Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/NBODTiDsRYpY5vMHEY_Il-e4K1c.roa
File:                     NBODTiDsRYpY5vMHEY_Il-e4K1c.roa (raw, json)
Hash identifier:          latb4sIsu7p84dCmff/a5BIVfN2nYzScpV0ZaygCL0k=
Subject key identifier:   34:13:83:4E:20:EC:45:8A:58:E6:F3:07:11:8F:C8:97:E7:B8:2B:57
Certificate issuer:       /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial:       018BA91E51507F911563E33778CF3119DCAE
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/NBODTiDsRYpY5vMHEY_Il-e4K1c.roa
Signing time:             Tue 07 Nov 2023 09:30:18 +0000
ROA not before:           Tue 07 Nov 2023 09:30:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198949
IP address blocks:        149.238.32.0/19 maxlen: 24
                          149.238.160.0/19 maxlen: 24
                          149.238.64.0/19 maxlen: 24
                          193.33.52.0/23 maxlen: 24
                          192.112.208.0/24 maxlen: 24
                          192.77.114.0/23 maxlen: 24
                          149.238.192.0/19 maxlen: 24
                          149.238.96.0/19 maxlen: 24
                          149.238.0.0/19 maxlen: 24
                          149.238.224.0/19 maxlen: 24
                          149.238.128.0/19 maxlen: 24
                          2a13:cb40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a9:1e:51:50:7f:91:15:63:e3:37:78:cf:31:19:dc:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
        Validity
            Not Before: Nov  7 09:30:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3413834e20ec458a58e6f307118fc897e7b82b57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:4e:c1:c4:85:9f:59:09:cf:7c:40:18:07:63:
                    4f:2e:cb:95:b3:b0:bf:c7:e9:5e:e0:96:b9:8e:27:
                    87:18:65:2c:d1:61:c7:9d:00:ca:ea:68:de:cc:88:
                    7b:a7:c9:25:9a:0e:d0:0e:4e:11:89:af:de:b2:a2:
                    d6:66:38:26:ed:a0:2b:99:84:7b:8e:6f:43:ce:88:
                    82:6a:b3:bd:d4:ad:cb:31:27:2d:64:22:87:e1:d4:
                    fa:db:90:36:e6:62:61:3f:81:10:10:71:ed:93:0c:
                    ee:c1:0c:f6:8f:48:ec:46:c0:98:94:4b:b8:ac:68:
                    a8:3b:2a:c0:5c:91:41:67:dd:03:ef:94:ca:4e:b8:
                    11:03:92:56:f4:2d:1f:26:dc:81:c4:7c:13:24:d1:
                    a3:27:62:15:5f:45:2f:bf:d8:49:09:fc:ec:47:c8:
                    bd:e2:e0:bc:28:bc:92:4a:71:43:e9:38:1f:4a:fe:
                    2c:67:b1:ec:1a:32:23:b5:1d:5b:30:27:89:74:14:
                    75:4e:ca:19:89:40:6f:13:cd:6b:2e:d6:d9:62:96:
                    b9:c1:9e:56:da:69:90:f9:96:3e:dc:3e:bd:96:77:
                    66:c6:26:05:44:3d:72:5d:a7:2c:75:66:d8:04:f1:
                    17:46:e4:66:a4:94:9c:05:4e:ed:15:91:93:e5:b5:
