Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/55Q-VauPnG8d2_whgAA5Z6XaXlc.roa
File:                     55Q-VauPnG8d2_whgAA5Z6XaXlc.roa (raw, json)
Hash identifier:          bgZdTKriSy9PWk5qGLeAcZrk4FHpIlM1Rej0tFJkm4g=
Subject key identifier:   E7:94:3E:55:AB:8F:9C:6F:1D:DB:FC:21:80:00:39:67:A5:DA:5E:57
Certificate issuer:       /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial:       018B617407DF3D085E6DF27BED6C6B7CA8B9
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/55Q-VauPnG8d2_whgAA5Z6XaXlc.roa
Signing time:             Tue 24 Oct 2023 11:31:15 +0000
ROA not before:           Tue 24 Oct 2023 11:31:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204650
IP address blocks:        185.243.49.0/24 maxlen: 24
                          185.243.48.0/22 maxlen: 22
                          185.26.32.0/23 maxlen: 24
                          185.124.172.0/22 maxlen: 24
                          178.239.159.0/24 maxlen: 24
                          185.26.34.0/23 maxlen: 24
                          185.124.173.0/24 maxlen: 24
                          185.124.175.0/24 maxlen: 24
                          37.32.47.0/24 maxlen: 24
                          2a00:7040::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 24 Oct 2023 14:42:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:61:74:07:df:3d:08:5e:6d:f2:7b:ed:6c:6b:7c:a8:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
        Validity
            Not Before: Oct 24 11:31:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e7943e55ab8f9c6f1ddbfc2180003967a5da5e57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7d:2b:9b:1c:58:85:a3:3b:bd:fd:24:1d:4a:
                    db:a2:a7:56:9b:a6:f7:bd:ee:15:01:05:71:f6:d5:
                    32:ff:9c:a0:79:66:63:8d:bb:e2:2e:a1:bb:c7:f4:
                    91:4b:61:7a:e7:6c:b7:3a:dd:f3:91:7c:58:56:ba:
                    13:46:c5:de:4f:c2:6d:1a:2f:03:cf:11:ed:1c:bf:
                    75:31:e6:91:01:ef:73:c3:88:ac:7a:9c:84:21:35:
                    71:7c:eb:b2:e0:a0:b5:cd:36:78:cb:57:e2:e6:f1:
                    8f:3e:66:86:a2:73:a6:25:e7:b6:1f:97:6f:90:28:
                    29:31:d4:e5:13:f3:90:c3:7f:07:0e:4e:bb:d1:31:
                    2f:58:ae:91:08:39:10:83:fb:f3:ad:74:f1:97:1c:
                    96:01:1d:1a:0d:14:ae:df:dd:31:63:be:f2:b7:d5:
                    4e:4a:5b:87:13:25:b8:b5:ae:67:d2:46:66:0e:08:
                    b3:26:95:63:4f:90:69:12:8c:76:8e:5b:45:b2:90:
                    04:4a:ef:aa:f4:f0:0a:8a:56:fd:20:14:6a:3f:44:
                    2a:64:70:2f:4b:7b:fb:bf:d5:b8:10:33:70:ea:ac:
                    50:70:da:29:ae:4a:e2:87:01:74:69:81:b0:90:7e:
                    40:24:94:f1:2c:6d:75:b7:13:a8:0b:b5:ab:41:45:
                    94:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:94:3E:55:AB:8F:9C:6F:1D:DB:FC:21:80:00:39:67:A5:DA:5E:57
