Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0aW3zjKGlFPkB6--Dml7hGJ2gIY.roa
File:                     0aW3zjKGlFPkB6--Dml7hGJ2gIY.roa (raw, json)
Hash identifier:          LzCARqQQrU80CGfZCeuR0MKHDDuTP9u3b8ZxJL31iIo=
Subject key identifier:   D1:A5:B7:CE:32:86:94:53:E4:07:AF:BE:0E:69:7B:84:62:76:80:86
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018698053EA5FE6A2B5411F65E8C4507916F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0aW3zjKGlFPkB6--Dml7hGJ2gIY.roa
Signing time:             Tue 28 Feb 2023 12:35:25 +0000
ROA not before:           Tue 28 Feb 2023 12:35:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399471
IP address blocks:        2.56.56.0/22 maxlen: 24
                          37.46.150.0/24 maxlen: 24
                          185.239.243.0/24 maxlen: 24
                          185.239.242.0/24 maxlen: 24
                          2.58.148.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 04:46:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:98:05:3e:a5:fe:6a:2b:54:11:f6:5e:8c:45:07:91:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb 28 12:35:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1a5b7ce32869453e407afbe0e697b8462768086
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:0e:21:10:e3:39:a8:30:13:2a:69:78:3e:b4:
                    c1:d7:13:38:48:91:f4:cb:ee:61:cf:b4:c4:72:80:
                    4e:ec:a6:dd:e5:49:3d:3a:8e:8b:52:e5:7e:fe:74:
                    2a:23:05:d5:fa:51:28:3c:cd:b5:79:fd:da:0b:9e:
                    02:05:32:7b:c1:b3:79:cf:ed:24:1e:74:46:d0:d2:
                    56:3b:2e:fe:dc:21:cf:69:f6:a1:a9:36:53:e4:bd:
                    83:14:8d:30:69:d4:90:90:a9:68:37:b4:7f:f9:f5:
                    b3:0e:a1:d9:6b:c7:e4:fc:34:62:6e:a8:17:0d:33:
                    e1:e3:02:0a:9d:f9:25:38:5e:bb:c4:17:db:32:ba:
                    bc:64:db:9d:d9:7d:80:de:bc:2a:95:12:dd:1e:53:
                    86:f6:44:ef:59:32:5a:f7:ef:eb:c9:b2:d1:ff:db:
                    39:e6:de:31:f1:33:ce:71:82:e8:9a:e4:bc:95:17:
                    fd:b9:93:a8:4f:39:e0:a0:78:fa:f2:26:3f:2a:09:
                    b4:71:7c:2a:ac:e7:b6:ba:55:6c:77:96:6f:ee:f0:
                    c2:dc:29:4a:f5:8a:9d:b9:22:39:c4:72:79:ae:5a:
                    c1:55:67:f1:c5:7e:a1:a7:13:ef:52:24:86:31:a3:
                    db:67:97:c4:55:a3:ae:c6:1f:1a:8e:83:bb:aa:d4:
                    ba:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:A5:B7:CE:32:86:94:53:E4:07:AF:BE:0E:69:7B:84:62:76:80:86
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0aW3zjKGlFPkB6--Dml7hGJ2gIY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.56.0/22
                  2.58.148.0/22
                  37.46.150.0/24
                  185.239.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         47:14:fd:7c:cf:de:93:17:f8:fd:70:34:05:ae:f8:ea:84:72:
         5a:fb:3b:08:b5:34:34:cd:f9:c3:18:89:e0:e5:0c:ca:b9:8f:
         c9:80:7f:93:22:7f:18:e1:5d:4b:16:b3:8f:0f:fc:ff:55:00:
         c2:8a:77:f1:8d:eb:1a:15:89:d4:c7:5a:50:0b:fa:48:8f:4e:
         ac:49:69:65:37:5c:f2:e4:26:b7:07:ed:7d:31:2b:f6:c4:b1:
         d5:f4:3d:dc:b6:6e:e2:22:44:7d:e8:db:22:c3:20:15:28:64:
         2a:f4:ee:c9:ba:72:46:52:fe:a4:86:a0:c4:97:50:91:22:43:
         3c:f5:b0:1c:9d:19:7d:62:bc:15:9e:82:f1:62:05:cb:63:f0:
         4c:b3:c3:35:ea:fa:1f:12:a5:42:f5:4b:6e:d8:f1:95:08:6c:
         91:1a:53:0a:6a:98:27:b9:f9:72:06:48:b9:ff:39:02:01:f4:
         85:5c:b4:16:61:a9:d7:7d:89:c9:d6:2a:48:06:cc:f1:ab:62:
         6d:27:b0:7e:58:13:8d:d8:7d:8f:e7:43:4c:aa:1d:d3:49:6d:
         39:45:36:56:18:37:8a:ad:9e:62:6e:91:04:e1:bc:d9:f5:74:
         49:87:1a:51:5c:f4:23:8a:5a:8b:93:98:38:77:b3:6d:9c:3d:
         a4:83:11:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaYBT6l/morVBH2XoxFB5FvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjI4MTIzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWE1YjdjZTMyODY5NDUzZTQwN2FmYmUwZTY5N2I4NDYyNzY4MDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA4hEOM5qDATKml4PrTB1xM4SJH0
y+5hz7TEcoBO7Kbd5Uk9Oo6LUuV+/nQqIwXV+lEoPM21ef3aC54CBTJ7wbN5z+0k
HnRG0NJWOy7+3CHPafahqTZT5L2DFI0wadSQkKloN7R/+fWzDqHZa8fk/DRibqgX
DTPh4wIKnfklOF67xBfbMrq8ZNud2X2A3rwqlRLdHlOG9kTvWTJa9+/rybLR/9s5
5t4x8TPOcYLomuS8lRf9uZOoTzngoHj68iY/Kgm0cXwqrOe2ulVsd5Zv7vDC3ClK
9YqduSI5xHJ5rlrBVWfxxX6hpxPvUiSGMaPbZ5fEVaOuxh8ajoO7qtS6zwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNGlt84yhpRT5Aevvg5pe4RidoCGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMGFXM3pqS0dsRlBrQjYtLURtbDdoR0oyZ0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjg4AwQC
AjqUAwQAJS6WAwQBue/yMA0GCSqGSIb3DQEBCwUAA4IBAQBHFP18z96TF/j9cDQF
rvjqhHJa+zsItTQ0zfnDGIng5QzKuY/JgH+TIn8Y4V1LFrOPD/z/VQDCinfxjesa
FYnUx1pQC/pIj06sSWllN1zy5Ca3B+19MSv2xLHV9D3ctm7iIkR96NsiwyAVKGQq
9O7JunJGUv6khqDEl1CRIkM89bAcnRl9YrwVnoLxYgXLY/BMs8M16vofEqVC9Utu
2PGVCGyRGlMKapgnuflyBki5/zkCAfSFXLQWYanXfYnJ1ipIBszxq2JtJ7B+WBON
2H2P50NMqh3TSW05RTZWGDeKrZ5ibpEE4bzZ9XRJhxpRXPQjilqLk5g4d7NtnD2k
gxEb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:07 2024 by rpki-client on console-ams.rpki-client.org