Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/_RuwGXK-UNMQP_N-wRq265TP8DE.roa
File:                     _RuwGXK-UNMQP_N-wRq265TP8DE.roa (raw, json)
Hash identifier:          BqfQj1bAE/XbEqO82nZudZTjQ24ChurEyIy+WgFYJCU=
Subject key identifier:   FD:1B:B0:19:72:BE:50:D3:10:3F:F3:7E:C1:1A:B6:EB:94:CF:F0:31
Certificate issuer:       /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial:       0188337F0F2344E172F4A6333205A690F275
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/_RuwGXK-UNMQP_N-wRq265TP8DE.roa
Signing time:             Fri 19 May 2023 10:12:24 +0000
ROA not before:           Fri 19 May 2023 10:12:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46475
IP address blocks:        185.152.95.0/24 maxlen: 24
                          185.152.93.0/24 maxlen: 24
                          185.152.94.0/24 maxlen: 24
                          185.152.92.0/24 maxlen: 24
                          85.239.38.0/24 maxlen: 24
                          85.239.36.0/24 maxlen: 24
                          85.239.37.0/24 maxlen: 24
                          85.239.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 May 2023 18:22:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:33:7f:0f:23:44:e1:72:f4:a6:33:32:05:a6:90:f2:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
        Validity
            Not Before: May 19 10:12:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd1bb01972be50d3103ff37ec11ab6eb94cff031
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:e4:02:38:96:ee:23:b7:b6:95:a3:df:07:1b:
                    be:1d:46:57:20:3c:76:f3:d3:e8:d5:3a:24:ed:b4:
                    6b:ef:e3:05:3f:8e:4c:dc:1a:30:b5:0c:25:00:e0:
                    45:be:9b:58:6f:73:33:37:71:9e:a7:10:9b:fe:45:
                    3e:2c:63:25:8d:ee:df:5a:8f:32:1b:34:e0:cc:db:
                    6d:14:ec:92:34:5d:38:cf:9f:92:61:05:34:8f:7e:
                    7c:6f:dd:4d:c6:8b:aa:89:82:81:e8:ba:1c:c4:d8:
                    1b:04:ed:a8:e0:ae:55:de:0b:95:72:48:7c:d3:1f:
                    0b:a6:42:39:6a:6d:fe:fc:74:1d:c9:5e:68:96:da:
                    89:62:14:58:da:62:e2:05:a5:12:fd:e8:ba:14:d2:
                    2c:89:be:e5:27:a0:5f:90:2d:90:f1:5f:ae:9f:fe:
                    d7:5f:79:1d:1c:8f:48:22:4b:53:f9:ca:3c:8f:28:
                    56:65:e0:6f:62:ae:c7:e0:e4:5b:85:d5:e7:ba:dd:
                    68:2c:a8:42:79:9d:b0:97:da:c5:82:70:88:25:71:
                    56:95:97:f8:c1:44:51:9e:90:a5:25:23:bb:14:79:
                    db:d3:c4:5d:56:43:8a:69:9c:cd:ae:73:11:48:b3:
                    85:0b:ba:ac:d3:aa:b9:a4:1f:52:2f:15:27:59:ad:
                    e0:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:1B:B0:19:72:BE:50:D3:10:3F:F3:7E:C1:1A:B6:EB:94:CF:F0:31
            X509v3 Authority Key Identifier:
                keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/_RuwGXK-UNMQP_N-wRq265TP8DE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.239.36.0/22
                  185.152.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         67:4e:eb:9b:0b:53:e2:f1:0e:ed:63:14:9b:9d:48:0d:75:15:
         80:64:0d:b9:49:21:5e:d0:3c:23:68:27:3f:a2:39:64:91:97:
         c4:66:ae:da:1e:08:d5:2d:25:17:96:5c:1c:db:08:df:d5:1a:
         ed:b0:45:92:5c:53:85:ab:65:96:a5:d5:60:7d:09:ac:fb:a0:
         b6:8e:4c:9c:d9:ca:50:a0:33:50:7d:44:74:6f:f8:e9:a9:8b:
         36:9e:a6:10:b3:d9:53:00:bc:50:82:34:b8:9a:7f:1a:5d:4c:
         e2:b1:7d:68:32:b0:17:6c:7a:82:37:c5:ce:55:96:ff:b7:dc:
         c4:83:a3:ac:c8:b6:f6:36:f9:45:c1:a1:7c:83:89:52:70:e2:
         82:7b:48:82:45:39:4e:f3:d1:4f:69:14:ea:04:49:04:1a:c0:
         ed:52:80:e2:cd:67:97:d9:b9:ee:6c:1d:b2:70:10:a5:b9:2c:
         d5:42:fc:1e:34:9b:33:32:48:9d:8d:33:5f:66:bb:dd:ef:e3:
         eb:56:40:84:ba:3b:e8:ea:d2:5c:b8:7d:ee:1c:e0:77:d6:2f:
         4b:6b:6f:27:16:f5:40:8d:5a:b8:2a:34:f0:60:3d:27:a2:27:
         3e:2a:45:4a:57:42:e6:ee:bb:93:76:28:c0:22:62:b2:f0:d0:
         4e:7e:ac:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgzfw8jROFy9KYzMgWmkPJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjMwNTE5MTAxMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDFiYjAxOTcyYmU1MGQzMTAzZmYzN2VjMTFhYjZlYjk0Y2ZmMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuQCOJbuI7e2laPfBxu+HUZXIDx2
89Po1Tok7bRr7+MFP45M3BowtQwlAOBFvptYb3MzN3GepxCb/kU+LGMlje7fWo8y
GzTgzNttFOySNF04z5+SYQU0j358b91NxouqiYKB6LocxNgbBO2o4K5V3guVckh8
0x8LpkI5am3+/HQdyV5oltqJYhRY2mLiBaUS/ei6FNIsib7lJ6BfkC2Q8V+un/7X
X3kdHI9IIktT+co8jyhWZeBvYq7H4ORbhdXnut1oLKhCeZ2wl9rFgnCIJXFWlZf4
wURRnpClJSO7FHnb08RdVkOKaZzNrnMRSLOFC7qs06q5pB9SLxUnWa3gHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP0bsBlyvlDTED/zfsEatuuUz/AxMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvX1J1d0dYSy1VTk1RUF9OLXdScTI2NVRQOERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVe8kAwQC
uZhcMA0GCSqGSIb3DQEBCwUAA4IBAQBnTuubC1Pi8Q7tYxSbnUgNdRWAZA25SSFe
0DwjaCc/ojlkkZfEZq7aHgjVLSUXllwc2wjf1RrtsEWSXFOFq2WWpdVgfQms+6C2
jkyc2cpQoDNQfUR0b/jpqYs2nqYQs9lTALxQgjS4mn8aXUzisX1oMrAXbHqCN8XO
VZb/t9zEg6OsyLb2NvlFwaF8g4lScOKCe0iCRTlO89FPaRTqBEkEGsDtUoDizWeX
2bnubB2ycBCluSzVQvweNJszMkidjTNfZrvd7+PrVkCEujvo6tJcuH3uHOB31i9L
a28nFvVAjVq4KjTwYD0noic+KkVKV0Lm7ruTdijAImKy8NBOfqwE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org