Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/j53BKWVNkcp3aoJIqQqQUJIL9mQ.roa
File:                     j53BKWVNkcp3aoJIqQqQUJIL9mQ.roa (raw, json)
Hash identifier:          3WgkFbap7IH5S7q5FAFZZ8Kra2aonyojwNLlMhHuk58=
Subject key identifier:   8F:9D:C1:29:65:4D:91:CA:77:6A:82:48:A9:0A:90:50:92:0B:F6:64
Certificate issuer:       /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial:       0187AE903EE199D6525A9F6880850D6D4BA2
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/j53BKWVNkcp3aoJIqQqQUJIL9mQ.roa
Signing time:             Sun 23 Apr 2023 14:41:41 +0000
ROA not before:           Sun 23 Apr 2023 14:41:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42615
IP address blocks:        185.186.11.0/24 maxlen: 24
                          2a0b:6b81:3::/48 maxlen: 48
                          2a0b:6b81:1::/48 maxlen: 48
                          2a0b:6b87::/32 maxlen: 32
                          2a0b:6b81:4::/48 maxlen: 48
                          2a0b:6b82::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 05 May 2023 15:49:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ae:90:3e:e1:99:d6:52:5a:9f:68:80:85:0d:6d:4b:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
        Validity
            Not Before: Apr 23 14:41:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f9dc129654d91ca776a8248a90a9050920bf664
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f2:da:10:f7:50:7a:5a:c5:55:52:ae:ff:bd:
                    d7:bb:d5:f0:ec:81:dd:22:9d:8a:98:12:52:26:47:
                    55:cd:e4:41:7b:fb:72:73:8c:93:d7:bc:3a:2f:85:
                    62:76:59:a6:67:c8:e9:e2:a4:b1:6c:74:be:5a:cd:
                    a5:de:da:ef:14:85:de:d1:43:14:3e:7a:ed:53:b1:
                    31:35:1b:2b:0e:5f:9e:ef:f3:2a:11:f0:d2:5d:51:
                    19:1c:25:7a:37:95:aa:8b:cb:b0:3e:56:3d:dd:8f:
                    2f:12:bb:30:ee:df:79:0a:cc:71:ee:9b:af:b5:35:
                    30:01:68:d6:e9:61:7c:df:42:35:74:bb:74:af:7c:
                    b8:c9:1e:4c:e8:e9:41:45:50:34:b9:ba:d4:67:0f:
                    dd:b3:28:29:ac:f2:4d:74:db:98:2a:26:66:04:a0:
                    7b:e3:9c:68:e4:8b:71:89:76:4a:2b:34:c6:ab:8f:
                    33:b2:17:b8:75:09:74:bb:6a:41:73:4b:35:d3:65:
                    92:4b:4f:2f:52:3a:71:bb:29:3f:cf:1d:3c:7b:f4:
                    4e:ed:3d:6b:1b:5b:fc:a7:4b:7d:9c:1d:7f:f6:98:
                    d0:da:34:9e:a7:5f:b8:ff:c4:5e:a1:4d:80:3f:57:
                    29:cb:f7:6b:f6:1f:03:aa:a3:c1:57:0a:fb:83:2c:
                    34:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:9D:C1:29:65:4D:91:CA:77:6A:82:48:A9:0A:90:50:92:0B:F6:64
            X509v3 Authority Key Identifier:
                keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/j53BKWVNkcp3aoJIqQqQUJIL9mQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.186.11.0/24
                IPv6:
                  2a0b:6b81:1::/48
                  2a0b:6b81:3::-2a0b:6b81:4:ffff:ffff:ffff:ffff:ffff
                  2a0b:6b82::/32
                  2a0b:6b87::/32

    Signature Algorithm: sha256WithRSAEncryption
         1f:74:fc:71:72:16:9f:e0:ee:4e:f1:fd:bb:ae:d6:33:a3:1c:
         a7:d1:0e:3c:8a:a2:b7:29:9c:3a:b0:bd:d7:b0:7a:b6:1a:fe:
         8e:82:5c:9b:64:58:31:65:ef:d7:a7:bc:ad:a3:8b:a2:18:3a:
         1f:2b:c7:9b:9a:58:79:12:eb:34:65:c6:84:5d:60:44:78:a7:
         fa:33:16:3f:5a:06:0d:7f:97:8c:77:19:4c:4b:76:10:b4:dc:
         b1:34:4c:e3:e4:1b:d3:66:b6:c2:de:48:48:2c:33:6e:41:f8:
         a9:71:5a:a5:b0:67:fc:fb:5c:00:37:ae:5a:0d:4a:83:d6:c4:
         69:bf:e1:92:67:73:6d:d2:8f:a3:95:5e:21:41:a5:8f:7c:10:
         07:90:4c:fb:fb:55:8e:ce:da:05:5e:56:80:fd:6d:23:79:b6:
         b4:38:fa:5d:1e:83:02:1a:9c:b7:ec:99:45:d2:6f:89:2c:b8:
         fb:ca:08:72:e2:d6:2a:47:55:15:ad:94:c9:d0:e0:97:cc:9b:
         b1:1d:c1:98:26:3b:46:ea:2d:d3:0a:fc:53:65:b8:a9:f1:09:
         c4:13:7e:68:f4:d1:aa:e2:c8:45:b2:37:fe:90:57:94:1e:c3:
         dc:63:e7:aa:b9:bb:0e:c7:c8:2b:45:ab:aa:5d:74:34:4f:a4:
         8f:27:0f:e5
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYeukD7hmdZSWp9ogIUNbUuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwNDIzMTQ0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjlkYzEyOTY1NGQ5MWNhNzc2YTgyNDhhOTBhOTA1MDkyMGJmNjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvLaEPdQelrFVVKu/73Xu9Xw7IHd
Ip2KmBJSJkdVzeRBe/tyc4yT17w6L4VidlmmZ8jp4qSxbHS+Ws2l3trvFIXe0UMU
PnrtU7ExNRsrDl+e7/MqEfDSXVEZHCV6N5Wqi8uwPlY93Y8vErsw7t95Csxx7puv
tTUwAWjW6WF830I1dLt0r3y4yR5M6OlBRVA0ubrUZw/dsygprPJNdNuYKiZmBKB7
45xo5ItxiXZKKzTGq48zshe4dQl0u2pBc0s102WSS08vUjpxuyk/zx08e/RO7T1r
G1v8p0t9nB1/9pjQ2jSep1+4/8ReoU2AP1cpy/dr9h8DqqPBVwr7gyw0SQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFI+dwSllTZHKd2qCSKkKkFCSC/ZkMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvajUzQktXVk5rY3AzYW9KSXFRcVFVSklMOW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAMBAIAATAGAwQAuboLMDEE
AgACMCsDBwAqC2uBAAEwEgMHACoLa4EAAwMHACoLa4EABAMFACoLa4IDBQAqC2uH
MA0GCSqGSIb3DQEBCwUAA4IBAQAfdPxxchaf4O5O8f27rtYzoxyn0Q48iqK3KZw6
sL3XsHq2Gv6OglybZFgxZe/Xp7yto4uiGDofK8ebmlh5Eus0ZcaEXWBEeKf6MxY/
WgYNf5eMdxlMS3YQtNyxNEzj5BvTZrbC3khILDNuQfipcVqlsGf8+1wAN65aDUqD
1sRpv+GSZ3Nt0o+jlV4hQaWPfBAHkEz7+1WOztoFXlaA/W0jeba0OPpdHoMCGpy3
7JlF0m+JLLj7yghy4tYqR1UVrZTJ0OCXzJuxHcGYJjtG6i3TCvxTZbip8QnEE35o
9NGq4shFsjf+kFeUHsPcY+equbsOx8grRauqXXQ0T6SPJw/l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:24 2024 by rpki-client on console-fra.rpki-client.org