Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/14225b-bf95-45c9-8d7b-fc25d455af85/1/2fgymqaRKs4JUrh528WwWyCbh-E.roa
File:                     2fgymqaRKs4JUrh528WwWyCbh-E.roa (raw, json)
Hash identifier:          Zwd+6ohB94NciwzvHgiVTktEy6BQyAGd0ffeGMd3lBg=
Subject key identifier:   D9:F8:32:9A:A6:91:2A:CE:09:52:B8:79:DB:C5:B0:5B:20:9B:87:E1
Certificate issuer:       /CN=5281b841f12769489d5fd343b72ba44f90c96f32
Certificate serial:       018BC872EF4460079CC64127478C80524906
Authority key identifier: 52:81:B8:41:F1:27:69:48:9D:5F:D3:43:B7:2B:A4:4F:90:C9:6F:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UoG4QfEnaUidX9NDtyukT5DJbzI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/14225b-bf95-45c9-8d7b-fc25d455af85/1/2fgymqaRKs4JUrh528WwWyCbh-E.roa
Signing time:             Mon 13 Nov 2023 11:30:57 +0000
ROA not before:           Mon 13 Nov 2023 11:30:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44141
IP address blocks:        91.198.44.0/24 maxlen: 24
                          46.31.40.0/21 maxlen: 21
                          185.13.64.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:c8:72:ef:44:60:07:9c:c6:41:27:47:8c:80:52:49:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5281b841f12769489d5fd343b72ba44f90c96f32
        Validity
            Not Before: Nov 13 11:30:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d9f8329aa6912ace0952b879dbc5b05b209b87e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:8d:b5:e4:cf:2c:56:14:85:19:d3:c5:48:9f:
                    bb:d7:bd:28:18:3d:20:5c:5d:13:bb:10:c5:22:50:
                    e1:c6:c3:79:11:a1:5b:76:c3:e4:a5:e2:d9:22:29:
                    0d:49:90:45:eb:fa:53:30:31:92:5d:dd:6a:8c:87:
                    76:3a:a9:ce:90:00:e7:92:88:01:1b:86:ec:d1:be:
                    84:8c:83:9a:6a:74:17:85:84:76:32:17:68:aa:33:
                    a2:9c:ee:ea:8a:dd:a6:60:09:d8:e3:35:e9:af:ea:
                    35:27:66:7e:ad:02:c0:25:6b:75:e2:64:3f:59:bf:
                    a6:f7:5c:62:73:21:29:e3:87:f4:ce:4d:d1:fd:a2:
                    6e:96:40:7e:e3:00:bb:f1:08:97:09:67:96:29:d4:
                    ba:fd:e0:bf:65:dc:12:01:2a:46:94:3a:08:c6:47:
                    ce:eb:4f:09:a6:f4:c0:6b:d1:2e:b3:d8:63:57:af:
                    62:18:3a:ca:bc:3f:3d:79:20:98:67:95:f5:c5:ba:
                    6e:8d:6c:c7:81:e5:e2:f7:cd:8e:2b:a5:80:82:48:
                    45:2e:40:a5:b9:88:53:cd:be:91:46:0c:a2:7a:58:
                    0c:fe:a1:26:64:a6:4c:bc:b1:23:54:8f:9f:86:0c:
                    e7:57:d4:f7:8c:5b:c6:cd:05:9a:ee:2c:cb:a6:6d:
                    9d:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:F8:32:9A:A6:91:2A:CE:09:52:B8:79:DB:C5:B0:5B:20:9B:87:E1
            X509v3 Authority Key Identifier:
                keyid:52:81:B8:41:F1:27:69:48:9D:5F:D3:43:B7:2B:A4:4F:90:C9:6F:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UoG4QfEnaUidX9NDtyukT5DJbzI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/14225b-bf95-45c9-8d7b-fc25d455af85/1/2fgymqaRKs4JUrh528WwWyCbh-E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/14225b-bf95-45c9-8d7b-fc25d455af85/1/UoG4QfEnaUidX9NDtyukT5DJbzI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.31.40.0/21
