Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ZRoM0j4D23zEcXZeLpfAJJ5BsCA.roa
File:                     ZRoM0j4D23zEcXZeLpfAJJ5BsCA.roa (raw, json)
Hash identifier:          m17/+yR3kWaJ1Zdbm8KMnvct5H8x2MDYhian/qi0EKE=
Subject key identifier:   65:1A:0C:D2:3E:03:DB:7C:C4:71:76:5E:2E:97:C0:24:9E:41:B0:20
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       018A2E9CC13B8B3B701E6F7D963FA6AF94E0
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ZRoM0j4D23zEcXZeLpfAJJ5BsCA.roa
Signing time:             Fri 25 Aug 2023 21:32:19 +0000
ROA not before:           Fri 25 Aug 2023 21:32:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34927
IP address blocks:        45.134.88.0/24 maxlen: 24
                          45.134.91.0/24 maxlen: 24
                          45.134.89.0/24 maxlen: 24
                          193.148.251.0/24 maxlen: 24
                          193.148.250.0/24 maxlen: 24
                          193.148.249.0/24 maxlen: 24
                          193.148.248.0/24 maxlen: 24
                          193.37.139.0/24 maxlen: 24
                          2a0c:9a40:1024::/48 maxlen: 48
                          2a0c:9a40:1002::/48 maxlen: 48
                          2a0c:9a44::/48 maxlen: 48
                          2a0c:9a40:1000::/44 maxlen: 48
                          2a0c:9a40:1080::/44 maxlen: 48
                          2a0c:9a40:1058::/48 maxlen: 48
                          2a0c:9a40:1::/48 maxlen: 48
                          2a0c:9a40:1001::/48 maxlen: 48
                          2a0c:9a40:1055::/48 maxlen: 48
                          2a0c:9a40:1070::/48 maxlen: 48
                          2a0c:9a40:1050::/48 maxlen: 48
                          2a0c:9a40:1054::/48 maxlen: 48
                          2a0c:9a40:1057::/48 maxlen: 48
                          2a0c:9a40:1072::/48 maxlen: 48
                          2a0c:9a40:1070::/44 maxlen: 48
                          2a0c:9a40:1090::/44 maxlen: 48
                          2a0c:9a40:1030::/44 maxlen: 48
                          2a0c:9a40:1051::/48 maxlen: 48
                          2a0c:9a40:2700::/40 maxlen: 48
                          2a0c:9a40:2200::/40 maxlen: 48
                          2a0c:9a40:2600::/40 maxlen: 48
                          2a0c:9a40:2c00::/40 maxlen: 48
                          2a0c:9a40:2d00::/40 maxlen: 48
                          2a0c:9a40:2a00::/40 maxlen: 40
                          2a0c:9a40:2500::/40 maxlen: 48
                          2a0c:9a40:2800::/40 maxlen: 40
                          2a0c:9a40:2400::/40 maxlen: 40
                          2a0c:9a40:2100::/40 maxlen: 40
                          2a0c:9a40:1080::/48 maxlen: 48
                          2a0c:9a40:1060::/48 maxlen: 48
                          2a0c:9a40:2900::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 28 Sep 2023 14:11:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:2e:9c:c1:3b:8b:3b:70:1e:6f:7d:96:3f:a6:af:94:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Aug 25 21:32:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=651a0cd23e03db7cc471765e2e97c0249e41b020
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:03:d7:17:32:7b:6a:1b:df:1e:ac:72:74:32:
                    13:cb:bf:3f:8b:83:57:db:06:77:f6:17:7c:24:a4:
                    ef:a1:79:b7:db:cc:f8:86:d1:ec:d0:54:5f:7b:93:
                    af:d1:d8:69:8a:0a:85:c5:0d:1f:00:13:a2:59:f1:
                    2d:9d:59:f5:46:e4:81:a1:4c:86:a9:f0:8d:62:5f:
                    d8:6c:26:b5:02:70:e2:b1:01:11:4f:4f:d8:12:65:
                    e8:33:07:92:97:e1:7c:df:23:fe:08:e0:32:36:a1:
                    85:f6:a6:67:f1:5b:df:85:89:0f:98:6e:a1:80:0f:
                    4c:18:32:10:d8:8c:5f:a3:90:0c:95:85:0d:8b:e1:
                    34:cb:d8:32:3c:42:76:74:34:fe:b4:a7:fe:2b:0b:
                    7e:75:66:87:75:b9:f1:0b:35:4d:aa:19:e7:91:6e:
                    2e:cb:d7:4c:16:76:e7:6c:69:49:18:69:c2:c1:28:
                    5a:63:41:74:cf:82:25:26:a9:23:05:9a:a1:77:c7:
                    c3:1e:ac:2d:fe:7a:1d:ec:3a:09:f3:6f:f1:0c:45:
                    16:14:9f:84:2b:63:68:92:eb:e2:95:42:af:27:a2:
                    42:4c:b3:d2:66:89:3a:20:4c:b0:24:8f:cf:fd:eb:
                    bb:3b:80:1e:7a:9e:0c:1c:72:e5:2c:3a:3d:60:69:
                    81:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:1A:0C:D2:3E:03:DB:7C:C4:71:76:5E:2E:97:C0:24:9E:41:B0:20
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ZRoM0j4D23zEcXZeLpfAJJ5BsCA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.134.88.0/23
                  45.134.91.0/24
                  193.37.139.0/24
                  193.148.248.0/22
                IPv6:
                  2a0c:9a40:1::/48
                  2a0c:9a40:1000::/44
                  2a0c:9a40:1024::/48
                  2a0c:9a40:1030::/44
                  2a0c:9a40:1050::/47
                  2a0c:9a40:1054::/47
                  2a0c:9a40:1057::-2a0c:9a40:1058:ffff:ffff:ffff:ffff:ffff
                  2a0c:9a40:1060::/48
                  2a0c:9a40:1070::-2a0c:9a40:109f:ffff:ffff:ffff:ffff:ffff
                  2a0c:9a40:2100::-2a0c:9a40:22ff:ffff:ffff:ffff:ffff:ffff
                  2a0c:9a40:2400::-2a0c:9a40:2900:ffff:ffff:ffff:ffff:ffff
                  2a0c:9a40:2a00::/40
                  2a0c:9a40:2c00::/39
                  2a0c:9a44::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:e8:e8:76:bb:1d:15:d6:ae:41:70:da:f2:74:61:51:96:7a:
         f7:4c:dd:f8:42:6f:aa:3e:b3:34:75:ba:ba:88:cc:82:8b:05:
         75:19:fc:6f:b5:4d:c4:8d:d2:05:6a:34:2c:44:94:a6:00:d8:
         f9:c6:33:2d:94:b5:61:de:41:8d:61:f6:06:b7:25:5e:6c:9f:
         17:2a:c8:16:73:be:89:07:7a:da:8b:0e:90:c3:73:a3:26:30:
         a1:68:b8:15:e8:60:07:81:87:ee:1a:22:93:b6:7f:5e:5d:36:
         93:28:59:f8:28:06:c7:f9:71:42:59:4d:f7:b3:f9:f7:59:62:
         8c:3c:09:54:6c:58:b4:2c:90:7f:ab:d1:d9:6c:a2:8d:9f:13:
         06:03:95:2f:30:80:4c:71:64:6a:7f:9a:f5:1c:2f:f1:57:fe:
         0b:a7:68:52:3e:11:54:9f:e7:b9:ce:2a:06:d8:b0:56:73:2d:
         e4:e4:88:90:58:6d:32:f5:a3:8a:e6:89:9b:42:16:34:f6:6c:
         ba:2d:c3:d8:c5:e2:39:d2:14:96:16:53:e8:f4:6f:24:64:b8:
         3b:86:23:b3:f7:06:b6:f1:9d:42:75:33:ac:dc:7a:0b:d4:a7:
         1a:9b:39:91:22:ad:20:7d:8c:3d:eb:92:90:b3:e2:c5:b0:37:
         6e:87:f7:7e
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAYounME7iztwHm99lj+mr5TgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwODI1MjEzMjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTFhMGNkMjNlMDNkYjdjYzQ3MTc2NWUyZTk3YzAyNDllNDFiMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQPXFzJ7ahvfHqxydDITy78/i4NX
2wZ39hd8JKTvoXm328z4htHs0FRfe5Ov0dhpigqFxQ0fABOiWfEtnVn1RuSBoUyG
qfCNYl/YbCa1AnDisQERT0/YEmXoMweSl+F83yP+COAyNqGF9qZn8VvfhYkPmG6h
gA9MGDIQ2Ixfo5AMlYUNi+E0y9gyPEJ2dDT+tKf+Kwt+dWaHdbnxCzVNqhnnkW4u
y9dMFnbnbGlJGGnCwShaY0F0z4IlJqkjBZqhd8fDHqwt/nod7DoJ82/xDEUWFJ+E
K2NokuvilUKvJ6JCTLPSZok6IEywJI/P/eu7O4Aeep4MHHLlLDo9YGmBgQIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFGUaDNI+A9t8xHF2Xi6XwCSeQbAgMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvWlJvTTBqNEQyM3pFY1haZUxwZkFKSjVCc0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHiBggrBgEFBQcBBwEB/wSB0jCBzzAeBAIAATAYAwQBLYZY
AwQALYZbAwQAwSWLAwQCwZT4MIGsBAIAAjCBpQMHACoMmkAAAQMHBCoMmkAQAAMH
ACoMmkAQJAMHBCoMmkAQMAMHASoMmkAQUAMHASoMmkAQVDASAwcAKgyaQBBXAwcA
KgyaQBBYAwcAKgyaQBBgMBIDBwQqDJpAEHADBwUqDJpAEIAwEAMGACoMmkAhAwYA
KgyaQCIwEQMGAioMmkAkAwcAKgyaQCkAAwYAKgyaQCoDBgEqDJpALAMHACoMmkQA
ADANBgkqhkiG9w0BAQsFAAOCAQEAd+jodrsdFdauQXDa8nRhUZZ690zd+EJvqj6z
NHW6uojMgosFdRn8b7VNxI3SBWo0LESUpgDY+cYzLZS1Yd5BjWH2BrclXmyfFyrI
FnO+iQd62osOkMNzoyYwoWi4FehgB4GH7hoik7Z/Xl02kyhZ+CgGx/lxQllN97P5
91lijDwJVGxYtCyQf6vR2WyijZ8TBgOVLzCATHFkan+a9Rwv8Vf+C6doUj4RVJ/n
uc4qBtiwVnMt5OSIkFhtMvWjiuaJm0IWNPZsui3D2MXiOdIUlhZT6PRvJGS4O4Yj
s/cGtvGdQnUzrNx6C9SnGps5kSKtIH2MPeuSkLPixbA3bof3fg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:15 2024 by rpki-client on console-ams.rpki-client.org