Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e34cd5-011a-404a-9ad5-93b578d18c8c/1/0d1XWUIQzmkDFwlPA2fnTpibnXo.roa
File:                     0d1XWUIQzmkDFwlPA2fnTpibnXo.roa (raw, json)
Hash identifier:          dgyHaX86DwS0g/1Uv5FtkXDQUqGcpHlFt9bz/M9z2NI=
Subject key identifier:   D1:DD:57:59:42:10:CE:69:03:17:09:4F:03:67:E7:4E:98:9B:9D:7A
Certificate issuer:       /CN=e1151d489b36694192acbfcaa5e0bb46fc9e5be0
Certificate serial:       018C677083867D13BA1DEA69D8822414C7E1
Authority key identifier: E1:15:1D:48:9B:36:69:41:92:AC:BF:CA:A5:E0:BB:46:FC:9E:5B:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4RUdSJs2aUGSrL_KpeC7RvyeW-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e34cd5-011a-404a-9ad5-93b578d18c8c/1/0d1XWUIQzmkDFwlPA2fnTpibnXo.roa
Signing time:             Thu 14 Dec 2023 08:27:55 +0000
ROA not before:           Thu 14 Dec 2023 08:27:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59720
IP address blocks:        185.5.232.0/22 maxlen: 24
                          185.5.232.0/24 maxlen: 24
                          185.5.233.0/24 maxlen: 24
                          185.5.235.0/24 maxlen: 24
                          185.5.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:30:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:67:70:83:86:7d:13:ba:1d:ea:69:d8:82:24:14:c7:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1151d489b36694192acbfcaa5e0bb46fc9e5be0
        Validity
            Not Before: Dec 14 08:27:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1dd57594210ce690317094f0367e74e989b9d7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:aa:43:45:48:25:28:db:61:88:0f:62:1b:06:
                    ac:e6:69:92:86:91:28:a1:da:9d:ef:36:95:56:01:
                    45:44:46:3d:e6:ec:e0:a0:7b:18:02:05:ac:92:55:
                    6d:20:03:8b:e0:40:e7:e0:63:d9:a1:55:ba:45:75:
                    22:6a:87:97:37:20:01:6a:05:df:dc:61:9c:8f:02:
                    32:a4:91:25:64:34:ee:74:e7:61:30:6e:82:9b:24:
                    5e:cd:3f:83:9b:ec:94:37:25:82:47:75:1d:3c:dd:
                    0b:7e:e2:bf:09:28:47:1e:7c:72:1e:4a:57:d6:44:
                    09:0d:b1:05:12:74:3d:de:cc:38:92:67:28:94:ae:
                    f6:34:f7:ae:4f:53:5e:1e:2a:a5:2a:ac:b5:7a:d3:
                    69:b1:a1:5c:85:b7:d5:f3:1d:67:df:6c:b1:af:07:
                    a2:57:76:82:45:41:cb:0a:aa:8f:18:5e:11:9a:91:
                    d8:4f:f3:d9:5a:15:b8:4e:a6:ed:5c:c9:a2:d1:45:
                    f5:2b:3f:6b:3d:ad:57:aa:f5:70:9d:32:76:37:c5:
                    16:1d:ab:d0:b5:8c:37:21:88:f0:74:83:29:80:db:
                    11:2d:ea:78:24:c3:3e:c7:9a:9a:7e:53:ca:28:25:
                    d6:8a:30:03:6d:2a:4a:a2:cd:00:ed:43:69:4e:0a:
                    80:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:DD:57:59:42:10:CE:69:03:17:09:4F:03:67:E7:4E:98:9B:9D:7A
            X509v3 Authority Key Identifier:
                keyid:E1:15:1D:48:9B:36:69:41:92:AC:BF:CA:A5:E0:BB:46:FC:9E:5B:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4RUdSJs2aUGSrL_KpeC7RvyeW-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e34cd5-011a-404a-9ad5-93b578d18c8c/1/0d1XWUIQzmkDFwlPA2fnTpibnXo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e34cd5-011a-404a-9ad5-93b578d18c8c/1/4RUdSJs2aUGSrL_KpeC7RvyeW-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.5.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         84:7b:ee:2d:db:d7:d3:56:a4:e0:20:03:ad:13:69:6a:fb:3a:
         84:9b:a3:c8:2a:71:7e:0e:45:a6:76:14:c5:03:75:6d:8b:c7:
         fc:b1:ca:a9:c9:de:b0:38:bb:a0:03:9d:48:f0:56:f9:7d:67:
         58:87:93:41:eb:70:9e:d7:d0:9f:58:35:59:6a:1d:92:b3:70:
         30:9a:0e:0a:f8:d2:73:dc:d4:19:ed:6e:8e:74:0f:0d:8e:00:
         39:81:1b:e9:d7:63:dd:7a:51:a1:eb:da:c0:76:6e:ac:45:fa:
         29:e2:92:39:a8:d2:f9:f7:3c:07:59:d2:9f:2c:89:73:a6:00:
         b0:3e:0f:ae:c3:cb:b6:28:d2:84:fd:83:5d:31:89:a9:b3:e8:
         42:67:9e:a5:67:10:b9:d3:2e:7b:f5:a1:d1:00:87:04:54:5a:
         39:45:9c:0a:af:a0:e6:78:c7:73:d4:67:58:5b:ac:35:d5:98:
         48:4f:06:cc:8a:00:90:62:b7:92:40:0e:c4:71:21:3b:51:1c:
         2d:e8:b6:ae:39:a6:16:b0:dd:8d:2b:60:a6:d2:8c:6a:ca:7c:
         9f:0f:e6:48:59:87:f4:0e:7a:35:5a:88:b6:95:28:34:87:dc:
         8f:fd:5d:63:91:58:03:95:e1:34:a3:2b:37:30:d5:b7:72:46:
         fc:73:21:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxncIOGfRO6Hepp2IIkFMfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMTUxZDQ4OWIzNjY5NDE5MmFjYmZjYWE1ZTBiYjQ2ZmM5
ZTViZTAwHhcNMjMxMjE0MDgyNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWRkNTc1OTQyMTBjZTY5MDMxNzA5NGYwMzY3ZTc0ZTk4OWI5ZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmapDRUglKNthiA9iGwas5mmShpEo
odqd7zaVVgFFREY95uzgoHsYAgWsklVtIAOL4EDn4GPZoVW6RXUiaoeXNyABagXf
3GGcjwIypJElZDTudOdhMG6CmyRezT+Dm+yUNyWCR3UdPN0LfuK/CShHHnxyHkpX
1kQJDbEFEnQ93sw4kmcolK72NPeuT1NeHiqlKqy1etNpsaFchbfV8x1n32yxrwei
V3aCRUHLCqqPGF4RmpHYT/PZWhW4TqbtXMmi0UX1Kz9rPa1XqvVwnTJ2N8UWHavQ
tYw3IYjwdIMpgNsRLep4JMM+x5qaflPKKCXWijADbSpKos0A7UNpTgqAmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHdV1lCEM5pAxcJTwNn506Ym516MB8GA1UdIwQY
MBaAFOEVHUibNmlBkqy/yqXgu0b8nlvgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFJVZFNKczJhVUdTckxfS3BlQzdSdnllVy1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lMzRjZDUtMDExYS00MDRhLTlhZDUt
OTNiNTc4ZDE4YzhjLzEvMGQxWFdVSVF6bWtERndsUEEyZm5UcGliblhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lMzRjZDUtMDExYS00MDRhLTlhZDUtOTNiNTc4ZDE4Yzhj
LzEvNFJVZFNKczJhVUdTckxfS3BlQzdSdnllVy1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQXoMA0G
CSqGSIb3DQEBCwUAA4IBAQCEe+4t29fTVqTgIAOtE2lq+zqEm6PIKnF+DkWmdhTF
A3Vti8f8scqpyd6wOLugA51I8Fb5fWdYh5NB63Ce19CfWDVZah2Ss3Awmg4K+NJz
3NQZ7W6OdA8NjgA5gRvp12PdelGh69rAdm6sRfop4pI5qNL59zwHWdKfLIlzpgCw
Pg+uw8u2KNKE/YNdMYmps+hCZ56lZxC50y579aHRAIcEVFo5RZwKr6DmeMdz1GdY
W6w11ZhITwbMigCQYreSQA7EcSE7URwt6LauOaYWsN2NK2Cm0oxqynyfD+ZIWYf0
Dno1Woi2lSg0h9yP/V1jkVgDleE0oys3MNW3ckb8cyHF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:53 2024 by rpki-client on console-fra.rpki-client.org