Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MyhagOFlVVYKGZMYgaSigKPhHeo.roa
File:                     MyhagOFlVVYKGZMYgaSigKPhHeo.roa (raw, json)
Hash identifier:          2t38kxEL9tmLhGUeAZ54iyslUDBF2OadOtla76BmRRk=
Subject key identifier:   33:28:5A:80:E1:65:55:56:0A:19:93:18:81:A4:A2:80:A3:E1:1D:EA
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       018A930850F7C563B44EF66EE9B53D1E0414
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MyhagOFlVVYKGZMYgaSigKPhHeo.roa
Signing time:             Thu 14 Sep 2023 09:31:50 +0000
ROA not before:           Thu 14 Sep 2023 09:31:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.225.22.0/24 maxlen: 24
                          185.220.249.0/24 maxlen: 24
                          185.210.233.0/24 maxlen: 24
                          185.251.229.0/24 maxlen: 24
                          185.251.231.0/24 maxlen: 24
                          185.225.0.0/23 maxlen: 23
                          185.194.177.0/24 maxlen: 24
                          185.223.80.0/24 maxlen: 24
                          185.222.29.0/24 maxlen: 24
                          45.90.16.0/24 maxlen: 24
                          45.90.19.0/24 maxlen: 24
                          185.209.73.0/24 maxlen: 24
                          193.58.146.0/23 maxlen: 24
                          193.58.147.0/24 maxlen: 24
                          45.147.224.0/24 maxlen: 24
                          45.8.21.0/24 maxlen: 24
                          185.246.112.0/24 maxlen: 24
                          185.246.115.0/24 maxlen: 24
                          185.36.205.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Sep 2023 08:57:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:93:08:50:f7:c5:63:b4:4e:f6:6e:e9:b5:3d:1e:04:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Sep 14 09:31:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=33285a80e16555560a19931881a4a280a3e11dea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:3c:24:78:fd:5b:5a:b2:ff:f6:c8:12:a1:2e:
                    0a:e9:d0:6f:8c:86:cf:3d:1a:5d:ec:aa:6e:b1:e6:
                    ac:ba:fb:3d:e3:d4:61:f4:d2:21:3a:3e:0c:5a:c8:
                    d8:9c:0e:ca:2a:84:b1:b3:08:7e:3f:45:2c:48:40:
                    1a:c1:fd:4e:dd:d0:3a:02:f2:b8:07:fa:a8:66:ac:
                    48:8d:b3:3b:73:fb:61:8a:77:a3:b3:e8:6b:6c:1f:
                    22:dc:16:2b:bf:c0:a6:d1:1d:89:5f:28:53:fb:f1:
                    47:d9:b8:18:6b:b4:7c:f6:43:a9:2c:b7:63:af:11:
                    ce:d6:a1:8c:dc:02:fb:f4:b2:a7:78:1f:43:57:86:
                    e6:1d:c1:96:ff:b7:1c:15:a2:db:42:af:43:c3:7f:
                    ef:40:aa:06:c7:c3:0d:8d:4c:f8:10:e8:9c:80:31:
                    d4:2b:04:61:3c:e1:88:33:0f:26:ea:3f:b6:a6:9a:
                    51:8f:6a:84:4f:8e:7c:54:a6:31:f5:d7:c3:5a:cb:
                    85:14:c9:a0:a8:79:1f:49:8c:bb:55:49:fa:ca:8f:
                    e6:7a:2c:40:9c:9d:20:d3:61:e1:a9:2c:67:d2:9c:
                    9b:0d:30:dc:bb:1f:63:1e:5d:76:2e:c0:4b:aa:5d:
                    68:12:31:b5:2f:f9:bb:1c:97:9c:ca:3f:84:e9:87:
                    50:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:28:5A:80:E1:65:55:56:0A:19:93:18:81:A4:A2:80:A3:E1:1D:EA
