Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/IhpCH0QSbmIXwf55BVAaM4ebWfE.roa
File:                     IhpCH0QSbmIXwf55BVAaM4ebWfE.roa (raw, json)
Hash identifier:          M04XikfBXF2BTvnkLLZWi5OLStPavT9LqfxyzUwmuyw=
Subject key identifier:   22:1A:42:1F:44:12:6E:62:17:C1:FE:79:05:50:1A:33:87:9B:59:F1
Certificate issuer:       /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial:       0187DD04A9C369B1313B16BCD7596C3C2F09
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/IhpCH0QSbmIXwf55BVAaM4ebWfE.roa
Signing time:             Tue 02 May 2023 15:11:23 +0000
ROA not before:           Tue 02 May 2023 15:11:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203639
IP address blocks:        185.155.186.0/24 maxlen: 24
                          185.155.187.0/24 maxlen: 24
                          46.21.23.0/24 maxlen: 24
                          46.21.20.0/24 maxlen: 24
                          46.21.30.0/24 maxlen: 24
                          46.21.28.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Nov 2023 07:40:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:dd:04:a9:c3:69:b1:31:3b:16:bc:d7:59:6c:3c:2f:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
        Validity
            Not Before: May  2 15:11:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=221a421f44126e6217c1fe7905501a33879b59f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:db:07:79:d1:f9:fe:b5:4b:ee:04:fc:38:34:
                    f4:92:54:42:41:10:97:2f:0d:b5:75:c8:bf:bf:48:
                    13:8e:68:f9:49:a3:22:56:a1:d0:60:80:a1:2a:03:
                    c4:e4:a7:65:7e:8b:24:a4:d8:92:fc:bd:c9:7f:0c:
                    e8:b4:e3:f1:10:a4:ab:c4:1b:f4:60:7e:f0:1b:25:
                    bb:b7:d3:83:8b:93:e6:e6:0e:4b:dd:6f:a4:a6:25:
                    fc:81:ec:28:8b:5d:e9:58:dc:2a:73:2c:d5:5f:99:
                    ea:ab:8c:f6:b5:58:5c:22:0b:b4:38:44:e5:d7:a8:
                    5f:14:56:61:d9:5c:2f:6f:96:20:50:32:42:08:71:
                    23:cf:94:94:6b:00:64:ae:d5:aa:be:4e:f0:e5:1d:
                    07:ee:70:e7:34:ff:6b:be:fb:b4:78:90:dd:7d:17:
                    f4:f1:b4:d0:8a:61:48:9b:f5:6a:a8:ec:1d:de:c8:
                    3b:ee:66:3f:5d:1c:a5:d3:69:09:d4:f5:0d:2c:20:
                    db:59:15:e9:33:43:06:2a:29:2d:33:f9:76:28:d9:
                    8a:ef:1d:d8:51:60:00:5d:6e:5b:f7:e1:be:35:d2:
                    fc:4c:9f:22:35:e2:ec:f0:ba:0f:e4:0e:66:79:4b:
                    59:76:be:4b:66:7c:3d:0c:04:ce:76:ec:7e:39:d8:
                    9f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:1A:42:1F:44:12:6E:62:17:C1:FE:79:05:50:1A:33:87:9B:59:F1
            X509v3 Authority Key Identifier:
                keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/IhpCH0QSbmIXwf55BVAaM4ebWfE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.21.20.0/24
                  46.21.23.0/24
                  46.21.28.0/24
                  46.21.30.0/24
                  185.155.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         82:51:61:5d:96:1a:74:39:9b:e7:c8:c5:2a:7c:61:91:1b:8e:
         6d:ae:e8:4c:c5:f6:78:25:2b:9e:de:d4:cc:fa:08:1a:8a:2d:
         49:7f:b3:da:15:ea:00:e8:1b:54:d0:72:0a:4a:33:4a:8f:15:
         88:38:40:3d:8f:f4:c8:85:8f:05:39:90:7c:6e:6d:3e:5a:15:
         1b:6e:38:83:0a:5b:7f:81:c5:d3:31:66:10:1a:2b:3c:e3:69:
         3d:6c:cf:37:4d:e8:f7:81:3e:dc:95:03:68:54:57:d7:7f:c6:
         6d:83:25:3f:93:c2:72:25:b7:c7:91:2b:66:dd:53:16:ce:5c:
         df:1f:3b:4e:0e:ac:27:1d:d3:d9:61:fa:0f:8a:25:d9:c2:75:
         62:ec:dc:c1:18:eb:8a:de:c1:f6:c8:a9:eb:79:a9:88:8a:d5:
         c8:58:7f:a7:20:19:02:ea:cd:f0:c8:ab:dc:95:43:bd:0d:12:
         3b:cf:c1:70:77:60:29:15:ba:65:0f:00:c6:69:23:c9:50:55:
         dc:f1:43:99:14:0b:db:1a:7b:61:80:38:03:b1:85:d7:04:18:
         bb:00:5a:11:66:85:6e:77:03:f8:f6:39:ad:fa:6b:82:ff:f5:
         69:7e:48:ea:11:d6:92:c9:95:b0:42:d6:17:8b:26:14:6a:c2:
         54:b2:20:40
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYfdBKnDabExOxa811lsPC8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjMwNTAyMTUxMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjFhNDIxZjQ0MTI2ZTYyMTdjMWZlNzkwNTUwMWEzMzg3OWI1OWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tsHedH5/rVL7gT8ODT0klRCQRCX
Lw21dci/v0gTjmj5SaMiVqHQYIChKgPE5KdlfoskpNiS/L3JfwzotOPxEKSrxBv0
YH7wGyW7t9ODi5Pm5g5L3W+kpiX8gewoi13pWNwqcyzVX5nqq4z2tVhcIgu0OETl
16hfFFZh2Vwvb5YgUDJCCHEjz5SUawBkrtWqvk7w5R0H7nDnNP9rvvu0eJDdfRf0
8bTQimFIm/VqqOwd3sg77mY/XRyl02kJ1PUNLCDbWRXpM0MGKiktM/l2KNmK7x3Y
UWAAXW5b9+G+NdL8TJ8iNeLs8LoP5A5meUtZdr5LZnw9DATOdux+Odif/QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCIaQh9EEm5iF8H+eQVQGjOHm1nxMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvSWhwQ0gwUVNibUlYd2Y1NUJWQWFNNGViV2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALhUUAwQA
LhUXAwQALhUcAwQALhUeAwQBuZu6MA0GCSqGSIb3DQEBCwUAA4IBAQCCUWFdlhp0
OZvnyMUqfGGRG45truhMxfZ4JSue3tTM+ggaii1Jf7PaFeoA6BtU0HIKSjNKjxWI
OEA9j/TIhY8FOZB8bm0+WhUbbjiDClt/gcXTMWYQGis842k9bM83Tej3gT7clQNo
VFfXf8ZtgyU/k8JyJbfHkStm3VMWzlzfHztODqwnHdPZYfoPiiXZwnVi7NzBGOuK
3sH2yKnreamIitXIWH+nIBkC6s3wyKvclUO9DRI7z8Fwd2ApFbplDwDGaSPJUFXc
8UOZFAvbGnthgDgDsYXXBBi7AFoRZoVudwP49jmt+muC//VpfkjqEdaSyZWwQtYX
iyYUasJUsiBA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:58 2024 by rpki-client on console-ams.rpki-client.org