Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/Km36yQc1HxnW17gSzz6ZustDFug.roa
File:                     Km36yQc1HxnW17gSzz6ZustDFug.roa (raw, json)
Hash identifier:          vL/XNYBRWJZY2F6kTiyjfQAUV7TKnjE5tNyex5KrpP8=
Subject key identifier:   2A:6D:FA:C9:07:35:1F:19:D6:D7:B8:12:CF:3E:99:BA:CB:43:16:E8
Certificate issuer:       /CN=fbed9439a4e4b2d32e4bee647f3b61055b169e3d
Certificate serial:       01856E01CC0A0065CE11103C52377060CB23
Authority key identifier: FB:ED:94:39:A4:E4:B2:D3:2E:4B:EE:64:7F:3B:61:05:5B:16:9E:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1--2UOaTkstMuS-5kfzthBVsWnj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/Km36yQc1HxnW17gSzz6ZustDFug.roa
Signing time:             Sun 01 Jan 2023 15:44:49 +0000
ROA not before:           Sun 01 Jan 2023 15:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39832
IP address blocks:        91.203.96.0/22 maxlen: 24
                          141.0.8.0/21 maxlen: 24
                          195.189.142.0/23 maxlen: 24
                          82.145.208.0/20 maxlen: 24
                          185.26.180.0/22 maxlen: 24
                          37.228.104.0/21 maxlen: 24
                          2001:4c28::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:01:cc:0a:00:65:ce:11:10:3c:52:37:70:60:cb:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fbed9439a4e4b2d32e4bee647f3b61055b169e3d
        Validity
            Not Before: Jan  1 15:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a6dfac907351f19d6d7b812cf3e99bacb4316e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:31:0d:ef:11:10:3a:4e:a8:0d:be:36:82:49:
                    5f:52:ec:27:9b:d0:a8:28:15:66:fa:db:8d:a9:32:
                    3a:2a:52:0e:20:34:a7:e6:aa:37:ae:76:a8:9b:b7:
                    32:c6:7d:83:cc:aa:b4:b9:50:f7:71:24:64:a4:53:
                    71:8f:34:c8:0d:25:84:7a:3c:7d:3f:c3:9f:e6:4a:
                    0a:81:ca:bf:2d:f8:4d:92:90:5b:96:90:16:5b:8d:
                    48:9b:7b:b7:70:5e:85:73:6a:18:1c:20:a9:03:f7:
                    64:8f:c0:81:64:5b:23:2b:4d:ed:e8:5e:aa:89:e4:
                    47:0b:48:d0:2a:13:b0:9f:93:1c:8b:4c:81:0d:c8:
                    a8:22:c4:e9:1d:d8:50:b4:3d:c3:96:99:11:9c:1c:
                    b1:8e:c2:94:c6:cf:4c:b2:15:a0:58:65:e4:68:d8:
                    8e:7e:0d:50:79:10:59:af:ac:bd:06:36:d3:49:89:
                    43:a5:cf:dc:c6:62:25:ac:c6:20:4e:d3:39:8a:74:
                    28:04:38:d2:f2:40:e7:5e:a9:83:c8:92:a7:cc:20:
                    c0:71:49:da:aa:4e:6f:90:20:c2:84:21:90:52:ef:
                    dd:cb:6a:5f:a6:6a:63:e1:7d:12:7a:2c:f9:76:0d:
                    64:b5:66:11:06:13:7e:5e:63:41:71:4c:a4:42:dd:
                    b4:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:6D:FA:C9:07:35:1F:19:D6:D7:B8:12:CF:3E:99:BA:CB:43:16:E8
            X509v3 Authority Key Identifier:
                keyid:FB:ED:94:39:A4:E4:B2:D3:2E:4B:EE:64:7F:3B:61:05:5B:16:9E:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1--2UOaTkstMuS-5kfzthBVsWnj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/Km36yQc1HxnW17gSzz6ZustDFug.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/1--2UOaTkstMuS-5kfzthBVsWnj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.228.104.0/21
