Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/sWx8qBzXvs6qaPn9C4FUmGhgyOQ.roa
File:                     sWx8qBzXvs6qaPn9C4FUmGhgyOQ.roa (raw, json)
Hash identifier:          pJSDRlxrm7dr9ObsZWgZrXOxTX7MxMwwCCIBUoDGqlg=
Subject key identifier:   B1:6C:7C:A8:1C:D7:BE:CE:AA:68:F9:FD:0B:81:54:98:68:60:C8:E4
Certificate issuer:       /CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Certificate serial:       018806014FD45513BE9F34A9875D324FDBBA
Authority key identifier: 82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/sWx8qBzXvs6qaPn9C4FUmGhgyOQ.roa
Signing time:             Wed 10 May 2023 14:12:09 +0000
ROA not before:           Wed 10 May 2023 14:12:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50290
IP address blocks:        31.15.124.0/22 maxlen: 22
                          109.69.32.0/22 maxlen: 22
                          185.74.174.0/24 maxlen: 24
                          46.30.132.0/22 maxlen: 22
                          46.30.130.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:06:01:4f:d4:55:13:be:9f:34:a9:87:5d:32:4f:db:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
        Validity
            Not Before: May 10 14:12:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b16c7ca81cd7beceaa68f9fd0b8154986860c8e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ba:78:80:83:7f:b3:13:16:42:86:2f:bc:11:
                    72:b7:0e:96:a1:99:c5:0a:2f:8a:59:0b:d7:56:41:
                    7a:59:f4:3e:b5:c8:2f:23:b5:84:89:42:7b:f5:82:
                    d0:c6:8a:37:78:98:4e:8e:98:27:f2:d8:24:86:a4:
                    80:7e:3a:9c:22:f9:b0:65:17:31:d5:2a:f3:ed:9e:
                    68:54:fa:a1:b1:d1:24:2e:66:19:d8:19:f1:06:1e:
                    19:5f:04:24:13:96:ba:2f:7d:1f:59:01:9b:28:54:
                    02:1a:ac:c1:68:e6:f0:1f:23:c8:af:2e:ce:9d:3f:
                    a7:97:2e:65:49:ff:2c:e6:8d:8c:8c:cd:1b:2b:9f:
                    2f:f4:5f:a6:d5:62:df:b8:55:2f:bb:0e:b1:89:9a:
                    be:f7:a5:1c:3c:28:84:1f:30:3f:55:a9:f1:fc:46:
                    c5:02:87:f8:1c:ad:5b:33:05:5c:e0:07:5e:cd:6b:
                    e7:8d:b7:40:69:c8:d9:05:76:0b:89:de:00:09:ab:
                    ef:0e:b2:a8:a3:68:fe:a2:b9:fd:b4:fa:a6:ee:00:
                    cd:08:c2:0b:f2:a6:67:e2:57:4e:16:2b:1d:2b:e0:
                    56:0c:b9:98:f8:b3:f0:73:da:3b:63:50:ec:33:43:
                    f6:1e:94:05:90:5d:a0:ee:48:33:26:18:62:9f:f2:
                    d2:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:6C:7C:A8:1C:D7:BE:CE:AA:68:F9:FD:0B:81:54:98:68:60:C8:E4
            X509v3 Authority Key Identifier:
                keyid:82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/sWx8qBzXvs6qaPn9C4FUmGhgyOQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/gmf7Sgtne4N3kHuC-x-4gQov7wg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.15.124.0/22
