Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2_2J_pEHbhmTnLOlugpJ3x1pDSs.roa
File:                     2_2J_pEHbhmTnLOlugpJ3x1pDSs.roa (raw, json)
Hash identifier:          koRnpM8LuEu0QBVtMVNXPfDXwIJ1TObwq5n5MUi94rk=
Subject key identifier:   DB:FD:89:FE:91:07:6E:19:93:9C:B3:A5:BA:0A:49:DF:1D:69:0D:2B
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018E190721480C655D06FE6E7F141BE468F7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2_2J_pEHbhmTnLOlugpJ3x1pDSs.roa
Signing time:             Thu 07 Mar 2024 13:08:01 +0000
ROA not before:           Thu 07 Mar 2024 13:08:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207459
IP address blocks:        45.8.93.0/24 maxlen: 24
                          45.12.255.0/24 maxlen: 24
                          45.66.228.0/24 maxlen: 24
                          79.110.50.0/24 maxlen: 24
                          82.115.211.0/24 maxlen: 24
                          87.121.105.0/24 maxlen: 24
                          94.156.176.0/24 maxlen: 24
                          178.215.238.0/24 maxlen: 24
                          193.25.216.0/24 maxlen: 24
                          193.37.47.0/24 maxlen: 24
                          193.149.28.0/24 maxlen: 24
                          193.149.29.0/24 maxlen: 24
                          193.149.30.0/24 maxlen: 24
                          193.149.31.0/24 maxlen: 24
                          194.180.36.0/24 maxlen: 24
                          212.87.207.0/24 maxlen: 24
                          212.115.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Mar 2024 13:24:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:19:07:21:48:0c:65:5d:06:fe:6e:7f:14:1b:e4:68:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Mar  7 13:08:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dbfd89fe91076e19939cb3a5ba0a49df1d690d2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:25:6b:47:2b:a8:74:0c:8a:7f:c2:f0:3e:c0:
                    7b:8c:b0:e3:48:3e:b2:d7:83:fd:93:db:7c:d7:a9:
                    33:1c:9b:8d:04:be:ec:88:86:1c:2f:fd:08:29:5b:
                    28:9b:90:24:40:39:9d:47:fd:15:c9:fa:d6:d2:84:
                    97:d9:93:96:ee:70:b4:bf:65:88:1d:fc:47:42:b5:
                    6e:fb:a8:e7:30:fd:b2:dd:74:08:08:00:5a:1f:18:
                    57:58:d0:16:c3:99:3d:2e:6c:b8:b1:f2:63:7e:b9:
                    42:f0:d6:3c:43:e9:b1:8e:9b:0f:f6:cc:35:da:4d:
                    23:50:93:2f:33:06:0d:51:c9:35:37:c5:5c:44:74:
                    8d:9b:ab:ef:c5:87:b5:99:0e:19:f4:83:dd:e2:11:
                    da:18:81:19:20:cc:65:3e:7c:df:bc:8f:02:04:8b:
                    9a:6d:44:16:15:35:af:c7:40:bd:92:cd:f7:f1:51:
                    ef:d0:39:67:38:17:6d:1f:15:40:4b:4e:65:62:a0:
                    77:a0:d1:54:35:1b:12:41:c7:91:9e:be:ea:db:11:
                    e1:f7:33:89:67:ab:0a:2d:d6:7e:09:5e:4c:58:fb:
                    ce:9d:5d:fa:11:6f:b3:1b:13:93:5b:e4:63:37:e9:
                    94:fb:12:08:ce:b2:ca:b0:1b:0a:5c:02:cb:5b:93:
                    6a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:FD:89:FE:91:07:6E:19:93:9C:B3:A5:BA:0A:49:DF:1D:69:0D:2B