                  91.198.44.0/24
                  185.13.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:5f:59:8e:04:27:de:25:58:3e:c2:90:7a:a4:13:7f:aa:02:
         4a:7f:4c:f9:92:ca:8a:c1:80:aa:00:47:0a:25:39:14:a7:2f:
         83:69:50:ad:c3:b6:62:c0:aa:a6:2a:06:50:39:12:2d:d7:15:
         bf:a8:4a:af:35:9f:cf:03:bd:f5:e9:11:10:88:d5:02:8f:11:
         77:85:a5:7f:48:43:53:b3:b2:0a:86:15:21:e4:84:84:2a:bb:
         c7:70:b7:bc:a9:6a:dd:b6:7e:2c:d4:25:d4:eb:c9:05:3f:de:
         49:50:2e:70:58:5e:05:0c:c6:a7:4e:e1:66:75:12:09:a0:c2:
         4f:43:39:a8:c6:a8:3e:64:60:11:c9:41:92:f8:18:f8:67:34:
         bd:a2:5a:79:df:e9:5f:83:2e:54:8a:ed:5b:8d:aa:42:30:b7:
         0c:b2:12:79:39:e0:25:17:85:9b:75:f5:03:79:15:18:cd:0f:
         2e:de:d9:9f:9f:c7:3e:1a:43:b3:04:3e:a2:05:49:29:1e:2b:
         69:39:b1:f6:60:05:48:d3:aa:18:76:f3:62:f9:08:a5:be:b4:
         2a:27:07:2e:1f:1c:82:ae:58:6d:0a:da:f3:93:11:0c:10:50:
         3f:d1:fc:46:18:3e:e4:dd:d5:c3:7c:4b:a8:36:4e:0c:f3:99:
         42:9a:28:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvIcu9EYAecxkEnR4yAUkkGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyODFiODQxZjEyNzY5NDg5ZDVmZDM0M2I3MmJhNDRmOTBj
OTZmMzIwHhcNMjMxMTEzMTEzMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWY4MzI5YWE2OTEyYWNlMDk1MmI4NzlkYmM1YjA1YjIwOWI4N2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4215M8sVhSFGdPFSJ+7170oGD0g
XF0TuxDFIlDhxsN5EaFbdsPkpeLZIikNSZBF6/pTMDGSXd1qjId2OqnOkADnkogB
G4bs0b6EjIOaanQXhYR2MhdoqjOinO7qit2mYAnY4zXpr+o1J2Z+rQLAJWt14mQ/
Wb+m91xicyEp44f0zk3R/aJulkB+4wC78QiXCWeWKdS6/eC/ZdwSASpGlDoIxkfO
608JpvTAa9Eus9hjV69iGDrKvD89eSCYZ5X1xbpujWzHgeXi982OK6WAgkhFLkCl
uYhTzb6RRgyielgM/qEmZKZMvLEjVI+fhgznV9T3jFvGzQWa7izLpm2dFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNn4MpqmkSrOCVK4edvFsFsgm4fhMB8GA1UdIwQY
MBaAFFKBuEHxJ2lInV/TQ7crpE+QyW8yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW9HNFFmRW5hVWlkWDlORHR5dWtUNURKYnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xNDIyNWItYmY5NS00NWM5LThkN2It
ZmMyNWQ0NTVhZjg1LzEvMmZneW1xYVJLczRKVXJoNTI4V3dXeUNiaC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xNDIyNWItYmY5NS00NWM5LThkN2ItZmMyNWQ0NTVhZjg1
LzEvVW9HNFFmRW5hVWlkWDlORHR5dWtUNURKYnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLh8oAwQA
W8YsAwQCuQ1AMA0GCSqGSIb3DQEBCwUAA4IBAQAbX1mOBCfeJVg+wpB6pBN/qgJK
f0z5ksqKwYCqAEcKJTkUpy+DaVCtw7ZiwKqmKgZQORIt1xW/qEqvNZ/PA7316REQ
iNUCjxF3haV/SENTs7IKhhUh5ISEKrvHcLe8qWrdtn4s1CXU68kFP95JUC5wWF4F
DManTuFmdRIJoMJPQzmoxqg+ZGARyUGS+Bj4ZzS9olp53+lfgy5Uiu1bjapCMLcM
shJ5OeAlF4WbdfUDeRUYzQ8u3tmfn8c+GkOzBD6iBUkpHitpObH2YAVI06oYdvNi
+QilvrQqJwcuHxyCrlhtCtrzkxEMEFA/0fxGGD7k3dXDfEuoNk4M85lCmii5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:30 2024 by rpki-client on console-ams.rpki-client.org