Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/pSt2ixF8hEj3qR1pwnbbjSdpkfI.roa
File:                     pSt2ixF8hEj3qR1pwnbbjSdpkfI.roa (raw, json)
Hash identifier:          yvP9A6kw5b7pcgkqGxQq5soX1RmK2n/gGICArGGrEX8=
Subject key identifier:   A5:2B:76:8B:11:7C:84:48:F7:A9:1D:69:C2:76:DB:8D:27:69:91:F2
Certificate issuer:       /CN=6afab09168e7cc66b663c6162d5c8d454965cce2
Certificate serial:       0189DE3936D378B20F6142E16B857CDA1318
Authority key identifier: 6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/pSt2ixF8hEj3qR1pwnbbjSdpkfI.roa
Signing time:             Thu 10 Aug 2023 06:53:58 +0000
ROA not before:           Thu 10 Aug 2023 06:53:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203268
IP address blocks:        185.137.245.0/24 maxlen: 24
                          185.137.246.0/24 maxlen: 24
                          185.137.244.0/24 maxlen: 24
                          185.137.247.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:de:39:36:d3:78:b2:0f:61:42:e1:6b:85:7c:da:13:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6afab09168e7cc66b663c6162d5c8d454965cce2
        Validity
            Not Before: Aug 10 06:53:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a52b768b117c8448f7a91d69c276db8d276991f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:c1:2a:f2:90:48:17:d8:b0:90:e2:cb:6d:e0:
                    28:0c:9a:36:0d:a2:7c:85:ff:76:3d:65:fd:89:62:
                    ba:6f:05:9f:83:5f:63:81:19:05:b0:48:0c:02:5b:
                    90:7a:e1:56:ce:ae:95:94:6c:9c:fe:ec:18:41:f6:
                    d4:c5:9a:23:90:5f:a1:86:4f:e9:5a:ea:31:84:7b:
                    21:f5:6c:b5:3e:66:3c:12:cd:ad:ae:3d:78:9a:d2:
                    fd:5a:8e:fd:ce:8a:88:17:3f:5a:f8:c6:ab:21:1e:
                    45:c4:8e:37:b3:59:64:51:b2:82:74:51:d0:69:77:
                    c4:60:2f:c8:fb:df:7e:a4:1c:e4:05:bc:2d:7b:32:
                    2e:82:3e:c8:7e:35:5d:50:e9:4d:43:ca:9c:37:02:
                    6a:a7:2e:cf:6c:7f:ef:5e:e3:6d:12:9d:bb:34:40:
                    c8:3f:c0:82:c1:f5:35:a8:f8:cf:b8:cf:eb:cc:3f:
                    16:ad:87:57:7e:51:4e:21:96:ed:1a:b1:e6:e9:59:
                    28:24:dc:9e:c4:46:42:fe:f4:6b:34:50:e8:26:02:
                    ca:68:12:65:1f:f2:aa:81:6f:ed:25:5a:cb:cf:8a:
                    75:b1:2d:b8:b0:5a:eb:18:f5:ee:62:bd:16:1c:6d:
                    00:2d:97:d9:46:80:dc:64:52:47:f9:7d:14:06:5e:
                    94:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:2B:76:8B:11:7C:84:48:F7:A9:1D:69:C2:76:DB:8D:27:69:91:F2
            X509v3 Authority Key Identifier:
                keyid:6A:FA:B0:91:68:E7:CC:66:B6:63:C6:16:2D:5C:8D:45:49:65:CC:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avqwkWjnzGa2Y8YWLVyNRUllzOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/pSt2ixF8hEj3qR1pwnbbjSdpkfI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/aafcb2-491d-4b80-9168-5f3381b071da/1/avqwkWjnzGa2Y8YWLVyNRUllzOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.137.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         55:fe:ae:61:bf:b2:b0:fa:d5:dc:2e:f5:e8:96:0f:51:fe:f2:
         0c:52:9b:25:df:3a:e0:ee:f3:e3:2a:b3:1d:4f:7b:76:44:fe:
         d2:7d:30:cc:c4:3d:50:5b:e9:71:8a:9a:5e:28:58:ec:33:b1:
         15:d4:63:3b:be:42:fa:8e:4e:fe:5b:21:3a:30:a8:64:4d:fc:
         a8:00:12:4c:a4:59:d7:4d:e8:b9:eb:3e:52:e2:90:2f:85:7b:
         cd:ba:f1:fa:a3:c3:63:74:1d:41:8f:e7:64:b6:ef:14:8d:1b:
         de:94:62:f7:c1:31:9c:1c:79:35:a0:cc:ca:45:81:ec:c2:8a:
         5e:58:76:5d:5c:0d:8b:3a:c5:05:04:63:34:83:a0:34:a7:e6:
         7d:e7:02:4e:49:d2:65:72:b7:19:9d:0d:6c:90:e6:61:32:bc:
         9c:3b:b6:a1:03:63:e2:9a:72:f7:23:72:25:3f:de:d9:b0:95:
         61:8c:06:d4:10:d0:e0:1c:ef:a2:32:55:30:e1:ba:6e:3e:d5:
         da:6f:a8:06:ca:76:9d:7d:d7:23:dc:b8:44:e1:e0:32:d8:18:
         56:d8:02:b7:b5:3b:cd:6c:ed:7f:3b:e3:dd:6e:28:de:84:b5:
         38:01:a8:f6:80:cf:aa:87:53:2e:d2:3f:fc:32:6f:5e:d3:4e:
         2e:19:75:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYneOTbTeLIPYULha4V82hMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZmFiMDkxNjhlN2NjNjZiNjYzYzYxNjJkNWM4ZDQ1NDk2
NWNjZTIwHhcNMjMwODEwMDY1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTJiNzY4YjExN2M4NDQ4ZjdhOTFkNjljMjc2ZGI4ZDI3Njk5MWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMEq8pBIF9iwkOLLbeAoDJo2DaJ8
hf92PWX9iWK6bwWfg19jgRkFsEgMAluQeuFWzq6VlGyc/uwYQfbUxZojkF+hhk/p
WuoxhHsh9Wy1PmY8Es2trj14mtL9Wo79zoqIFz9a+MarIR5FxI43s1lkUbKCdFHQ
aXfEYC/I+99+pBzkBbwtezIugj7IfjVdUOlNQ8qcNwJqpy7PbH/vXuNtEp27NEDI
P8CCwfU1qPjPuM/rzD8WrYdXflFOIZbtGrHm6VkoJNyexEZC/vRrNFDoJgLKaBJl
H/KqgW/tJVrLz4p1sS24sFrrGPXuYr0WHG0ALZfZRoDcZFJH+X0UBl6U1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKUrdosRfIRI96kdacJ2240naZHyMB8GA1UdIwQY
MBaAFGr6sJFo58xmtmPGFi1cjUVJZcziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgt
NWYzMzgxYjA3MWRhLzEvcFN0Mml4RjhoRWozcVIxcHduYmJqU2Rwa2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hYWZjYjItNDkxZC00YjgwLTkxNjgtNWYzMzgxYjA3MWRh
LzEvYXZxd2tXam56R2EyWThZV0xWeU5SVWxsek9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYn0MA0G
CSqGSIb3DQEBCwUAA4IBAQBV/q5hv7Kw+tXcLvXolg9R/vIMUpsl3zrg7vPjKrMd
T3t2RP7SfTDMxD1QW+lxippeKFjsM7EV1GM7vkL6jk7+WyE6MKhkTfyoABJMpFnX
Tei56z5S4pAvhXvNuvH6o8NjdB1Bj+dktu8UjRvelGL3wTGcHHk1oMzKRYHswope
WHZdXA2LOsUFBGM0g6A0p+Z95wJOSdJlcrcZnQ1skOZhMrycO7ahA2PimnL3I3Il
P97ZsJVhjAbUENDgHO+iMlUw4bpuPtXab6gGynadfdcj3LhE4eAy2BhW2AK3tTvN
bO1/O+PdbijehLU4Aaj2gM+qh1Mu0j/8Mm9e004uGXVq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:47 2024 by rpki-client on console-ams.rpki-client.org