Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/nCjghDSegrUHUO80nP9ygY_aIPc.roa
File:                     nCjghDSegrUHUO80nP9ygY_aIPc.roa (raw, json)
Hash identifier:          snlbNOZUbwgPeQDLqDNHGN4LGfNhaaW4qZxmIkpgko4=
Subject key identifier:   9C:28:E0:84:34:9E:82:B5:07:50:EF:34:9C:FF:72:81:8F:DA:20:F7
Certificate issuer:       /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial:       018E3757CE40C1BEAAC350CF78768088C714
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/nCjghDSegrUHUO80nP9ygY_aIPc.roa
Signing time:             Wed 13 Mar 2024 10:24:45 +0000
ROA not before:           Wed 13 Mar 2024 10:24:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29119
IP address blocks:        185.189.224.0/24 maxlen: 24
                          185.198.51.0/24 maxlen: 24
                          195.245.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Jun 2024 16:03:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:37:57:ce:40:c1:be:aa:c3:50:cf:78:76:80:88:c7:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
        Validity
            Not Before: Mar 13 10:24:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9c28e084349e82b50750ef349cff72818fda20f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:55:6e:60:23:f5:c6:05:27:ac:21:3d:ef:2c:
                    8b:db:c4:fb:02:23:94:01:1f:b5:11:6c:fa:e3:07:
                    80:a4:d5:86:eb:e5:14:b5:4f:7a:ea:c5:39:01:63:
                    aa:4f:dc:9a:7a:9d:c5:34:0c:ad:8d:77:2c:9d:63:
                    f0:2b:0e:65:8b:1d:3d:8c:62:62:a8:bb:1b:63:06:
                    9b:b8:71:dd:f3:49:d8:26:87:26:11:8c:0c:68:f4:
                    26:23:8c:11:c6:43:4a:c1:0f:54:87:5d:87:ab:fa:
                    62:14:7f:2f:84:a9:12:3b:68:90:ed:62:75:71:db:
                    1a:89:aa:af:9e:7e:e1:2c:ba:0e:12:91:d7:55:54:
                    26:ba:54:a4:38:75:68:fb:9b:b3:73:08:41:5d:e2:
                    97:84:e7:44:a1:96:2d:58:5b:2d:bf:3c:2b:5e:ba:
                    8e:53:8c:e3:ba:10:51:2d:23:5a:40:c8:ce:a9:bf:
                    2e:09:1d:79:83:4c:55:c3:33:be:37:4b:4b:87:e8:
                    4f:bb:f6:b7:18:0b:a3:e8:56:e4:2c:bb:b7:a9:f3:
                    8a:5b:5d:0c:b4:d9:29:8e:db:6e:f6:f1:eb:ad:4b:
                    ac:41:b5:79:f4:24:e5:e8:bd:fb:84:22:88:69:62:
                    0c:3d:e8:f5:80:e8:9f:8e:de:9c:02:d0:26:4b:ab:
                    f1:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:28:E0:84:34:9E:82:B5:07:50:EF:34:9C:FF:72:81:8F:DA:20:F7
            X509v3 Authority Key Identifier:
                keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/nCjghDSegrUHUO80nP9ygY_aIPc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.189.224.0/24
                  185.198.51.0/24
                  195.245.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:a4:a5:84:e8:fe:2d:e9:33:a8:67:e2:00:73:54:42:dd:ad:
         ba:12:8f:17:6b:bf:91:ea:2f:3f:bc:1b:64:b2:87:59:3c:a8:
         9d:54:92:a2:e5:61:56:2a:93:e7:ae:38:44:35:e4:fe:e4:34:
         6c:63:0c:cb:db:26:73:ec:62:45:ee:9b:62:a7:a8:0b:b3:53:
         51:00:f0:b7:ee:d0:2f:0e:bb:e1:3f:2c:04:9d:de:94:fc:93:
         13:15:eb:db:a2:e4:c3:46:87:4a:0e:3c:bb:0a:a7:e6:fd:e2:
         72:b2:4d:85:22:21:0e:b9:29:e1:56:80:f8:3e:b1:4a:ff:7d:
         05:56:b0:3d:48:82:0a:26:40:55:91:7e:94:60:da:01:79:24:
         2f:1a:bb:5c:fa:fd:cb:3f:87:2d:20:23:c0:54:c3:9d:61:35:
         23:43:c2:80:7d:56:35:6d:2f:64:5b:4a:a9:95:7d:e5:fe:a5:
         a7:12:68:69:c4:b1:d9:e3:35:c0:63:ca:b8:15:62:ba:6a:71:
         72:4b:86:79:62:6c:8b:c7:28:dd:45:49:a4:55:2a:c2:82:2f:
         79:71:78:17:30:ed:9a:99:84:3e:79:76:66:8b:32:fa:84:47:
         e4:0b:1e:22:58:65:db:34:5e:cd:94:4f:30:a5:b3:c0:78:e8:
         36:33:5b:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY43V85Awb6qw1DPeHaAiMcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjQwMzEzMTAyNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI4ZTA4NDM0OWU4MmI1MDc1MGVmMzQ5Y2ZmNzI4MThmZGEyMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFVuYCP1xgUnrCE97yyL28T7AiOU
AR+1EWz64weApNWG6+UUtU966sU5AWOqT9yaep3FNAytjXcsnWPwKw5lix09jGJi
qLsbYwabuHHd80nYJocmEYwMaPQmI4wRxkNKwQ9Uh12Hq/piFH8vhKkSO2iQ7WJ1
cdsaiaqvnn7hLLoOEpHXVVQmulSkOHVo+5uzcwhBXeKXhOdEoZYtWFstvzwrXrqO
U4zjuhBRLSNaQMjOqb8uCR15g0xVwzO+N0tLh+hPu/a3GAuj6FbkLLu3qfOKW10M
tNkpjttu9vHrrUusQbV59CTl6L37hCKIaWIMPej1gOifjt6cAtAmS6vxAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJwo4IQ0noK1B1DvNJz/coGP2iD3MB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvbkNqZ2hEU2VnclVIVU84MG5QOXlnWV9hSVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAub3gAwQA
ucYzAwQAw/VZMA0GCSqGSIb3DQEBCwUAA4IBAQBipKWE6P4t6TOoZ+IAc1RC3a26
Eo8Xa7+R6i8/vBtksodZPKidVJKi5WFWKpPnrjhENeT+5DRsYwzL2yZz7GJF7pti
p6gLs1NRAPC37tAvDrvhPywEnd6U/JMTFevbouTDRodKDjy7Cqfm/eJysk2FIiEO
uSnhVoD4PrFK/30FVrA9SIIKJkBVkX6UYNoBeSQvGrtc+v3LP4ctICPAVMOdYTUj
Q8KAfVY1bS9kW0qplX3l/qWnEmhpxLHZ4zXAY8q4FWK6anFyS4Z5YmyLxyjdRUmk
VSrCgi95cXgXMO2amYQ+eXZmizL6hEfkCx4iWGXbNF7NlE8wpbPAeOg2M1sD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:39 2024 by rpki-client on console-ams.rpki-client.org