Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/55a74f-49ca-4a63-9eda-517eff908975/1/1-POW19-RCziiU-Dwzj5g3z2bxBA.roa
File:                     1-POW19-RCziiU-Dwzj5g3z2bxBA.roa (raw, json)
Hash identifier:          dA5fKjrU2f66ch2FNIDQ8JoTv7Zg+UIhyyo2R5Y09eI=
Subject key identifier:   F8:F3:96:D7:DF:91:0B:38:A2:53:E0:F0:CE:3E:60:DF:3D:9B:C4:10
Certificate issuer:       /CN=be125cad7dd4c5f0201ee2a21deac387366981c4
Certificate serial:       01856F4B4BCF97AD2AB1B577B8E554E3C961
Authority key identifier: BE:12:5C:AD:7D:D4:C5:F0:20:1E:E2:A2:1D:EA:C3:87:36:69:81:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vhJcrX3UxfAgHuKiHerDhzZpgcQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/55a74f-49ca-4a63-9eda-517eff908975/1/1-POW19-RCziiU-Dwzj5g3z2bxBA.roa
Signing time:             Sun 01 Jan 2023 21:44:43 +0000
ROA not before:           Sun 01 Jan 2023 21:44:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41202
IP address blocks:        185.183.240.0/22 maxlen: 22
                          185.183.240.0/23 maxlen: 23
                          185.183.240.0/24 maxlen: 24
                          185.183.242.0/23 maxlen: 23
                          37.110.208.0/24 maxlen: 24
                          37.110.210.0/24 maxlen: 24
                          37.110.212.0/22 maxlen: 22
                          37.110.208.0/22 maxlen: 22
                          37.110.208.0/21 maxlen: 21
                          37.110.215.0/24 maxlen: 24
                          37.110.214.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:4b:cf:97:ad:2a:b1:b5:77:b8:e5:54:e3:c9:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=be125cad7dd4c5f0201ee2a21deac387366981c4
        Validity
            Not Before: Jan  1 21:44:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f8f396d7df910b38a253e0f0ce3e60df3d9bc410
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:9a:3c:40:13:6a:ab:f9:79:16:86:78:bd:f9:
                    be:4d:19:e5:66:f3:b3:66:75:5e:5d:3c:b6:1d:a6:
                    dc:2d:63:4c:3e:f3:e9:f9:63:60:8f:66:a8:5d:16:
                    0e:34:ec:7e:2a:52:76:ae:a1:e8:42:c2:3c:75:1a:
                    95:88:78:46:51:13:37:8d:24:16:30:3a:16:ef:5b:
                    52:cf:d9:fb:2f:32:22:f3:38:e6:54:3f:c4:ea:e8:
                    ce:eb:97:24:9a:92:c9:1c:1d:c8:db:a8:e2:45:fe:
                    a1:10:b6:4d:22:73:90:46:d0:31:12:ab:f6:b9:c7:
                    1c:e9:f4:ee:35:49:29:75:d0:eb:1f:2e:6a:ad:9a:
                    8e:05:c2:97:cd:d5:b2:81:d1:f7:72:dd:b7:1a:90:
                    fa:ee:cc:3a:33:1d:e9:06:bc:e1:51:b3:29:f7:54:
                    1e:43:46:e4:c4:64:19:ff:15:ca:2d:97:c1:1b:87:
                    3e:50:aa:30:39:4f:65:71:4d:5b:ed:0c:92:fc:56:
                    7e:b4:37:18:ad:ec:43:8f:99:70:2c:06:76:12:b2:
                    fe:39:51:6a:cf:96:1f:f1:57:2f:77:7a:51:a5:80:
                    51:d8:e1:9a:8b:bb:8b:1d:6c:fb:fe:e1:8a:72:92:
                    18:15:b6:6c:ad:c2:d9:f2:77:d0:f6:11:f9:93:e5:
                    38:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:F3:96:D7:DF:91:0B:38:A2:53:E0:F0:CE:3E:60:DF:3D:9B:C4:10
            X509v3 Authority Key Identifier:
                keyid:BE:12:5C:AD:7D:D4:C5:F0:20:1E:E2:A2:1D:EA:C3:87:36:69:81:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhJcrX3UxfAgHuKiHerDhzZpgcQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55a74f-49ca-4a63-9eda-517eff908975/1/1-POW19-RCziiU-Dwzj5g3z2bxBA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55a74f-49ca-4a63-9eda-517eff908975/1/vhJcrX3UxfAgHuKiHerDhzZpgcQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.110.208.0/21
                  185.183.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         17:63:af:5a:19:c7:e2:97:18:88:00:ee:e4:5b:4f:55:1c:d3:
         64:58:f9:44:2a:22:4a:36:f4:21:9e:05:e6:6e:3f:87:6c:d4:
         72:8b:70:06:c5:60:b2:ce:2e:e6:8f:b2:65:91:92:48:37:00:
         78:c2:e5:8e:25:c8:46:02:b0:b5:5b:6d:9c:6e:bc:6e:9d:d9:
         db:4f:5d:8f:32:96:b8:25:ab:ef:7b:56:bf:f3:8e:4d:e2:1e:
         38:f5:5e:ba:16:f4:12:e9:28:4f:74:df:00:77:e1:82:39:c0:
         46:fd:a0:28:ec:31:f6:2d:34:f5:8f:97:3f:65:8e:94:a9:ba:
         db:44:a6:d9:c4:3b:96:35:4b:18:86:6b:30:59:f4:20:06:3c:
         91:64:9f:38:6d:a9:37:7c:95:f1:be:21:03:be:ea:f4:c2:0f:
         92:36:e7:cd:23:23:c4:ea:a7:b1:28:db:c2:91:63:37:49:fd:
         e8:3a:81:60:36:5a:7f:73:3a:84:27:67:33:6d:81:2c:8f:68:
         16:47:26:95:be:2b:aa:f1:e5:38:4d:3b:72:ce:ae:dc:1f:08:
         42:af:d1:e5:b8:c7:aa:86:4c:f1:33:68:39:78:cd:7b:c8:8f:
         52:db:cd:ba:c9:23:37:af:c3:8e:00:cd:2f:05:bd:f7:8b:b1:
         d0:75:7f:88
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVvS0vPl60qsbV3uOVU48lhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMTI1Y2FkN2RkNGM1ZjAyMDFlZTJhMjFkZWFjMzg3MzY2
OTgxYzQwHhcNMjMwMTAxMjE0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGYzOTZkN2RmOTEwYjM4YTI1M2UwZjBjZTNlNjBkZjNkOWJjNDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopo8QBNqq/l5FoZ4vfm+TRnlZvOz
ZnVeXTy2HabcLWNMPvPp+WNgj2aoXRYONOx+KlJ2rqHoQsI8dRqViHhGURM3jSQW
MDoW71tSz9n7LzIi8zjmVD/E6ujO65ckmpLJHB3I26jiRf6hELZNInOQRtAxEqv2
uccc6fTuNUkpddDrHy5qrZqOBcKXzdWygdH3ct23GpD67sw6Mx3pBrzhUbMp91Qe
Q0bkxGQZ/xXKLZfBG4c+UKowOU9lcU1b7QyS/FZ+tDcYrexDj5lwLAZ2ErL+OVFq
z5Yf8Vcvd3pRpYBR2OGai7uLHWz7/uGKcpIYFbZsrcLZ8nfQ9hH5k+U4SQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPjzltffkQs4olPg8M4+YN89m8QQMB8GA1UdIwQY
MBaAFL4SXK191MXwIB7ioh3qw4c2aYHEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmhKY3JYM1V4ZkFnSHVLaUhlckRoelpwZ2NRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81NWE3NGYtNDljYS00YTYzLTllZGEt
NTE3ZWZmOTA4OTc1LzEvMS1QT1cxOS1SQ3ppaVUtRHd6ajVnM3oyYnhCQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDcvNTVhNzRmLTQ5Y2EtNGE2My05ZWRhLTUxN2VmZjkwODk3
NS8xL3ZoSmNyWDNVeGZBZ0h1S2lIZXJEaHpacGdjUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAyVu0AME
Arm38DANBgkqhkiG9w0BAQsFAAOCAQEAF2OvWhnH4pcYiADu5FtPVRzTZFj5RCoi
Sjb0IZ4F5m4/h2zUcotwBsVgss4u5o+yZZGSSDcAeMLljiXIRgKwtVttnG68bp3Z
209djzKWuCWr73tWv/OOTeIeOPVeuhb0EukoT3TfAHfhgjnARv2gKOwx9i009Y+X
P2WOlKm620Sm2cQ7ljVLGIZrMFn0IAY8kWSfOG2pN3yV8b4hA77q9MIPkjbnzSMj
xOqnsSjbwpFjN0n96DqBYDZaf3M6hCdnM22BLI9oFkcmlb4rqvHlOE07cs6u3B8I
Qq/R5bjHqoZM8TNoOXjNe8iPUtvNuskjN6/DjgDNLwW994ux0HV/iA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:38 2024 by rpki-client on console-fra.rpki-client.org