Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U3d0ERWm4RTvRg8rpziJW8PK3qw.roa
File:                     U3d0ERWm4RTvRg8rpziJW8PK3qw.roa (raw, json)
Hash identifier:          wNc10QRQDN2KCXdoySxO95pPWOwU1TXQO1PVPm/dCe8=
Subject key identifier:   53:77:74:11:15:A6:E1:14:EF:46:0F:2B:A7:38:89:5B:C3:CA:DE:AC
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018C454CCBF384A263781CBDFE21413E0C9B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U3d0ERWm4RTvRg8rpziJW8PK3qw.roa
Signing time:             Thu 07 Dec 2023 17:21:50 +0000
ROA not before:           Thu 07 Dec 2023 17:21:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213035
IP address blocks:        185.121.122.0/23 maxlen: 24
                          185.121.121.0/24 maxlen: 24
                          185.239.243.0/24 maxlen: 24
                          220.158.198.0/24 maxlen: 24
                          45.144.226.0/24 maxlen: 24
                          220.158.196.0/23 maxlen: 24
                          193.239.164.0/23 maxlen: 24
                          62.197.140.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:45:4c:cb:f3:84:a2:63:78:1c:bd:fe:21:41:3e:0c:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Dec  7 17:21:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5377741115a6e114ef460f2ba738895bc3cadeac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:c9:93:21:6f:ea:97:00:5d:17:94:ca:b3:af:
                    33:90:ff:87:47:4d:c8:13:51:48:3b:2d:c4:ff:98:
                    87:63:e2:16:b3:90:55:7b:c5:3e:48:0a:29:22:9a:
                    55:fa:33:49:c9:1a:87:88:6c:a3:21:c5:2f:64:16:
                    94:38:f2:9c:85:17:76:b3:49:10:96:48:4b:61:c1:
                    89:92:48:b0:eb:f5:a0:48:57:0b:78:af:72:14:3c:
                    4f:0e:09:f9:77:7d:6c:63:26:d8:0b:31:0c:fd:db:
                    98:48:ce:ad:34:d8:30:49:a9:ef:30:49:d1:35:84:
                    e7:c7:9d:99:d1:ca:7d:52:52:f2:78:10:77:e2:b2:
                    c9:a3:fc:3d:59:46:c2:be:18:ba:2c:3e:3f:cf:6f:
                    24:6d:e2:bb:35:99:46:c6:01:35:66:fd:22:c1:15:
                    d4:31:9c:42:b2:39:66:e6:9c:d7:32:8f:fb:0b:ff:
                    26:83:61:c5:8c:fc:e6:06:a9:71:41:fd:c1:e0:af:
                    86:61:4a:ea:f2:cd:58:5a:df:1c:05:2b:56:bf:1d:
                    f0:d8:4f:fe:b5:f3:46:56:ad:d1:82:d8:8e:72:93:
                    b6:bc:92:b2:7f:2f:49:81:42:88:9c:ed:3a:7b:5e:
                    e2:e9:ed:fb:72:19:db:d8:07:29:a5:9f:1c:9f:f0:
                    a0:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:77:74:11:15:A6:E1:14:EF:46:0F:2B:A7:38:89:5B:C3:CA:DE:AC
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U3d0ERWm4RTvRg8rpziJW8PK3qw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.226.0/24
                  62.197.140.0/22
                  185.121.121.0-185.121.123.255
                  185.239.243.0/24
                  193.239.164.0/23
                  220.158.196.0-220.158.198.255

    Signature Algorithm: sha256WithRSAEncryption
         24:22:c4:95:81:df:c9:49:95:17:ee:f4:2b:30:f3:8f:ab:90:
         e0:1e:14:61:e6:7c:22:0e:60:ad:b1:a6:41:c2:b3:c9:7c:d9:
         c1:e2:f0:2e:fd:73:1f:c9:84:5c:dc:13:0c:7c:0f:12:b3:06:
         7d:b2:c6:bf:3e:2a:0a:ae:e5:d6:5f:c8:9d:09:98:ad:a9:2f:
         40:78:ec:b7:c7:a0:b0:57:4d:3d:9a:22:cf:21:05:c6:49:1c:
         8a:de:c6:cb:20:be:15:90:71:e5:07:98:e3:d0:b1:62:a6:3e:
         35:6f:a6:3f:89:ba:5a:53:6b:1b:3b:5b:85:6a:20:bd:80:12:
         1f:fb:18:38:c7:a1:bf:11:a0:9b:ef:83:9e:0d:00:0e:c1:dc:
         7a:c1:32:91:a3:30:35:00:16:f5:22:19:05:f4:20:16:01:69:
         33:44:ee:cd:49:c7:0b:cf:65:52:39:7b:94:8f:de:85:a6:8e:
         7f:68:7a:e8:c7:37:e7:7a:06:76:64:4f:1f:6f:e2:ca:fa:31:
         58:4f:fa:32:38:42:7f:9f:17:b7:c6:41:93:62:3d:25:be:c5:
         c5:91:88:b7:70:2c:cb:22:10:f5:18:d8:2f:bd:b7:b4:c6:ca:
         95:73:bf:6f:19:f3:c4:2e:e0:81:50:88:5a:f3:53:65:54:a7:
         49:a9:61:d7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYxFTMvzhKJjeBy9/iFBPgybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjA3MTcyMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc3NzQxMTE1YTZlMTE0ZWY0NjBmMmJhNzM4ODk1YmMzY2FkZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMmTIW/qlwBdF5TKs68zkP+HR03I
E1FIOy3E/5iHY+IWs5BVe8U+SAopIppV+jNJyRqHiGyjIcUvZBaUOPKchRd2s0kQ
lkhLYcGJkkiw6/WgSFcLeK9yFDxPDgn5d31sYybYCzEM/duYSM6tNNgwSanvMEnR
NYTnx52Z0cp9UlLyeBB34rLJo/w9WUbCvhi6LD4/z28kbeK7NZlGxgE1Zv0iwRXU
MZxCsjlm5pzXMo/7C/8mg2HFjPzmBqlxQf3B4K+GYUrq8s1YWt8cBStWvx3w2E/+
tfNGVq3RgtiOcpO2vJKyfy9JgUKInO06e17i6e37chnb2AcppZ8cn/Cg4QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFFN3dBEVpuEU70YPK6c4iVvDyt6sMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVTNkMEVSV200UlR2Umc4cnB6aUpXOFBLM3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQALZDiAwQC
PsWMMAwDBAC5eXkDBAK5eXgDBAC57/MDBAHB76QwDAMEAtyexAMEANyexjANBgkq
hkiG9w0BAQsFAAOCAQEAJCLElYHfyUmVF+70KzDzj6uQ4B4UYeZ8Ig5grbGmQcKz
yXzZweLwLv1zH8mEXNwTDHwPErMGfbLGvz4qCq7l1l/InQmYrakvQHjst8egsFdN
PZoizyEFxkkcit7GyyC+FZBx5QeY49CxYqY+NW+mP4m6WlNrGztbhWogvYASH/sY
OMehvxGgm++Dng0ADsHcesEykaMwNQAW9SIZBfQgFgFpM0TuzUnHC89lUjl7lI/e
haaOf2h66Mc353oGdmRPH2/iyvoxWE/6MjhCf58Xt8ZBk2I9Jb7FxZGIt3AsyyIQ
9RjYL723tMbKlXO/bxnzxC7ggVCIWvNTZVSnSalh1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org