Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5b535e-b143-4b4a-90e8-0e7949935d81/1/Dp-KNipxbm94qo-dHjpBfvs1Z18.roa
File:                     Dp-KNipxbm94qo-dHjpBfvs1Z18.roa (raw, json)
Hash identifier:          a2G4+XEsS3dnC2oeF9ddTedlTaosNr+bLyRiW3K1QmU=
Subject key identifier:   0E:9F:8A:36:2A:71:6E:6F:78:AA:8F:9D:1E:3A:41:7E:FB:35:67:5F
Certificate issuer:       /CN=7eb4565a32db3c9c8b8b0f7b4c11bd1154e20de9
Certificate serial:       01856D818B160A36F7467B22A209F7050DCB
Authority key identifier: 7E:B4:56:5A:32:DB:3C:9C:8B:8B:0F:7B:4C:11:BD:11:54:E2:0D:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/frRWWjLbPJyLiw97TBG9EVTiDek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/5b535e-b143-4b4a-90e8-0e7949935d81/1/Dp-KNipxbm94qo-dHjpBfvs1Z18.roa
Signing time:             Sun 01 Jan 2023 13:24:44 +0000
ROA not before:           Sun 01 Jan 2023 13:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52122
IP address blocks:        185.4.185.0/24 maxlen: 24
                          185.4.186.0/24 maxlen: 24
                          185.4.184.0/24 maxlen: 24
                          185.4.187.0/24 maxlen: 24
                          46.255.185.0/24 maxlen: 24
                          46.255.186.0/24 maxlen: 24
                          46.255.184.0/24 maxlen: 24
                          46.255.187.0/24 maxlen: 24
                          46.255.188.0/24 maxlen: 24
                          46.255.190.0/24 maxlen: 24
                          46.255.191.0/24 maxlen: 24
                          46.255.189.0/24 maxlen: 24
                          2a01:9140:cccc::/48 maxlen: 48
                          2a01:9140::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:8b:16:0a:36:f7:46:7b:22:a2:09:f7:05:0d:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7eb4565a32db3c9c8b8b0f7b4c11bd1154e20de9
        Validity
            Not Before: Jan  1 13:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0e9f8a362a716e6f78aa8f9d1e3a417efb35675f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:70:b6:d1:f3:ae:19:6e:62:0a:47:54:b8:2b:
                    30:2d:2a:e4:62:4e:7d:e6:81:9b:dd:96:32:26:ea:
                    21:39:6e:15:70:f0:7d:4c:e3:cf:3a:9c:32:89:86:
                    35:05:29:93:7a:13:1e:58:d8:fb:e6:3e:af:55:fa:
                    ec:fa:87:86:37:07:82:8d:36:66:45:23:29:57:0c:
                    2c:6c:7c:d2:6a:82:92:40:d8:42:e0:15:d2:0d:c9:
                    09:05:c9:fa:ec:ba:7e:d1:32:00:a7:6f:28:c6:50:
                    72:8c:e1:ba:07:01:4a:80:d0:dd:63:72:e4:06:b5:
                    0f:5e:4e:40:99:16:d4:8b:05:c5:9f:45:30:f8:9d:
                    d1:d2:65:db:de:f8:9e:25:4a:84:4a:a2:cf:ec:00:
                    90:0b:e6:43:1a:3a:4d:03:ba:aa:7c:13:19:80:7f:
                    e2:2a:24:25:80:a2:12:ed:38:d3:6e:8e:e9:d8:59:
                    c0:0e:08:c4:2d:2e:5a:4c:66:3f:7e:a8:5e:17:68:
                    91:70:4d:8f:26:e1:d2:61:74:11:27:f7:48:0d:d4:
                    b6:0d:c5:35:01:87:29:23:a9:38:d8:cd:4c:57:6b:
                    82:d8:51:d5:38:62:7c:6d:23:bc:26:5c:53:12:f7:
                    60:d8:ad:cf:38:20:76:8a:39:dc:a1:86:09:63:17:
                    c0:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:9F:8A:36:2A:71:6E:6F:78:AA:8F:9D:1E:3A:41:7E:FB:35:67:5F
