Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/j0nUeVt1ZN8iTCRDCfgD8Glcn_I.roa
File:                     j0nUeVt1ZN8iTCRDCfgD8Glcn_I.roa (raw, json)
Hash identifier:          CYYkFtzjr/BLE3On3TozjUcDKIMIjcjxnnNrRm+0LD4=
Subject key identifier:   8F:49:D4:79:5B:75:64:DF:22:4C:24:43:09:F8:03:F0:69:5C:9F:F2
Certificate issuer:       /CN=76f311ef1581a00e437cd704b6281ac8621afc56
Certificate serial:       018572311AD424647BA3594507DCC969E59F
Authority key identifier: 76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/j0nUeVt1ZN8iTCRDCfgD8Glcn_I.roa
Signing time:             Mon 02 Jan 2023 11:14:58 +0000
ROA not before:           Mon 02 Jan 2023 11:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8361
IP address blocks:        195.22.144.0/23 maxlen: 24
                          194.169.249.0/24 maxlen: 24
                          194.2.155.0/24 maxlen: 24
                          185.38.20.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:31:1a:d4:24:64:7b:a3:59:45:07:dc:c9:69:e5:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76f311ef1581a00e437cd704b6281ac8621afc56
        Validity
            Not Before: Jan  2 11:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f49d4795b7564df224c244309f803f0695c9ff2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:08:8c:fb:33:0e:b4:86:dc:23:d6:3a:cc:cd:
                    70:27:91:f6:4d:42:30:e4:24:3d:b0:f5:a5:44:86:
                    8a:45:3b:08:2e:55:02:00:9a:44:9a:98:f2:87:14:
                    47:fe:03:8c:86:a0:73:85:55:49:17:80:d6:e7:53:
                    c9:84:39:6c:d0:fe:34:f2:1c:ee:fa:25:1d:ca:4e:
                    65:18:4a:b5:20:ab:9b:e8:7c:ca:4c:3c:f7:ef:f3:
                    27:f2:97:4a:e2:f3:12:48:b0:f2:38:6e:c1:29:93:
                    73:1a:72:d3:2e:06:86:33:5b:30:0c:b1:f1:41:54:
                    ce:be:d3:ff:28:8e:32:e4:cb:04:95:a3:bf:90:9d:
                    5b:50:bb:56:a2:1b:89:c1:07:d1:ce:a6:47:4b:5a:
                    18:a7:38:bd:3d:c1:1c:34:8a:8b:68:7c:37:22:a5:
                    2c:d2:e1:26:98:4e:99:aa:52:87:3c:93:8f:fb:b1:
                    d4:e3:f3:a8:66:de:36:ed:d2:6a:b5:80:cb:22:fb:
                    90:17:59:5d:c7:e2:ad:98:80:a8:1c:1a:f6:a1:59:
                    f9:21:fb:4b:05:4a:65:67:d8:2e:c2:ff:f9:8a:7d:
                    22:6e:f3:d4:6b:c0:c6:c3:e2:56:7d:a1:e1:2d:89:
                    c6:bf:c1:04:42:c9:79:8c:ff:82:bf:35:be:a9:8b:
                    44:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:49:D4:79:5B:75:64:DF:22:4C:24:43:09:F8:03:F0:69:5C:9F:F2
            X509v3 Authority Key Identifier:
                keyid:76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/j0nUeVt1ZN8iTCRDCfgD8Glcn_I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/dvMR7xWBoA5DfNcEtigayGIa_FY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.38.20.0/22