                    22:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:13:83:4E:20:EC:45:8A:58:E6:F3:07:11:8F:C8:97:E7:B8:2B:57
            X509v3 Authority Key Identifier:
                keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/NBODTiDsRYpY5vMHEY_Il-e4K1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.238.0.0/16
                  192.77.114.0/23
                  192.112.208.0/24
                  193.33.52.0/23
                IPv6:
                  2a13:cb40::/29

    Signature Algorithm: sha256WithRSAEncryption
         8a:2b:b4:9d:b2:58:b2:9c:a9:dd:48:88:70:5b:e2:a7:39:f9:
         b8:f9:77:82:8b:a0:7d:bd:9c:82:43:a2:a4:f4:48:9a:d6:43:
         a4:50:d9:35:02:57:67:60:30:38:c7:47:37:a5:1b:65:af:f1:
         c1:19:c2:99:d9:a0:76:aa:ce:0a:34:d2:9a:d5:14:6b:f3:22:
         f6:0e:f3:9e:1e:e3:ea:48:aa:50:6d:eb:a8:91:f9:35:14:a6:
         24:34:4e:dd:48:92:d3:34:45:e0:95:de:78:db:5d:4c:52:91:
         3e:04:65:09:ac:1f:94:dc:c0:3f:63:d2:a9:d4:e8:b4:02:66:
         fb:1d:a6:13:39:11:ab:72:8b:9b:97:a3:7a:8f:e4:61:1d:de:
         52:77:96:0f:c0:4f:58:6c:c1:f0:b2:c7:a2:47:ac:23:36:59:
         68:71:99:0d:e0:f9:1c:cc:40:d5:ff:ef:37:9e:e1:1c:56:de:
         97:13:c2:b5:73:ff:44:52:be:61:f4:91:1f:76:07:20:28:9f:
         b5:ac:07:32:e0:a2:9c:7d:12:07:e4:ce:6f:3a:64:65:84:84:
         f9:90:f8:57:85:da:b3:68:78:35:49:47:3b:3e:e0:28:58:b8:
         dd:78:b8:d0:78:cd:24:25:11:ea:2b:81:a5:25:fe:00:54:ba:
         49:a2:c8:e7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYupHlFQf5EVY+M3eM8xGdyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjMxMTA3MDkzMDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDEzODM0ZTIwZWM0NThhNThlNmYzMDcxMThmYzg5N2U3YjgyYjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA107BxIWfWQnPfEAYB2NPLsuVs7C/
x+le4Ja5jieHGGUs0WHHnQDK6mjezIh7p8klmg7QDk4Ria/esqLWZjgm7aArmYR7
jm9DzoiCarO91K3LMSctZCKH4dT625A25mJhP4EQEHHtkwzuwQz2j0jsRsCYlEu4
rGioOyrAXJFBZ90D75TKTrgRA5JW9C0fJtyBxHwTJNGjJ2IVX0Uvv9hJCfzsR8i9
4uC8KLySSnFD6TgfSv4sZ7HsGjIjtR1bMCeJdBR1TsoZiUBvE81rLtbZYpa5wZ5W
2mmQ+ZY+3D69lndmxiYFRD1yXacsdWbYBPEXRuRmpJScBU7tFZGT5bUijQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDQTg04g7EWKWObzBxGPyJfnuCtXMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvTkJPRFRpRHNSWXBZNXZNSEVZX0lsLWU0SzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAle4DBAHA
TXIDBADAcNADBAHBITQwDQQCAAIwBwMFAyoTy0AwDQYJKoZIhvcNAQELBQADggEB
AIortJ2yWLKcqd1IiHBb4qc5+bj5d4KLoH29nIJDoqT0SJrWQ6RQ2TUCV2dgMDjH
RzelG2Wv8cEZwpnZoHaqzgo00prVFGvzIvYO854e4+pIqlBt66iR+TUUpiQ0Tt1I
ktM0ReCV3njbXUxSkT4EZQmsH5TcwD9j0qnU6LQCZvsdphM5Eatyi5uXo3qP5GEd
3lJ3lg/AT1hswfCyx6JHrCM2WWhxmQ3g+RzMQNX/7zee4RxW3pcTwrVz/0RSvmH0
kR92ByAon7WsBzLgopx9Egfkzm86ZGWEhPmQ+FeF2rNoeDVJRzs+4ChYuN14uNB4
zSQlEeorgaUl/gBUukmiyOc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:59 2024 by rpki-client on console-ams.rpki-client.org