Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/Xc-3veMNJRpsN-l0XVldYiKyoyA.roa
File:                     Xc-3veMNJRpsN-l0XVldYiKyoyA.roa (raw, json)
Hash identifier:          5/71uomwofELpoC8ogAKtSatGgZ1ceZAbWdw8RloeKM=
Subject key identifier:   5D:CF:B7:BD:E3:0D:25:1A:6C:37:E9:74:5D:59:5D:62:22:B2:A3:20
Certificate issuer:       /CN=4650c6c02a9bde4e17187f05b0eca950483bf92d
Certificate serial:       0185C972D3BB5E82F45219B78E0B77079B0E
Authority key identifier: 46:50:C6:C0:2A:9B:DE:4E:17:18:7F:05:B0:EC:A9:50:48:3B:F9:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RlDGwCqb3k4XGH8FsOypUEg7-S0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/Xc-3veMNJRpsN-l0XVldYiKyoyA.roa
Signing time:             Thu 19 Jan 2023 09:53:43 +0000
ROA not before:           Thu 19 Jan 2023 09:53:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202743
IP address blocks:        185.155.20.0/22 maxlen: 22
                          188.211.28.0/23 maxlen: 23
                          2a0a:b080::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:c9:72:d3:bb:5e:82:f4:52:19:b7:8e:0b:77:07:9b:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4650c6c02a9bde4e17187f05b0eca950483bf92d
        Validity
            Not Before: Jan 19 09:53:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5dcfb7bde30d251a6c37e9745d595d6222b2a320
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8d:d5:a8:96:d7:a0:c7:6b:66:ad:5c:e1:9e:
                    4d:40:19:ab:ee:57:f0:6d:81:e2:aa:31:0a:88:d9:
                    be:95:22:39:5f:af:2d:34:db:78:65:2b:55:04:0a:
                    fb:b9:60:37:35:53:c1:4c:d6:d1:f6:bb:4e:52:10:
                    f0:a2:c4:a5:40:86:2c:d8:27:be:e6:13:53:dc:05:
                    8b:34:82:88:41:8e:6a:86:bc:6b:09:df:74:3f:4c:
                    29:60:54:4d:cb:42:c1:f2:6a:5b:0a:45:f8:b7:f8:
                    58:a7:93:f9:0b:ca:41:7d:16:bd:ca:23:fa:b5:4f:
                    44:3b:1c:5e:f4:27:d6:ce:5c:02:5c:37:2b:56:77:
                    3a:35:66:cb:4b:49:f0:0b:e0:bc:cd:8b:3c:39:88:
                    e6:74:77:7b:bd:39:5a:77:7d:e6:4b:ad:fb:19:8f:
                    51:f9:fa:e6:6e:d0:bd:4e:fb:b6:98:94:de:55:dd:
                    11:7e:09:d1:ac:e8:3d:53:5a:e5:5f:a1:4e:e1:aa:
                    e5:28:de:56:97:92:ec:ee:4e:04:02:a0:e6:74:d4:
                    83:24:69:9f:37:e6:c1:53:e7:15:97:62:92:41:33:
                    8c:ed:4a:13:2c:0f:15:70:11:a6:3f:73:06:da:a9:
                    96:5e:0e:71:73:f8:76:a2:50:a0:26:1d:78:a3:26:
                    68:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:CF:B7:BD:E3:0D:25:1A:6C:37:E9:74:5D:59:5D:62:22:B2:A3:20
            X509v3 Authority Key Identifier:
                keyid:46:50:C6:C0:2A:9B:DE:4E:17:18:7F:05:B0:EC:A9:50:48:3B:F9:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RlDGwCqb3k4XGH8FsOypUEg7-S0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/Xc-3veMNJRpsN-l0XVldYiKyoyA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/373414-9ce4-46f5-940e-49c24292e9bd/1/RlDGwCqb3k4XGH8FsOypUEg7-S0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.20.0/22
