Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/vmHBwO0lLCu_QdwoLBcz5V1yHJk.roa
File:                     vmHBwO0lLCu_QdwoLBcz5V1yHJk.roa (raw, json)
Hash identifier:          tlSSwqX2fPXw57WEfOc5TatbS+c7K+g3B4K1GoJ0Om4=
Subject key identifier:   BE:61:C1:C0:ED:25:2C:2B:BF:41:DC:28:2C:17:33:E5:5D:72:1C:99
Certificate issuer:       /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial:       018CF3E94840512BC8A311EE53D48FC670C1
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/vmHBwO0lLCu_QdwoLBcz5V1yHJk.roa
Signing time:             Wed 10 Jan 2024 15:06:40 +0000
ROA not before:           Wed 10 Jan 2024 15:06:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203596
IP address blocks:        185.122.100.0/22 maxlen: 24
                          185.14.178.0/24 maxlen: 24
                          185.14.176.0/24 maxlen: 24
                          91.213.223.0/24 maxlen: 24
                          185.222.88.0/22 maxlen: 24
                          2a06:a400::/29 maxlen: 29
                          2a06:a402::/32 maxlen: 32
                          2a06:a400:20::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 27 Aug 2024 13:26:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f3:e9:48:40:51:2b:c8:a3:11:ee:53:d4:8f:c6:70:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
        Validity
            Not Before: Jan 10 15:06:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=be61c1c0ed252c2bbf41dc282c1733e55d721c99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:0f:b8:a0:60:6c:5e:59:58:4a:ff:61:0f:9d:
                    d6:e5:af:69:87:df:19:dd:3c:04:92:19:64:ea:5f:
                    7a:57:fa:22:a1:bb:4d:6a:f9:a1:83:3b:e8:99:5d:
                    09:51:19:e5:22:95:ca:98:84:49:44:f6:5d:66:38:
                    9d:e8:62:cd:9a:7d:0b:b6:21:3b:42:74:d8:68:72:
                    3b:a5:dc:36:d8:ad:83:b9:3a:69:fe:61:83:cf:1a:
                    93:e2:80:43:be:73:e3:93:90:dc:b7:ba:ed:fe:29:
                    6c:74:d9:d2:11:1f:f2:b4:14:2d:ef:85:b6:2e:05:
                    06:44:46:a5:49:20:30:7e:cc:c2:0d:4e:99:3e:7b:
                    3f:1c:cf:77:fe:92:1e:11:f3:81:38:bd:be:7f:58:
                    86:46:35:4a:a5:a0:26:b1:f6:18:2b:fa:f3:ab:4f:
                    70:20:34:11:36:61:ff:ee:8f:1e:1b:c4:10:bf:75:
                    5d:8b:33:99:84:20:9e:ef:db:b4:89:8a:76:db:63:
                    95:36:ab:ce:d5:c6:52:78:7a:7a:da:91:a7:32:81:
                    a0:b6:be:7d:fc:f7:69:f8:a7:d3:65:37:dc:8e:e4:
                    6c:af:1e:a0:9c:61:77:e8:96:0f:07:c6:a1:96:c2:
                    9c:98:ae:58:11:d5:78:7c:93:d9:e2:49:7d:6a:3c:
                    f5:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:61:C1:C0:ED:25:2C:2B:BF:41:DC:28:2C:17:33:E5:5D:72:1C:99
