Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5MAY4o23mF_Jk0VTVO8M4hAMsZQ.roa
File:                     5MAY4o23mF_Jk0VTVO8M4hAMsZQ.roa (raw, json)
Hash identifier:          16SVOvtUvUqpxAb5f5BYZJ4MWQpMoT2UosIjKVG2xgs=
Subject key identifier:   E4:C0:18:E2:8D:B7:98:5F:C9:93:45:53:54:EF:0C:E2:10:0C:B1:94
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01856D82087B9767C9D4DCCD407FBA17890B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5MAY4o23mF_Jk0VTVO8M4hAMsZQ.roa
Signing time:             Sun 01 Jan 2023 13:25:16 +0000
ROA not before:           Sun 01 Jan 2023 13:25:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204843
IP address blocks:        94.156.11.0/24 maxlen: 24
                          45.81.241.0/24 maxlen: 24
                          141.98.1.0/24 maxlen: 24
                          193.149.2.0/24 maxlen: 24
                          193.149.3.0/24 maxlen: 24
                          37.221.123.0/24 maxlen: 24
                          37.221.121.0/24 maxlen: 24
                          37.221.122.0/24 maxlen: 24
                          37.221.120.0/24 maxlen: 24
                          185.221.64.0/24 maxlen: 24
                          45.144.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 03 Jan 2023 16:56:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:82:08:7b:97:67:c9:d4:dc:cd:40:7f:ba:17:89:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  1 13:25:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e4c018e28db7985fc993455354ef0ce2100cb194
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:a0:ec:11:c2:35:9d:cc:55:26:78:bd:f6:a6:
                    d3:62:4c:86:08:42:07:79:c8:29:fd:43:47:4a:69:
                    00:46:a0:55:c6:67:ca:a8:d7:57:78:09:cf:7a:da:
                    6b:9f:af:77:cc:8a:5d:70:ef:00:dc:f9:57:6b:35:
                    f1:8e:77:d2:f2:62:1e:d5:5f:eb:a7:34:83:90:fc:
                    0a:43:ef:29:64:d2:64:06:97:e7:b4:b5:09:a0:35:
                    7c:42:7b:86:b8:c6:0a:bb:97:1a:ee:c4:22:23:4c:
                    19:d2:db:f4:f8:bf:0e:34:bf:eb:b3:e4:26:72:29:
                    5d:83:0f:04:9e:a2:12:c5:6c:97:9b:ae:c7:eb:3a:
                    dc:63:4c:b1:2f:ba:8f:42:de:a1:11:c3:73:42:ee:
                    63:7b:b2:32:a1:bb:fe:67:a5:a3:04:54:ec:08:09:
                    c6:27:01:16:1d:09:3d:98:f3:a3:a2:69:3d:be:3f:
                    44:31:a8:ee:73:73:89:6a:ed:82:dc:d8:d8:31:da:
                    e5:2c:b8:57:26:cc:07:96:61:ba:a3:ff:36:61:e8:
                    84:65:d3:02:40:ad:e8:61:f1:67:7d:a4:43:ea:21:
                    4e:5b:99:cb:33:28:26:ac:ca:e1:69:bf:d3:43:30:
                    7b:04:4e:37:55:f1:66:8b:07:d0:46:82:26:5a:4e:
                    b7:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:C0:18:E2:8D:B7:98:5F:C9:93:45:53:54:EF:0C:E2:10:0C:B1:94
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5MAY4o23mF_Jk0VTVO8M4hAMsZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.120.0/22
                  45.81.241.0/24
                  45.144.153.0/24
                  94.156.11.0/24
                  141.98.1.0/24
                  185.221.64.0/24
                  193.149.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         59:91:c0:b3:29:1c:1f:71:6e:e2:3f:ad:22:25:9b:d2:a0:ab:
         bb:b0:c9:9a:fa:a7:68:b4:fd:7f:45:44:8a:e0:96:43:3c:43:
         12:a8:99:a6:94:64:a9:9a:bf:be:f0:40:da:25:55:bf:c0:0f:
         cd:62:0b:15:94:39:11:5e:b1:49:82:6d:2b:a9:8d:31:1d:b1:
         12:96:f7:90:1c:88:19:d7:62:92:44:2b:df:0d:df:01:e1:59:
         a3:77:e9:e8:7c:ac:9f:88:c0:48:1b:b6:49:ec:2b:a2:18:a6:
         ad:ac:70:7e:06:2b:06:b7:34:05:65:bd:c8:fb:10:6f:e5:8b:
         f0:72:4f:e1:31:46:c8:7f:8d:43:02:d4:14:06:63:55:8f:ca:
         78:cc:6a:ef:aa:16:f0:f2:3c:72:3d:01:76:f6:13:71:1e:79:
         01:f6:1f:88:fa:2d:b9:e9:57:a8:a0:c6:c1:46:05:12:91:9e:
         e6:7e:a7:82:22:fd:2d:41:f3:c9:31:4c:ed:32:3e:27:b5:6b:
         e3:f5:7f:e1:82:34:74:ec:48:db:62:ca:e0:dd:3e:22:af:67:
         b4:dc:72:62:8c:d8:c0:c8:30:c1:47:55:39:c6:4a:cc:ae:6c:
         fa:96:cf:ca:07:f6:3c:20:a7:93:14:77:2c:4b:b8:6b:92:70:
         e9:85:05:0b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVtggh7l2fJ1NzNQH+6F4kLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGMwMThlMjhkYjc5ODVmYzk5MzQ1NTM1NGVmMGNlMjEwMGNiMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46DsEcI1ncxVJni99qbTYkyGCEIH
ecgp/UNHSmkARqBVxmfKqNdXeAnPetprn693zIpdcO8A3PlXazXxjnfS8mIe1V/r
pzSDkPwKQ+8pZNJkBpfntLUJoDV8QnuGuMYKu5ca7sQiI0wZ0tv0+L8ONL/rs+Qm
cildgw8EnqISxWyXm67H6zrcY0yxL7qPQt6hEcNzQu5je7Iyobv+Z6WjBFTsCAnG
JwEWHQk9mPOjomk9vj9EMajuc3OJau2C3NjYMdrlLLhXJswHlmG6o/82YeiEZdMC
QK3oYfFnfaRD6iFOW5nLMygmrMrhab/TQzB7BE43VfFmiwfQRoImWk63oQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOTAGOKNt5hfyZNFU1TvDOIQDLGUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNU1BWTRvMjNtRl9KazBWVFZPOE00aEFNc1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCJd14AwQA
LVHxAwQALZCZAwQAXpwLAwQAjWIBAwQAud1AAwQBwZUCMA0GCSqGSIb3DQEBCwUA
A4IBAQBZkcCzKRwfcW7iP60iJZvSoKu7sMma+qdotP1/RUSK4JZDPEMSqJmmlGSp
mr++8EDaJVW/wA/NYgsVlDkRXrFJgm0rqY0xHbESlveQHIgZ12KSRCvfDd8B4Vmj
d+nofKyfiMBIG7ZJ7CuiGKatrHB+BisGtzQFZb3I+xBv5Yvwck/hMUbIf41DAtQU
BmNVj8p4zGrvqhbw8jxyPQF29hNxHnkB9h+I+i256VeooMbBRgUSkZ7mfqeCIv0t
QfPJMUztMj4ntWvj9X/hgjR07EjbYsrg3T4ir2e03HJijNjAyDDBR1U5xkrMrmz6
ls/KB/Y8IKeTFHcsS7hrknDphQUL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:58 2024 by rpki-client on console-fra.rpki-client.org