Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/SV7fkzJj5O8VG3-MISqh65cntes.roa
File:                     SV7fkzJj5O8VG3-MISqh65cntes.roa (raw, json)
Hash identifier:          BAHBqgxW266/hjou17Y9n8t1P+y5FeNyzH+7ZHSALX0=
Subject key identifier:   49:5E:DF:93:32:63:E4:EF:15:1B:7F:8C:21:2A:A1:EB:97:27:B5:EB
Certificate issuer:       /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial:       0188785F010ADE921259E1AC256C9A51FB2D
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/SV7fkzJj5O8VG3-MISqh65cntes.roa
Signing time:             Thu 01 Jun 2023 19:11:12 +0000
ROA not before:           Thu 01 Jun 2023 19:11:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14576
IP address blocks:        185.152.93.0/24 maxlen: 24
                          185.152.95.0/24 maxlen: 24
                          185.152.94.0/24 maxlen: 24
                          85.239.38.0/24 maxlen: 24
                          85.239.37.0/24 maxlen: 24
                          85.239.36.0/24 maxlen: 24
                          85.239.35.0/24 maxlen: 24
                          85.239.39.0/24 maxlen: 24
                          85.239.48.0/22 maxlen: 24
                          85.239.56.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:78:5f:01:0a:de:92:12:59:e1:ac:25:6c:9a:51:fb:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
        Validity
            Not Before: Jun  1 19:11:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=495edf933263e4ef151b7f8c212aa1eb9727b5eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0e:80:69:52:25:0d:da:cc:91:67:39:b0:89:
                    fc:02:ca:77:b0:16:b5:bc:87:b0:2f:6c:41:d3:7b:
                    e8:06:13:46:8b:58:71:17:a8:9e:9f:72:06:8a:a8:
                    85:ed:90:d4:9a:7c:c7:72:61:04:f2:63:cd:e0:fc:
                    06:ec:2a:c1:a1:67:95:8a:21:7e:4f:9f:b2:96:0b:
                    2d:b4:d1:53:60:a8:fe:a1:1c:a4:e5:85:35:16:29:
                    a0:94:a9:ef:ce:ce:7e:1d:0a:66:a0:15:e3:4f:dd:
                    d4:fe:7c:be:29:42:f7:4e:8a:50:8f:f4:db:a5:93:
                    c7:81:50:e9:00:b4:70:e6:31:87:40:a7:0a:24:bc:
                    f5:f7:37:5b:cd:11:e7:ca:1b:57:ad:7f:c1:44:8d:
                    52:88:f6:f5:45:d6:2d:61:fd:d0:95:c1:6e:93:83:
                    7c:8b:e0:55:7a:60:93:c4:db:a1:82:83:60:59:a7:
                    62:35:1b:f5:12:c1:46:f0:06:1e:48:96:21:f1:e7:
                    33:e4:3d:e3:60:1a:9a:f1:aa:4e:2c:4c:39:bc:db:
                    7d:61:af:b8:88:6f:c7:1c:19:22:0b:9f:20:ed:a2:
                    2d:df:43:73:f4:2c:b1:99:08:3e:66:06:2a:e7:17:
                    bb:32:04:42:53:6f:d1:15:38:61:57:aa:94:cd:ff:
                    71:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:5E:DF:93:32:63:E4:EF:15:1B:7F:8C:21:2A:A1:EB:97:27:B5:EB
            X509v3 Authority Key Identifier:
                keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/SV7fkzJj5O8VG3-MISqh65cntes.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.239.35.0-85.239.39.255
                  85.239.48.0/22
                  85.239.56.0/22
                  185.152.93.0-185.152.95.255

    Signature Algorithm: sha256WithRSAEncryption
         6d:76:3a:b5:81:d6:d7:b5:01:01:91:76:60:09:e6:ce:b3:61:
         1b:53:4f:60:9c:ec:1c:f9:1b:b2:2e:bd:85:52:bf:bd:4d:4f:
         f1:38:0d:4f:f0:66:04:43:13:16:9a:c4:54:e5:e4:b1:85:29:
         b5:1f:24:9b:6b:b6:2b:52:0f:76:35:76:76:f5:9c:c0:38:8f:
         26:66:de:01:93:b4:2d:82:2e:2c:00:dd:00:21:3e:35:6e:f1:
         25:5d:36:d3:64:3a:bf:b7:f8:7b:14:03:bb:9a:8e:cb:d3:55:
         02:69:1d:26:bf:67:6f:0c:d1:3a:02:90:3b:8c:56:35:a8:d8:
         75:95:5d:8a:cb:af:f5:28:98:53:68:52:93:6c:c9:a3:26:f9:
         0b:65:65:19:66:85:f4:d5:1a:43:eb:04:08:e2:14:cd:70:d4:
         c7:23:b8:64:63:6f:f3:04:2c:63:6a:41:b9:26:e2:c7:44:70:
         2e:94:59:14:e9:ce:d4:3f:4b:ac:36:ae:30:d2:2d:97:3d:2d:
         ff:19:67:f9:16:be:58:98:95:76:75:70:c3:41:82:b3:72:a2:
         e6:6b:20:fd:95:c6:a4:20:29:49:6b:75:ae:79:0b:9f:84:0c:
         7a:d6:e1:3f:13:4d:39:f9:6b:90:c3:d8:53:43:4a:e4:7b:8b:
         f3:6d:91:d8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYh4XwEK3pISWeGsJWyaUfstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjMwNjAxMTkxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTVlZGY5MzMyNjNlNGVmMTUxYjdmOGMyMTJhYTFlYjk3MjdiNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ6AaVIlDdrMkWc5sIn8Asp3sBa1
vIewL2xB03voBhNGi1hxF6ien3IGiqiF7ZDUmnzHcmEE8mPN4PwG7CrBoWeViiF+
T5+ylgsttNFTYKj+oRyk5YU1FimglKnvzs5+HQpmoBXjT93U/ny+KUL3TopQj/Tb
pZPHgVDpALRw5jGHQKcKJLz19zdbzRHnyhtXrX/BRI1SiPb1RdYtYf3QlcFuk4N8
i+BVemCTxNuhgoNgWadiNRv1EsFG8AYeSJYh8ecz5D3jYBqa8apOLEw5vNt9Ya+4
iG/HHBkiC58g7aIt30Nz9CyxmQg+ZgYq5xe7MgRCU2/RFThhV6qUzf9xvwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEle35MyY+TvFRt/jCEqoeuXJ7XrMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvU1Y3Zmt6Smo1TzhWRzMtTUlTcWg2NWNudGVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBABV7yMD
BANV7yADBAJV7zADBAJV7zgwDAMEALmYXQMEBbmYQDANBgkqhkiG9w0BAQsFAAOC
AQEAbXY6tYHW17UBAZF2YAnmzrNhG1NPYJzsHPkbsi69hVK/vU1P8TgNT/BmBEMT
FprEVOXksYUptR8km2u2K1IPdjV2dvWcwDiPJmbeAZO0LYIuLADdACE+NW7xJV02
02Q6v7f4exQDu5qOy9NVAmkdJr9nbwzROgKQO4xWNajYdZVdisuv9SiYU2hSk2zJ
oyb5C2VlGWaF9NUaQ+sECOIUzXDUxyO4ZGNv8wQsY2pBuSbix0RwLpRZFOnO1D9L
rDauMNItlz0t/xln+Ra+WJiVdnVww0GCs3Ki5msg/ZXGpCApSWt1rnkLn4QMetbh
PxNNOflrkMPYU0NK5HuL822R2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:28 2024 by rpki-client on console-ams.rpki-client.org