Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/STFCm5lrQKdvb3PK1ftxtcmT8Yw.roa
File:                     STFCm5lrQKdvb3PK1ftxtcmT8Yw.roa (raw, json)
Hash identifier:          4NlWDXZ7I2ONkRwXjWuwQNbXTvMHzZPZNhjnOP9GId0=
Subject key identifier:   49:31:42:9B:99:6B:40:A7:6F:6F:73:CA:D5:FB:71:B5:C9:93:F1:8C
Certificate issuer:       /CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
Certificate serial:       0185701EE8DD23429B21D442E4A6779730F5
Authority key identifier: C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/STFCm5lrQKdvb3PK1ftxtcmT8Yw.roa
Signing time:             Mon 02 Jan 2023 01:35:51 +0000
ROA not before:           Mon 02 Jan 2023 01:35:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        89.35.57.0/24 maxlen: 24
                          185.122.223.0/24 maxlen: 24
                          89.42.31.0/24 maxlen: 24
                          93.119.178.0/24 maxlen: 24
                          93.119.179.0/24 maxlen: 24
                          93.119.180.0/24 maxlen: 24
                          93.119.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:1e:e8:dd:23:42:9b:21:d4:42:e4:a6:77:97:30:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c0591e2eb49d0559e6fce7ee2aa81f0f59ba6f
        Validity
            Not Before: Jan  2 01:35:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4931429b996b40a76f6f73cad5fb71b5c993f18c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:cf:78:05:e9:07:b0:61:38:00:ce:92:c3:d4:
                    67:26:70:c4:31:32:6f:52:51:a4:b7:99:33:ef:bf:
                    5a:a9:2b:78:59:bb:65:de:64:4f:32:ea:5d:52:40:
                    3d:81:a1:07:e1:99:03:a2:9f:5c:f9:70:39:49:97:
                    17:6e:36:60:28:b2:95:bd:b2:a1:a6:3d:fd:3e:6b:
                    03:0a:66:52:15:1d:44:c4:da:44:34:0b:3d:d8:25:
                    97:a9:89:d3:24:af:41:f4:6b:bf:13:d5:30:fe:87:
                    26:10:f2:04:30:5c:f0:8b:ea:7d:af:90:87:14:37:
                    4b:fe:73:6a:47:28:2e:3d:d4:9f:b0:76:03:cf:d5:
                    1b:f3:84:4c:4f:e5:b0:f9:47:6f:57:42:45:f2:8f:
                    55:c6:78:03:c9:24:09:e8:4d:45:8b:05:39:f0:27:
                    04:87:49:99:d6:e9:65:c6:f0:ac:49:8f:15:d8:f9:
                    64:ce:92:41:d0:04:b4:45:ab:a7:81:0d:80:6e:5f:
                    8c:8e:e3:ac:ba:53:a5:80:ed:b3:6a:02:ca:ea:11:
                    79:22:ff:74:86:b8:4f:72:05:e6:f9:9b:98:bc:36:
                    2c:57:01:66:c5:87:74:8e:a2:ee:96:8a:2f:de:de:
                    e8:a8:5c:b5:d5:84:0d:57:8a:a4:21:97:41:66:64:
                    7d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:31:42:9B:99:6B:40:A7:6F:6F:73:CA:D5:FB:71:B5:C9:93:F1:8C
            X509v3 Authority Key Identifier:
                keyid:C3:C0:59:1E:2E:B4:9D:05:59:E6:FC:E7:EE:2A:A8:1F:0F:59:BA:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8BZHi60nQVZ5vzn7iqoHw9Zum8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/STFCm5lrQKdvb3PK1ftxtcmT8Yw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/4b8aab-2099-43af-b41d-e3407174663b/1/w8BZHi60nQVZ5vzn7iqoHw9Zum8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.35.57.0/24
