Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/G49lpV0Iv7lgPm1Ah4TJAFq1zf8.roa
File:                     G49lpV0Iv7lgPm1Ah4TJAFq1zf8.roa (raw, json)
Hash identifier:          W19qBQTZYFSLlOTeLVM1jN9+s15nTVpLvKXUoVVX01w=
Subject key identifier:   1B:8F:65:A5:5D:08:BF:B9:60:3E:6D:40:87:84:C9:00:5A:B5:CD:FF
Certificate issuer:       /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial:       018E27756A6FBF8004225ACCAF6346CEA817
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/G49lpV0Iv7lgPm1Ah4TJAFq1zf8.roa
Signing time:             Sun 10 Mar 2024 08:23:09 +0000
ROA not before:           Sun 10 Mar 2024 08:23:09 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202391
IP address blocks:        31.25.92.0/22 maxlen: 22
                          31.25.92.0/24 maxlen: 24
                          31.25.93.0/24 maxlen: 24
                          31.25.94.0/24 maxlen: 24
                          31.25.95.0/24 maxlen: 24
                          178.236.32.0/22 maxlen: 22
                          178.236.32.0/24 maxlen: 24
                          178.236.33.0/24 maxlen: 24
                          178.236.34.0/24 maxlen: 24
                          178.236.35.0/24 maxlen: 24
                          185.49.104.0/22 maxlen: 22
                          185.118.12.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 29 Apr 2024 10:03:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:27:75:6a:6f:bf:80:04:22:5a:cc:af:63:46:ce:a8:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
        Validity
            Not Before: Mar 10 08:23:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1b8f65a55d08bfb9603e6d408784c9005ab5cdff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:96:a9:46:3b:0f:71:cd:e4:77:de:83:3d:4f:
                    ff:ea:e5:d5:27:31:2f:00:a3:cb:02:28:84:c8:1d:
                    4f:f8:e3:6f:02:da:48:03:22:4d:1b:8e:0b:9d:4e:
                    1e:b9:76:ec:d3:e8:3f:75:d5:7e:dd:d4:19:29:3b:
                    69:be:0f:a1:0b:df:19:bf:f0:66:bd:c9:f3:a5:83:
                    5e:fc:f5:c8:7b:b9:44:c2:55:b8:a9:2b:95:c8:04:
                    21:bf:bc:05:de:1c:ee:f7:e6:f2:f7:42:98:d3:ef:
                    07:2c:d5:20:04:56:19:b6:20:6c:d4:bb:b5:90:23:
                    13:47:f3:2b:7e:0c:bd:36:fc:da:cf:a1:f9:20:c3:
                    cc:a5:06:85:91:38:e8:04:38:02:39:4c:f3:3e:8e:
                    90:14:23:1f:3d:b2:15:09:4f:5a:de:35:0b:f1:64:
                    fa:20:73:5e:49:cf:42:b6:56:e2:29:e4:6a:18:d9:
                    2b:92:d0:51:f0:95:3e:83:c1:e7:d1:fe:03:9e:71:
                    3e:c0:7c:1f:87:33:25:c5:3c:17:88:4a:67:a2:52:
                    8a:12:f0:96:93:31:29:72:23:de:4d:62:24:54:89:
                    49:dc:5d:21:34:1f:34:2b:3c:cd:0f:fd:e6:de:3e:
                    d8:ee:29:47:61:42:14:ff:36:2e:b8:8f:1b:1f:f7:
                    7f:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:8F:65:A5:5D:08:BF:B9:60:3E:6D:40:87:84:C9:00:5A:B5:CD:FF
            X509v3 Authority Key Identifier:
                keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/G49lpV0Iv7lgPm1Ah4TJAFq1zf8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.25.92.0/22
                  178.236.32.0/22
                  185.49.104.0/22
                  185.118.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2f:9e:b2:85:a5:3d:71:f2:58:dc:1b:8f:7d:76:36:2b:a4:1e:
         7d:17:dd:cd:0f:91:21:2d:14:27:ae:94:d4:fd:85:de:74:b2:
         f6:b1:9b:20:d8:66:a4:55:a5:a0:f8:97:7f:41:26:6b:ad:91:
         97:1f:73:2c:ad:e1:f6:a1:5f:3d:1d:49:08:0d:79:e4:b2:10:
         b4:f7:c2:5f:50:c5:f9:0c:29:20:ec:0a:da:33:45:f8:95:23:
         a6:88:e5:47:15:07:0a:7c:48:e4:bd:a5:eb:06:2d:01:d7:d5:
         1c:c9:9d:98:bb:06:b4:ae:85:bf:83:6b:54:7f:d1:36:d0:c7:
         a0:85:5b:79:b3:ca:d6:b0:b8:e3:56:c1:65:56:f9:b9:b6:90:
         3c:a0:c7:2f:33:62:9b:46:ef:28:37:b6:15:08:54:da:14:ca:
         d0:49:68:2d:56:85:84:85:c9:00:5d:d8:ec:0c:b8:fa:87:5f:
         8a:bb:4b:01:1d:d8:ef:76:c1:2f:54:bf:17:0f:32:2e:17:9c:
         83:84:3d:21:0f:fb:12:74:5f:2d:d5:52:de:05:31:cf:44:73:
         1c:49:72:d5:79:ea:8c:86:85:20:2c:92:5d:18:d0:c8:01:80:
         29:b4:35:6e:ae:88:0a:ee:3c:c1:53:09:d3:98:cd:ce:24:50:
         22:6b:94:68
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY4ndWpvv4AEIlrMr2NGzqgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjQwMzEwMDgyMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjhmNjVhNTVkMDhiZmI5NjAzZTZkNDA4Nzg0YzkwMDVhYjVjZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZapRjsPcc3kd96DPU//6uXVJzEv
AKPLAiiEyB1P+ONvAtpIAyJNG44LnU4euXbs0+g/ddV+3dQZKTtpvg+hC98Zv/Bm
vcnzpYNe/PXIe7lEwlW4qSuVyAQhv7wF3hzu9+by90KY0+8HLNUgBFYZtiBs1Lu1
kCMTR/Mrfgy9Nvzaz6H5IMPMpQaFkTjoBDgCOUzzPo6QFCMfPbIVCU9a3jUL8WT6
IHNeSc9CtlbiKeRqGNkrktBR8JU+g8Hn0f4DnnE+wHwfhzMlxTwXiEpnolKKEvCW
kzEpciPeTWIkVIlJ3F0hNB80KzzND/3m3j7Y7ilHYUIU/zYuuI8bH/d/VwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBuPZaVdCL+5YD5tQIeEyQBatc3/MB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL0c0OWxwVjBJdjdsZ1BtMUFoNFRKQUZxMXpmOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAIfGVwD
BAKy7CADBAK5MWgDBAK5dgwwDQYJKoZIhvcNAQELBQADggEBAC+esoWlPXHyWNwb
j312NiukHn0X3c0PkSEtFCeulNT9hd50svaxmyDYZqRVpaD4l39BJmutkZcfcyyt
4fahXz0dSQgNeeSyELT3wl9QxfkMKSDsCtozRfiVI6aI5UcVBwp8SOS9pesGLQHX
1RzJnZi7BrSuhb+Da1R/0TbQx6CFW3mzytawuONWwWVW+bm2kDygxy8zYptG7yg3
thUIVNoUytBJaC1WhYSFyQBd2OwMuPqHX4q7SwEd2O92wS9UvxcPMi4XnIOEPSEP
+xJ0Xy3VUt4FMc9EcxxJctV56oyGhSAskl0Y0MgBgCm0NW6uiAruPMFTCdOYzc4k
UCJrlGg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:48 2024 by rpki-client on console-ams.rpki-client.org