            X509v3 Authority Key Identifier:
                keyid:7E:B4:56:5A:32:DB:3C:9C:8B:8B:0F:7B:4C:11:BD:11:54:E2:0D:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/frRWWjLbPJyLiw97TBG9EVTiDek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5b535e-b143-4b4a-90e8-0e7949935d81/1/Dp-KNipxbm94qo-dHjpBfvs1Z18.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5b535e-b143-4b4a-90e8-0e7949935d81/1/frRWWjLbPJyLiw97TBG9EVTiDek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.255.184.0/21
                  185.4.184.0/22
                IPv6:
                  2a01:9140::/32

    Signature Algorithm: sha256WithRSAEncryption
         33:7c:e0:0b:7b:b0:90:6d:a1:5b:fb:79:38:dd:b9:02:b0:14:
         18:11:33:bd:b5:f9:e1:99:4e:13:ee:09:e5:78:de:71:e0:c9:
         9c:b3:c4:9a:5d:bf:a2:a9:ad:61:0c:3a:f2:7b:99:c9:65:1e:
         70:dd:e6:f2:c5:33:ab:7f:78:43:9e:4c:a1:44:4b:21:a7:7a:
         66:03:6e:4c:c5:54:5b:48:23:88:b1:80:05:b3:a4:f5:6f:5e:
         9e:dd:b8:2c:94:bd:ad:0f:63:54:c0:7a:22:9d:68:fc:9a:3f:
         90:7e:57:f1:28:ec:dc:cd:eb:e4:99:aa:aa:10:c9:28:d5:24:
         ba:95:50:72:48:65:22:89:a8:e4:ca:de:a4:5b:1f:2c:b9:21:
         db:4d:59:e5:26:f6:c9:71:c6:08:b9:2e:4b:2c:6a:ab:d4:d1:
         47:36:f2:7b:0c:e1:98:71:74:39:c2:ba:57:fb:67:46:8b:11:
         6e:c4:5a:54:c5:dc:65:15:5a:61:e9:2c:09:85:66:73:48:07:
         ba:86:9c:c1:e5:b6:42:92:b2:61:03:1b:26:bf:3b:f3:cd:39:
         77:14:5f:7c:a2:ac:fc:6d:55:53:ae:8b:43:bb:72:55:ed:93:
         0f:05:c7:76:8e:fe:65:ff:a6:f7:ad:8a:40:52:b7:37:5a:be:
         2d:fe:c7:6f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtgYsWCjb3Rnsiogn3BQ3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYjQ1NjVhMzJkYjNjOWM4YjhiMGY3YjRjMTFiZDExNTRl
MjBkZTkwHhcNMjMwMTAxMTMyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTlmOGEzNjJhNzE2ZTZmNzhhYThmOWQxZTNhNDE3ZWZiMzU2NzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXC20fOuGW5iCkdUuCswLSrkYk59
5oGb3ZYyJuohOW4VcPB9TOPPOpwyiYY1BSmTehMeWNj75j6vVfrs+oeGNweCjTZm
RSMpVwwsbHzSaoKSQNhC4BXSDckJBcn67Lp+0TIAp28oxlByjOG6BwFKgNDdY3Lk
BrUPXk5AmRbUiwXFn0Uw+J3R0mXb3vieJUqESqLP7ACQC+ZDGjpNA7qqfBMZgH/i
KiQlgKIS7TjTbo7p2FnADgjELS5aTGY/fqheF2iRcE2PJuHSYXQRJ/dIDdS2DcU1
AYcpI6k42M1MV2uC2FHVOGJ8bSO8JlxTEvdg2K3POCB2ijncoYYJYxfAiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA6fijYqcW5veKqPnR46QX77NWdfMB8GA1UdIwQY
MBaAFH60Vloy2zyci4sPe0wRvRFU4g3pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnJSV1dqTGJQSnlMaXc5N1RCRzlFVlRpRGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81YjUzNWUtYjE0My00YjRhLTkwZTgt
MGU3OTQ5OTM1ZDgxLzEvRHAtS05pcHhibTk0cW8tZEhqcEJmdnMxWjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81YjUzNWUtYjE0My00YjRhLTkwZTgtMGU3OTQ5OTM1ZDgx
LzEvZnJSV1dqTGJQSnlMaXc5N1RCRzlFVlRpRGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLv+4AwQC
uQS4MA0EAgACMAcDBQAqAZFAMA0GCSqGSIb3DQEBCwUAA4IBAQAzfOALe7CQbaFb
+3k43bkCsBQYETO9tfnhmU4T7gnleN5x4Mmcs8SaXb+iqa1hDDrye5nJZR5w3eby
xTOrf3hDnkyhREshp3pmA25MxVRbSCOIsYAFs6T1b16e3bgslL2tD2NUwHoinWj8
mj+QflfxKOzczevkmaqqEMko1SS6lVBySGUiiajkyt6kWx8suSHbTVnlJvbJccYI
uS5LLGqr1NFHNvJ7DOGYcXQ5wrpX+2dGixFuxFpUxdxlFVph6SwJhWZzSAe6hpzB
5bZCkrJhAxsmvzvzzTl3FF98oqz8bVVTrotDu3JV7ZMPBcd2jv5l/6b3rYpAUrc3
Wr4t/sdv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:21 2024 by rpki-client on console-ams.rpki-client.org