                  89.42.31.0/24
                  93.119.178.0-93.119.181.255
                  185.122.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:2f:11:a9:02:7a:41:bb:ab:4b:94:b8:c2:24:25:4d:2a:eb:
         a1:cd:7c:77:c4:4b:a1:9d:34:2e:ce:f6:3b:83:ad:a5:02:fa:
         18:b3:ae:b0:d5:e8:11:de:a2:07:f1:49:90:10:69:fd:58:08:
         11:3f:1a:86:de:60:91:8f:e7:e2:b2:2f:a9:e2:b0:81:e9:33:
         44:06:1e:50:60:a7:86:65:4f:89:d0:25:51:86:1a:b1:33:2f:
         3f:da:25:04:db:eb:cc:34:9f:39:f2:ba:c7:5a:8d:f5:36:df:
         46:2f:9b:7f:ac:e6:2c:55:04:7f:53:7e:60:ed:3a:42:91:67:
         6b:94:6f:60:70:42:f7:5f:f8:3e:5a:7a:92:bb:de:f4:57:33:
         24:c2:0c:57:04:19:52:48:8f:65:6c:e2:bf:b0:8b:a4:05:78:
         45:00:6c:dd:31:fd:c3:11:ec:b5:e8:3e:8b:f9:26:b7:f7:5c:
         a6:74:4d:b0:4c:93:4c:23:69:fa:e9:1a:96:fe:98:80:75:72:
         3e:f9:db:a1:b3:02:7c:6a:f1:e9:d3:27:89:f6:df:b3:48:0b:
         5d:77:10:29:83:52:09:25:d2:e4:cc:e1:c3:26:3b:f8:21:31:
         a8:dd:8e:1b:82:04:17:5e:e9:de:0d:e7:f4:99:7e:26:83:dc:
         05:85:16:af
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVwHujdI0KbIdRC5KZ3lzD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzA1OTFlMmViNDlkMDU1OWU2ZmNlN2VlMmFhODFmMGY1
OWJhNmYwHhcNMjMwMTAyMDEzNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTMxNDI5Yjk5NmI0MGE3NmY2ZjczY2FkNWZiNzFiNWM5OTNmMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlc94BekHsGE4AM6Sw9RnJnDEMTJv
UlGkt5kz779aqSt4Wbtl3mRPMupdUkA9gaEH4ZkDop9c+XA5SZcXbjZgKLKVvbKh
pj39PmsDCmZSFR1ExNpENAs92CWXqYnTJK9B9Gu/E9Uw/ocmEPIEMFzwi+p9r5CH
FDdL/nNqRyguPdSfsHYDz9Ub84RMT+Ww+UdvV0JF8o9VxngDySQJ6E1FiwU58CcE
h0mZ1ullxvCsSY8V2PlkzpJB0AS0RaungQ2Abl+MjuOsulOlgO2zagLK6hF5Iv90
hrhPcgXm+ZuYvDYsVwFmxYd0jqLuloov3t7oqFy11YQNV4qkIZdBZmR9ewIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEkxQpuZa0Cnb29zytX7cbXJk/GMMB8GA1UdIwQY
MBaAFMPAWR4utJ0FWeb85+4qqB8PWbpvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhCWkhpNjBuUVZaNXZ6bjdpcW9IdzladW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80YjhhYWItMjA5OS00M2FmLWI0MWQt
ZTM0MDcxNzQ2NjNiLzEvU1RGQ201bHJRS2R2YjNQSzFmdHh0Y21UOFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80YjhhYWItMjA5OS00M2FmLWI0MWQtZTM0MDcxNzQ2NjNi
LzEvdzhCWkhpNjBuUVZaNXZ6bjdpcW9IdzladW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWSM5AwQA
WSofMAwDBAFdd7IDBAFdd7QDBAC5et8wDQYJKoZIhvcNAQELBQADggEBABEvEakC
ekG7q0uUuMIkJU0q66HNfHfES6GdNC7O9juDraUC+hizrrDV6BHeogfxSZAQaf1Y
CBE/GobeYJGP5+KyL6nisIHpM0QGHlBgp4ZlT4nQJVGGGrEzLz/aJQTb68w0nzny
usdajfU230Yvm3+s5ixVBH9TfmDtOkKRZ2uUb2BwQvdf+D5aepK73vRXMyTCDFcE
GVJIj2Vs4r+wi6QFeEUAbN0x/cMR7LXoPov5Jrf3XKZ0TbBMk0wjafrpGpb+mIB1
cj7526GzAnxq8enTJ4n237NIC113ECmDUgkl0uTM4cMmO/ghMajdjhuCBBde6d4N
5/SZfiaD3AWFFq8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:38 2024 by rpki-client on console-fra.rpki-client.org