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2_2J_pEHbhmTnLOlugpJ3x1pDSs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.93.0/24
                  45.12.255.0/24
                  45.66.228.0/24
                  79.110.50.0/24
                  82.115.211.0/24
                  87.121.105.0/24
                  94.156.176.0/24
                  178.215.238.0/24
                  193.25.216.0/24
                  193.37.47.0/24
                  193.149.28.0/22
                  194.180.36.0/24
                  212.87.207.0/24
                  212.115.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:1b:19:52:88:96:28:21:93:b8:24:d1:9e:e8:55:b2:42:00:
         e5:ea:89:57:c8:c3:0f:26:73:13:b6:55:9c:91:8e:30:2e:73:
         16:e9:f2:fa:df:86:50:1a:59:0c:34:4e:c1:7c:f3:7c:e2:2d:
         91:07:88:02:1b:d0:8a:21:00:db:16:e5:64:98:a5:78:de:63:
         a0:6c:1c:81:71:05:73:4b:44:ac:45:bd:d2:9d:b4:a3:d0:c3:
         90:54:02:2a:b1:00:16:c6:ef:b2:da:70:4e:f2:a3:5c:af:51:
         25:6a:97:5a:bb:b3:0a:24:64:7d:52:36:e9:a0:2e:12:47:80:
         ce:5a:03:6a:7e:47:02:96:91:21:8a:d7:e9:a2:ae:3f:6d:04:
         da:45:38:73:10:f6:8d:33:10:88:46:66:8b:d8:84:29:6d:0b:
         0c:53:3f:0b:82:7d:3f:89:55:f5:b7:d3:44:3b:9b:ad:c0:9d:
         d8:e7:f3:43:55:91:2b:8a:22:40:2c:c8:1f:04:e1:54:32:c3:
         56:29:5c:ef:3e:62:80:38:bf:39:df:5d:fe:62:8e:78:63:87:
         5a:ac:e6:27:6b:77:11:00:d0:2a:b5:76:5c:2f:03:5b:2c:1e:
         62:61:03:fb:99:08:e1:8d:90:fa:27:cb:f8:34:36:7e:eb:69:
         5a:54:49:c4
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY4ZByFIDGVdBv5ufxQb5Gj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzA3MTMwODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmZkODlmZTkxMDc2ZTE5OTM5Y2IzYTViYTBhNDlkZjFkNjkwZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCVrRyuodAyKf8LwPsB7jLDjSD6y
14P9k9t816kzHJuNBL7siIYcL/0IKVsom5AkQDmdR/0VyfrW0oSX2ZOW7nC0v2WI
HfxHQrVu+6jnMP2y3XQICABaHxhXWNAWw5k9Lmy4sfJjfrlC8NY8Q+mxjpsP9sw1
2k0jUJMvMwYNUck1N8VcRHSNm6vvxYe1mQ4Z9IPd4hHaGIEZIMxlPnzfvI8CBIua
bUQWFTWvx0C9ks338VHv0DlnOBdtHxVAS05lYqB3oNFUNRsSQceRnr7q2xHh9zOJ
Z6sKLdZ+CV5MWPvOnV36EW+zGxOTW+RjN+mU+xIIzrLKsBsKXALLW5NqpQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNv9if6RB24Zk5yzpboKSd8daQ0rMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMl8ySl9wRUhiaG1UbkxPbHVncEozeDFwRFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALQhdAwQA
LQz/AwQALULkAwQAT24yAwQAUnPTAwQAV3lpAwQAXpywAwQAstfuAwQAwRnYAwQA
wSUvAwQCwZUcAwQAwrQkAwQA1FfPAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQAP
GxlSiJYoIZO4JNGe6FWyQgDl6olXyMMPJnMTtlWckY4wLnMW6fL634ZQGlkMNE7B
fPN84i2RB4gCG9CKIQDbFuVkmKV43mOgbByBcQVzS0SsRb3SnbSj0MOQVAIqsQAW
xu+y2nBO8qNcr1Elapdau7MKJGR9UjbpoC4SR4DOWgNqfkcClpEhitfpoq4/bQTa
RThzEPaNMxCIRmaL2IQpbQsMUz8Lgn0/iVX1t9NEO5utwJ3Y5/NDVZEriiJALMgf
BOFUMsNWKVzvPmKAOL85313+Yo54Y4darOYna3cRANAqtXZcLwNbLB5iYQP7mQjh
jZD6J8v4NDZ+62laVEnE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:57 2024 by rpki-client on console-fra.rpki-client.org