Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/VRVHAym3yxB0AxfkHa6YdMNAKZI.roa
File:                     VRVHAym3yxB0AxfkHa6YdMNAKZI.roa (raw, json)
Hash identifier:          M+rPPIeu8EKm8Mnmn3P9aeuQM539D4O9WfbtNUfKpAI=
Subject key identifier:   55:15:47:03:29:B7:CB:10:74:03:17:E4:1D:AE:98:74:C3:40:29:92
Certificate issuer:       /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial:       018F57977D3C3C081E46391DEB2089EB6692
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/VRVHAym3yxB0AxfkHa6YdMNAKZI.roa
Signing time:             Wed 08 May 2024 09:44:56 +0000
ROA not before:           Wed 08 May 2024 09:44:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        81.22.136.0/22 maxlen: 23
                          81.22.140.0/22 maxlen: 24
                          89.185.0.0/22 maxlen: 22
                          109.72.116.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 18 May 2024 09:03:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:57:97:7d:3c:3c:08:1e:46:39:1d:eb:20:89:eb:66:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
        Validity
            Not Before: May  8 09:44:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5515470329b7cb10740317e41dae9874c3402992
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:65:a0:e0:e5:25:09:b2:7e:be:c0:b5:08:40:
                    df:b5:cb:e1:2d:5c:a2:f0:9b:84:2d:58:52:77:8f:
                    9a:a7:c3:65:ed:7a:02:8d:12:db:a2:7e:a9:5e:83:
                    3b:57:2b:8b:8a:b2:6e:b9:a1:90:30:d3:27:a3:23:
                    9e:b7:d3:d2:39:c4:4b:95:42:d0:19:05:d0:11:20:
                    94:e8:80:02:a5:b8:b7:1f:81:40:81:92:aa:be:9f:
                    87:2f:e1:5d:c7:bb:46:74:1a:ba:5f:c4:85:bf:25:
                    8c:80:9d:e7:db:33:26:21:e4:58:88:ab:ed:a6:a7:
                    e5:a1:6f:e0:35:ef:61:ac:73:14:00:52:b0:fd:b5:
                    6a:d0:ba:4d:82:3c:37:93:50:4d:23:a6:da:b9:cf:
                    cc:6d:0b:04:cf:14:81:b4:fd:87:42:0d:c3:12:c2:
                    d4:a2:67:97:49:b7:a2:f3:61:79:38:16:4e:55:68:
                    86:61:d6:f5:6b:a6:e3:ce:1e:5d:36:22:55:95:a8:
                    d5:71:d2:77:84:b0:14:ef:37:7e:d7:fe:70:f8:03:
                    87:70:e6:d6:41:2e:c2:aa:d9:82:95:51:74:81:3d:
                    cf:71:55:c5:0e:4d:e3:f0:ec:d5:fa:08:c2:8d:6c:
                    44:62:60:19:fa:5a:60:12:82:f5:c2:63:85:f1:4e:
                    67:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:15:47:03:29:B7:CB:10:74:03:17:E4:1D:AE:98:74:C3:40:29:92
            X509v3 Authority Key Identifier:
                keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/VRVHAym3yxB0AxfkHa6YdMNAKZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.22.136.0/21
                  89.185.0.0/22
                  109.72.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         98:14:36:cb:d6:53:65:23:72:0f:d6:e8:32:4f:39:c6:c6:a1:
         77:5c:3d:a5:6e:9e:ad:4e:1a:ef:02:5a:0d:d8:68:26:64:2b:
         6e:35:02:ef:4c:2f:d6:b4:14:b8:39:78:92:87:bc:8a:65:52:
         07:e0:28:44:94:ff:9e:63:f6:60:1c:61:14:2a:82:ce:00:cc:
         47:2f:28:ab:bc:76:2b:52:6b:db:ff:8b:a3:15:6e:ca:1e:7d:
         97:95:d0:9a:a3:56:cd:4d:2d:7e:9a:06:b1:ec:42:79:5d:3a:
         7c:35:c4:d2:30:4c:04:d8:7c:86:db:14:9c:2c:7b:56:a0:5e:
         79:00:fe:a9:45:b5:dc:c8:22:d9:65:76:60:a8:70:37:10:34:
         2c:81:d4:5d:d1:c2:b6:13:ac:ec:83:3e:10:5d:4c:32:10:2f:
         40:4b:92:4c:17:e9:ef:e1:ea:ad:21:ac:c7:0e:05:47:66:03:
         9c:d3:58:6a:1d:87:e4:e4:17:1d:8d:e7:17:26:71:eb:1c:c7:
         2a:26:39:72:20:99:ab:c4:9a:5b:69:7c:45:e9:f9:d2:24:64:
         84:db:4e:d0:51:0f:66:e6:74:ba:a2:b8:71:74:fc:d4:c2:1c:
         3e:12:bc:57:67:77:20:60:2d:c1:c7:20:b5:fb:a4:4b:4a:ad:
         d9:97:f3:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9Xl308PAgeRjkd6yCJ62aSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNTA4MDk0NDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTE1NDcwMzI5YjdjYjEwNzQwMzE3ZTQxZGFlOTg3NGMzNDAyOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2Wg4OUlCbJ+vsC1CEDftcvhLVyi
8JuELVhSd4+ap8Nl7XoCjRLbon6pXoM7VyuLirJuuaGQMNMnoyOet9PSOcRLlULQ
GQXQESCU6IACpbi3H4FAgZKqvp+HL+Fdx7tGdBq6X8SFvyWMgJ3n2zMmIeRYiKvt
pqfloW/gNe9hrHMUAFKw/bVq0LpNgjw3k1BNI6bauc/MbQsEzxSBtP2HQg3DEsLU
omeXSbei82F5OBZOVWiGYdb1a6bjzh5dNiJVlajVcdJ3hLAU7zd+1/5w+AOHcObW
QS7CqtmClVF0gT3PcVXFDk3j8OzV+gjCjWxEYmAZ+lpgEoL1wmOF8U5nEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFUVRwMpt8sQdAMX5B2umHTDQCmSMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVlJWSEF5bTN5eEIwQXhma0hhNllkTU5BS1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQCYFDbL1lNlI3IP1ugyTznGxqF3
XD2lbp6tThrvAloN2GgmZCtuNQLvTC/WtBS4OXiSh7yKZVIH4ChElP+eY/ZgHGEU
KoLOAMxHLyirvHYrUmvb/4ujFW7KHn2XldCao1bNTS1+mgax7EJ5XTp8NcTSMEwE
2HyG2xScLHtWoF55AP6pRbXcyCLZZXZgqHA3EDQsgdRd0cK2E6zsgz4QXUwyEC9A
S5JMF+nv4eqtIazHDgVHZgOc01hqHYfk5BcdjecXJnHrHMcqJjlyIJmrxJpbaXxF
6fnSJGSE207QUQ9m5nS6orhxdPzUwhw+ErxXZ3cgYC3BxyC1+6RLSq3Zl/OL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org