Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/OwZRIjF0IezJk2KXJXsTaxVGjKc.roa
File:                     OwZRIjF0IezJk2KXJXsTaxVGjKc.roa (raw, json)
Hash identifier:          /ES3Q8aHH3sXr0xYe0qkUnjjMds+IP/ESzBdjTfZj7s=
Subject key identifier:   3B:06:51:22:31:74:21:EC:C9:93:62:97:25:7B:13:6B:15:46:8C:A7
Certificate issuer:       /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial:       018CC8DEBE3744EB10401151328847417D0F
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/OwZRIjF0IezJk2KXJXsTaxVGjKc.roa
Signing time:             Tue 02 Jan 2024 06:31:30 +0000
ROA not before:           Tue 02 Jan 2024 06:31:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210403
IP address blocks:        185.98.131.0/24 maxlen: 24
                          78.138.45.0/24 maxlen: 24
                          78.138.58.0/24 maxlen: 24
                          193.203.239.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 26 Jan 2024 09:42:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:be:37:44:eb:10:40:11:51:32:88:47:41:7d:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
        Validity
            Not Before: Jan  2 06:31:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3b065122317421ecc9936297257b136b15468ca7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:86:c8:e0:7b:12:ac:60:68:f2:bc:2a:35:d6:
                    10:fd:2a:b9:cc:c7:ef:f8:0c:10:08:77:45:70:2f:
                    b9:c4:df:d2:6f:38:5a:09:61:3a:9b:ea:45:75:3c:
                    6e:88:4b:d5:d9:0f:57:0d:a9:e9:72:fc:81:2c:9f:
                    fd:2a:80:74:89:83:b8:ad:2d:a9:c5:8b:a3:c6:8f:
                    94:0d:33:e6:72:28:6c:34:f0:d6:e8:07:91:13:6f:
                    a9:3d:27:8b:6b:f6:a2:06:28:6f:88:ea:fd:09:92:
                    3e:bf:b0:eb:75:0f:26:5a:f9:f9:bd:d2:0b:5e:c1:
                    46:a5:09:c4:90:6a:43:d5:b2:1e:44:2d:97:e7:64:
                    11:d8:4f:5c:81:50:2f:61:0e:02:f7:7a:77:7c:07:
                    2e:f0:04:32:39:cc:bf:29:69:f2:82:52:eb:89:75:
                    66:4a:00:42:35:70:45:d2:99:c4:23:01:ef:5c:c5:
                    3b:ee:09:65:8e:11:54:87:cc:c6:e9:49:85:52:6d:
                    dc:eb:67:3c:f0:be:6f:c6:37:4d:68:58:40:88:49:
                    f3:05:38:d2:f4:db:f1:4f:83:88:d8:86:31:66:99:
                    a2:3a:65:23:e5:fe:ec:c6:e1:4f:80:e9:11:82:60:
                    0c:11:31:8c:09:31:f2:0a:24:d1:68:ce:7b:34:1a:
                    bf:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:06:51:22:31:74:21:EC:C9:93:62:97:25:7B:13:6B:15:46:8C:A7
            X509v3 Authority Key Identifier:
                keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/OwZRIjF0IezJk2KXJXsTaxVGjKc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.138.45.0/24
                  78.138.58.0/24
                  185.98.131.0/24
                  193.203.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:18:9e:b1:fe:f2:63:72:23:fc:a8:be:09:de:e8:82:2a:91:
         0e:54:61:a1:27:20:ba:ba:20:06:ab:ac:9b:69:b2:25:ef:34:
         50:c4:89:1a:e3:45:10:44:4b:df:b6:bd:f5:48:c6:79:9e:9c:
         01:fa:c9:67:5e:b7:ec:42:b7:ef:71:b0:cf:3b:d7:66:94:74:
         96:f7:90:44:03:b0:35:d6:4c:6a:7d:ce:ac:50:06:c6:a1:e2:
         5b:04:ec:20:de:23:80:1c:5a:be:5e:bc:55:be:ff:4b:c3:93:
         93:c9:80:b4:88:de:96:b4:ec:bc:d6:1c:85:9f:72:a2:22:86:
         7b:ba:b5:2f:db:5b:df:9e:c0:a6:ec:0a:98:e5:20:30:18:91:
         2a:58:0d:25:9a:3a:a1:e9:0c:39:59:77:10:98:3b:40:40:4e:
         50:78:74:36:9c:8d:c8:35:4d:75:08:5a:79:86:27:36:85:80:
         c8:c7:86:2b:9f:f5:9f:1d:0b:42:21:b5:0b:3b:6d:0c:69:23:
         4d:8b:55:a3:49:d1:31:5f:41:5b:d4:43:c4:99:4f:3d:a5:a5:
         46:46:71:55:a9:2d:1f:5e:99:91:e6:3b:1f:ca:bc:89:12:b0:
         11:19:ca:5a:ad:49:fe:40:9c:ed:72:11:a8:b7:b3:84:73:18:
         c8:b0:6c:b3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI3r43ROsQQBFRMohHQX0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjQwMTAyMDYzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA2NTEyMjMxNzQyMWVjYzk5MzYyOTcyNTdiMTM2YjE1NDY4Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmobI4HsSrGBo8rwqNdYQ/Sq5zMfv
+AwQCHdFcC+5xN/SbzhaCWE6m+pFdTxuiEvV2Q9XDanpcvyBLJ/9KoB0iYO4rS2p
xYujxo+UDTPmcihsNPDW6AeRE2+pPSeLa/aiBihviOr9CZI+v7DrdQ8mWvn5vdIL
XsFGpQnEkGpD1bIeRC2X52QR2E9cgVAvYQ4C93p3fAcu8AQyOcy/KWnyglLriXVm
SgBCNXBF0pnEIwHvXMU77glljhFUh8zG6UmFUm3c62c88L5vxjdNaFhAiEnzBTjS
9NvxT4OI2IYxZpmiOmUj5f7sxuFPgOkRgmAMETGMCTHyCiTRaM57NBq/swIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDsGUSIxdCHsyZNilyV7E2sVRoynMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvT3daUklqRjBJZXpKazJLWEpYc1RheFZHaktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATootAwQA
Too6AwQAuWKDAwQAwcvvMA0GCSqGSIb3DQEBCwUAA4IBAQBJGJ6x/vJjciP8qL4J
3uiCKpEOVGGhJyC6uiAGq6ybabIl7zRQxIka40UQREvftr31SMZ5npwB+slnXrfs
QrfvcbDPO9dmlHSW95BEA7A11kxqfc6sUAbGoeJbBOwg3iOAHFq+XrxVvv9Lw5OT
yYC0iN6WtOy81hyFn3KiIoZ7urUv21vfnsCm7AqY5SAwGJEqWA0lmjqh6Qw5WXcQ
mDtAQE5QeHQ2nI3INU11CFp5hic2hYDIx4Yrn/WfHQtCIbULO20MaSNNi1WjSdEx
X0Fb1EPEmU89paVGRnFVqS0fXpmR5jsfyryJErARGcparUn+QJztchGot7OEcxjI
sGyz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:43 2024 by rpki-client on console-fra.rpki-client.org