                  46.30.130.0-46.30.135.255
                  109.69.32.0/22
                  185.74.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:bd:5c:2e:f4:ee:f6:e4:28:23:4c:48:8d:69:6b:59:00:93:
         a0:1b:04:7f:36:4f:28:2c:64:8a:41:5b:99:cc:0c:fb:68:a7:
         02:3c:90:31:da:24:ff:50:be:27:f1:79:28:32:d9:89:99:b6:
         d9:54:8b:71:86:ea:16:f0:ec:a1:a3:5e:6a:90:95:7c:6c:08:
         40:5b:37:c0:07:3a:be:67:9c:1c:12:a3:50:93:8f:7d:1a:ac:
         60:51:e8:6c:4a:96:cf:91:3c:46:dc:80:f3:58:e5:82:73:32:
         cf:1c:b1:05:30:08:51:cc:69:9e:7f:fe:60:d9:28:72:67:ca:
         8c:10:6b:73:10:ab:87:b3:29:47:eb:ac:0f:4d:a8:a7:7c:a0:
         f0:e5:b8:97:19:83:4e:b0:1a:65:3d:96:e3:a4:a5:ba:cb:7f:
         40:fd:c8:c4:0f:0f:88:3c:c0:b8:d2:dd:b0:99:b1:1a:9f:d0:
         be:1e:90:1e:34:bf:34:a3:70:b5:4e:d5:36:54:06:2b:f0:32:
         55:21:b8:84:9b:20:62:2f:d4:bb:9b:15:bd:3f:bc:e6:80:80:
         7d:5c:91:da:69:1b:5f:e0:fc:43:05:f0:62:6f:4f:b2:07:21:
         ed:03:63:6a:31:26:95:82:18:3b:17:5b:79:11:e1:be:1d:90:
         02:49:f9:1f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYgGAU/UVRO+nzSph10yT9u6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjdmYjRhMGI2NzdiODM3NzkwN2I4MmZiMWZiODgxMGEy
ZmVmMDgwHhcNMjMwNTEwMTQxMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTZjN2NhODFjZDdiZWNlYWE2OGY5ZmQwYjgxNTQ5ODY4NjBjOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrp4gIN/sxMWQoYvvBFytw6WoZnF
Ci+KWQvXVkF6WfQ+tcgvI7WEiUJ79YLQxoo3eJhOjpgn8tgkhqSAfjqcIvmwZRcx
1Srz7Z5oVPqhsdEkLmYZ2BnxBh4ZXwQkE5a6L30fWQGbKFQCGqzBaObwHyPIry7O
nT+nly5lSf8s5o2MjM0bK58v9F+m1WLfuFUvuw6xiZq+96UcPCiEHzA/Vanx/EbF
Aof4HK1bMwVc4AdezWvnjbdAacjZBXYLid4ACavvDrKoo2j+orn9tPqm7gDNCMIL
8qZn4ldOFisdK+BWDLmY+LPwc9o7Y1DsM0P2HpQFkF2g7kgzJhhin/LSRQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLFsfKgc177Oqmj5/QuBVJhoYMjkMB8GA1UdIwQY
MBaAFIJn+0oLZ3uDd5B7gvsfuIEKL+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUt
NjM5ZTE0ZDA0ZGU2LzEvc1d4OHFCelh2czZxYVBuOUM0RlVtR2hneU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUtNjM5ZTE0ZDA0ZGU2
LzEvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCHw98MAwD
BAEuHoIDBAMuHoADBAJtRSADBAC5Sq4wDQYJKoZIhvcNAQELBQADggEBAB69XC70
7vbkKCNMSI1pa1kAk6AbBH82TygsZIpBW5nMDPtopwI8kDHaJP9QvifxeSgy2YmZ
ttlUi3GG6hbw7KGjXmqQlXxsCEBbN8AHOr5nnBwSo1CTj30arGBR6GxKls+RPEbc
gPNY5YJzMs8csQUwCFHMaZ5//mDZKHJnyowQa3MQq4ezKUfrrA9NqKd8oPDluJcZ
g06wGmU9luOkpbrLf0D9yMQPD4g8wLjS3bCZsRqf0L4ekB40vzSjcLVO1TZUBivw
MlUhuISbIGIv1LubFb0/vOaAgH1ckdppG1/g/EMF8GJvT7IHIe0DY2oxJpWCGDsX
W3kR4b4dkAJJ+R8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:28 2024 by rpki-client on console-fra.rpki-client.org