                  82.145.208.0/20
                  91.203.96.0/22
                  141.0.8.0/21
                  185.26.180.0/22
                  195.189.142.0/23
                IPv6:
                  2001:4c28::/32

    Signature Algorithm: sha256WithRSAEncryption
         88:d6:e1:60:d2:20:35:d1:5d:9c:b5:8e:06:67:a3:23:f4:65:
         5e:80:99:ac:c4:ca:3e:20:72:a4:f8:20:94:80:ec:c5:ed:9d:
         1e:96:eb:a1:16:f7:8b:d0:3f:16:18:19:11:6d:41:d7:77:13:
         fc:ff:a0:91:02:18:81:c8:8a:f0:7c:80:16:da:40:e3:41:1c:
         a4:79:b0:09:78:6a:73:2d:51:fc:64:a6:cc:82:fb:4b:33:8b:
         90:ca:f6:9f:65:3c:8d:d9:9a:8e:31:b3:19:4f:c5:8f:bb:ad:
         5f:c8:e7:6a:bf:d2:0c:09:b0:c5:f4:a3:27:08:e8:8b:02:6d:
         36:81:a3:0a:a8:9e:ce:18:1d:19:a9:42:52:2c:4a:3f:2d:3c:
         0a:65:d3:56:9a:71:ec:85:64:b0:d8:87:cd:9e:7c:c6:d9:0c:
         d6:41:32:22:b4:2e:93:22:57:40:ee:91:2d:c2:9f:a5:c7:be:
         6d:bd:f1:4a:5c:31:07:ba:a3:6a:12:d5:ec:cb:03:3d:d8:df:
         0f:c4:25:18:0d:b0:cd:5a:58:44:65:56:5f:60:2b:62:1f:c2:
         81:97:b7:f4:7e:1e:e5:c3:a9:91:a4:c0:ca:5b:cf:27:1c:21:
         f5:4b:80:24:09:e8:05:99:17:89:2a:f0:d5:5c:5e:2e:66:40:
         cb:66:22:fc
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVuAcwKAGXOERA8UjdwYMsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZWQ5NDM5YTRlNGIyZDMyZTRiZWU2NDdmM2I2MTA1NWIx
NjllM2QwHhcNMjMwMTAxMTU0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZkZmFjOTA3MzUxZjE5ZDZkN2I4MTJjZjNlOTliYWNiNDMxNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDEN7xEQOk6oDb42gklfUuwnm9Co
KBVm+tuNqTI6KlIOIDSn5qo3rnaom7cyxn2DzKq0uVD3cSRkpFNxjzTIDSWEejx9
P8Of5koKgcq/LfhNkpBblpAWW41Im3u3cF6Fc2oYHCCpA/dkj8CBZFsjK03t6F6q
ieRHC0jQKhOwn5Mci0yBDcioIsTpHdhQtD3DlpkRnByxjsKUxs9MshWgWGXkaNiO
fg1QeRBZr6y9BjbTSYlDpc/cxmIlrMYgTtM5inQoBDjS8kDnXqmDyJKnzCDAcUna
qk5vkCDChCGQUu/dy2pfpmpj4X0Seiz5dg1ktWYRBhN+XmNBcUykQt20BQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCpt+skHNR8Z1te4Es8+mbrLQxboMB8GA1UdIwQY
MBaAFPvtlDmk5LLTLkvuZH87YQVbFp49MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0tMlVPYVRrc3RNdVMtNWtmenRoQlZzV25qMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAvZDA3YzA3LWI5NjItNGY0Yi1hM2Ew
LWI1MWIzNWRlZjZkZS8xL0ttMzZ5UWMxSHhuVzE3Z1N6ejZadXN0REZ1Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTAvZDA3YzA3LWI5NjItNGY0Yi1hM2EwLWI1MWIzNWRlZjZk
ZS8xLzEtLTJVT2FUa3N0TXVTLTVrZnp0aEJWc1duajAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTAYIKwYBBQUHAQcBAf8EPTA7MCoEAgABMCQDBAMl5GgD
BARSkdADBAJby2ADBAONAAgDBAK5GrQDBAHDvY4wDQQCAAIwBwMFACABTCgwDQYJ
KoZIhvcNAQELBQADggEBAIjW4WDSIDXRXZy1jgZnoyP0ZV6AmazEyj4gcqT4IJSA
7MXtnR6W66EW94vQPxYYGRFtQdd3E/z/oJECGIHIivB8gBbaQONBHKR5sAl4anMt
UfxkpsyC+0szi5DK9p9lPI3Zmo4xsxlPxY+7rV/I52q/0gwJsMX0oycI6IsCbTaB
owqons4YHRmpQlIsSj8tPApl01aaceyFZLDYh82efMbZDNZBMiK0LpMiV0DukS3C
n6XHvm298UpcMQe6o2oS1ezLAz3Y3w/EJRgNsM1aWERlVl9gK2IfwoGXt/R+HuXD
qZGkwMpbzyccIfVLgCQJ6AWZF4kq8NVcXi5mQMtmIvw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:53 2024 by rpki-client on console-ams.rpki-client.org