Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/2IXpYuZapVg8bWXBijhMqBvDzu8.roa
File:                     2IXpYuZapVg8bWXBijhMqBvDzu8.roa (raw, json)
Hash identifier:          BljrYBULv8pe9PThkwHHGtFzMSusb5neAtyHunQRQro=
Subject key identifier:   D8:85:E9:62:E6:5A:A5:58:3C:6D:65:C1:8A:38:4C:A8:1B:C3:CE:EF
Certificate issuer:       /CN=3e332dd2994c6ee89436158a2eac1f482922cd2a
Certificate serial:       018CC8DF49056E2CCA4C2032F9CBBD3ECECB
Authority key identifier: 3E:33:2D:D2:99:4C:6E:E8:94:36:15:8A:2E:AC:1F:48:29:22:CD:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PjMt0plMbuiUNhWKLqwfSCkizSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/2IXpYuZapVg8bWXBijhMqBvDzu8.roa
Signing time:             Tue 02 Jan 2024 06:32:05 +0000
ROA not before:           Tue 02 Jan 2024 06:32:05 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205049
IP address blocks:        185.230.43.0/24 maxlen: 24
                          185.230.40.0/24 maxlen: 24
                          185.230.40.0/22 maxlen: 22
                          185.230.41.0/24 maxlen: 24
                          185.230.42.0/24 maxlen: 24
                          2a13:3680:6000::/35 maxlen: 35
                          2a13:3680:4000::/35 maxlen: 35
                          2a13:3680:2000::/35 maxlen: 35
                          2a13:3680::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sun 07 Jan 2024 21:25:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:49:05:6e:2c:ca:4c:20:32:f9:cb:bd:3e:ce:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e332dd2994c6ee89436158a2eac1f482922cd2a
        Validity
            Not Before: Jan  2 06:32:05 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d885e962e65aa5583c6d65c18a384ca81bc3ceef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:22:83:4b:1c:ac:d0:7b:46:f7:1d:54:cf:94:
                    d4:7f:d0:cc:29:bd:bb:24:3c:21:a6:90:57:75:02:
                    1f:c9:bb:34:06:b9:31:91:8e:93:dc:21:c0:3a:50:
                    c9:7a:fa:ce:34:09:cb:ea:ca:6a:0d:c6:24:e6:aa:
                    42:e7:7e:bb:7d:e8:86:11:86:36:c5:3a:4e:26:ad:
                    3e:60:41:67:13:cb:91:f5:bb:fb:eb:d3:cc:f5:27:
                    90:67:42:34:9a:5f:4e:f3:a8:47:5f:cd:10:1b:f7:
                    fb:03:af:82:7e:47:b2:85:3a:be:7b:75:ef:ef:33:
                    da:70:f3:48:53:dd:12:21:60:e7:06:2b:34:76:2b:
                    6f:a4:67:5a:f6:5c:b0:56:f1:27:f9:4c:bc:dc:bc:
                    44:d4:b5:a0:7a:b7:6a:08:74:6b:87:ce:0e:9f:32:
                    b7:8e:f5:a3:54:88:7b:a4:64:13:f2:80:0d:0d:c1:
                    35:15:98:98:7c:e9:94:f5:ae:9e:dc:81:f4:90:c4:
                    69:fc:03:7f:a6:2b:9f:4b:c6:06:eb:41:f7:cc:cd:
                    47:37:72:3b:78:2d:b4:cb:3e:e2:ac:a3:f7:82:34:
                    fc:18:76:77:98:24:be:fe:ed:1b:d0:65:59:f8:fc:
                    c5:59:46:f0:9d:23:9e:38:5a:aa:23:5d:44:4e:22:
                    75:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:85:E9:62:E6:5A:A5:58:3C:6D:65:C1:8A:38:4C:A8:1B:C3:CE:EF
            X509v3 Authority Key Identifier:
                keyid:3E:33:2D:D2:99:4C:6E:E8:94:36:15:8A:2E:AC:1F:48:29:22:CD:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PjMt0plMbuiUNhWKLqwfSCkizSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/2IXpYuZapVg8bWXBijhMqBvDzu8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/PjMt0plMbuiUNhWKLqwfSCkizSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.230.40.0/22
                IPv6:
                  2a13:3680::/29

    Signature Algorithm: sha256WithRSAEncryption
         7f:17:25:df:1d:a0:c7:83:27:1a:47:0d:2f:7d:c5:8a:d9:be:
         de:01:c9:06:fe:16:87:07:b1:b1:a1:aa:8f:ad:43:99:46:be:
         a0:e4:a1:a5:82:ca:8c:a9:5a:04:17:77:46:54:01:7e:e6:07:
         7b:43:24:f0:1f:09:df:da:53:5b:5f:21:f0:e2:b6:96:d4:e2:
         1b:2d:bf:2b:39:8f:a7:3b:43:b6:f7:56:c0:3c:93:4f:ac:6f:
         46:ba:d8:18:34:13:f1:bf:14:a5:69:ad:45:fb:61:40:6f:c9:
         7b:25:0f:e3:ca:b5:4c:26:9d:03:3f:90:79:d3:73:f6:b7:ba:
         b7:09:bd:3c:1b:79:68:0b:c6:26:9a:3e:2b:df:11:d5:bb:ac:
         fb:1e:bc:7e:77:99:e5:6f:87:00:17:95:71:cb:d6:35:bd:16:
         a1:db:40:45:91:87:07:59:57:f5:f9:43:e0:84:c5:96:a5:4a:
         40:81:41:24:a4:4e:70:b0:69:18:92:e8:8b:39:1c:10:dc:5f:
         99:34:7f:70:a8:99:b4:36:8f:09:4d:4f:6f:a3:99:44:a4:38:
         b3:ff:fe:81:56:8d:43:b7:b7:bf:49:fc:70:8f:32:ec:a2:c8:
         00:6d:c1:5b:6c:11:99:76:d2:42:aa:79:09:d4:8d:4d:0e:cc:
         3c:22:43:80
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI30kFbizKTCAy+cu9Ps7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMzMyZGQyOTk0YzZlZTg5NDM2MTU4YTJlYWMxZjQ4Mjky
MmNkMmEwHhcNMjQwMTAyMDYzMjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODg1ZTk2MmU2NWFhNTU4M2M2ZDY1YzE4YTM4NGNhODFiYzNjZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyKDSxys0HtG9x1Uz5TUf9DMKb27
JDwhppBXdQIfybs0BrkxkY6T3CHAOlDJevrONAnL6spqDcYk5qpC5367feiGEYY2
xTpOJq0+YEFnE8uR9bv769PM9SeQZ0I0ml9O86hHX80QG/f7A6+CfkeyhTq+e3Xv
7zPacPNIU90SIWDnBis0ditvpGda9lywVvEn+Uy83LxE1LWgerdqCHRrh84OnzK3
jvWjVIh7pGQT8oANDcE1FZiYfOmU9a6e3IH0kMRp/AN/piufS8YG60H3zM1HN3I7
eC20yz7irKP3gjT8GHZ3mCS+/u0b0GVZ+PzFWUbwnSOeOFqqI11ETiJ1EQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNiF6WLmWqVYPG1lwYo4TKgbw87vMB8GA1UdIwQY
MBaAFD4zLdKZTG7olDYVii6sH0gpIs0qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGpNdDBwbE1idWlVTmhXS0xxd2ZTQ2tpelNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MDhlMjEtNmE0MC00NzExLTljODMt
ZDAyNGFkNGI3YmViLzEvMklYcFl1WmFwVmc4YldYQmlqaE1xQnZEenU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82MDhlMjEtNmE0MC00NzExLTljODMtZDAyNGFkNGI3YmVi
LzEvUGpNdDBwbE1idWlVTmhXS0xxd2ZTQ2tpelNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueYoMA0E
AgACMAcDBQMqEzaAMA0GCSqGSIb3DQEBCwUAA4IBAQB/FyXfHaDHgycaRw0vfcWK
2b7eAckG/haHB7GxoaqPrUOZRr6g5KGlgsqMqVoEF3dGVAF+5gd7QyTwHwnf2lNb
XyHw4raW1OIbLb8rOY+nO0O291bAPJNPrG9GutgYNBPxvxSlaa1F+2FAb8l7JQ/j
yrVMJp0DP5B503P2t7q3Cb08G3loC8Ymmj4r3xHVu6z7Hrx+d5nlb4cAF5Vxy9Y1
vRah20BFkYcHWVf1+UPghMWWpUpAgUEkpE5wsGkYkuiLORwQ3F+ZNH9wqJm0No8J
TU9vo5lEpDiz//6BVo1Dt7e/SfxwjzLsosgAbcFbbBGZdtJCqnkJ1I1NDsw8IkOA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:58 2024 by rpki-client on console-fra.rpki-client.org