Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/0DSfFKSI_OpS9vgKfd0COj6xk1w.roa
File:                     0DSfFKSI_OpS9vgKfd0COj6xk1w.roa (raw, json)
Hash identifier:          90vNnhs+zzTPFcTqFlglvcOyHYwRgCMxuqbTfvGK5+c=
Subject key identifier:   D0:34:9F:14:A4:88:FC:EA:52:F6:F8:0A:7D:DD:02:3A:3E:B1:93:5C
Certificate issuer:       /CN=d742fa4fb28faf28a18e8add4c10c96337c3c4c5
Certificate serial:       0186BC618E4CA31A27EA0E543D43A7B38301
Authority key identifier: D7:42:FA:4F:B2:8F:AF:28:A1:8E:8A:DD:4C:10:C9:63:37:C3:C4:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/10L6T7KPryihjordTBDJYzfDxMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/0DSfFKSI_OpS9vgKfd0COj6xk1w.roa
Signing time:             Tue 07 Mar 2023 14:02:35 +0000
ROA not before:           Tue 07 Mar 2023 14:02:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39544
IP address blocks:        185.137.236.0/22 maxlen: 22
                          178.211.224.0/19 maxlen: 19
                          185.20.200.0/22 maxlen: 22
                          109.203.32.0/19 maxlen: 19

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:bc:61:8e:4c:a3:1a:27:ea:0e:54:3d:43:a7:b3:83:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d742fa4fb28faf28a18e8add4c10c96337c3c4c5
        Validity
            Not Before: Mar  7 14:02:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d0349f14a488fcea52f6f80a7ddd023a3eb1935c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:fd:66:5b:fc:0d:33:3e:16:f6:db:06:af:a0:
                    15:06:db:d9:71:e3:2a:ab:80:fd:6e:1d:bd:00:6d:
                    f6:f5:55:a5:18:e6:ee:17:f4:f2:32:91:cb:9f:95:
                    ec:47:13:d9:d9:12:32:e6:23:d6:07:05:3b:65:77:
                    bb:46:03:4e:7a:97:cb:77:7e:e4:0d:03:34:f4:63:
                    a8:73:88:1b:68:b5:d8:33:48:ee:c3:c6:d2:63:a8:
                    35:d9:7b:e5:5a:76:6f:3a:5c:ae:00:e1:20:80:b0:
                    7c:1b:f9:14:a7:c1:48:31:78:bc:66:a6:c8:51:42:
                    b2:94:96:5d:5a:95:82:7c:65:55:5f:2b:e6:fa:df:
                    8b:f6:f7:41:d6:0e:d8:08:60:1c:b5:64:49:75:90:
                    f1:e4:84:fc:ec:a3:37:26:11:44:1d:3a:16:98:90:
                    9e:ac:a1:aa:56:d8:e9:6f:32:94:22:2e:13:15:c9:
                    9f:11:5f:3e:0e:d8:56:4a:c6:b4:15:6c:3e:49:cc:
                    84:2f:02:69:7a:33:d5:61:d7:2d:53:5f:74:45:9e:
                    89:54:66:b6:7e:d9:5b:9b:b0:ba:db:72:49:61:4b:
                    55:b8:7a:9a:2d:e4:ef:05:4c:0b:95:4f:80:6b:7a:
                    b1:ff:8d:2a:eb:af:59:45:c9:9d:85:19:ef:62:d3:
                    0e:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:34:9F:14:A4:88:FC:EA:52:F6:F8:0A:7D:DD:02:3A:3E:B1:93:5C
            X509v3 Authority Key Identifier:
                keyid:D7:42:FA:4F:B2:8F:AF:28:A1:8E:8A:DD:4C:10:C9:63:37:C3:C4:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10L6T7KPryihjordTBDJYzfDxMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/0DSfFKSI_OpS9vgKfd0COj6xk1w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/703bd6-1b2f-4083-b1e7-7a5f60189c51/1/10L6T7KPryihjordTBDJYzfDxMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.203.32.0/19
