Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/chvSAOPcb-hsnH0KvhtLKBVqOhQ.roa
File:                     chvSAOPcb-hsnH0KvhtLKBVqOhQ.roa (raw, json)
Hash identifier:          H9aPj6szGq6Wo3h7265s8HZeYweRPQTHZsh+wT9GR7I=
Subject key identifier:   72:1B:D2:00:E3:DC:6F:E8:6C:9C:7D:0A:BE:1B:4B:28:15:6A:3A:14
Certificate issuer:       /CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Certificate serial:       01856E0AE59DF1064B89891219DE2CF67D38
Authority key identifier: F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/chvSAOPcb-hsnH0KvhtLKBVqOhQ.roa
Signing time:             Sun 01 Jan 2023 15:54:46 +0000
ROA not before:           Sun 01 Jan 2023 15:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39683
IP address blocks:        185.252.22.0/23 maxlen: 23
                          5.61.96.0/21 maxlen: 24
                          195.189.224.0/24 maxlen: 24
                          195.189.224.0/23 maxlen: 23
                          195.189.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 20 Oct 2023 08:15:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:0a:e5:9d:f1:06:4b:89:89:12:19:de:2c:f6:7d:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
        Validity
            Not Before: Jan  1 15:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=721bd200e3dc6fe86c9c7d0abe1b4b28156a3a14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:7a:88:0b:98:9e:57:be:71:d3:19:42:2e:6b:
                    35:13:02:e9:df:29:e1:4f:4d:6d:bb:37:73:5b:62:
                    76:87:7a:c6:53:0e:18:2c:e1:5d:74:fa:24:f2:27:
                    45:69:82:ac:c2:de:7e:25:af:72:8a:5c:55:15:de:
                    63:29:8c:e2:98:bf:f7:63:6a:b1:09:d3:b9:cf:6d:
                    a5:f1:3f:f4:d9:aa:ad:cf:ec:bb:a7:59:68:78:00:
                    1f:d6:76:ab:75:87:61:53:08:3b:c7:ff:5a:45:e3:
                    ac:3a:85:b6:3f:e4:d8:33:81:6b:d4:70:85:b2:41:
                    4b:74:db:71:ee:30:a6:9b:3b:d9:78:e4:f3:85:03:
                    d1:94:b9:b9:9e:81:3c:61:02:00:e7:a9:50:5d:9f:
                    30:8e:50:6c:47:63:d6:5a:44:0f:18:e0:bb:35:c6:
                    d9:f7:92:bf:c5:f9:17:89:29:8e:d3:1a:2d:c1:5a:
                    14:0f:c9:60:f0:87:07:e5:f0:eb:e8:4b:a2:7b:7f:
                    ec:42:b4:69:4f:e2:09:d5:52:1c:c6:7c:78:4f:a5:
                    ef:bc:9c:63:52:1f:6a:ce:25:32:e3:af:72:47:01:
                    34:d4:7e:e8:0c:48:98:76:2b:5e:b2:1b:bf:93:0e:
                    e3:4a:b6:42:c5:0a:74:79:02:d6:e6:0c:ff:78:d7:
                    d4:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:1B:D2:00:E3:DC:6F:E8:6C:9C:7D:0A:BE:1B:4B:28:15:6A:3A:14
            X509v3 Authority Key Identifier:
