Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/aawnJpN-Br6R3LbVmJ5NaZ1wP5k.roa
File:                     aawnJpN-Br6R3LbVmJ5NaZ1wP5k.roa (raw, json)
Hash identifier:          Tqpct/N5Vq+j9Vm/vjVqMSuJQeEHErEMpVBfRtgQ/TQ=
Subject key identifier:   69:AC:27:26:93:7E:06:BE:91:DC:B6:D5:98:9E:4D:69:9D:70:3F:99
Certificate issuer:       /CN=af935603e52e831537716d458b360192f99a3689
Certificate serial:       01857170A6E24722D8D6337350C38A252D05
Authority key identifier: AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/aawnJpN-Br6R3LbVmJ5NaZ1wP5k.roa
Signing time:             Mon 02 Jan 2023 07:44:46 +0000
ROA not before:           Mon 02 Jan 2023 07:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202152
IP address blocks:        185.49.132.0/22 maxlen: 22
                          185.49.132.0/23 maxlen: 23
                          185.49.134.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:70:a6:e2:47:22:d8:d6:33:73:50:c3:8a:25:2d:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af935603e52e831537716d458b360192f99a3689
        Validity
            Not Before: Jan  2 07:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=69ac2726937e06be91dcb6d5989e4d699d703f99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:33:f2:e2:8c:04:0d:ff:50:52:7e:ff:0b:6d:
                    5a:b4:c7:fd:3d:d6:3d:50:03:4a:32:33:b4:67:91:
                    8e:79:fc:e7:df:a5:ac:ab:ef:89:d0:a5:71:b3:48:
                    6e:d4:a4:41:fb:28:1a:0d:05:3c:d2:ba:5a:1c:5c:
                    20:4b:e0:f9:d1:65:40:c9:f0:7f:26:1f:80:b1:4f:
                    2c:66:12:f6:49:30:c7:07:6f:08:82:8b:3b:bc:86:
                    9c:44:e5:cd:cd:38:f1:3e:24:ac:6e:7b:e3:15:80:
                    d7:57:00:45:bf:1c:25:ef:39:3e:eb:aa:6c:b5:0b:
                    f8:74:2c:9c:19:43:04:60:c6:eb:15:f4:d5:4f:ba:
                    a6:f2:e4:bc:43:79:2a:22:5a:98:6c:4a:e7:0f:5a:
                    3e:78:dc:ac:e0:7e:d4:5e:19:ea:eb:7c:3d:d8:a2:
                    b3:c6:7d:61:c9:1c:fa:fa:05:eb:7f:a7:11:32:03:
                    8a:c8:18:ef:99:d2:91:30:b1:fd:93:94:91:19:a7:
                    f5:ce:99:78:78:e4:36:a6:0e:84:0c:06:9d:ac:31:
                    c3:1f:30:bc:dd:12:12:9b:e4:84:76:b2:90:64:30:
                    9a:30:5e:55:31:1d:47:ee:c3:d1:1c:e1:23:8d:b0:
                    fe:f0:8b:51:fb:8a:7e:11:37:b7:3c:85:25:29:cf:
                    1a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:AC:27:26:93:7E:06:BE:91:DC:B6:D5:98:9E:4D:69:9D:70:3F:99
            X509v3 Authority Key Identifier:
                keyid:AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/aawnJpN-Br6R3LbVmJ5NaZ1wP5k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.49.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:59:7a:d7:d0:fa:92:95:a0:2b:b8:9e:e0:f7:2e:68:ba:90:
         78:ff:94:88:d9:d4:66:0a:a5:70:bc:a5:f1:a1:ea:7e:3b:ca:
         60:68:12:4d:a0:48:bf:ab:5a:64:f9:7d:7e:b6:96:17:1d:8b:
         c5:bd:21:2e:00:8b:3d:a2:0d:15:02:8b:aa:9b:95:cb:ae:00:
         22:ed:3c:08:aa:2f:41:40:81:c6:42:b7:37:b5:38:67:bc:6a:
         85:f2:9b:63:a9:41:72:15:aa:1d:30:8e:70:80:57:18:b3:3c:
         74:42:42:57:57:1f:1e:f2:37:6e:a2:a0:2a:82:da:24:05:14:
         02:5b:7f:64:9d:ed:90:a2:2c:10:71:9b:68:f1:5b:b9:1b:13:
         6b:d4:86:86:c3:be:70:b1:00:f3:61:c5:82:e8:69:06:a7:63:
         b6:1f:f5:fa:a4:2d:9b:f5:12:18:b4:c7:4e:61:2d:fc:61:4a:
         da:5a:59:44:58:10:84:0e:c8:e7:e4:cb:60:ca:61:89:50:ee:
         cc:7a:14:ef:3c:a8:c7:8c:3b:62:cd:29:8b:ac:a9:5a:a8:67:
         79:22:cf:e3:15:b0:86:9b:c6:3c:72:23:0a:e4:d8:09:5b:f9:
         7e:61:bf:23:50:28:cc:3e:8d:68:2f:7b:12:cb:78:63:dd:42:
         36:28:af:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxcKbiRyLY1jNzUMOKJS0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM1NjAzZTUyZTgzMTUzNzcxNmQ0NThiMzYwMTkyZjk5
YTM2ODkwHhcNMjMwMTAyMDc0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFjMjcyNjkzN2UwNmJlOTFkY2I2ZDU5ODllNGQ2OTlkNzAzZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTPy4owEDf9QUn7/C21atMf9PdY9
UANKMjO0Z5GOefzn36Wsq++J0KVxs0hu1KRB+ygaDQU80rpaHFwgS+D50WVAyfB/
Jh+AsU8sZhL2STDHB28Igos7vIacROXNzTjxPiSsbnvjFYDXVwBFvxwl7zk+66ps
tQv4dCycGUMEYMbrFfTVT7qm8uS8Q3kqIlqYbErnD1o+eNys4H7UXhnq63w92KKz
xn1hyRz6+gXrf6cRMgOKyBjvmdKRMLH9k5SRGaf1zpl4eOQ2pg6EDAadrDHDHzC8
3RISm+SEdrKQZDCaMF5VMR1H7sPRHOEjjbD+8ItR+4p+ETe3PIUlKc8aRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmsJyaTfga+kdy21ZieTWmdcD+ZMB8GA1UdIwQY
MBaAFK+TVgPlLoMVN3FtRYs2AZL5mjaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYt
MGEwZDA1ZWQwYzZiLzEvYWF3bkpwTi1CcjZSM0xiVm1KNU5hWjF3UDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYtMGEwZDA1ZWQwYzZi
LzEvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTGEMA0G
CSqGSIb3DQEBCwUAA4IBAQByWXrX0PqSlaAruJ7g9y5oupB4/5SI2dRmCqVwvKXx
oep+O8pgaBJNoEi/q1pk+X1+tpYXHYvFvSEuAIs9og0VAouqm5XLrgAi7TwIqi9B
QIHGQrc3tThnvGqF8ptjqUFyFaodMI5wgFcYszx0QkJXVx8e8jduoqAqgtokBRQC
W39kne2QoiwQcZto8Vu5GxNr1IaGw75wsQDzYcWC6GkGp2O2H/X6pC2b9RIYtMdO
YS38YUraWllEWBCEDsjn5MtgymGJUO7MehTvPKjHjDtizSmLrKlaqGd5Is/jFbCG
m8Y8ciMK5NgJW/l+Yb8jUCjMPo1oL3sSy3hj3UI2KK8W
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:43 2024 by rpki-client on console-fra.rpki-client.org