                  194.2.155.0/24
                  194.169.249.0/24
                  195.22.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:b5:bd:64:86:aa:a7:2c:81:33:78:9d:fe:b8:0f:c6:12:b2:
         35:d3:0d:cb:d7:31:1c:5e:73:f9:05:93:c8:c3:40:0c:f0:81:
         47:37:5c:67:32:aa:8b:6b:62:29:e2:6c:28:41:a3:41:9a:4b:
         7f:87:b9:41:83:80:50:92:61:db:fb:f8:1a:bc:5a:fc:b8:1e:
         00:5b:f0:39:6e:39:e1:85:58:31:b8:ef:26:f4:b3:ff:f2:7b:
         6a:25:89:00:60:3e:54:c9:9d:b9:53:ca:b0:dd:6b:13:97:92:
         68:c3:7d:bd:e3:c4:b6:0b:71:94:12:fa:1f:b0:7b:f1:bf:a3:
         3b:7c:f7:91:81:90:2c:9f:fb:2b:fd:92:ff:8e:29:d2:bc:31:
         ea:0c:ff:12:ee:e7:d6:b1:2b:a5:1a:e7:69:7b:0f:45:86:ba:
         e9:ad:8d:3a:0b:f7:4b:b5:79:36:d6:b4:91:a1:f6:d8:36:00:
         77:c7:c0:13:64:ab:6c:55:7a:ea:e5:ab:03:9e:e6:e5:84:99:
         39:14:87:55:7d:7a:5c:c6:29:30:02:ed:6d:23:14:06:70:53:
         4a:80:80:43:fe:8e:6b:0a:13:93:a4:67:cb:4c:ee:dc:49:76:
         fd:56:a2:4c:a3:9d:71:bd:9f:2e:cb:4c:63:8c:83:ee:09:a8:
         51:9b:2b:2b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyMRrUJGR7o1lFB9zJaeWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZjMxMWVmMTU4MWEwMGU0MzdjZDcwNGI2MjgxYWM4NjIx
YWZjNTYwHhcNMjMwMTAyMTExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjQ5ZDQ3OTViNzU2NGRmMjI0YzI0NDMwOWY4MDNmMDY5NWM5ZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwiM+zMOtIbcI9Y6zM1wJ5H2TUIw
5CQ9sPWlRIaKRTsILlUCAJpEmpjyhxRH/gOMhqBzhVVJF4DW51PJhDls0P408hzu
+iUdyk5lGEq1IKub6HzKTDz37/Mn8pdK4vMSSLDyOG7BKZNzGnLTLgaGM1swDLHx
QVTOvtP/KI4y5MsElaO/kJ1bULtWohuJwQfRzqZHS1oYpzi9PcEcNIqLaHw3IqUs
0uEmmE6ZqlKHPJOP+7HU4/OoZt427dJqtYDLIvuQF1ldx+KtmICoHBr2oVn5IftL
BUplZ9guwv/5in0ibvPUa8DGw+JWfaHhLYnGv8EEQsl5jP+CvzW+qYtExwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI9J1HlbdWTfIkwkQwn4A/BpXJ/yMB8GA1UdIwQY
MBaAFHbzEe8VgaAOQ3zXBLYoGshiGvxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDkt
MTY5NDMxMjk2YzU5LzEvajBuVWVWdDFaTjhpVENSRENmZ0Q4R2xjbl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDktMTY5NDMxMjk2YzU5
LzEvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuSYUAwQA
wgKbAwQAwqn5AwQBwxaQMA0GCSqGSIb3DQEBCwUAA4IBAQABtb1khqqnLIEzeJ3+
uA/GErI10w3L1zEcXnP5BZPIw0AM8IFHN1xnMqqLa2Ip4mwoQaNBmkt/h7lBg4BQ
kmHb+/gavFr8uB4AW/A5bjnhhVgxuO8m9LP/8ntqJYkAYD5UyZ25U8qw3WsTl5Jo
w32948S2C3GUEvofsHvxv6M7fPeRgZAsn/sr/ZL/jinSvDHqDP8S7ufWsSulGudp
ew9FhrrprY06C/dLtXk21rSRofbYNgB3x8ATZKtsVXrq5asDnublhJk5FIdVfXpc
xikwAu1tIxQGcFNKgIBD/o5rChOTpGfLTO7cSXb9VqJMo51xvZ8uy0xjjIPuCahR
mysr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:33 2024 by rpki-client on console-ams.rpki-client.org