Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/vp1YQ863ph0IXCOx3ug8_TwpTWc.roa
File:                     vp1YQ863ph0IXCOx3ug8_TwpTWc.roa (raw, json)
Hash identifier:          910PlXGJcgp2RHJxEwJvGd1l6HgCkMv2AwzhHCXScsE=
Subject key identifier:   BE:9D:58:43:CE:B7:A6:1D:08:5C:23:B1:DE:E8:3C:FD:3C:29:4D:67
Certificate issuer:       /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial:       01917943F6273765AD352055E3CC0B9038A4
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/vp1YQ863ph0IXCOx3ug8_TwpTWc.roa
Signing time:             Thu 22 Aug 2024 08:46:22 +0000
ROA not before:           Thu 22 Aug 2024 08:46:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        81.22.136.0/22 maxlen: 23
                          81.22.140.0/22 maxlen: 24
                          89.185.0.0/22 maxlen: 22
                          109.72.116.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 13 Oct 2024 09:16:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:79:43:f6:27:37:65:ad:35:20:55:e3:cc:0b:90:38:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
        Validity
            Not Before: Aug 22 08:46:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=be9d5843ceb7a61d085c23b1dee83cfd3c294d67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:af:a9:c5:14:78:40:50:17:76:20:76:50:97:
                    ba:c6:9b:fa:a5:28:84:05:18:4d:63:dd:73:96:30:
                    d8:ca:f3:a5:09:49:d4:a5:8f:42:5f:16:05:57:68:
                    15:a6:e6:eb:b0:34:16:04:63:53:c2:79:64:4d:50:
                    de:44:25:d7:ae:fa:a0:37:f9:33:47:1f:bf:33:6a:
                    24:1d:d6:4d:76:2b:3f:b1:b7:45:16:4d:76:60:2b:
                    d5:bb:5d:79:1c:c7:20:26:8c:64:ca:cc:e4:db:45:
                    b8:74:59:df:be:bc:1a:d7:ce:77:21:dd:d0:c6:cb:
                    ef:5c:4d:e0:bd:12:3c:b2:1f:05:61:b6:67:d9:15:
                    d7:88:b8:d6:9c:fe:cb:8e:c8:9b:8f:c7:9e:31:4d:
                    2d:59:34:5d:5a:a9:20:1b:cb:a0:08:ee:82:e7:d4:
                    b3:9b:b7:51:57:bf:32:a2:76:e8:52:1b:ba:93:07:
                    31:c4:45:6e:6b:e5:51:5d:18:4f:1e:1a:c4:b0:f6:
                    2e:af:c1:63:82:05:75:ea:81:70:14:b3:e1:c7:6f:
                    b2:fb:02:04:38:e8:e6:3d:d4:7e:01:b9:0a:b4:45:
                    1d:36:eb:44:dc:09:d2:c6:eb:90:f3:e4:48:01:ee:
                    62:8b:ff:a4:58:ad:9d:c1:ea:66:bd:3b:ff:00:f5:
                    55:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:9D:58:43:CE:B7:A6:1D:08:5C:23:B1:DE:E8:3C:FD:3C:29:4D:67
            X509v3 Authority Key Identifier:
                keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/vp1YQ863ph0IXCOx3ug8_TwpTWc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.22.136.0/21
                  89.185.0.0/22
                  109.72.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:43:05:2e:33:72:51:c9:48:0a:3b:94:58:f6:c2:1b:13:45:
         a1:25:4b:14:0a:41:db:d6:43:9b:10:9d:e7:de:98:6e:c5:73:
         a7:ab:e5:b5:22:67:f0:bd:a1:4b:21:e1:00:f8:13:e4:0f:07:
         7d:82:9b:57:f5:11:31:29:a7:2a:f0:fc:d8:a6:9b:1a:68:6f:
         e3:cd:0d:2f:cb:b8:58:b2:fe:d9:fa:78:a9:9c:32:20:1e:bd:
         7a:58:08:81:35:c9:8e:4a:14:2a:5f:cd:b3:8e:9a:c9:8a:eb:
         ae:f3:63:5b:f7:1e:a7:8c:71:c2:8b:cd:bf:be:7f:76:26:6c:
         15:a3:18:e8:31:8e:90:7f:1b:b4:d5:0e:2c:78:cf:48:4b:d3:
         f9:17:e0:c0:fc:29:88:ea:fd:0a:95:06:4f:fb:a8:9f:a7:53:
         ac:68:88:8a:57:4c:4f:92:2f:00:2b:57:d1:11:ab:29:f5:b0:
         4e:f7:ff:d3:4c:df:6e:4a:8b:f5:a2:69:10:f9:06:8e:9e:1e:
         bf:20:ff:51:c2:02:63:8f:e0:39:a5:e7:7e:b5:31:8d:18:86:
         3a:f2:39:d3:08:66:24:d6:ff:10:cd:c6:16:48:f3:95:b0:bd:
         91:83:cb:5b:fb:e6:0e:44:5a:66:4c:81:84:79:36:bd:45:0f:
         73:24:0b:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZF5Q/YnN2WtNSBV48wLkDikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwODIyMDg0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTlkNTg0M2NlYjdhNjFkMDg1YzIzYjFkZWU4M2NmZDNjMjk0ZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6+pxRR4QFAXdiB2UJe6xpv6pSiE
BRhNY91zljDYyvOlCUnUpY9CXxYFV2gVpubrsDQWBGNTwnlkTVDeRCXXrvqgN/kz
Rx+/M2okHdZNdis/sbdFFk12YCvVu115HMcgJoxkyszk20W4dFnfvrwa1853Id3Q
xsvvXE3gvRI8sh8FYbZn2RXXiLjWnP7Ljsibj8eeMU0tWTRdWqkgG8ugCO6C59Sz
m7dRV78yonboUhu6kwcxxEVua+VRXRhPHhrEsPYur8FjggV16oFwFLPhx2+y+wIE
OOjmPdR+AbkKtEUdNutE3AnSxuuQ8+RIAe5ii/+kWK2dwepmvTv/APVVXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL6dWEPOt6YdCFwjsd7oPP08KU1nMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvdnAxWVE4NjNwaDBJWENPeDN1ZzhfVHdwVFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAhQwUuM3JRyUgKO5RY9sIbE0Wh
JUsUCkHb1kObEJ3n3phuxXOnq+W1ImfwvaFLIeEA+BPkDwd9gptX9RExKacq8PzY
ppsaaG/jzQ0vy7hYsv7Z+nipnDIgHr16WAiBNcmOShQqX82zjprJiuuu82Nb9x6n
jHHCi82/vn92JmwVoxjoMY6Qfxu01Q4seM9IS9P5F+DA/CmI6v0KlQZP+6ifp1Os
aIiKV0xPki8AK1fREasp9bBO9//TTN9uSov1omkQ+QaOnh6/IP9RwgJjj+A5ped+
tTGNGIY68jnTCGYk1v8QzcYWSPOVsL2Rg8tb++YORFpmTIGEeTa9RQ9zJAt7
Generated at Sun Oct 13 11:06:04 2024 by rpki-client on console-fra.rpki-client.org