Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TWgK7NULg-Y4-c3OIfILwPWfGu0.roa
File:                     TWgK7NULg-Y4-c3OIfILwPWfGu0.roa (raw, json)
Hash identifier:          YDIswcUHNrIa75utuLlygyZZvX60ZOwDuOyX+e55tK0=
Subject key identifier:   4D:68:0A:EC:D5:0B:83:E6:38:F9:CD:CE:21:F2:0B:C0:F5:9F:1A:ED
Certificate issuer:       /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial:       018CC79555387200A945F8BD43835E7D63B3
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TWgK7NULg-Y4-c3OIfILwPWfGu0.roa
Signing time:             Tue 02 Jan 2024 00:31:41 +0000
ROA not before:           Tue 02 Jan 2024 00:31:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50887
IP address blocks:        188.214.31.0/24 maxlen: 24
                          86.107.47.0/24 maxlen: 24
                          94.177.58.0/24 maxlen: 24
                          46.102.191.0/24 maxlen: 24
                          94.177.96.0/23 maxlen: 23
                          94.177.10.0/23 maxlen: 24
Validation:               Failed, certificate revoked on Wed 01 Jan 2025 19:48:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:55:38:72:00:a9:45:f8:bd:43:83:5e:7d:63:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
        Validity
            Not Before: Jan  2 00:31:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4d680aecd50b83e638f9cdce21f20bc0f59f1aed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:05:15:5f:6e:5f:4b:9f:de:e5:4d:a3:f8:02:
                    6e:f3:3d:c4:10:7e:92:de:3a:85:4d:46:6f:1a:77:
                    58:be:a1:69:84:a5:cb:60:85:5f:1b:eb:b1:b1:57:
                    c0:92:82:84:b4:c6:fd:20:27:44:c0:5c:e5:cb:55:
                    68:6d:8c:32:87:68:4f:b0:c8:f0:f8:e1:66:21:aa:
                    a6:48:8d:c1:8c:91:ae:4c:9b:3e:97:5e:f7:7f:22:
                    17:5b:5a:19:1c:d5:7a:7d:2f:6c:07:2a:a4:5f:3f:
                    ad:04:28:a2:ae:c2:98:d1:a2:f2:e1:0b:09:1e:fd:
                    ed:c2:ff:e4:17:07:2a:b3:92:ea:ab:eb:7d:36:e5:
                    80:db:e5:78:ce:e0:36:35:6f:42:af:7c:11:dc:be:
                    12:29:13:a0:83:2e:58:0e:cc:28:3c:f1:f0:6f:32:
                    8b:86:35:c0:ce:69:2d:ad:37:52:dd:3c:85:d6:28:
                    fe:10:30:e1:7b:af:6a:53:29:f3:a6:03:67:89:a8:
                    63:fd:c6:47:4e:a8:08:6a:a1:c0:56:71:ef:ba:b3:
                    8d:01:7e:1c:d4:76:fa:b2:53:90:d8:9d:d1:fd:ab:
                    68:40:e4:8c:d9:45:95:eb:3f:bd:55:9f:e7:21:e8:
                    cb:fd:0e:11:bd:81:0e:6f:38:35:51:f8:b8:40:74:
                    5f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:68:0A:EC:D5:0B:83:E6:38:F9:CD:CE:21:F2:0B:C0:F5:9F:1A:ED
            X509v3 Authority Key Identifier:
                keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TWgK7NULg-Y4-c3OIfILwPWfGu0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.102.191.0/24
                  86.107.47.0/24
                  94.177.10.0/23
                  94.177.58.0/24
                  94.177.96.0/23
                  188.214.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c6:42:4b:e3:c6:a1:c4:0f:ef:30:6c:de:eb:de:fb:dc:b2:26:
         5a:16:de:b3:92:88:eb:be:9a:33:d6:1e:7f:4a:49:2b:e0:ac:
         77:54:cd:f9:bb:d1:eb:22:13:bf:c7:93:0d:7d:b4:08:55:11:
         b0:d4:6b:bf:f7:ed:53:4f:c2:cb:c0:74:28:73:24:fc:56:1d:
         65:25:6c:48:14:22:ff:bb:07:c1:fc:26:48:43:71:c1:63:44:
         b0:e4:0f:a4:56:0d:16:90:71:c8:c4:90:3c:37:54:78:03:74:
         d1:3a:89:3a:3d:27:32:68:0f:db:be:e9:fd:25:d7:b6:a3:b7:
         05:40:be:db:6d:fc:43:64:92:6a:7c:31:76:78:19:6e:98:a3:
         3c:ee:47:33:d4:c7:1b:22:52:44:40:0a:fd:fb:7b:33:12:7f:
         25:38:69:d9:45:7d:b5:12:4e:1e:29:36:c5:b8:1e:08:d9:a0:
         33:f8:d4:31:12:2e:d8:89:5d:9b:04:3e:74:56:83:b3:73:59:
         48:20:a4:ea:9b:1f:52:ee:f3:91:81:46:cd:fb:81:c8:43:bb:
         42:72:cc:6b:48:e7:29:b4:0c:ac:f0:2e:be:83:b6:48:06:8f:
         60:a6:2b:a0:00:f5:29:c5:ff:74:7e:d1:a3:a5:10:07:3b:96:
         0b:15:0f:e5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzHlVU4cgCpRfi9Q4NefWOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY4MGFlY2Q1MGI4M2U2MzhmOWNkY2UyMWYyMGJjMGY1OWYxYWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQUVX25fS5/e5U2j+AJu8z3EEH6S
3jqFTUZvGndYvqFphKXLYIVfG+uxsVfAkoKEtMb9ICdEwFzly1VobYwyh2hPsMjw
+OFmIaqmSI3BjJGuTJs+l173fyIXW1oZHNV6fS9sByqkXz+tBCiirsKY0aLy4QsJ
Hv3twv/kFwcqs5Lqq+t9NuWA2+V4zuA2NW9Cr3wR3L4SKROggy5YDswoPPHwbzKL
hjXAzmktrTdS3TyF1ij+EDDhe69qUynzpgNniahj/cZHTqgIaqHAVnHvurONAX4c
1Hb6slOQ2J3R/atoQOSM2UWV6z+9VZ/nIejL/Q4RvYEObzg1Ufi4QHRfdwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE1oCuzVC4PmOPnNziHyC8D1nxrtMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1RXZ0s3TlVMZy1ZNC1jM09JZklMd1BXZkd1MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAAuZr8D
BABWay8DBAFesQoDBABesToDBAFesWADBAC81h8wDQYJKoZIhvcNAQELBQADggEB
AMZCS+PGocQP7zBs3uve+9yyJloW3rOSiOu+mjPWHn9KSSvgrHdUzfm70esiE7/H
kw19tAhVEbDUa7/37VNPwsvAdChzJPxWHWUlbEgUIv+7B8H8JkhDccFjRLDkD6RW
DRaQccjEkDw3VHgDdNE6iTo9JzJoD9u+6f0l17ajtwVAvttt/ENkkmp8MXZ4GW6Y
ozzuRzPUxxsiUkRACv37ezMSfyU4adlFfbUSTh4pNsW4HgjZoDP41DESLtiJXZsE
PnRWg7NzWUggpOqbH1Lu85GBRs37gchDu0JyzGtI5ym0DKzwLr6DtkgGj2CmK6AA
9SnF/3R+0aOlEAc7lgsVD+U=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:49 2025 by rpki-client