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MyhagOFlVVYKGZMYgaSigKPhHeo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.21.0/24
                  45.90.16.0/24
                  45.90.19.0/24
                  45.147.224.0/24
                  185.36.205.0/24
                  185.194.177.0/24
                  185.209.73.0/24
                  185.210.233.0/24
                  185.220.249.0/24
                  185.222.29.0/24
                  185.223.80.0/24
                  185.225.0.0/23
                  185.225.22.0/24
                  185.246.112.0/24
                  185.246.115.0/24
                  185.251.229.0/24
                  185.251.231.0/24
                  193.58.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5b:6a:a5:60:00:47:6a:95:91:26:16:61:96:4e:90:1d:b1:93:
         4b:f1:ff:91:92:fb:bf:77:5d:00:9e:b7:c1:62:c7:4f:ea:77:
         f3:3d:2d:cf:1f:44:a5:3a:6b:4b:b5:11:78:9b:2a:20:0f:1b:
         5e:9f:34:f9:96:50:f7:ea:1d:95:dc:55:fb:02:69:90:44:c9:
         e9:11:c2:72:11:c8:e4:d8:f2:fd:a8:0c:b0:84:5a:41:4f:9b:
         cc:94:db:90:ab:15:51:12:10:b4:89:93:22:f0:57:0e:b9:e0:
         1e:eb:88:c7:06:f5:20:1e:c3:9d:48:2b:06:99:ae:04:bf:2e:
         ef:71:b4:bd:93:0f:5f:89:0b:3f:0a:64:cb:17:74:71:3a:e9:
         53:34:7d:52:41:ca:90:94:23:ed:64:04:38:ac:99:b0:4b:ab:
         29:b8:78:48:2d:1e:b9:d1:ad:a4:df:b7:c3:e0:fc:91:0a:10:
         95:64:fb:f4:f3:50:0b:d9:aa:1e:c6:e1:ee:96:70:f4:ea:db:
         9f:64:70:48:5f:36:dc:7b:20:40:af:de:19:4f:05:63:0c:8e:
         4d:a9:21:12:59:93:c7:9b:23:45:05:81:46:08:de:a3:92:91:
         68:de:8a:91:53:78:36:56:17:34:09:a9:88:01:9b:68:8e:09:
         b2:a4:9a:13
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYqTCFD3xWO0TvZu6bU9HgQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTE0MDkzMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzI4NWE4MGUxNjU1NTU2MGExOTkzMTg4MWE0YTI4MGEzZTExZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDwkeP1bWrL/9sgSoS4K6dBvjIbP
PRpd7Kpuseasuvs949Rh9NIhOj4MWsjYnA7KKoSxswh+P0UsSEAawf1O3dA6AvK4
B/qoZqxIjbM7c/thinejs+hrbB8i3BYrv8Cm0R2JXyhT+/FH2bgYa7R89kOpLLdj
rxHO1qGM3AL79LKneB9DV4bmHcGW/7ccFaLbQq9Dw3/vQKoGx8MNjUz4EOicgDHU
KwRhPOGIMw8m6j+2pppRj2qET458VKYx9dfDWsuFFMmgqHkfSYy7VUn6yo/meixA
nJ0g02HhqSxn0pybDTDcux9jHl12LsBLql1oEjG1L/m7HJecyj+E6YdQswIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFDMoWoDhZVVWChmTGIGkooCj4R3qMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTXloYWdPRmxWVllLR1pNWWdhU2lnS1BoSGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC0IFQME
AC1aEAMEAC1aEwMEAC2T4AMEALkkzQMEALnCsQMEALnRSQMEALnS6QMEALnc+QME
ALneHQMEALnfUAMEAbnhAAMEALnhFgMEALn2cAMEALn2cwMEALn75QMEALn75wME
AcE6kjANBgkqhkiG9w0BAQsFAAOCAQEAW2qlYABHapWRJhZhlk6QHbGTS/H/kZL7
v3ddAJ63wWLHT+p38z0tzx9EpTprS7UReJsqIA8bXp80+ZZQ9+odldxV+wJpkETJ
6RHCchHI5Njy/agMsIRaQU+bzJTbkKsVURIQtImTIvBXDrngHuuIxwb1IB7DnUgr
BpmuBL8u73G0vZMPX4kLPwpkyxd0cTrpUzR9UkHKkJQj7WQEOKyZsEurKbh4SC0e
udGtpN+3w+D8kQoQlWT79PNQC9mqHsbh7pZw9Orbn2RwSF823HsgQK/eGU8FYwyO
TakhElmTx5sjRQWBRgjeo5KRaN6KkVN4NlYXNAmpiAGbaI4JsqSaEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org