25:03:2a:6f:
         87:8a:ee:57:59:66:12:d0:d5:c8:b0:f3:2a:02:1a:2a:87:4f:
         71:26:73:51:8a:e0:ec:57:04:e2:32:47:eb:e6:43:b9:45:27:
         93:a4:05:c1:b4:bc:14:e6:d7:92:2a:3f:c3:52:9b:0f:c7:e3:
         b6:0d:19:93:ee:9a:90:f9:0b:68:10:b8:96:26:5c:7e:d9:e4:
         6e:2a:78:b6:37:94:ae:f0:86:82:b8:87:75:3e:74:71:40:2f:
         15:07:c0:3d:4c:79:7a:fa:f5:ef:95:fd:cb:99:f3:97:47:ba:
         35:38:49:94:48:78:01:c1:82:02:8d:ce:fa:3e:af:38:38:cd:
         7c:e7:cc:17
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFADrMJnADxi3uzcesrdQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjQwMTAxMTIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmQxNjcyMzM4ODg5YmVmMDgwYzk3MmM1YmU3NTAyNzZjMjhiYTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnefOFIvrL4q83KSNGyBFLf6TlZ4
m0/yuVwQeFRCgyvI72O+BsIdabl7qqZcB4zMzJBKFjXKsxHecKEA+Mo0NGVNt8Jn
DqyrjWaqMzeh7uZgiZQpvq24Rm2GZlqoohtRII6Ny6NrcgBXOcJyYxvreZJ6IiwG
pWAxB9lwNaWqKpPE5WY33PlGZBkg5WcJnZvFgPLRRvT8GNflGPMXhqHbn9JQi5PP
eDE/bFl6iX2/3d21gVZAzNo58+Z7xDC78NPkKFC+0je5CaAqOi7q8GXjSBNNiKWp
W1Br3v/c9+lHzKF9NyKrJ3hCcRBhB1wx0NGrlaGT7HtanafA1mwczPVrMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCbRZyM4iJvvCAyXLFvnUCdsKLo1MB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvSnRGbkl6aUltLThJREpjc1ctZFFKMndvdWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuU5UAwQA
ua5EAwQAua5GMA0GCSqGSIb3DQEBCwUAA4IBAQAq+A6an6aVneOIsQbobEYIHzPf
gkH754yZ5QLq/pynOdSJCTacFCoT1irxcs4oEGpJGId9fx/skPymiAkMLmbjSibn
QFFDk0tzt5uZAwnSSA9s5IvVZEGF9uxHmLnOrQJbzO0XAOhBoVtQxcWXYh4Rsfl6
bkohtVkaKyUDKm+Hiu5XWWYS0NXIsPMqAhoqh09xJnNRiuDsVwTiMkfr5kO5RSeT
pAXBtLwU5teSKj/DUpsPx+O2DRmT7pqQ+QtoELiWJlx+2eRuKni2N5Su8IaCuId1
PnRxQC8VB8A9THl6+vXvlf3LmfOXR7o1OEmUSHgBwYICjc76Pq84OM1858wX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:33 2024 by rpki-client on console-fra.rpki-client.org