                  178.211.224.0/19
                  185.20.200.0/22
                  185.137.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ad:c8:79:ae:ac:80:a1:1d:6d:1d:16:0c:85:42:20:d5:34:99:
         be:01:4f:df:44:89:d1:5d:9c:c1:cf:cd:c5:55:8c:59:69:c2:
         09:95:67:28:89:bc:b4:2e:40:0f:bc:92:71:72:f3:f6:7f:63:
         67:61:1c:ae:68:3d:25:92:48:61:4e:91:d9:02:07:ce:55:86:
         1b:95:18:d1:9c:48:aa:35:3b:0d:d1:73:e5:b6:1b:15:0e:89:
         01:72:3a:64:1e:69:1e:c7:02:55:69:8f:67:ad:16:40:1e:4e:
         cb:e0:47:81:b9:a3:32:4c:77:dc:5c:fb:bf:12:50:54:e4:09:
         6d:98:90:d9:04:cb:09:c8:88:e4:c9:af:12:12:e2:87:3c:23:
         32:53:b6:6e:50:78:38:d7:0f:1b:ab:95:73:3a:04:bc:09:41:
         06:77:7d:19:14:4f:33:00:0d:aa:d0:7d:6c:14:4b:94:4d:70:
         a2:8c:78:a1:18:c6:fd:5d:e4:dd:23:ca:eb:3e:aa:d4:c6:07:
         f3:2d:e3:7a:9f:25:ff:9c:c4:55:80:ad:7f:7a:4e:02:f3:fe:
         30:9b:a5:d6:32:fe:e1:89:30:5c:4f:cc:59:bd:0b:a3:bd:aa:
         26:34:25:1a:67:9e:39:0b:44:5b:e0:0b:fb:fb:bb:4b:7d:3b:
         65:95:fb:f5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYa8YY5Moxon6g5UPUOns4MBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDJmYTRmYjI4ZmFmMjhhMThlOGFkZDRjMTBjOTYzMzdj
M2M0YzUwHhcNMjMwMzA3MTQwMjM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDM0OWYxNGE0ODhmY2VhNTJmNmY4MGE3ZGRkMDIzYTNlYjE5MzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/1mW/wNMz4W9tsGr6AVBtvZceMq
q4D9bh29AG329VWlGObuF/TyMpHLn5XsRxPZ2RIy5iPWBwU7ZXe7RgNOepfLd37k
DQM09GOoc4gbaLXYM0juw8bSY6g12XvlWnZvOlyuAOEggLB8G/kUp8FIMXi8ZqbI
UUKylJZdWpWCfGVVXyvm+t+L9vdB1g7YCGActWRJdZDx5IT87KM3JhFEHToWmJCe
rKGqVtjpbzKUIi4TFcmfEV8+DthWSsa0FWw+ScyELwJpejPVYdctU190RZ6JVGa2
ftlbm7C623JJYUtVuHqaLeTvBUwLlU+Aa3qx/40q669ZRcmdhRnvYtMOuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNA0nxSkiPzqUvb4Cn3dAjo+sZNcMB8GA1UdIwQY
MBaAFNdC+k+yj68ooY6K3UwQyWM3w8TFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBMNlQ3S1ByeWloam9yZFRCREpZemZEeE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83MDNiZDYtMWIyZi00MDgzLWIxZTct
N2E1ZjYwMTg5YzUxLzEvMERTZkZLU0lfT3BTOXZnS2ZkMENPajZ4azF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83MDNiZDYtMWIyZi00MDgzLWIxZTctN2E1ZjYwMTg5YzUx
LzEvMTBMNlQ3S1ByeWloam9yZFRCREpZemZEeE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFbcsgAwQF
stPgAwQCuRTIAwQCuYnsMA0GCSqGSIb3DQEBCwUAA4IBAQCtyHmurIChHW0dFgyF
QiDVNJm+AU/fRInRXZzBz83FVYxZacIJlWcoiby0LkAPvJJxcvP2f2NnYRyuaD0l
kkhhTpHZAgfOVYYblRjRnEiqNTsN0XPlthsVDokBcjpkHmkexwJVaY9nrRZAHk7L
4EeBuaMyTHfcXPu/ElBU5AltmJDZBMsJyIjkya8SEuKHPCMyU7ZuUHg41w8bq5Vz
OgS8CUEGd30ZFE8zAA2q0H1sFEuUTXCijHihGMb9XeTdI8rrPqrUxgfzLeN6nyX/
nMRVgK1/ek4C8/4wm6XWMv7hiTBcT8xZvQujvaomNCUaZ545C0Rb4Av7+7tLfTtl
lfv1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:58 2024 by rpki-client on console-ams.rpki-client.org