Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/IQYpedVUbf7BDwyl2FPKUtd0DdQ.roa
File:                     IQYpedVUbf7BDwyl2FPKUtd0DdQ.roa (raw, json)
Hash identifier:          Z+XKjs47wY0zCRU6qnkdHqqrdhDXWqo/bSD6xxvFGYc=
Subject key identifier:   21:06:29:79:D5:54:6D:FE:C1:0F:0C:A5:D8:53:CA:52:D7:74:0D:D4
Certificate issuer:       /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial:       01856F8B6C08F0B15254346023CDA2BEF73B
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/IQYpedVUbf7BDwyl2FPKUtd0DdQ.roa
Signing time:             Sun 01 Jan 2023 22:54:45 +0000
ROA not before:           Sun 01 Jan 2023 22:54:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29286
IP address blocks:        185.20.215.0/24 maxlen: 24
                          37.9.178.0/24 maxlen: 24
                          37.9.176.0/24 maxlen: 24
                          37.9.179.0/24 maxlen: 24
                          37.9.183.0/24 maxlen: 24
                          37.9.180.0/23 maxlen: 24
                          185.20.212.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 10 Aug 2023 07:38:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:8b:6c:08:f0:b1:52:54:34:60:23:cd:a2:be:f7:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
        Validity
            Not Before: Jan  1 22:54:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=21062979d5546dfec10f0ca5d853ca52d7740dd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:03:0d:5e:5a:d1:7d:97:09:0b:69:72:3c:78:
                    31:98:5b:fd:08:b5:46:f8:7f:e6:c7:22:9d:06:ac:
                    84:cf:1e:b0:81:e2:e7:62:0d:5b:6a:e9:02:1f:6c:
                    e6:cf:69:9b:be:21:9c:d1:0e:43:7f:8a:eb:27:96:
                    0e:fb:ad:f2:32:cb:df:63:66:36:2a:3a:1f:54:78:
                    a4:be:3a:6d:a1:41:12:8d:f3:87:1b:a0:de:f2:52:
                    df:f3:ed:45:0e:62:9b:0a:04:7b:58:00:43:1f:7a:
                    ff:57:57:53:20:51:c3:40:27:a1:a9:f6:21:69:a8:
                    f4:ee:c0:0c:ad:4c:a4:dd:9d:51:19:ef:e6:10:95:
                    3c:81:27:b5:95:cb:ac:e8:7e:1f:ab:16:9c:4b:71:
                    12:61:c9:da:07:63:56:98:9f:59:05:2c:d4:40:a8:
                    62:e2:5a:00:57:4a:81:98:91:1a:d0:7c:58:39:30:
                    48:38:40:c3:0c:3d:1f:73:d0:fb:d3:8e:1a:fc:96:
                    24:b4:d4:51:22:f1:c3:35:c7:b7:90:23:32:ac:40:
                    4d:fc:a9:e3:bc:6e:3a:36:cc:f7:e3:81:c3:1d:a8:
                    21:ae:93:aa:a1:47:99:b0:70:05:a8:f4:9d:15:44:
                    b0:74:f2:f4:6e:a3:ed:37:04:0c:61:94:26:fe:e8:
                    a4:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:06:29:79:D5:54:6D:FE:C1:0F:0C:A5:D8:53:CA:52:D7:74:0D:D4
            X509v3 Authority Key Identifier:
                keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/IQYpedVUbf7BDwyl2FPKUtd0DdQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.9.176.0/24
                  37.9.178.0-37.9.181.255
                  37.9.183.0/24
                  185.20.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:f2:00:86:96:bd:0c:2c:30:e6:9b:6e:93:40:1d:0e:41:b7:
         f2:2c:c4:1d:73:dc:2e:e5:f4:97:91:5b:90:de:f3:e5:13:ba:
         a0:d9:1b:b2:5b:50:a3:02:83:5d:41:68:d1:71:01:d3:b8:45:
         f5:67:5a:2f:aa:13:bf:f3:9a:a3:db:23:89:6b:bd:16:d4:81:
         5f:9c:02:c4:f1:d4:e7:70:ce:1b:96:7a:b7:e6:76:e9:7e:bd:
         8b:19:47:3a:7e:ea:b2:3f:47:be:cd:bc:31:8e:25:60:71:46:
         f8:93:9e:36:a3:f2:d1:1f:96:d5:9d:b6:8e:11:8b:8c:78:4f:
         26:a1:d9:36:d8:80:8e:a5:e9:b7:00:1c:b5:58:f4:fa:4d:71:
         c7:bd:ac:5e:43:3d:42:25:52:c2:21:9e:c1:ac:c9:b3:62:bf:
         d7:49:be:14:b8:24:5c:da:cc:b8:07:9d:86:5f:ac:ac:0a:60:
         8d:16:e8:74:a1:4c:70:bd:87:50:1c:88:4e:a5:7b:85:4c:09:
         f1:74:e1:c9:4e:90:eb:4b:3f:28:55:ef:28:41:39:79:dd:d6:
         2b:ed:bd:74:1c:e7:a6:78:72:24:58:a2:64:db:bd:25:52:ac:
         5e:20:6c:35:6b:40:24:67:aa:97:0c:f2:34:f8:4a:3c:00:cb:
         5f:92:14:1b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvi2wI8LFSVDRgI82ivvc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjcxZmVjMzhmMDBjNDAyZjMwNjZmMTNjNzkyZTFhMGVk
MTZkYjMwHhcNMjMwMTAxMjI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTA2Mjk3OWQ1NTQ2ZGZlYzEwZjBjYTVkODUzY2E1MmQ3NzQwZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgMNXlrRfZcJC2lyPHgxmFv9CLVG
+H/mxyKdBqyEzx6wgeLnYg1baukCH2zmz2mbviGc0Q5Df4rrJ5YO+63yMsvfY2Y2
KjofVHikvjptoUESjfOHG6De8lLf8+1FDmKbCgR7WABDH3r/V1dTIFHDQCehqfYh
aaj07sAMrUyk3Z1RGe/mEJU8gSe1lcus6H4fqxacS3ESYcnaB2NWmJ9ZBSzUQKhi
4loAV0qBmJEa0HxYOTBIOEDDDD0fc9D7044a/JYktNRRIvHDNce3kCMyrEBN/Knj
vG46Nsz344HDHaghrpOqoUeZsHAFqPSdFUSwdPL0bqPtNwQMYZQm/uikXwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCEGKXnVVG3+wQ8MpdhTylLXdA3UMB8GA1UdIwQY
MBaAFA9nH+w48AxALzBm8Tx5LhoO0W2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTIt
OTc3MzA1YzcwMDUxLzEvSVFZcGVkVlViZjdCRHd5bDJGUEtVdGQwRGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS80OWJiNjktZGZmOS00NDhlLWE4YTItOTc3MzA1YzcwMDUx
LzEvRDJjZjdEandERUF2TUdieFBIa3VHZzdSYmJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAJQmwMAwD
BAElCbIDBAElCbQDBAAlCbcDBAK5FNQwDQYJKoZIhvcNAQELBQADggEBAHHyAIaW
vQwsMOabbpNAHQ5Bt/IsxB1z3C7l9JeRW5De8+UTuqDZG7JbUKMCg11BaNFxAdO4
RfVnWi+qE7/zmqPbI4lrvRbUgV+cAsTx1OdwzhuWerfmdul+vYsZRzp+6rI/R77N
vDGOJWBxRviTnjaj8tEfltWdto4Ri4x4Tyah2TbYgI6l6bcAHLVY9PpNcce9rF5D
PUIlUsIhnsGsybNiv9dJvhS4JFzazLgHnYZfrKwKYI0W6HShTHC9h1AciE6le4VM
CfF04clOkOtLPyhV7yhBOXnd1ivtvXQc56Z4ciRYomTbvSVSrF4gbDVrQCRnqpcM
8jT4SjwAy1+SFBs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:45 2024 by rpki-client on console-fra.rpki-client.org