Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/65o_9XVTlxl4JsB2j2uDsQHWeTs.roa
File:                     65o_9XVTlxl4JsB2j2uDsQHWeTs.roa (raw, json)
Hash identifier:          gmAiywA1rC3N8rFmBH1gQ0bb7GEFi7vIZBn1kMUCoDE=
Subject key identifier:   EB:9A:3F:F5:75:53:97:19:78:26:C0:76:8F:6B:83:B1:01:D6:79:3B
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018B5BB5B22E3CA82794FD8E278392CC2832
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/65o_9XVTlxl4JsB2j2uDsQHWeTs.roa
Signing time:             Mon 23 Oct 2023 08:45:16 +0000
ROA not before:           Mon 23 Oct 2023 08:45:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        87.120.68.0/24 maxlen: 24
                          94.156.14.0/24 maxlen: 24
                          185.218.136.0/24 maxlen: 24
                          45.149.240.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Nov 2023 13:50:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:5b:b5:b2:2e:3c:a8:27:94:fd:8e:27:83:92:cc:28:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Oct 23 08:45:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eb9a3ff5755397197826c0768f6b83b101d6793b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:6c:93:ba:16:78:62:37:d4:de:0d:48:4f:79:
                    e9:57:e6:af:ee:21:eb:7b:86:f8:f3:b8:f6:a2:39:
                    e8:f3:65:45:6b:ac:63:17:a6:1a:58:d5:40:93:16:
                    6b:5f:76:64:f3:23:13:8e:2d:d9:6c:17:42:18:e2:
                    cf:0d:31:2f:bf:08:58:cd:90:7e:fd:b7:1b:f6:46:
                    d9:f7:96:59:a1:87:8e:1c:33:c8:6b:5c:c1:54:8f:
                    e2:eb:d0:45:88:6d:10:c6:cd:33:31:40:1b:b0:68:
                    0a:59:99:4e:68:75:8a:4a:4b:18:ea:26:4d:e1:3a:
                    7e:00:54:0c:d6:f3:0a:a0:78:83:29:a3:66:47:53:
                    16:53:2b:bc:82:56:08:68:65:1f:1b:1b:de:27:e4:
                    65:59:a6:7f:00:7a:c0:95:d4:34:f0:e2:a3:9a:91:
                    1f:d8:d7:1e:82:66:48:a1:90:e5:8c:26:f2:0b:76:
                    b1:5d:59:b6:14:92:f7:44:69:11:b8:03:ea:c6:ea:
                    13:7e:1b:33:72:22:1b:4c:16:34:b3:6a:b9:57:22:
                    e2:8e:df:53:4f:74:7c:6d:7c:7c:8f:2d:a3:db:fc:
                    32:b5:27:53:54:ba:9c:b8:a1:5b:5f:90:ac:8d:d5:
                    50:39:0c:3a:dd:79:4a:2c:9d:e3:c4:14:f7:56:3b:
                    00:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:9A:3F:F5:75:53:97:19:78:26:C0:76:8F:6B:83:B1:01:D6:79:3B
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/65o_9XVTlxl4JsB2j2uDsQHWeTs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.240.0/24
                  87.120.68.0/24
                  94.156.14.0/24
                  185.218.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:a0:3f:31:12:ca:90:94:55:73:05:0a:61:fa:be:d4:ec:b1:
         eb:7e:27:92:84:77:7d:de:4a:f6:9a:09:a3:96:54:99:13:49:
         13:42:7d:fe:16:0f:16:2f:99:85:30:84:94:7d:83:38:89:18:
         53:76:c1:7a:29:55:4f:d9:21:24:78:5b:62:30:bb:74:da:1b:
         f5:f0:9e:67:35:bb:49:e2:3f:54:3e:39:6a:c7:5c:23:87:6a:
         dc:b9:02:59:09:b7:b3:eb:fb:1c:aa:ce:2d:32:6a:4e:28:86:
         93:3d:b2:d5:80:27:ca:98:98:b3:5c:ba:2a:8f:28:fd:5a:81:
         9a:df:ce:1c:e0:90:89:93:2d:7d:c6:61:86:e7:e6:96:df:3c:
         85:b9:2c:82:3b:0a:b6:04:7c:40:f1:ab:b2:22:af:10:0c:45:
         05:07:4b:58:c9:73:0a:2f:f0:cd:70:cc:c0:30:a3:fa:52:85:
         cb:c5:ef:e3:a3:d5:26:82:ba:c8:03:dd:e4:d2:1e:27:ec:85:
         ad:c5:77:6b:5e:23:dc:ae:9a:1b:c6:5f:be:aa:25:21:72:f4:
         2c:50:b7:89:eb:ec:58:3e:5a:05:09:d4:2f:bc:f4:40:ca:1c:
         54:2b:93:91:67:bd:61:d9:df:c4:4d:29:76:3f:20:aa:9b:bf:
         c8:a3:8a:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtbtbIuPKgnlP2OJ4OSzCgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDIzMDg0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjlhM2ZmNTc1NTM5NzE5NzgyNmMwNzY4ZjZiODNiMTAxZDY3OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2yTuhZ4YjfU3g1IT3npV+av7iHr
e4b487j2ojno82VFa6xjF6YaWNVAkxZrX3Zk8yMTji3ZbBdCGOLPDTEvvwhYzZB+
/bcb9kbZ95ZZoYeOHDPIa1zBVI/i69BFiG0Qxs0zMUAbsGgKWZlOaHWKSksY6iZN
4Tp+AFQM1vMKoHiDKaNmR1MWUyu8glYIaGUfGxveJ+RlWaZ/AHrAldQ08OKjmpEf
2NcegmZIoZDljCbyC3axXVm2FJL3RGkRuAPqxuoTfhszciIbTBY0s2q5VyLijt9T
T3R8bXx8jy2j2/wytSdTVLqcuKFbX5CsjdVQOQw63XlKLJ3jxBT3VjsAoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOuaP/V1U5cZeCbAdo9rg7EB1nk7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNjVvXzlYVlRseGw0SnNCMmoydURzUUhXZVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZXwAwQA
V3hEAwQAXpwOAwQAudqIMA0GCSqGSIb3DQEBCwUAA4IBAQCPoD8xEsqQlFVzBQph
+r7U7LHrfieShHd93kr2mgmjllSZE0kTQn3+Fg8WL5mFMISUfYM4iRhTdsF6KVVP
2SEkeFtiMLt02hv18J5nNbtJ4j9UPjlqx1wjh2rcuQJZCbez6/scqs4tMmpOKIaT
PbLVgCfKmJizXLoqjyj9WoGa384c4JCJky19xmGG5+aW3zyFuSyCOwq2BHxA8auy
Iq8QDEUFB0tYyXMKL/DNcMzAMKP6UoXLxe/jo9UmgrrIA93k0h4n7IWtxXdrXiPc
rpobxl++qiUhcvQsULeJ6+xYPloFCdQvvPRAyhxUK5ORZ71h2d/ETSl2PyCqm7/I
o4oE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:24 2024 by rpki-client on console-ams.rpki-client.org