                  188.211.28.0/23
                IPv6:
                  2a0a:b080::/29

    Signature Algorithm: sha256WithRSAEncryption
         05:d2:31:29:b1:1c:0c:dd:2c:68:8d:f8:ac:b2:e6:46:2e:56:
         4d:de:c7:9a:8a:fa:05:ab:ee:07:e1:3b:ff:42:4b:09:4b:d4:
         ac:35:f5:2f:d9:bc:85:dc:56:48:df:64:b9:eb:fb:47:9e:3a:
         cb:7e:ab:83:6a:91:96:a3:b1:a9:94:0d:8a:9c:58:d3:fe:bb:
         20:65:e0:a2:3e:03:d8:5c:80:42:30:3b:f7:15:66:1a:fb:1c:
         69:eb:3e:ca:70:4b:be:6e:67:57:28:8d:bf:17:8f:cd:76:72:
         dd:0a:64:54:a3:e8:f2:fa:04:cf:2b:02:58:31:3f:28:20:8b:
         66:48:af:78:ba:8f:c2:54:9c:e1:15:0b:0e:c5:15:b9:c2:fd:
         f3:7a:d2:21:26:e3:53:66:72:fd:84:95:52:e4:8a:a1:77:fa:
         b7:43:a5:e8:3a:f1:b3:e7:9a:64:41:f5:3b:be:47:52:cb:d4:
         57:46:fa:a7:50:9d:36:f0:06:52:7a:f2:65:15:cb:03:6a:52:
         88:2f:a6:cc:a4:44:73:4e:2b:d7:7e:07:6e:fd:15:5c:11:00:
         a0:84:0b:52:e0:33:65:32:b2:0b:39:51:2f:c9:70:f0:67:b3:
         e8:37:ed:3f:e0:00:ae:4e:4e:15:53:ed:9f:e1:67:aa:a0:8e:
         2e:7e:ce:8e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYXJctO7XoL0Uhm3jgt3B5sOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NTBjNmMwMmE5YmRlNGUxNzE4N2YwNWIwZWNhOTUwNDgz
YmY5MmQwHhcNMjMwMTE5MDk1MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNmYjdiZGUzMGQyNTFhNmMzN2U5NzQ1ZDU5NWQ2MjIyYjJhMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq43VqJbXoMdrZq1c4Z5NQBmr7lfw
bYHiqjEKiNm+lSI5X68tNNt4ZStVBAr7uWA3NVPBTNbR9rtOUhDwosSlQIYs2Ce+
5hNT3AWLNIKIQY5qhrxrCd90P0wpYFRNy0LB8mpbCkX4t/hYp5P5C8pBfRa9yiP6
tU9EOxxe9CfWzlwCXDcrVnc6NWbLS0nwC+C8zYs8OYjmdHd7vTlad33mS637GY9R
+frmbtC9Tvu2mJTeVd0RfgnRrOg9U1rlX6FO4arlKN5Wl5Ls7k4EAqDmdNSDJGmf
N+bBU+cVl2KSQTOM7UoTLA8VcBGmP3MG2qmWXg5xc/h2olCgJh14oyZoOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF3Pt73jDSUabDfpdF1ZXWIisqMgMB8GA1UdIwQY
MBaAFEZQxsAqm95OFxh/BbDsqVBIO/ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmxER3dDcWIzazRYR0g4RnNPeXBVRWc3LVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zNzM0MTQtOWNlNC00NmY1LTk0MGUt
NDljMjQyOTJlOWJkLzEvWGMtM3ZlTU5KUnBzTi1sMFhWbGRZaUt5b3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zNzM0MTQtOWNlNC00NmY1LTk0MGUtNDljMjQyOTJlOWJk
LzEvUmxER3dDcWIzazRYR0g4RnNPeXBVRWc3LVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZsUAwQB
vNMcMA0EAgACMAcDBQMqCrCAMA0GCSqGSIb3DQEBCwUAA4IBAQAF0jEpsRwM3Sxo
jfissuZGLlZN3seaivoFq+4H4Tv/QksJS9SsNfUv2byF3FZI32S56/tHnjrLfquD
apGWo7GplA2KnFjT/rsgZeCiPgPYXIBCMDv3FWYa+xxp6z7KcEu+bmdXKI2/F4/N
dnLdCmRUo+jy+gTPKwJYMT8oIItmSK94uo/CVJzhFQsOxRW5wv3zetIhJuNTZnL9
hJVS5Iqhd/q3Q6XoOvGz55pkQfU7vkdSy9RXRvqnUJ028AZSevJlFcsDalKIL6bM
pERzTivXfgdu/RVcEQCghAtS4DNlMrILOVEvyXDwZ7PoN+0/4ACuTk4VU+2f4Weq
oI4ufs6O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:44 2024 by rpki-client on console-fra.rpki-client.org