Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r1a-ubAikHRUlK5BB481295nzaQ.roa
File:                     r1a-ubAikHRUlK5BB481295nzaQ.roa (raw, json)
Hash identifier:          yJT9WVuI5/CfXuX3O4nSn5eoVv017E/6YGB1Zk8y2XU=
Subject key identifier:   AF:56:BE:B9:B0:22:90:74:54:94:AE:41:07:8F:35:DB:DE:67:CD:A4
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018D9ED4CAB798A325AD53C6C3465E30A2BC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r1a-ubAikHRUlK5BB481295nzaQ.roa
Signing time:             Mon 12 Feb 2024 19:39:22 +0000
ROA not before:           Mon 12 Feb 2024 19:39:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213035
IP address blocks:        45.144.226.0/24 maxlen: 24
                          185.121.121.0/24 maxlen: 24
                          185.121.122.0/23 maxlen: 24
                          185.239.243.0/24 maxlen: 24
                          193.239.164.0/23 maxlen: 24
                          220.158.196.0/23 maxlen: 24
                          220.158.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 28 Feb 2024 15:56:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:9e:d4:ca:b7:98:a3:25:ad:53:c6:c3:46:5e:30:a2:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb 12 19:39:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=af56beb9b02290745494ae41078f35dbde67cda4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f3:b3:69:9b:1b:0a:b2:0b:71:7c:99:51:e5:
                    4e:ae:44:3c:24:02:46:df:88:b6:c7:db:2a:5a:8a:
                    14:f5:4b:86:21:e0:26:42:e7:99:06:35:b3:a4:8e:
                    d9:fc:9c:0e:54:a3:9e:54:ad:5b:71:7f:b9:c9:cc:
                    dc:15:77:51:c0:4d:8f:d3:dd:d6:c4:e0:4b:9f:a3:
                    5a:c8:ce:70:be:57:53:da:70:64:b2:15:7a:23:cd:
                    df:18:84:b4:ff:0a:fa:61:53:e6:ab:39:fb:6a:79:
                    b5:6a:94:51:ee:93:1d:d7:18:4e:8b:cb:7d:a4:1a:
                    93:aa:3e:b9:3f:6c:52:8b:d3:97:52:c3:eb:ef:44:
                    6f:30:9c:cc:89:2c:3b:17:4c:46:a8:ba:24:d3:9b:
                    6a:0a:d7:43:8e:2e:40:f2:a2:e3:19:58:84:89:15:
                    4e:a8:ae:1e:22:fb:65:e8:87:72:f7:fe:f8:69:31:
                    7c:ee:52:8f:b0:c2:fb:52:f4:6e:bf:4a:6e:db:9f:
                    28:ba:a4:e6:be:37:a4:43:39:7f:19:aa:47:3a:7a:
                    0e:41:19:c0:54:e0:f2:e6:d8:d9:04:28:65:d0:af:
                    c0:bd:05:0c:71:41:14:74:24:d5:a5:f9:37:e3:47:
                    51:5f:91:6f:7e:a4:b3:45:69:a2:67:93:97:99:93:
                    31:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:56:BE:B9:B0:22:90:74:54:94:AE:41:07:8F:35:DB:DE:67:CD:A4
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r1a-ubAikHRUlK5BB481295nzaQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.226.0/24
                  185.121.121.0-185.121.123.255
                  185.239.243.0/24
                  193.239.164.0/23
                  220.158.196.0-220.158.198.255

    Signature Algorithm: sha256WithRSAEncryption
         14:30:90:b2:55:91:38:52:1e:15:41:c8:bb:74:c9:d3:fc:f1:
         2d:22:c1:f6:79:47:e9:bf:91:4d:40:45:5a:48:75:be:ac:e7:
         6a:f3:b3:66:63:01:16:b2:54:e8:c3:b6:cc:8b:29:d2:b0:e2:
         cd:d8:97:b3:5c:04:4d:9e:be:c1:56:f6:79:f8:49:8e:4c:14:
         0c:a8:3a:07:c1:65:27:c5:18:ec:99:ff:12:d9:19:65:d8:9c:
         f9:01:5f:93:6e:fa:45:ed:d8:75:e1:aa:18:2e:26:b5:15:ca:
         3d:6b:2c:33:01:f9:d6:b1:f6:5d:54:52:0e:cd:2e:bc:5a:96:
         67:29:23:1b:cd:91:c0:a6:1f:f2:cb:70:89:a1:0a:fb:d5:25:
         ac:91:0a:bc:dd:32:72:fa:65:a1:bd:b1:36:ed:83:a0:a0:ba:
         1c:a5:b0:c7:89:b8:8f:91:f9:c5:b1:3c:6c:5b:56:88:12:0f:
         24:6a:e4:24:7f:bc:e3:c9:d7:0c:56:b3:15:78:a7:88:6e:87:
         ec:4b:1e:ba:74:69:75:8f:be:48:f1:85:90:86:37:ae:43:41:
         8d:04:03:2f:21:54:27:b8:4e:e5:7e:46:7a:39:99:e5:d6:9c:
         b9:f3:ff:3e:4a:3c:27:7f:05:35:b4:c0:68:8d:62:52:db:c3:
         05:cd:5a:32
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY2e1Mq3mKMlrVPGw0ZeMKK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMjEyMTkzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjU2YmViOWIwMjI5MDc0NTQ5NGFlNDEwNzhmMzVkYmRlNjdjZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvOzaZsbCrILcXyZUeVOrkQ8JAJG
34i2x9sqWooU9UuGIeAmQueZBjWzpI7Z/JwOVKOeVK1bcX+5yczcFXdRwE2P093W
xOBLn6NayM5wvldT2nBkshV6I83fGIS0/wr6YVPmqzn7anm1apRR7pMd1xhOi8t9
pBqTqj65P2xSi9OXUsPr70RvMJzMiSw7F0xGqLok05tqCtdDji5A8qLjGViEiRVO
qK4eIvtl6Idy9/74aTF87lKPsML7UvRuv0pu258ouqTmvjekQzl/GapHOnoOQRnA
VODy5tjZBChl0K/AvQUMcUEUdCTVpfk340dRX5FvfqSzRWmiZ5OXmZMxpQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFK9WvrmwIpB0VJSuQQePNdveZ82kMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcjFhLXViQWlrSFJVbEs1QkI0ODEyOTVuemFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQALZDiMAwD
BAC5eXkDBAK5eXgDBAC57/MDBAHB76QwDAMEAtyexAMEANyexjANBgkqhkiG9w0B
AQsFAAOCAQEAFDCQslWROFIeFUHIu3TJ0/zxLSLB9nlH6b+RTUBFWkh1vqznavOz
ZmMBFrJU6MO2zIsp0rDizdiXs1wETZ6+wVb2efhJjkwUDKg6B8FlJ8UY7Jn/EtkZ
Zdic+QFfk276Re3YdeGqGC4mtRXKPWssMwH51rH2XVRSDs0uvFqWZykjG82RwKYf
8stwiaEK+9UlrJEKvN0ycvplob2xNu2DoKC6HKWwx4m4j5H5xbE8bFtWiBIPJGrk
JH+848nXDFazFXiniG6H7EseunRpdY++SPGFkIY3rkNBjQQDLyFUJ7hO5X5GejmZ
5dacufP/Pko8J38FNbTAaI1iUtvDBc1aMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org