Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/A4xCWGOvWj6GNbsPW4fMMU_x7dQ.roa
File:                     A4xCWGOvWj6GNbsPW4fMMU_x7dQ.roa (raw, json)
Hash identifier:          s0gblw0J4E8X0IhlOgoeTh4dLWGq8L2yAJMLfflBj3s=
Subject key identifier:   03:8C:42:58:63:AF:5A:3E:86:35:BB:0F:5B:87:CC:31:4F:F1:ED:D4
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0189AF6B3B38F94DEB3830A7D9669E58AF01
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/A4xCWGOvWj6GNbsPW4fMMU_x7dQ.roa
Signing time:             Tue 01 Aug 2023 04:46:27 +0000
ROA not before:           Tue 01 Aug 2023 04:46:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399471
IP address blocks:        2.56.56.0/22 maxlen: 24
                          37.46.150.0/24 maxlen: 24
                          185.239.243.0/24 maxlen: 24
                          185.239.242.0/24 maxlen: 24
                          2.58.148.0/22 maxlen: 24
                          89.37.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 Nov 2023 15:53:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:af:6b:3b:38:f9:4d:eb:38:30:a7:d9:66:9e:58:af:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Aug  1 04:46:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=038c425863af5a3e8635bb0f5b87cc314ff1edd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:49:2f:30:f3:72:fd:b9:78:10:b4:77:98:f3:
                    8d:a8:9e:74:4c:7d:63:1c:ed:42:3b:70:79:68:59:
                    22:94:9b:6e:8c:82:62:7d:65:19:f3:3b:02:fc:a5:
                    49:64:51:94:68:c5:e9:18:12:37:11:26:f4:d3:b4:
                    61:67:a9:de:9b:4f:87:1b:b1:3e:7a:72:9d:21:63:
                    61:7d:71:48:f7:29:cf:41:df:d4:7a:c1:f6:ff:84:
                    be:f1:01:1a:4b:34:5f:39:69:98:79:45:f2:28:4e:
                    ed:07:4d:86:68:9b:16:4c:6d:27:2d:12:37:16:6e:
                    34:91:07:79:9f:e2:c4:60:0e:82:f2:cc:86:0d:21:
                    dc:7e:27:66:1b:af:43:9e:27:66:b0:7e:a4:db:26:
                    ec:42:51:fe:9d:32:11:b0:72:30:5f:9e:2c:6a:7b:
                    d2:60:54:53:b4:48:5d:ec:90:51:38:cf:e9:01:61:
                    5e:f2:03:92:1e:9c:0c:37:a8:04:a5:e0:a8:47:0c:
                    d6:08:17:00:32:c6:7d:1b:25:68:23:d9:4b:98:f8:
                    2c:71:05:8c:ee:01:8e:e1:b0:30:24:a3:b6:81:44:
                    3b:c2:09:17:f9:71:2d:e4:16:7a:3c:98:ea:3c:95:
                    ff:77:ba:fc:eb:2b:dc:d7:9c:e5:d5:7e:a2:4a:44:
                    d2:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:8C:42:58:63:AF:5A:3E:86:35:BB:0F:5B:87:CC:31:4F:F1:ED:D4
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/A4xCWGOvWj6GNbsPW4fMMU_x7dQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.56.0/22
                  2.58.148.0/22
                  37.46.150.0/24
                  89.37.63.0/24
                  185.239.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6f:dd:d9:25:f0:fb:6d:dc:21:1d:1e:36:1a:1e:14:b7:fc:bb:
         27:48:1e:db:e6:64:aa:64:37:48:f4:79:1c:6e:88:ee:7d:da:
         ac:e3:f0:97:2b:0f:39:0d:98:b7:93:ee:91:9d:b1:70:77:6d:
         6c:60:91:32:2f:af:5c:3b:f0:2e:1a:8a:02:9c:77:3b:2d:bf:
         49:3f:ab:94:39:b7:23:b3:6f:e3:a2:67:43:48:fa:c1:4c:f1:
         3b:3a:cd:af:ed:35:22:c7:38:35:ce:17:dd:c9:fa:8f:d9:20:
         ae:40:5f:a4:db:29:60:cd:74:3c:1c:66:d0:bd:c7:a2:5f:8d:
         7c:b6:05:52:57:9b:ae:b3:20:c9:48:48:5e:60:67:df:e3:9d:
         36:a7:d7:6b:43:37:83:e2:44:d5:0d:c8:b7:c1:0d:7b:e2:0f:
         62:04:b4:22:fc:d2:0d:b2:5f:93:f4:58:80:f1:1d:2f:a7:5d:
         6f:a8:3d:af:6d:e0:f4:29:c4:ae:a4:d1:b7:0a:e5:f3:e6:77:
         c8:33:a3:e1:70:79:67:d8:1f:e5:8a:02:1a:dc:ad:e3:4f:50:
         1d:08:71:c2:99:d0:63:80:e2:bd:6d:77:56:93:10:9c:7f:df:
         80:43:99:6f:a7:e3:14:19:49:09:60:7e:4d:33:56:af:93:fe:
         30:44:41:06
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmvazs4+U3rODCn2WaeWK8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODAxMDQ0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzhjNDI1ODYzYWY1YTNlODYzNWJiMGY1Yjg3Y2MzMTRmZjFlZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40kvMPNy/bl4ELR3mPONqJ50TH1j
HO1CO3B5aFkilJtujIJifWUZ8zsC/KVJZFGUaMXpGBI3ESb007RhZ6nem0+HG7E+
enKdIWNhfXFI9ynPQd/UesH2/4S+8QEaSzRfOWmYeUXyKE7tB02GaJsWTG0nLRI3
Fm40kQd5n+LEYA6C8syGDSHcfidmG69DnidmsH6k2ybsQlH+nTIRsHIwX54sanvS
YFRTtEhd7JBROM/pAWFe8gOSHpwMN6gEpeCoRwzWCBcAMsZ9GyVoI9lLmPgscQWM
7gGO4bAwJKO2gUQ7wgkX+XEt5BZ6PJjqPJX/d7r86yvc15zl1X6iSkTS7QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAOMQlhjr1o+hjW7D1uHzDFP8e3UMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQTR4Q1dHT3ZXajZHTmJzUFc0Zk1NVV94N2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjg4AwQC
AjqUAwQAJS6WAwQAWSU/AwQBue/yMA0GCSqGSIb3DQEBCwUAA4IBAQBv3dkl8Ptt
3CEdHjYaHhS3/LsnSB7b5mSqZDdI9Hkcbojufdqs4/CXKw85DZi3k+6RnbFwd21s
YJEyL69cO/AuGooCnHc7Lb9JP6uUObcjs2/jomdDSPrBTPE7Os2v7TUixzg1zhfd
yfqP2SCuQF+k2ylgzXQ8HGbQvceiX418tgVSV5uusyDJSEheYGff4502p9drQzeD
4kTVDci3wQ174g9iBLQi/NINsl+T9FiA8R0vp11vqD2vbeD0KcSupNG3CuXz5nfI
M6PhcHln2B/ligIa3K3jT1AdCHHCmdBjgOK9bXdWkxCcf9+AQ5lvp+MUGUkJYH5N
M1avk/4wREEG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org