Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/E4Lrtfu2kyNbZqZYikCfdNjfMMw.roa
File:                     E4Lrtfu2kyNbZqZYikCfdNjfMMw.roa (raw, json)
Hash identifier:          N9lfNzeeW+sWwiWbjanDgTCUVh3CRGJYvl40JTbo/Nk=
Subject key identifier:   13:82:EB:B5:FB:B6:93:23:5B:66:A6:58:8A:40:9F:74:D8:DF:30:CC
Certificate issuer:       /CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Certificate serial:       0189D9A297AD9051A86C18FD8210059294C4
Authority key identifier: 6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/E4Lrtfu2kyNbZqZYikCfdNjfMMw.roa
Signing time:             Wed 09 Aug 2023 09:30:58 +0000
ROA not before:           Wed 09 Aug 2023 09:30:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203268
IP address blocks:        185.137.246.0/24 maxlen: 24
                          185.137.244.0/24 maxlen: 24
                          185.137.247.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 10 Aug 2023 06:53:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d9:a2:97:ad:90:51:a8:6c:18:fd:82:10:05:92:94:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6afab09168e7cc66b663c6162d5c8d454965cce2
        Validity
            Not Before: Aug  9 09:30:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1382ebb5fbb693235b66a6588a409f74d8df30cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c8:69:65:cf:ab:62:1b:c5:ca:6e:82:b2:10:
                    4e:75:c9:8f:d5:14:77:cf:1a:74:bb:72:aa:52:9a:
                    cc:b1:d5:95:5c:08:3f:39:69:83:80:61:46:ff:8e:
                    37:30:a1:85:f9:16:27:60:15:a8:e1:a9:b3:b5:f2:
                    7a:88:fc:d0:54:4d:f1:49:20:26:71:e4:86:4f:8a:
                    b4:e2:d8:03:e6:6d:83:0a:0f:22:bb:1e:63:18:d2:
                    9d:93:0f:c4:b5:69:22:69:82:1c:e4:8c:1c:1b:2c:
                    85:f9:10:08:50:e6:b6:d7:f1:08:fd:d8:fb:ab:27:
                    84:9f:b4:fd:f5:78:1c:cf:87:dd:f0:8f:0a:cf:f7:
                    d1:91:dd:39:e7:a1:34:55:9a:5b:91:ab:0c:b5:d7:
                    d9:71:f4:8c:84:c8:21:30:58:de:48:26:52:ec:f1:
                    31:eb:6b:16:15:24:f1:f1:44:03:b5:61:45:c1:06:
                    c0:0d:a2:35:12:9b:f0:51:23:52:6b:ed:cf:8e:f0:
                    5c:a0:28:d4:f9:0b:57:b9:fc:87:dc:8f:9a:f1:f1:
                    e6:fd:13:f6:8a:7e:5d:ba:54:81:93:8b:3e:c4:12:
                    71:8b:50:f3:54:0f:4e:7b:93:c5:8c:5d:ff:40:08:
                    49:0b:8a:d7:66:f2:2a:00:4e:0f:92:1e:b8:13:da:
                    66:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:82:EB:B5:FB:B6:93:23:5B:66:A6:58:8A:40:9F:74:D8:DF:30:CC
            X509v3 Authority Key Identifier:
                keyid:6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/E4Lrtfu2kyNbZqZYikCfdNjfMMw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.244.0/24
                  185.137.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         f3:6a:12:8e:c1:6b:ed:f6:61:f5:82:3e:07:52:54:b1:78:0c:
         6a:a9:7c:6d:c6:11:a4:d3:9f:95:9c:f0:83:fe:d2:2d:c8:47:
         aa:75:e0:31:a4:dd:9f:51:17:71:fa:00:79:b2:6e:aa:3d:c4:
         6d:d0:e8:67:1e:3b:01:e8:c0:99:37:05:eb:e6:d5:72:b5:09:
         1e:be:e9:00:b3:28:f8:89:77:79:32:b8:99:56:81:28:9d:02:
         a7:96:6f:5f:c8:41:7e:6e:91:be:e7:66:2f:aa:0c:85:d3:84:
         81:66:4a:82:26:72:61:37:64:c5:ad:b5:1b:72:1d:e6:f9:5d:
         ad:b5:f6:47:e8:50:38:9a:e3:d6:3e:8e:c3:5d:2c:40:cf:e9:
         8e:c0:d8:10:e1:bc:40:b6:a9:9a:d0:68:1d:e7:1b:da:f2:b1:
         25:7c:55:ba:22:58:2b:1d:67:15:7a:95:fe:16:57:13:50:fc:
         6e:7d:74:a2:7b:b3:2d:27:b7:02:e1:98:22:e7:6c:db:fc:75:
         c9:22:89:7a:45:80:ee:08:aa:9a:86:41:54:59:28:2d:a6:83:
         9c:07:9d:0f:5a:e2:eb:ba:6b:83:d7:04:17:3e:a8:a9:fd:b3:
         b6:cb:96:bc:54:c6:81:28:93:bf:80:cb:b6:be:1b:aa:45:a4:
         36:c9:42:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnZopetkFGobBj9ghAFkpTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZmFiMDkxNjhlN2NjNjZiNjYzYzYxNjJkNWM4ZDQ1NDk2
NWNjZTIwHhcNMjMwODA5MDkzMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzgyZWJiNWZiYjY5MzIzNWI2NmE2NTg4YTQwOWY3NGQ4ZGYzMGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MhpZc+rYhvFym6CshBOdcmP1RR3
zxp0u3KqUprMsdWVXAg/OWmDgGFG/443MKGF+RYnYBWo4amztfJ6iPzQVE3xSSAm
ceSGT4q04tgD5m2DCg8iux5jGNKdkw/EtWkiaYIc5IwcGyyF+RAIUOa21/EI/dj7
qyeEn7T99Xgcz4fd8I8Kz/fRkd0556E0VZpbkasMtdfZcfSMhMghMFjeSCZS7PEx
62sWFSTx8UQDtWFFwQbADaI1EpvwUSNSa+3PjvBcoCjU+QtXufyH3I+a8fHm/RP2
in5dulSBk4s+xBJxi1DzVA9Oe5PFjF3/QAhJC4rXZvIqAE4Pkh64E9pmZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBOC67X7tpMjW2amWIpAn3TY3zDMMB8GA1UdIwQY
MBaAFGr6sJFo58xmtmPGFi1cjUVJZcziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgt
NWYzMzgxYjA3MWRhLzEvRTRMcnRmdTJreU5iWnFaWWlrQ2ZkTmpmTU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgtNWYzMzgxYjA3MWRh
LzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuYn0AwQB
uYn2MA0GCSqGSIb3DQEBCwUAA4IBAQDzahKOwWvt9mH1gj4HUlSxeAxqqXxtxhGk
05+VnPCD/tItyEeqdeAxpN2fURdx+gB5sm6qPcRt0OhnHjsB6MCZNwXr5tVytQke
vukAsyj4iXd5MriZVoEonQKnlm9fyEF+bpG+52YvqgyF04SBZkqCJnJhN2TFrbUb
ch3m+V2ttfZH6FA4muPWPo7DXSxAz+mOwNgQ4bxAtqma0Ggd5xva8rElfFW6Ilgr
HWcVepX+FlcTUPxufXSie7MtJ7cC4Zgi52zb/HXJIol6RYDuCKqahkFUWSgtpoOc
B50PWuLrumuD1wQXPqip/bO2y5a8VMaBKJO/gMu2vhuqRaQ2yUJN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:47 2024 by rpki-client on console-ams.rpki-client.org