Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/Bfb5bx7BbVHSWdpO2uBjlZoWKOw.roa
File:                     Bfb5bx7BbVHSWdpO2uBjlZoWKOw.roa (raw, json)
Hash identifier:          jPPDq6VpDyVbXCqJjyAJj2HZdntvZEEh2axHIt3IcRI=
Subject key identifier:   05:F6:F9:6F:1E:C1:6D:51:D2:59:DA:4E:DA:E0:63:95:9A:16:28:EC
Certificate issuer:       /CN=c2838d1f3b231bf72e453dd78c4b50ac009ff7f1
Certificate serial:       01856F1DA2B575A89D38072C04B7236004DA
Authority key identifier: C2:83:8D:1F:3B:23:1B:F7:2E:45:3D:D7:8C:4B:50:AC:00:9F:F7:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/woONHzsjG_cuRT3XjEtQrACf9_E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/Bfb5bx7BbVHSWdpO2uBjlZoWKOw.roa
Signing time:             Sun 01 Jan 2023 20:54:51 +0000
ROA not before:           Sun 01 Jan 2023 20:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203649
IP address blocks:        185.128.58.0/24 maxlen: 24
                          185.128.56.0/24 maxlen: 24
                          185.128.57.0/24 maxlen: 24
                          185.128.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:a2:b5:75:a8:9d:38:07:2c:04:b7:23:60:04:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2838d1f3b231bf72e453dd78c4b50ac009ff7f1
        Validity
            Not Before: Jan  1 20:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05f6f96f1ec16d51d259da4edae063959a1628ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:56:18:31:ff:70:b7:39:d5:08:41:43:09:60:
                    0a:c0:6d:9c:2b:52:d2:c1:d3:5e:cc:84:5d:c9:0b:
                    74:f5:9c:71:97:6c:93:1a:27:7f:e6:60:31:c1:13:
                    76:d1:81:b3:7b:b0:c7:45:cc:aa:1d:1b:c9:09:3d:
                    e5:89:66:aa:7a:94:d1:c8:8d:ea:f1:d3:10:74:4f:
                    43:57:02:cd:06:c9:f6:aa:72:43:3a:01:0e:9f:c0:
                    a9:16:48:cf:0e:39:dd:43:68:98:0e:78:ab:24:d1:
                    39:5e:4f:63:64:53:4b:1c:d3:d8:a3:56:3d:5c:02:
                    0b:ea:cb:19:0d:bb:36:25:5e:57:97:b4:8d:18:f9:
                    c4:d9:e4:06:a4:58:b7:f7:c6:85:07:26:93:46:a3:
                    9d:e2:7c:be:98:98:38:47:b3:01:b8:09:db:14:73:
                    c0:94:23:8b:68:59:89:0d:2f:07:fa:a7:dc:71:fe:
                    e6:45:54:b3:3a:ac:db:9d:c1:ff:69:33:6b:02:9e:
                    ae:75:d3:bf:94:44:4b:6e:a2:3b:14:78:3b:1a:9c:
                    2a:7a:a5:b2:fe:e7:89:50:da:65:8e:0d:d1:67:d2:
                    b8:3a:61:bc:99:03:b1:28:f7:50:ca:55:40:83:fd:
                    9d:e7:d0:8e:c8:d5:8e:21:5d:f4:d7:95:1f:dd:5f:
                    8d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:F6:F9:6F:1E:C1:6D:51:D2:59:DA:4E:DA:E0:63:95:9A:16:28:EC
            X509v3 Authority Key Identifier:
                keyid:C2:83:8D:1F:3B:23:1B:F7:2E:45:3D:D7:8C:4B:50:AC:00:9F:F7:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/woONHzsjG_cuRT3XjEtQrACf9_E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/Bfb5bx7BbVHSWdpO2uBjlZoWKOw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/366746-c306-408a-ba7e-2b3c64f9f9ab/1/woONHzsjG_cuRT3XjEtQrACf9_E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.128.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:e5:15:71:9c:02:15:4c:0a:7d:30:e6:1d:b9:b4:9c:15:48:
         ea:f0:35:89:2e:f8:56:a6:3b:6e:3e:80:ed:cd:2a:49:27:e3:
         44:7a:1d:54:de:3c:32:fc:75:10:55:57:f3:a8:1f:c0:71:cc:
         76:d1:22:f1:8c:90:6d:41:db:d5:fe:0a:a6:53:4c:a3:27:a6:
         8f:67:2a:2f:8c:4b:2b:a5:b6:e0:eb:8c:4b:ff:01:8d:00:73:
         1a:c7:e6:b1:ba:54:33:95:74:a5:d9:a4:80:a4:18:53:a0:fb:
         0f:b6:57:27:a1:a2:de:20:d3:8b:11:d2:0e:46:02:a2:15:cb:
         ed:b8:ca:be:1c:14:c6:b5:1a:09:c2:5e:69:cc:48:a1:1b:5e:
         17:9b:17:49:7f:72:cd:dc:51:e6:56:30:0e:f5:87:92:27:ff:
         6e:38:ec:15:89:b2:33:fd:34:8e:51:bf:88:60:e5:8a:90:64:
         dd:ed:34:7f:fa:c3:47:bf:5f:9e:d8:ba:6a:9a:52:35:58:5c:
         b8:44:f8:b8:bf:55:7e:98:a7:92:d5:b0:2e:e7:a5:5e:a9:90:
         52:ba:ff:4f:76:c1:70:36:74:e1:c2:48:43:6d:98:68:b7:c6:
         46:b5:52:8e:da:54:a3:f0:4c:75:98:b9:f2:b9:d9:bb:5a:74:
         91:07:6d:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHaK1daidOAcsBLcjYATaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyODM4ZDFmM2IyMzFiZjcyZTQ1M2RkNzhjNGI1MGFjMDA5
ZmY3ZjEwHhcNMjMwMTAxMjA1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWY2Zjk2ZjFlYzE2ZDUxZDI1OWRhNGVkYWUwNjM5NTlhMTYyOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1YYMf9wtznVCEFDCWAKwG2cK1LS
wdNezIRdyQt09Zxxl2yTGid/5mAxwRN20YGze7DHRcyqHRvJCT3liWaqepTRyI3q
8dMQdE9DVwLNBsn2qnJDOgEOn8CpFkjPDjndQ2iYDnirJNE5Xk9jZFNLHNPYo1Y9
XAIL6ssZDbs2JV5Xl7SNGPnE2eQGpFi398aFByaTRqOd4ny+mJg4R7MBuAnbFHPA
lCOLaFmJDS8H+qfccf7mRVSzOqzbncH/aTNrAp6uddO/lERLbqI7FHg7GpwqeqWy
/ueJUNpljg3RZ9K4OmG8mQOxKPdQylVAg/2d59COyNWOIV3015Uf3V+NAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAX2+W8ewW1R0lnaTtrgY5WaFijsMB8GA1UdIwQY
MBaAFMKDjR87Ixv3LkU914xLUKwAn/fxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd29PTkh6c2pHX2N1UlQzWGpFdFFyQUNmOV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNjY3NDYtYzMwNi00MDhhLWJhN2Ut
MmIzYzY0ZjlmOWFiLzEvQmZiNWJ4N0JiVkhTV2RwTzJ1QmpsWm9XS093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNjY3NDYtYzMwNi00MDhhLWJhN2UtMmIzYzY0ZjlmOWFi
LzEvd29PTkh6c2pHX2N1UlQzWGpFdFFyQUNmOV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYA4MA0G
CSqGSIb3DQEBCwUAA4IBAQBG5RVxnAIVTAp9MOYdubScFUjq8DWJLvhWpjtuPoDt
zSpJJ+NEeh1U3jwy/HUQVVfzqB/Accx20SLxjJBtQdvV/gqmU0yjJ6aPZyovjEsr
pbbg64xL/wGNAHMax+axulQzlXSl2aSApBhToPsPtlcnoaLeINOLEdIORgKiFcvt
uMq+HBTGtRoJwl5pzEihG14XmxdJf3LN3FHmVjAO9YeSJ/9uOOwVibIz/TSOUb+I
YOWKkGTd7TR/+sNHv1+e2LpqmlI1WFy4RPi4v1V+mKeS1bAu56VeqZBSuv9PdsFw
NnThwkhDbZhot8ZGtVKO2lSj8Ex1mLnyudm7WnSRB21X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:50 2024 by rpki-client on console-fra.rpki-client.org