                keyid:F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/chvSAOPcb-hsnH0KvhtLKBVqOhQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/8fGG6XCXyEF9lDfXDP38UnMxtag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.61.96.0/21
                  185.252.22.0/23
                  195.189.224.0/23

    Signature Algorithm: sha256WithRSAEncryption
         03:d5:6f:18:3a:d4:f1:4d:e3:a4:b1:17:b5:0d:48:15:8c:61:
         c5:29:53:7b:70:34:a3:99:1e:3e:67:27:94:8d:62:b0:e6:2f:
         ae:8d:6a:55:6b:34:b4:6b:a4:ac:86:77:c0:c6:e0:3f:7c:f7:
         5f:12:07:55:05:25:7d:36:14:1a:c5:68:a0:a5:42:ac:0e:d3:
         b6:cb:b3:29:2f:48:82:d3:ee:f5:e4:97:c5:2a:8b:f4:6f:d2:
         39:d6:78:03:4c:df:45:49:4c:94:22:a0:3d:f4:64:bc:54:f5:
         65:ce:9f:61:92:1e:60:fd:ab:52:38:21:a9:b2:52:90:3f:8e:
         d3:a1:af:f0:76:0a:84:0d:e7:0b:8e:78:ab:0e:d3:34:07:39:
         c5:4e:62:59:9c:3b:c8:3a:de:66:18:bd:11:45:ca:c5:88:62:
         c4:d5:aa:0e:d1:bc:b0:b7:58:fb:d3:36:b9:51:c0:7c:47:e4:
         9b:9e:6d:77:14:bf:09:78:2b:55:64:15:93:12:09:eb:81:87:
         f9:dd:88:1f:d3:85:ac:26:d6:63:69:91:49:c1:2e:1f:be:31:
         e6:2e:ae:45:e3:0e:89:e0:42:b1:92:ac:48:1e:dd:91:67:5c:
         b1:10:e4:29:af:ad:da:3e:9e:46:57:70:d3:b6:d0:9f:a1:d8:
         91:ec:17:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuCuWd8QZLiYkSGd4s9n04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjE4NmU5NzA5N2M4NDE3ZDk0MzdkNzBjZmRmYzUyNzMz
MWI1YTgwHhcNMjMwMTAxMTU1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjFiZDIwMGUzZGM2ZmU4NmM5YzdkMGFiZTFiNGIyODE1NmEzYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXqIC5ieV75x0xlCLms1EwLp3ynh
T01tuzdzW2J2h3rGUw4YLOFddPok8idFaYKswt5+Ja9yilxVFd5jKYzimL/3Y2qx
CdO5z22l8T/02aqtz+y7p1loeAAf1nardYdhUwg7x/9aReOsOoW2P+TYM4Fr1HCF
skFLdNtx7jCmmzvZeOTzhQPRlLm5noE8YQIA56lQXZ8wjlBsR2PWWkQPGOC7NcbZ
95K/xfkXiSmO0xotwVoUD8lg8IcH5fDr6Euie3/sQrRpT+IJ1VIcxnx4T6XvvJxj
Uh9qziUy469yRwE01H7oDEiYditeshu/kw7jSrZCxQp0eQLW5gz/eNfU2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHIb0gDj3G/obJx9Cr4bSygVajoUMB8GA1UdIwQY
MBaAFPHxhulwl8hBfZQ31wz9/FJzMbWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2Mt
YjY1Y2QxMzYyNjJlLzEvY2h2U0FPUGNiLWhzbkgwS3ZodExLQlZxT2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2MtYjY1Y2QxMzYyNjJl
LzEvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBT1gAwQB
ufwWAwQBw73gMA0GCSqGSIb3DQEBCwUAA4IBAQAD1W8YOtTxTeOksRe1DUgVjGHF
KVN7cDSjmR4+ZyeUjWKw5i+ujWpVazS0a6SshnfAxuA/fPdfEgdVBSV9NhQaxWig
pUKsDtO2y7MpL0iC0+715JfFKov0b9I51ngDTN9FSUyUIqA99GS8VPVlzp9hkh5g
/atSOCGpslKQP47Toa/wdgqEDecLjnirDtM0BznFTmJZnDvIOt5mGL0RRcrFiGLE
1aoO0bywt1j70za5UcB8R+Sbnm13FL8JeCtVZBWTEgnrgYf53Ygf04WsJtZjaZFJ
wS4fvjHmLq5F4w6J4EKxkqxIHt2RZ1yxEOQpr63aPp5GV3DTttCfodiR7Bdl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:57 2024 by rpki-client on console-ams.rpki-client.org