Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/m107cEGgn7fmkTuEh9TyX33OxoM.roa
File:                     m107cEGgn7fmkTuEh9TyX33OxoM.roa (raw, json)
Hash identifier:          AMt2hu+edR3zoJPVfjr3jp7eI90y0I+MgmdW0l5m8qc=
Subject key identifier:   9B:5D:3B:70:41:A0:9F:B7:E6:91:3B:84:87:D4:F2:5F:7D:CE:C6:83
Certificate issuer:       /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial:       018728BDF2086BC1774C26D23169C34F211E
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/m107cEGgn7fmkTuEh9TyX33OxoM.roa
Signing time:             Tue 28 Mar 2023 15:02:29 +0000
ROA not before:           Tue 28 Mar 2023 15:02:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35277
IP address blocks:        5.181.202.0/23 maxlen: 24
                          185.36.142.0/23 maxlen: 24
                          185.36.141.0/24 maxlen: 24
                          45.85.117.0/24 maxlen: 24
                          185.225.205.0/24 maxlen: 24
                          45.155.120.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:28:bd:f2:08:6b:c1:77:4c:26:d2:31:69:c3:4f:21:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
        Validity
            Not Before: Mar 28 15:02:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9b5d3b7041a09fb7e6913b8487d4f25f7dcec683
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:e0:e2:5e:e6:44:a2:1a:e9:44:1f:ff:2c:a5:
                    d3:6a:96:36:10:7f:95:f5:4d:a8:77:10:e0:da:6d:
                    6b:f1:d3:6e:b3:33:f5:23:d8:17:7d:72:74:8c:a5:
                    ec:97:6f:3f:f2:56:04:3c:99:08:be:f3:d4:e8:66:
                    ea:d6:bc:b1:d3:ce:a3:00:04:70:10:a3:04:72:96:
                    48:04:60:2e:78:c2:f6:7f:36:08:97:08:bd:80:1e:
                    2e:4b:cc:e9:fa:43:37:e5:0e:59:8a:ce:5e:9a:12:
                    ed:fc:03:c7:f3:5a:21:e1:56:f5:de:d5:76:98:6f:
                    34:88:5c:84:7f:e8:ad:1c:5c:7e:b3:53:a7:05:0a:
                    d8:7a:1d:8f:9f:35:32:99:5c:41:b7:ed:0a:f7:26:
                    76:f3:8b:9d:ab:03:41:81:55:c9:41:3e:25:29:c7:
                    8b:6f:08:1e:58:35:4b:83:81:8a:a5:71:1a:d0:e1:
                    47:22:31:1f:94:f3:9f:e6:b0:0e:a0:09:98:d7:b2:
                    57:74:30:32:91:1b:c4:74:52:94:2e:6d:21:75:2e:
                    6c:72:92:30:9c:6d:91:58:c5:8d:50:2a:42:1e:3a:
                    a0:c1:16:8e:e3:1b:22:e2:a9:ca:4e:8a:b3:85:8e:
                    14:2c:95:1e:51:46:39:6a:ab:a7:82:19:b1:c9:ef:
                    f8:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:5D:3B:70:41:A0:9F:B7:E6:91:3B:84:87:D4:F2:5F:7D:CE:C6:83
            X509v3 Authority Key Identifier:
                keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/m107cEGgn7fmkTuEh9TyX33OxoM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.202.0/23
                  45.85.117.0/24
                  45.155.120.0/23
                  185.36.141.0-185.36.143.255
                  185.225.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:97:99:e5:76:55:87:52:9c:0e:cf:9e:53:16:ea:49:b8:bb:
         78:4b:5b:23:ae:bf:cd:42:78:b6:55:55:76:b0:99:e2:f0:d7:
         c3:7b:a7:cd:e6:27:93:86:ab:3c:79:a3:e5:81:44:41:96:d6:
         63:9c:de:37:50:83:3a:db:78:c3:dc:42:0c:9c:e3:50:57:58:
         d2:26:a8:da:0a:39:6d:2e:aa:26:95:20:96:be:5c:a9:ce:14:
         dd:5a:40:c7:19:ce:f0:17:28:4e:13:58:85:d1:80:60:82:b1:
         3c:ca:d8:46:55:68:0b:06:90:9f:b5:72:d8:d0:fa:6a:27:7b:
         d6:43:d4:5b:6e:28:17:f5:32:20:76:7f:63:19:fd:05:3d:b2:
         d0:93:90:b4:65:9b:41:0a:30:1b:32:94:08:34:c0:ad:19:21:
         c1:61:fc:be:cc:cf:63:0a:60:fc:52:65:e6:6a:3a:81:0d:b9:
         4b:50:b9:ec:da:00:1c:80:9c:81:8c:3a:27:de:b4:29:87:5d:
         d3:12:e0:4f:31:a5:62:df:2e:88:21:40:84:f4:cf:1b:6e:bd:
         de:da:42:99:38:b7:2e:71:7c:cb:cf:95:ae:7f:48:b8:58:f4:
         12:0c:26:d4:cc:5d:53:86:02:ac:39:5f:74:b1:57:cd:d9:a3:
         13:e6:12:f9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYcovfIIa8F3TCbSMWnDTyEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjMwMzI4MTUwMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjVkM2I3MDQxYTA5ZmI3ZTY5MTNiODQ4N2Q0ZjI1ZjdkY2VjNjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+DiXuZEohrpRB//LKXTapY2EH+V
9U2odxDg2m1r8dNuszP1I9gXfXJ0jKXsl28/8lYEPJkIvvPU6Gbq1ryx086jAARw
EKMEcpZIBGAueML2fzYIlwi9gB4uS8zp+kM35Q5Zis5emhLt/APH81oh4Vb13tV2
mG80iFyEf+itHFx+s1OnBQrYeh2PnzUymVxBt+0K9yZ284udqwNBgVXJQT4lKceL
bwgeWDVLg4GKpXEa0OFHIjEflPOf5rAOoAmY17JXdDAykRvEdFKULm0hdS5scpIw
nG2RWMWNUCpCHjqgwRaO4xsi4qnKToqzhY4ULJUeUUY5aqunghmxye/4mQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJtdO3BBoJ+35pE7hIfU8l99zsaDMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvbTEwN2NFR2duN2Zta1R1RWg5VHlYMzNPeG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBBbXKAwQA
LVV1AwQBLZt4MAwDBAC5JI0DBAS5JIADBAC54c0wDQYJKoZIhvcNAQELBQADggEB
AKyXmeV2VYdSnA7PnlMW6km4u3hLWyOuv81CeLZVVXawmeLw18N7p83mJ5OGqzx5
o+WBREGW1mOc3jdQgzrbeMPcQgyc41BXWNImqNoKOW0uqiaVIJa+XKnOFN1aQMcZ
zvAXKE4TWIXRgGCCsTzK2EZVaAsGkJ+1ctjQ+mone9ZD1FtuKBf1MiB2f2MZ/QU9
stCTkLRlm0EKMBsylAg0wK0ZIcFh/L7Mz2MKYPxSZeZqOoENuUtQuezaAByAnIGM
OifetCmHXdMS4E8xpWLfLoghQIT0zxtuvd7aQpk4ty5xfMvPla5/SLhY9BIMJtTM
XVOGAqw5X3SxV83ZoxPmEvk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:36 2024 by rpki-client on console-ams.rpki-client.org