Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/5lHHCiihAezWvR992BwgSoTAmws.roa
File:                     5lHHCiihAezWvR992BwgSoTAmws.roa (raw, json)
Hash identifier:          CW73D+RKYISeDYKbCvfV11cvKPVKFx46LAmRwUtpW00=
Subject key identifier:   E6:51:C7:0A:28:A1:01:EC:D6:BD:1F:7D:D8:1C:20:4A:84:C0:9B:0B
Certificate issuer:       /CN=35d1cdaba31559de12ab19d79f1ae2d218c379f7
Certificate serial:       01856DD3F78DE1E0029F305654A1E8D75BD4
Authority key identifier: 35:D1:CD:AB:A3:15:59:DE:12:AB:19:D7:9F:1A:E2:D2:18:C3:79:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NdHNq6MVWd4SqxnXnxri0hjDefc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/5lHHCiihAezWvR992BwgSoTAmws.roa
Signing time:             Sun 01 Jan 2023 14:54:46 +0000
ROA not before:           Sun 01 Jan 2023 14:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200553
IP address blocks:        185.100.33.0/24 maxlen: 24
                          185.100.32.0/22 maxlen: 22
                          185.100.34.0/24 maxlen: 24
                          185.100.35.0/24 maxlen: 24
                          185.100.32.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d3:f7:8d:e1:e0:02:9f:30:56:54:a1:e8:d7:5b:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35d1cdaba31559de12ab19d79f1ae2d218c379f7
        Validity
            Not Before: Jan  1 14:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e651c70a28a101ecd6bd1f7dd81c204a84c09b0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:bb:e3:b0:9a:8f:88:dd:f2:da:6e:33:5f:73:
                    77:2a:4f:dc:98:00:91:2f:e9:45:17:53:ad:0c:84:
                    60:ff:63:f3:71:55:fa:b2:e5:6e:f7:ac:b0:79:e4:
                    0c:e0:68:2b:7c:a4:85:d3:a3:e6:4f:63:ad:44:b0:
                    cb:b9:12:e6:90:d1:a0:59:e5:22:aa:ac:01:e0:ca:
                    d4:79:e8:18:df:6d:ca:e4:92:b3:e1:7a:98:99:b4:
                    c0:e6:42:82:07:d8:44:b5:ea:07:52:51:e1:89:82:
                    8a:5c:9d:ec:bc:4e:fa:5f:96:49:f5:d5:3d:ac:11:
                    45:66:9a:a3:ac:86:15:1f:b7:c3:ed:2a:d1:03:25:
                    c1:bd:6e:21:43:82:97:90:b0:9f:30:a8:30:1c:f3:
                    4e:f7:2c:2f:36:6b:c9:d0:f0:cf:a1:7d:69:00:81:
                    eb:71:38:61:43:90:42:e1:02:cb:ad:14:87:e7:88:
                    87:ff:b8:77:e2:6a:5d:90:46:cc:a3:17:61:03:08:
                    ab:1f:8f:ce:e6:de:57:38:21:5b:b2:1a:2e:de:a9:
                    82:ed:2c:2c:50:04:8b:28:4c:1c:08:ae:d6:fa:4b:
                    35:eb:f6:f2:6d:7f:e6:4a:66:ae:00:5d:a5:a9:4d:
                    7a:ac:1c:ee:a2:78:c1:91:11:86:29:08:4e:8a:e6:
                    6e:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:51:C7:0A:28:A1:01:EC:D6:BD:1F:7D:D8:1C:20:4A:84:C0:9B:0B
            X509v3 Authority Key Identifier:
                keyid:35:D1:CD:AB:A3:15:59:DE:12:AB:19:D7:9F:1A:E2:D2:18:C3:79:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdHNq6MVWd4SqxnXnxri0hjDefc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/5lHHCiihAezWvR992BwgSoTAmws.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f1edc0-63c1-42b4-a040-3ff926085527/1/NdHNq6MVWd4SqxnXnxri0hjDefc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.100.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:7c:87:10:b2:b5:ba:07:4f:ae:84:9d:69:2e:c6:c3:f6:eb:
         a3:38:a1:91:0c:ec:06:b3:78:7d:fa:fb:d5:a1:41:d0:e8:40:
         09:ef:0b:69:fd:fa:6a:80:bb:a4:3d:f2:5d:a5:f8:d2:b7:b8:
         63:24:99:bf:83:b8:fd:af:dd:15:78:b7:87:91:a7:bd:e6:e0:
         3b:2b:62:c1:d7:c2:08:88:45:3d:e4:a7:2d:34:48:9e:0b:42:
         f2:0f:8f:7a:ca:12:33:fc:51:75:8e:62:a1:12:6d:65:a8:58:
         8c:48:1c:9c:6f:a6:06:c2:ba:eb:11:83:5e:e9:c3:66:3b:3d:
         ab:21:17:04:d4:3a:b7:db:ed:d6:86:41:5a:21:fa:36:be:c9:
         ed:24:dd:55:33:4d:55:bb:08:2a:0d:7f:b3:d4:65:ac:9d:56:
         5f:08:db:30:b7:34:80:5a:57:30:ad:87:1e:c3:38:81:4b:f7:
         28:f3:09:4c:0d:00:56:0a:65:55:aa:7c:89:f8:97:fb:92:f8:
         a5:81:f8:74:a3:ac:e0:be:0c:f6:88:4f:89:5b:eb:28:67:89:
         c4:92:47:d5:53:f2:47:0f:12:e3:48:a4:7d:bf:fc:ae:c4:c7:
         1d:22:3f:c9:54:77:70:d4:a9:03:ff:af:f1:cb:46:22:ad:0d:
         b4:ea:b5:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt0/eN4eACnzBWVKHo11vUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZDFjZGFiYTMxNTU5ZGUxMmFiMTlkNzlmMWFlMmQyMThj
Mzc5ZjcwHhcNMjMwMTAxMTQ1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjUxYzcwYTI4YTEwMWVjZDZiZDFmN2RkODFjMjA0YTg0YzA5YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLvjsJqPiN3y2m4zX3N3Kk/cmACR
L+lFF1OtDIRg/2PzcVX6suVu96yweeQM4GgrfKSF06PmT2OtRLDLuRLmkNGgWeUi
qqwB4MrUeegY323K5JKz4XqYmbTA5kKCB9hEteoHUlHhiYKKXJ3svE76X5ZJ9dU9
rBFFZpqjrIYVH7fD7SrRAyXBvW4hQ4KXkLCfMKgwHPNO9ywvNmvJ0PDPoX1pAIHr
cThhQ5BC4QLLrRSH54iH/7h34mpdkEbMoxdhAwirH4/O5t5XOCFbshou3qmC7Sws
UASLKEwcCK7W+ks16/bybX/mSmauAF2lqU16rBzuonjBkRGGKQhOiuZuIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZRxwoooQHs1r0ffdgcIEqEwJsLMB8GA1UdIwQY
MBaAFDXRzaujFVneEqsZ158a4tIYw3n3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmRITnE2TVZXZDRTcXhuWG54cmkwaGpEZWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mMWVkYzAtNjNjMS00MmI0LWEwNDAt
M2ZmOTI2MDg1NTI3LzEvNWxISENpaWhBZXpXdlI5OTJCd2dTb1RBbXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mMWVkYzAtNjNjMS00MmI0LWEwNDAtM2ZmOTI2MDg1NTI3
LzEvTmRITnE2TVZXZDRTcXhuWG54cmkwaGpEZWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWQgMA0G
CSqGSIb3DQEBCwUAA4IBAQB/fIcQsrW6B0+uhJ1pLsbD9uujOKGRDOwGs3h9+vvV
oUHQ6EAJ7wtp/fpqgLukPfJdpfjSt7hjJJm/g7j9r90VeLeHkae95uA7K2LB18II
iEU95KctNEieC0LyD496yhIz/FF1jmKhEm1lqFiMSBycb6YGwrrrEYNe6cNmOz2r
IRcE1Dq32+3WhkFaIfo2vsntJN1VM01VuwgqDX+z1GWsnVZfCNswtzSAWlcwrYce
wziBS/co8wlMDQBWCmVVqnyJ+Jf7kvilgfh0o6zgvgz2iE+JW+soZ4nEkkfVU/JH
DxLjSKR9v/yuxMcdIj/JVHdw1KkD/6/xy0YirQ206rXi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:32 2024 by rpki-client on console-fra.rpki-client.org