Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/kmrqMcZ4GxXpY0tIeGrsz7rjB0o.roa
File:                     kmrqMcZ4GxXpY0tIeGrsz7rjB0o.roa (raw, json)
Hash identifier:          IpiTHl9Juuo/XLY0fmwpMf+dqyDFevdd+0yDBZuymcQ=
Subject key identifier:   92:6A:EA:31:C6:78:1B:15:E9:63:4B:48:78:6A:EC:CF:BA:E3:07:4A
Certificate issuer:       /CN=391c5d3331145ec8e271876f8042207b9d00cb64
Certificate serial:       01918E65CF8B12052EE3B0F21089B8C6F4F3
Authority key identifier: 39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/kmrqMcZ4GxXpY0tIeGrsz7rjB0o.roa
Signing time:             Mon 26 Aug 2024 11:15:22 +0000
ROA not before:           Mon 26 Aug 2024 11:15:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60398
IP address blocks:        185.249.105.0/24 maxlen: 24
                          185.249.106.0/24 maxlen: 24
                          185.249.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 27 Aug 2024 06:05:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:8e:65:cf:8b:12:05:2e:e3:b0:f2:10:89:b8:c6:f4:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=391c5d3331145ec8e271876f8042207b9d00cb64
        Validity
            Not Before: Aug 26 11:15:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=926aea31c6781b15e9634b48786aeccfbae3074a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:82:43:c1:9c:2b:44:1a:41:4f:ad:f5:00:e9:
                    fb:a3:f6:8a:58:cd:b8:8e:40:50:32:fc:ad:05:9f:
                    0c:96:cc:02:bf:1b:12:d7:bf:54:5d:38:90:a5:1a:
                    19:7c:d3:41:45:ef:d1:c3:fa:2c:cb:f9:a7:f0:8b:
                    24:20:b4:fe:e0:ea:0d:e7:61:4e:40:fc:71:e3:e4:
                    33:20:c0:96:cc:22:87:77:2e:e9:52:14:f9:61:99:
                    f7:ed:6d:fd:d7:8b:a0:86:3d:4e:9c:f4:d1:7c:4c:
                    39:a7:db:5d:4d:7d:1b:b8:dd:74:6b:8b:0b:bc:1e:
                    f0:28:19:72:83:71:8c:b9:a1:56:2e:2a:c3:e3:81:
                    39:c7:d7:23:87:3e:14:c7:38:93:63:d4:d3:ca:7d:
                    59:47:78:7d:75:46:bf:b2:be:91:19:ea:8a:6e:8d:
                    39:d8:a1:d4:0f:5f:68:ea:bd:31:a5:dc:89:1f:df:
                    45:b5:36:89:23:a2:9d:26:b9:ef:10:47:34:73:c8:
                    e6:ec:9e:36:f4:ad:87:ba:79:dd:70:e8:71:c9:be:
                    92:e9:6d:c1:b8:78:5e:d5:34:6b:aa:d3:d0:fe:02:
                    76:27:ac:0d:a7:40:cd:28:a7:f1:10:8c:ad:24:7f:
                    93:bc:d5:95:3e:da:15:c8:60:5f:c5:9c:7f:7f:3d:
                    ad:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:6A:EA:31:C6:78:1B:15:E9:63:4B:48:78:6A:EC:CF:BA:E3:07:4A
            X509v3 Authority Key Identifier:
