Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/mS6UaakVW7aORdAI27JV02cKUlQ.roa
File:                     mS6UaakVW7aORdAI27JV02cKUlQ.roa (raw, json)
Hash identifier:          UGlVb6dEfo4Rqlwr6jKQTdSiAXxdufBe9VxgTAFP/w4=
Subject key identifier:   99:2E:94:69:A9:15:5B:B6:8E:45:D0:08:DB:B2:55:D3:67:0A:52:54
Certificate issuer:       /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial:       018CC493882B542D42F4850A6E67719E2EB8
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/mS6UaakVW7aORdAI27JV02cKUlQ.roa
Signing time:             Mon 01 Jan 2024 10:30:52 +0000
ROA not before:           Mon 01 Jan 2024 10:30:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201909
IP address blocks:        37.35.53.0/24 maxlen: 24
                          188.119.159.0/24 maxlen: 24
                          188.119.158.0/24 maxlen: 24
                          188.119.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 10:23:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:88:2b:54:2d:42:f4:85:0a:6e:67:71:9e:2e:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
        Validity
            Not Before: Jan  1 10:30:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=992e9469a9155bb68e45d008dbb255d3670a5254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:b1:44:d5:5e:1c:32:98:d7:0e:f6:70:59:fd:
                    16:4f:72:b0:f2:51:65:7a:31:2f:05:7e:36:d7:8b:
                    99:f1:80:b4:6b:48:b4:a1:f2:8b:4b:e9:57:77:30:
                    0e:c3:dd:df:b2:4f:c0:cb:c3:2f:e6:18:56:f2:83:
                    15:90:b0:1d:c2:be:34:6e:11:f5:15:7f:e6:89:e7:
                    73:69:f5:ad:8c:7c:69:91:36:e0:07:f3:5b:df:6e:
                    6f:94:80:40:d0:47:d6:cf:4d:9f:d8:fe:cb:3e:20:
                    63:d0:7b:a1:37:6e:4c:1a:a2:98:f3:2b:73:8f:4f:
                    bf:bd:8c:f3:0f:02:b4:84:a9:4b:66:64:c0:29:42:
                    aa:11:d0:40:8b:90:ae:fa:6d:8b:2a:8c:90:d3:0a:
                    17:4e:92:e1:01:4d:5f:48:08:e9:6e:7f:33:7c:3a:
                    e1:25:b3:e5:fa:03:64:15:18:2b:85:ae:c8:63:55:
                    3b:6d:5e:2a:b8:ce:f9:86:8a:cd:45:51:7d:67:ff:
                    21:09:32:66:53:76:46:a7:d2:df:3e:49:3e:d7:b3:
                    81:0e:3d:2c:b5:17:0a:f8:e0:00:0b:41:45:e7:19:
                    fe:4b:96:47:73:cb:5d:3f:fe:45:06:74:f0:db:55:
                    97:40:38:58:25:9b:48:2d:9a:8b:fb:00:77:92:79:
                    e9:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:2E:94:69:A9:15:5B:B6:8E:45:D0:08:DB:B2:55:D3:67:0A:52:54
            X509v3 Authority Key Identifier:
                keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/mS6UaakVW7aORdAI27JV02cKUlQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.35.53.0/24
                  188.119.158.0/23
                  188.119.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:fe:0d:33:e7:a3:03:d9:a2:bb:5e:4a:47:37:4e:6d:da:c9:
         7c:5a:29:25:ee:da:b7:26:c1:84:03:b7:44:12:be:34:f8:6b:
         f4:21:00:3e:81:93:79:df:76:b8:34:5b:24:a6:5d:f8:68:2f:
         7c:9c:0d:2a:f6:21:41:7b:85:0a:1b:26:39:8c:93:7b:02:68:
         b6:14:23:8c:4e:53:36:b0:c7:ec:7c:88:10:02:11:19:ac:11:
         50:e9:30:0a:95:65:5e:8a:00:1b:97:20:38:5a:44:b0:59:3d:
         b0:14:0e:fd:8e:8e:3b:7a:b5:ec:26:ad:6e:f7:af:4f:11:c7:
         a6:32:4a:09:dd:3f:fb:8a:d7:43:27:a2:f9:d5:9a:b7:2f:b6:
         cb:0f:1f:61:23:8d:e7:3a:13:4e:55:17:f6:10:68:58:e6:b1:
         bc:db:47:74:d9:03:ed:fd:ef:c5:5f:ca:95:92:e7:5b:7a:0e:
         12:ed:52:9e:00:c1:90:60:cd:9e:e6:27:73:20:41:dd:29:a8:
         f0:02:9a:f9:15:84:66:2c:c7:07:48:1c:b1:c6:95:0e:32:00:
         19:aa:7e:05:4b:31:f7:e3:94:01:7b:21:76:8b:41:46:37:48:
         71:ba:05:5b:8a:c0:f5:de:ed:15:0c:01:6d:91:e7:43:81:0d:
         0c:89:be:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEk4grVC1C9IUKbmdxni64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMTAxMTAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJlOTQ2OWE5MTU1YmI2OGU0NWQwMDhkYmIyNTVkMzY3MGE1MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7FE1V4cMpjXDvZwWf0WT3Kw8lFl
ejEvBX4214uZ8YC0a0i0ofKLS+lXdzAOw93fsk/Ay8Mv5hhW8oMVkLAdwr40bhH1
FX/miedzafWtjHxpkTbgB/Nb325vlIBA0EfWz02f2P7LPiBj0HuhN25MGqKY8ytz
j0+/vYzzDwK0hKlLZmTAKUKqEdBAi5Cu+m2LKoyQ0woXTpLhAU1fSAjpbn8zfDrh
JbPl+gNkFRgrha7IY1U7bV4quM75horNRVF9Z/8hCTJmU3ZGp9LfPkk+17OBDj0s
tRcK+OAAC0FF5xn+S5ZHc8tdP/5FBnTw21WXQDhYJZtILZqL+wB3knnpwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJkulGmpFVu2jkXQCNuyVdNnClJUMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvbVM2VWFha1ZXN2FPUmRBSTI3SlYwMmNLVWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJSM1AwQB
vHeeAwQAvHejMA0GCSqGSIb3DQEBCwUAA4IBAQCn/g0z56MD2aK7XkpHN05t2sl8
Wikl7tq3JsGEA7dEEr40+Gv0IQA+gZN533a4NFskpl34aC98nA0q9iFBe4UKGyY5
jJN7Ami2FCOMTlM2sMfsfIgQAhEZrBFQ6TAKlWVeigAblyA4WkSwWT2wFA79jo47
erXsJq1u969PEcemMkoJ3T/7itdDJ6L51Zq3L7bLDx9hI43nOhNOVRf2EGhY5rG8
20d02QPt/e/FX8qVkudbeg4S7VKeAMGQYM2e5idzIEHdKajwApr5FYRmLMcHSByx
xpUOMgAZqn4FSzH345QBeyF2i0FGN0hxugVbisD13u0VDAFtkedDgQ0Mib5P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org