            X509v3 Authority Key Identifier:
                keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/55Q-VauPnG8d2_whgAA5Z6XaXlc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.32.47.0/24
                  178.239.159.0/24
                  185.26.32.0/22
                  185.124.172.0/22
                  185.243.48.0/22
                IPv6:
                  2a00:7040::/32

    Signature Algorithm: sha256WithRSAEncryption
         c7:6f:89:31:7a:a6:6b:a2:61:1a:21:f3:0f:c5:18:13:c8:35:
         be:d5:ab:de:79:59:a8:0c:74:7b:b1:aa:94:6a:47:7c:38:5a:
         f9:ca:c4:c4:14:4c:f2:3e:43:6f:96:dd:37:38:e7:ae:17:2a:
         54:cf:14:6a:c4:5f:b4:b2:aa:f9:2b:1e:82:db:48:55:17:bc:
         8d:b4:d9:be:98:76:2b:7e:93:d0:71:4c:79:00:25:bd:bd:3a:
         2c:83:d6:f9:57:2d:cd:28:e9:66:92:c2:c0:3a:25:15:d6:92:
         73:1d:2d:7e:3c:af:fe:3d:e0:ab:98:3a:a9:54:40:e9:9b:ce:
         50:12:2f:ba:98:38:c2:6f:0c:19:b1:bb:29:db:b1:ab:c3:32:
         28:2c:c1:11:bc:1d:7c:a3:7a:98:85:a5:da:c5:35:9b:6a:db:
         81:27:35:58:c9:2e:73:4c:7b:42:fe:4c:18:5b:bc:c2:69:fa:
         ec:4e:07:e1:af:46:22:eb:1b:25:b1:38:b2:d8:25:34:b5:26:
         22:a0:00:9c:aa:b2:21:2a:18:37:68:24:25:fb:59:22:a3:1b:
         e2:dd:35:b1:a9:77:81:7e:02:c5:5f:d3:0f:81:a1:77:25:75:
         77:78:79:47:fe:70:af:fb:da:12:61:e5:9d:80:15:3b:fd:56:
         df:15:d0:73
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYthdAffPQhebfJ77WxrfKi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMDI0MTEzMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzk0M2U1NWFiOGY5YzZmMWRkYmZjMjE4MDAwMzk2N2E1ZGE1ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv30rmxxYhaM7vf0kHUrboqdWm6b3
ve4VAQVx9tUy/5ygeWZjjbviLqG7x/SRS2F652y3Ot3zkXxYVroTRsXeT8JtGi8D
zxHtHL91MeaRAe9zw4isepyEITVxfOuy4KC1zTZ4y1fi5vGPPmaGonOmJee2H5dv
kCgpMdTlE/OQw38HDk670TEvWK6RCDkQg/vzrXTxlxyWAR0aDRSu390xY77yt9VO
SluHEyW4ta5n0kZmDgizJpVjT5BpEox2jltFspAESu+q9PAKilb9IBRqP0QqZHAv
S3v7v9W4EDNw6qxQcNoprkrihwF0aYGwkH5AJJTxLG11txOoC7WrQUWU9wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOeUPlWrj5xvHdv8IYAAOWel2l5XMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvNTVRLVZhdVBuRzhkMl93aGdBQTVaNlhhWGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJSAvAwQA
su+fAwQCuRogAwQCuXysAwQCufMwMA0EAgACMAcDBQAqAHBAMA0GCSqGSIb3DQEB
CwUAA4IBAQDHb4kxeqZromEaIfMPxRgTyDW+1aveeVmoDHR7saqUakd8OFr5ysTE
FEzyPkNvlt03OOeuFypUzxRqxF+0sqr5Kx6C20hVF7yNtNm+mHYrfpPQcUx5ACW9
vTosg9b5Vy3NKOlmksLAOiUV1pJzHS1+PK/+PeCrmDqpVEDpm85QEi+6mDjCbwwZ
sbsp27GrwzIoLMERvB18o3qYhaXaxTWbatuBJzVYyS5zTHtC/kwYW7zCafrsTgfh
r0Yi6xslsTiy2CU0tSYioACcqrIhKhg3aCQl+1kioxvi3TWxqXeBfgLFX9MPgaF3
JXV3eHlH/nCv+9oSYeWdgBU7/VbfFdBz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:08 2024 by rpki-client on console-ams.rpki-client.org