            X509v3 Authority Key Identifier:
                keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/vmHBwO0lLCu_QdwoLBcz5V1yHJk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.223.0/24
                  185.14.176.0/24
                  185.14.178.0/24
                  185.122.100.0/22
                  185.222.88.0/22
                IPv6:
                  2a06:a400::/29

    Signature Algorithm: sha256WithRSAEncryption
         62:fa:17:42:d7:47:1e:c9:bc:70:f6:e3:c6:f4:cc:00:f7:bd:
         94:ed:9e:80:70:4c:2c:33:bd:1a:e9:cc:85:80:f5:5f:be:cb:
         e2:85:93:7c:f8:64:ae:a5:1d:3c:8c:78:1c:07:ac:e4:35:b4:
         41:b2:16:02:5b:7a:1a:6b:2b:c1:4e:5f:5d:13:4a:09:0e:c9:
         85:e5:b8:15:a9:3e:8a:a6:42:b4:0c:a0:5b:55:34:39:55:1c:
         34:80:ee:7b:2f:3b:15:55:33:a3:14:ec:48:56:d2:2a:56:0a:
         e9:9b:5d:c4:c2:50:38:c6:a3:0b:29:d8:b8:d8:b6:5f:75:0f:
         47:e4:bf:c1:9a:fb:08:cc:8c:89:ad:c1:4b:ab:f6:1b:cb:b0:
         f8:1a:6b:84:5b:e1:23:9c:13:69:9f:1d:bf:93:2c:d6:19:d0:
         e6:23:4c:3c:cb:0a:ba:88:e6:5b:20:b2:ed:cc:3c:29:62:40:
         cd:ba:de:81:6f:8a:8f:a2:56:88:e4:ac:31:0f:1f:7f:bd:d4:
         02:03:99:92:45:4e:8a:b5:82:3b:7d:e3:fe:04:b0:05:f6:74:
         1a:90:04:29:e6:82:bd:40:bc:d4:da:5d:cc:b1:24:a2:5a:c7:
         c4:ee:bf:05:d3:0f:bc:28:c6:b9:37:95:bc:08:1c:4d:b3:8b:
         19:8f:b6:20
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzz6UhAUSvIoxHuU9SPxnDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjQwMTEwMTUwNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTYxYzFjMGVkMjUyYzJiYmY0MWRjMjgyYzE3MzNlNTVkNzIxYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw+4oGBsXllYSv9hD53W5a9ph98Z
3TwEkhlk6l96V/oiobtNavmhgzvomV0JURnlIpXKmIRJRPZdZjid6GLNmn0LtiE7
QnTYaHI7pdw22K2DuTpp/mGDzxqT4oBDvnPjk5Dct7rt/ilsdNnSER/ytBQt74W2
LgUGREalSSAwfszCDU6ZPns/HM93/pIeEfOBOL2+f1iGRjVKpaAmsfYYK/rzq09w
IDQRNmH/7o8eG8QQv3VdizOZhCCe79u0iYp222OVNqvO1cZSeHp62pGnMoGgtr59
/Pdp+KfTZTfcjuRsrx6gnGF36JYPB8ahlsKcmK5YEdV4fJPZ4kl9ajz16QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFL5hwcDtJSwrv0HcKCwXM+VdchyZMB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvdm1IQndPMGxMQ3VfUWR3b0xCY3o1VjF5SEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW9XfAwQA
uQ6wAwQAuQ6yAwQCuXpkAwQCud5YMA0EAgACMAcDBQMqBqQAMA0GCSqGSIb3DQEB
CwUAA4IBAQBi+hdC10ceybxw9uPG9MwA972U7Z6AcEwsM70a6cyFgPVfvsvihZN8
+GSupR08jHgcB6zkNbRBshYCW3oaayvBTl9dE0oJDsmF5bgVqT6KpkK0DKBbVTQ5
VRw0gO57LzsVVTOjFOxIVtIqVgrpm13EwlA4xqMLKdi42LZfdQ9H5L/BmvsIzIyJ
rcFLq/Yby7D4GmuEW+EjnBNpnx2/kyzWGdDmI0w8ywq6iOZbILLtzDwpYkDNut6B
b4qPolaI5KwxDx9/vdQCA5mSRU6KtYI7feP+BLAF9nQakAQp5oK9QLzU2l3MsSSi
WsfE7r8F0w+8KMa5N5W8CBxNs4sZj7Yg
-----END CERTIFICATE-----
Generated at Tue Aug 27 16:34:31 2024 by rpki-client on console-ams.rpki-client.org