Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/oFIltm0jpek9VC2OP-nElDW_7oo.roa
File:                     oFIltm0jpek9VC2OP-nElDW_7oo.roa (raw, json)
Hash identifier:          nHx6edgvCUXZUyiYVRqWOgFzGRcgJlvVOk4Ue2CZt2k=
Subject key identifier:   A0:52:25:B6:6D:23:A5:E9:3D:54:2D:8E:3F:E9:C4:94:35:BF:EE:8A
Certificate issuer:       /CN=391c5d3331145ec8e271876f8042207b9d00cb64
Certificate serial:       018CC26D0110BB4AC6E108269691E624422A
Authority key identifier: 39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/oFIltm0jpek9VC2OP-nElDW_7oo.roa
Signing time:             Mon 01 Jan 2024 00:29:32 +0000
ROA not before:           Mon 01 Jan 2024 00:29:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60398
IP address blocks:        185.249.105.0/24 maxlen: 24
                          185.249.107.0/24 maxlen: 24
                          185.249.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 26 Aug 2024 11:12:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:01:10:bb:4a:c6:e1:08:26:96:91:e6:24:42:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=391c5d3331145ec8e271876f8042207b9d00cb64
        Validity
            Not Before: Jan  1 00:29:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a05225b66d23a5e93d542d8e3fe9c49435bfee8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:cd:6d:94:ea:f4:bc:41:bc:98:9a:17:87:3a:
                    9c:fd:da:86:c1:ba:7f:e9:2f:c9:de:a3:12:8e:e9:
                    b3:cc:05:12:81:d0:02:4d:44:2b:e9:b1:82:25:fe:
                    fd:92:90:0f:ff:34:35:51:04:e3:21:d9:5d:da:c6:
                    40:00:fa:71:8e:25:47:de:7c:ac:98:65:f0:8f:7b:
                    ae:4a:2c:e9:38:06:68:4b:8e:21:b1:08:04:4f:b5:
                    cb:c4:28:88:87:77:6c:d3:53:29:16:f1:23:7e:f9:
                    6a:b5:6a:9f:1e:16:72:ab:3c:c9:8e:6d:37:a0:75:
                    f7:53:20:97:98:a1:2e:72:da:f2:a6:5c:b3:32:b9:
                    9a:a1:1a:93:c9:9d:75:87:26:8b:db:3f:90:0b:20:
                    5c:f8:04:93:2a:f0:ca:ed:f5:29:7b:fc:24:6f:d4:
                    8a:05:df:d4:3b:76:38:5c:a9:7f:cd:b7:bc:ff:19:
                    2c:ba:e1:5b:ea:ff:3e:c1:d8:16:70:fb:42:36:b8:
                    a4:48:4b:87:e4:4a:15:4e:57:02:0a:88:ae:f9:e3:
                    d2:9f:39:83:56:07:f7:2a:b7:03:3e:7c:15:76:c5:
                    ea:78:ab:dc:da:2a:0c:18:fd:d2:d4:43:8b:4c:b9:
                    69:77:7c:b8:29:99:1f:6d:a2:ca:9d:dc:64:81:25:
                    2c:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:52:25:B6:6D:23:A5:E9:3D:54:2D:8E:3F:E9:C4:94:35:BF:EE:8A
            X509v3 Authority Key Identifier:
                keyid:39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/oFIltm0jpek9VC2OP-nElDW_7oo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.249.105.0-185.249.107.255

    Signature Algorithm: sha256WithRSAEncryption
         24:f4:b6:ab:ac:2c:34:d0:71:de:dc:70:2d:87:e6:92:2b:b1:
         a6:46:c6:86:19:3c:27:57:17:9c:e8:b6:fa:a7:6a:25:09:a6:
         5e:f5:ba:88:25:01:7c:84:9e:b0:50:e3:05:57:69:81:53:9a:
         bd:7e:28:aa:55:be:3b:7f:ee:93:97:df:74:b6:6e:d1:9d:a1:
         bc:37:6d:6a:55:32:04:8a:0d:33:ce:66:e0:41:20:95:ec:36:
         a9:62:df:33:5a:a6:4f:43:14:6b:eb:db:1c:1d:02:9e:3c:72:
         2d:c7:05:d5:7a:eb:24:83:3e:84:61:39:4a:fc:ad:3c:69:10:
         6e:91:60:8c:14:cb:2f:af:52:6b:c9:fd:91:cc:29:56:a5:23:
         fa:d8:f3:d3:6c:74:93:b1:ad:18:af:ef:7c:29:df:60:7b:31:
         9d:70:8e:1f:f6:f5:cc:4d:de:59:bb:35:b0:b4:3f:6b:2c:27:
         f6:2d:4a:7d:5a:96:dd:6c:c4:cc:07:c1:f1:93:7b:26:20:01:
         c3:31:ac:c5:65:32:b4:ab:1b:b3:a2:1d:3c:ae:b4:f1:02:ea:
         d4:21:fc:7c:7d:84:5e:a9:de:81:6a:39:42:85:06:0b:0d:34:
         24:b8:6b:9b:ae:7b:f5:7b:4d:02:10:83:d7:b0:50:a9:a6:c6:
         f4:57:e4:ae
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbQEQu0rG4QgmlpHmJEIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWM1ZDMzMzExNDVlYzhlMjcxODc2ZjgwNDIyMDdiOWQw
MGNiNjQwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDUyMjViNjZkMjNhNWU5M2Q1NDJkOGUzZmU5YzQ5NDM1YmZlZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj81tlOr0vEG8mJoXhzqc/dqGwbp/
6S/J3qMSjumzzAUSgdACTUQr6bGCJf79kpAP/zQ1UQTjIdld2sZAAPpxjiVH3nys
mGXwj3uuSizpOAZoS44hsQgET7XLxCiIh3ds01MpFvEjfvlqtWqfHhZyqzzJjm03
oHX3UyCXmKEuctryplyzMrmaoRqTyZ11hyaL2z+QCyBc+ASTKvDK7fUpe/wkb9SK
Bd/UO3Y4XKl/zbe8/xksuuFb6v8+wdgWcPtCNrikSEuH5EoVTlcCCoiu+ePSnzmD
Vgf3KrcDPnwVdsXqeKvc2ioMGP3S1EOLTLlpd3y4KZkfbaLKndxkgSUsWQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKBSJbZtI6XpPVQtjj/pxJQ1v+6KMB8GA1UdIwQY
MBaAFDkcXTMxFF7I4nGHb4BCIHudAMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAt
Y2EzMzUwZTc2MGNiLzEvb0ZJbHRtMGpwZWs5VkMyT1AtbkVsRFdfN29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAtY2EzMzUwZTc2MGNi
LzEvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5+WkD
BAK5+WgwDQYJKoZIhvcNAQELBQADggEBACT0tqusLDTQcd7ccC2H5pIrsaZGxoYZ
PCdXF5zotvqnaiUJpl71uoglAXyEnrBQ4wVXaYFTmr1+KKpVvjt/7pOX33S2btGd
obw3bWpVMgSKDTPOZuBBIJXsNqli3zNapk9DFGvr2xwdAp48ci3HBdV66ySDPoRh
OUr8rTxpEG6RYIwUyy+vUmvJ/ZHMKValI/rY89NsdJOxrRiv73wp32B7MZ1wjh/2
9cxN3lm7NbC0P2ssJ/YtSn1alt1sxMwHwfGTeyYgAcMxrMVlMrSrG7OiHTyutPEC
6tQh/Hx9hF6p3oFqOUKFBgsNNCS4a5uue/V7TQIQg9ewUKmmxvRX5K4=
-----END CERTIFICATE-----
Generated at Mon Aug 26 14:36:53 2024 by rpki-client on console-fra.rpki-client.org