Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/Oh0PtvfHabO3lGTHnMzvu8Geo4I.roa
File:                     Oh0PtvfHabO3lGTHnMzvu8Geo4I.roa (raw, json)
Hash identifier:          cHW5Uklvbq0dLEYtBPVkX3RcHFLrlStnxlXD9VcMxiA=
Subject key identifier:   3A:1D:0F:B6:F7:C7:69:B3:B7:94:64:C7:9C:CC:EF:BB:C1:9E:A3:82
Certificate issuer:       /CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09
Certificate serial:       018CA5375D903C628A4B60CE8C668FEA431F
Authority key identifier: 3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/Oh0PtvfHabO3lGTHnMzvu8Geo4I.roa
Signing time:             Tue 26 Dec 2023 08:21:58 +0000
ROA not before:           Tue 26 Dec 2023 08:21:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200802
IP address blocks:        185.95.104.0/24 maxlen: 24
                          185.95.105.0/24 maxlen: 24
                          185.95.106.0/24 maxlen: 24
                          185.95.107.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:a5:37:5d:90:3c:62:8a:4b:60:ce:8c:66:8f:ea:43:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b7dc3d022828e4f5b36bdef7a18b0bb0cfbae09
        Validity
            Not Before: Dec 26 08:21:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a1d0fb6f7c769b3b79464c79cccefbbc19ea382
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:c9:e6:79:2e:38:26:ce:ed:1e:75:33:72:56:
                    36:11:31:32:9d:ca:40:2d:24:eb:a6:73:9b:39:d0:
                    a2:cd:b8:bb:60:f6:7b:c5:59:f9:85:11:22:33:2a:
                    e2:59:b4:e1:64:22:a3:3a:da:93:db:32:7a:7b:fd:
                    db:d1:cb:04:7a:dc:d3:41:cd:fc:b2:27:d4:21:09:
                    0b:a1:8d:9a:ac:7d:0c:8a:3d:b4:36:e2:85:62:de:
                    c7:a3:76:cc:62:ec:bd:4a:85:61:bc:4f:71:9f:83:
                    56:26:b9:85:e2:00:de:24:0f:2e:f1:45:0e:5d:7f:
                    58:1c:ca:89:78:89:7f:db:4e:5c:3e:7c:b7:64:2c:
                    a9:d2:0c:26:b7:71:f3:6e:25:ab:e0:9c:d6:0a:08:
                    b9:84:5a:b0:a6:64:c1:d3:89:b6:5c:f3:6a:34:29:
                    4e:0e:a5:46:53:dd:94:35:c4:55:d9:aa:4a:8a:8b:
                    8c:82:a7:37:30:85:29:58:cf:fa:9e:fa:37:3f:d3:
                    1a:ee:55:a5:e3:5d:fe:e7:01:31:a9:d9:fb:03:26:
                    2f:37:e9:17:c0:72:d9:75:28:75:7d:ec:16:db:8a:
                    68:a7:c8:d9:98:8e:f4:24:be:30:f3:fc:56:dd:32:
                    29:e9:12:63:10:79:b1:1f:82:05:f0:24:fc:ff:42:
                    87:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:1D:0F:B6:F7:C7:69:B3:B7:94:64:C7:9C:CC:EF:BB:C1:9E:A3:82
            X509v3 Authority Key Identifier:
                keyid:3B:7D:C3:D0:22:82:8E:4F:5B:36:BD:EF:7A:18:B0:BB:0C:FB:AE:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O33D0CKCjk9bNr3vehiwuwz7rgk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/Oh0PtvfHabO3lGTHnMzvu8Geo4I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4ef02c-8f8d-46e3-8d0b-71948e3c9ad4/1/O33D0CKCjk9bNr3vehiwuwz7rgk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.95.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:80:1d:0a:9d:7a:3d:ab:e0:28:05:57:8e:e1:65:d5:8c:eb:
         3a:17:66:ed:4b:12:d5:bd:36:8b:fa:73:5b:c4:87:e5:62:b1:
         a1:b5:43:02:1a:ed:d6:1c:0d:f8:85:c5:6c:df:37:55:9c:20:
         1c:1d:d4:9e:ab:1c:2a:f1:32:22:7c:a5:de:4e:fb:ca:10:74:
         65:03:70:58:d0:3c:67:51:97:90:58:a0:fc:8d:a9:ff:c3:c6:
         13:a7:15:c7:6c:c5:21:fb:e8:e8:47:fe:2b:9b:bc:b7:1b:6b:
         19:b6:01:a5:78:2b:f4:4f:5b:d6:dc:ac:e0:fd:dd:33:f4:89:
         72:25:17:85:eb:7c:24:95:68:31:4b:25:3e:5c:34:92:72:29:
         1a:dc:d5:3a:9e:81:d4:a1:6b:59:5b:7e:5e:76:55:21:7a:15:
         4e:69:b8:41:51:d5:e4:d0:a4:ee:16:80:4d:3c:c7:a9:b0:f1:
         6e:bc:ad:8d:ca:3b:f6:f6:42:53:db:22:0d:d1:07:e6:d3:95:
         13:ee:e0:bb:3b:d5:85:dd:2d:f5:54:92:5c:e3:21:c6:4c:5c:
         32:e7:6d:ff:24:9a:67:5f:43:27:04:b8:b3:98:fa:ea:8e:9d:
         92:72:96:cd:50:e9:b9:58:81:c3:01:ef:d6:a5:d8:c1:81:32:
         8a:1e:ec:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYylN12QPGKKS2DOjGaP6kMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2RjM2QwMjI4MjhlNGY1YjM2YmRlZjdhMThiMGJiMGNm
YmFlMDkwHhcNMjMxMjI2MDgyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTFkMGZiNmY3Yzc2OWIzYjc5NDY0Yzc5Y2NjZWZiYmMxOWVhMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8nmeS44Js7tHnUzclY2ETEyncpA
LSTrpnObOdCizbi7YPZ7xVn5hREiMyriWbThZCKjOtqT2zJ6e/3b0csEetzTQc38
sifUIQkLoY2arH0Mij20NuKFYt7Ho3bMYuy9SoVhvE9xn4NWJrmF4gDeJA8u8UUO
XX9YHMqJeIl/205cPny3ZCyp0gwmt3HzbiWr4JzWCgi5hFqwpmTB04m2XPNqNClO
DqVGU92UNcRV2apKiouMgqc3MIUpWM/6nvo3P9Ma7lWl413+5wExqdn7AyYvN+kX
wHLZdSh1fewW24pop8jZmI70JL4w8/xW3TIp6RJjEHmxH4IF8CT8/0KHCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDodD7b3x2mzt5Rkx5zM77vBnqOCMB8GA1UdIwQY
MBaAFDt9w9Aigo5PWza973oYsLsM+64JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80ZWYwMmMtOGY4ZC00NmUzLThkMGIt
NzE5NDhlM2M5YWQ0LzEvT2gwUHR2ZkhhYk8zbEdUSG5NenZ1OEdlbzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80ZWYwMmMtOGY4ZC00NmUzLThkMGItNzE5NDhlM2M5YWQ0
LzEvTzMzRDBDS0NqazliTnIzdmVoaXd1d3o3cmdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV9oMA0G
CSqGSIb3DQEBCwUAA4IBAQBGgB0KnXo9q+AoBVeO4WXVjOs6F2btSxLVvTaL+nNb
xIflYrGhtUMCGu3WHA34hcVs3zdVnCAcHdSeqxwq8TIifKXeTvvKEHRlA3BY0Dxn
UZeQWKD8jan/w8YTpxXHbMUh++joR/4rm7y3G2sZtgGleCv0T1vW3Kzg/d0z9Ily
JReF63wklWgxSyU+XDSScika3NU6noHUoWtZW35edlUhehVOabhBUdXk0KTuFoBN
PMepsPFuvK2Nyjv29kJT2yIN0Qfm05UT7uC7O9WF3S31VJJc4yHGTFwy523/JJpn
X0MnBLizmPrqjp2ScpbNUOm5WIHDAe/WpdjBgTKKHuwu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org