                keyid:39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/kmrqMcZ4GxXpY0tIeGrsz7rjB0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.249.105.0-185.249.107.255

    Signature Algorithm: sha256WithRSAEncryption
         3f:c1:e7:2a:5b:90:7e:76:6d:ba:9b:46:d3:05:38:4f:40:cb:
         9f:65:aa:f2:cd:cc:8c:7f:f3:7c:c5:f0:81:c9:4c:ca:f1:5c:
         89:85:48:56:2f:67:81:11:19:36:35:69:10:d8:54:db:f2:27:
         e3:be:5f:78:29:dd:73:1f:73:c3:33:26:9f:64:07:cb:84:48:
         4e:1c:c3:1b:95:ae:d9:ca:a8:04:05:a0:a9:2c:10:05:d9:52:
         65:6b:c9:92:cd:18:93:08:53:87:7d:ad:6e:9c:9d:07:28:e3:
         19:a7:04:cd:89:69:93:13:f8:ef:cc:ff:74:bf:b6:cd:02:a0:
         48:2c:e2:f9:a8:df:5a:8f:2b:5e:bd:8f:b5:3b:e6:11:c9:15:
         b5:04:87:5b:c5:10:c0:b8:04:93:f8:e0:45:c0:88:58:5c:07:
         82:72:50:62:f5:a9:d2:db:72:84:81:2d:8e:64:35:75:ce:8a:
         b3:5a:80:05:a8:1d:0f:b9:1e:70:4d:50:ac:75:61:b7:7e:f5:
         d5:34:66:41:c3:b7:38:7d:fc:9e:d7:f9:cc:f6:aa:92:8e:d6:
         34:dd:a1:e3:8d:e4:60:16:77:c0:ab:92:6e:69:19:de:e7:46:
         f8:ef:04:a6:d4:44:ec:04:f7:b9:8a:0b:47:f8:da:7b:ea:3f:
         95:81:ec:81
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZGOZc+LEgUu47DyEIm4xvTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWM1ZDMzMzExNDVlYzhlMjcxODc2ZjgwNDIyMDdiOWQw
MGNiNjQwHhcNMjQwODI2MTExNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjZhZWEzMWM2NzgxYjE1ZTk2MzRiNDg3ODZhZWNjZmJhZTMwNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oJDwZwrRBpBT631AOn7o/aKWM24
jkBQMvytBZ8MlswCvxsS179UXTiQpRoZfNNBRe/Rw/osy/mn8IskILT+4OoN52FO
QPxx4+QzIMCWzCKHdy7pUhT5YZn37W3914ughj1OnPTRfEw5p9tdTX0buN10a4sL
vB7wKBlyg3GMuaFWLirD44E5x9cjhz4UxziTY9TTyn1ZR3h9dUa/sr6RGeqKbo05
2KHUD19o6r0xpdyJH99FtTaJI6KdJrnvEEc0c8jm7J429K2HunndcOhxyb6S6W3B
uHhe1TRrqtPQ/gJ2J6wNp0DNKKfxEIytJH+TvNWVPtoVyGBfxZx/fz2tIQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJJq6jHGeBsV6WNLSHhq7M+64wdKMB8GA1UdIwQY
MBaAFDkcXTMxFF7I4nGHb4BCIHudAMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAt
Y2EzMzUwZTc2MGNiLzEva21ycU1jWjRHeFhwWTB0SWVHcnN6N3JqQjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAtY2EzMzUwZTc2MGNi
LzEvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5+WkD
BAK5+WgwDQYJKoZIhvcNAQELBQADggEBAD/B5ypbkH52bbqbRtMFOE9Ay59lqvLN
zIx/83zF8IHJTMrxXImFSFYvZ4ERGTY1aRDYVNvyJ+O+X3gp3XMfc8MzJp9kB8uE
SE4cwxuVrtnKqAQFoKksEAXZUmVryZLNGJMIU4d9rW6cnQco4xmnBM2JaZMT+O/M
/3S/ts0CoEgs4vmo31qPK169j7U75hHJFbUEh1vFEMC4BJP44EXAiFhcB4JyUGL1
qdLbcoSBLY5kNXXOirNagAWoHQ+5HnBNUKx1Ybd+9dU0ZkHDtzh9/J7X+cz2qpKO
1jTdoeON5GAWd8Crkm5pGd7nRvjvBKbUROwE97mKC0f42nvqP5WB7IE=
-----END CERTIFICATE-----
Generated at Tue Aug 27 08:25:31 2024 by rpki-client on console-ams.rpki-client.org