Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/y2GlBx1-cM5q5382banuzQchroc.roa
File:                     y2GlBx1-cM5q5382banuzQchroc.roa (raw, json)
Hash identifier:          tlChnxKIsTyfHCqlJzZ6XdfkJ4hh+QXRF3WbPbzI/2g=
Subject key identifier:   CB:61:A5:07:1D:7E:70:CE:6A:E7:7F:36:6D:A9:EE:CD:07:21:AE:87
Certificate issuer:       /CN=3e332dd2994c6ee89436158a2eac1f482922cd2a
Certificate serial:       018AAFA2B39306B3F2272FB0263E89466FD0
Authority key identifier: 3E:33:2D:D2:99:4C:6E:E8:94:36:15:8A:2E:AC:1F:48:29:22:CD:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PjMt0plMbuiUNhWKLqwfSCkizSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/y2GlBx1-cM5q5382banuzQchroc.roa
Signing time:             Tue 19 Sep 2023 22:49:50 +0000
ROA not before:           Tue 19 Sep 2023 22:49:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205049
IP address blocks:        185.230.43.0/24 maxlen: 24
                          185.230.40.0/24 maxlen: 24
                          185.230.41.0/24 maxlen: 24
                          185.230.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Sep 2023 11:35:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:af:a2:b3:93:06:b3:f2:27:2f:b0:26:3e:89:46:6f:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e332dd2994c6ee89436158a2eac1f482922cd2a
        Validity
            Not Before: Sep 19 22:49:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb61a5071d7e70ce6ae77f366da9eecd0721ae87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:3d:b2:54:4f:08:b6:29:b4:a7:d9:2a:8f:14:
                    38:57:3d:3e:77:63:08:0e:fe:9c:66:d7:50:85:01:
                    b8:6b:90:30:b6:ac:96:f1:42:c2:d5:2f:5c:d3:e0:
                    33:b2:32:b4:12:af:17:95:52:d9:ab:a4:64:b8:f4:
                    ae:c2:59:9a:17:81:dc:f8:ff:18:66:28:9c:b4:5f:
                    24:e5:e6:9e:bc:a6:c0:e3:36:3a:ef:1e:17:f1:e4:
                    d6:04:77:fb:07:63:f0:1c:36:12:cb:49:86:5d:ca:
                    c2:87:4c:0e:a2:66:04:19:21:2f:af:00:a0:ed:ef:
                    63:9e:5e:29:83:52:07:dc:61:dc:16:b6:42:fa:32:
                    7a:76:42:10:e7:10:00:c6:02:5b:fa:54:52:93:f5:
                    44:a3:25:a0:4a:85:68:11:a5:53:8c:f3:f4:12:98:
                    ba:2f:a3:86:e7:da:62:a9:46:1f:af:3d:32:e3:d7:
                    09:6e:5c:9d:80:e3:0c:af:cb:38:ee:8b:3a:7e:16:
                    66:01:0d:84:c7:7a:6f:7e:43:95:66:85:ed:c4:ab:
                    ed:c2:f9:15:03:0a:85:a8:6d:a3:4e:cf:18:1e:8f:
                    1a:d6:34:3c:ec:ac:6b:a1:fa:bc:d9:ef:af:bd:b4:
                    b1:a5:33:ef:e3:6f:e7:15:bf:cc:3d:f3:61:a8:d6:
                    1e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:61:A5:07:1D:7E:70:CE:6A:E7:7F:36:6D:A9:EE:CD:07:21:AE:87
            X509v3 Authority Key Identifier:
                keyid:3E:33:2D:D2:99:4C:6E:E8:94:36:15:8A:2E:AC:1F:48:29:22:CD:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PjMt0plMbuiUNhWKLqwfSCkizSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/y2GlBx1-cM5q5382banuzQchroc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/PjMt0plMbuiUNhWKLqwfSCkizSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.230.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         11:ea:92:be:39:bf:4b:bd:b2:5a:80:2f:4d:85:9c:ba:1b:f4:
         2a:37:a9:92:17:f9:52:bc:2f:ad:e6:dc:b8:e5:a7:0e:ed:4a:
         e4:0c:f2:98:77:c3:7d:f7:04:f7:82:ce:24:07:f5:ec:1c:5d:
         97:c1:59:4c:7f:fb:eb:2b:50:e1:2d:56:75:08:58:57:cb:e6:
         7d:74:a0:a4:ad:d7:a7:2b:af:a8:0e:35:f8:e7:c5:ab:33:c3:
         d5:db:3b:53:fc:cb:f1:14:83:99:6c:8d:7b:64:ea:27:90:78:
         0d:ce:fc:71:5e:99:ab:ac:9c:b7:b6:da:cb:d4:72:6c:1c:d2:
         d4:ac:50:71:28:ef:7e:4c:b6:90:cd:93:37:45:ca:b4:52:b9:
         39:45:c9:30:0a:09:45:5d:c4:15:10:73:48:37:8b:62:a2:5c:
         2b:42:85:c0:e4:f2:e4:14:ad:9d:35:17:8a:1f:ad:b3:03:30:
         37:eb:a2:08:5f:dc:b6:75:b6:02:e2:60:32:2f:20:f7:62:f0:
         e9:9c:c2:d6:b8:0c:50:c7:88:94:42:4d:94:d5:aa:e1:a0:7d:
         7d:4f:b8:22:21:1b:60:9b:3d:ad:dd:cd:db:74:f9:c9:d8:8c:
         99:bb:0c:72:ed:39:20:32:ff:8a:e7:0f:05:6d:63:eb:d9:98:
         82:46:10:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqvorOTBrPyJy+wJj6JRm/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMzMyZGQyOTk0YzZlZTg5NDM2MTU4YTJlYWMxZjQ4Mjky
MmNkMmEwHhcNMjMwOTE5MjI0OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjYxYTUwNzFkN2U3MGNlNmFlNzdmMzY2ZGE5ZWVjZDA3MjFhZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz2yVE8Itim0p9kqjxQ4Vz0+d2MI
Dv6cZtdQhQG4a5AwtqyW8ULC1S9c0+AzsjK0Eq8XlVLZq6RkuPSuwlmaF4Hc+P8Y
ZiictF8k5eaevKbA4zY67x4X8eTWBHf7B2PwHDYSy0mGXcrCh0wOomYEGSEvrwCg
7e9jnl4pg1IH3GHcFrZC+jJ6dkIQ5xAAxgJb+lRSk/VEoyWgSoVoEaVTjPP0Epi6
L6OG59piqUYfrz0y49cJblydgOMMr8s47os6fhZmAQ2Ex3pvfkOVZoXtxKvtwvkV
AwqFqG2jTs8YHo8a1jQ87Kxrofq82e+vvbSxpTPv42/nFb/MPfNhqNYeJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMthpQcdfnDOaud/Nm2p7s0HIa6HMB8GA1UdIwQY
MBaAFD4zLdKZTG7olDYVii6sH0gpIs0qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGpNdDBwbE1idWlVTmhXS0xxd2ZTQ2tpelNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MDhlMjEtNmE0MC00NzExLTljODMt
ZDAyNGFkNGI3YmViLzEveTJHbEJ4MS1jTTVxNTM4MmJhbnV6UWNocm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82MDhlMjEtNmE0MC00NzExLTljODMtZDAyNGFkNGI3YmVi
LzEvUGpNdDBwbE1idWlVTmhXS0xxd2ZTQ2tpelNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueYoMA0G
CSqGSIb3DQEBCwUAA4IBAQAR6pK+Ob9LvbJagC9NhZy6G/QqN6mSF/lSvC+t5ty4
5acO7UrkDPKYd8N99wT3gs4kB/XsHF2XwVlMf/vrK1DhLVZ1CFhXy+Z9dKCkrden
K6+oDjX458WrM8PV2ztT/MvxFIOZbI17ZOonkHgNzvxxXpmrrJy3ttrL1HJsHNLU
rFBxKO9+TLaQzZM3Rcq0Urk5RckwCglFXcQVEHNIN4tiolwrQoXA5PLkFK2dNReK
H62zAzA366IIX9y2dbYC4mAyLyD3YvDpnMLWuAxQx4iUQk2U1arhoH19T7giIRtg
mz2t3c3bdPnJ2IyZuwxy7TkgMv+K5w8FbWPr2ZiCRhDA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:55 2024 by rpki-client on console-ams.rpki-client.org