Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7jBrsUQXaoHLc7D8yW7EjgAKxKQ.roa
File:                     7jBrsUQXaoHLc7D8yW7EjgAKxKQ.roa (raw, json)
Hash identifier:          xqZ5z9GTUIo3AD1u53HWS8jqVRNY54OceE10a+WaYR8=
Subject key identifier:   EE:30:6B:B1:44:17:6A:81:CB:73:B0:FC:C9:6E:C4:8E:00:0A:C4:A4
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018E517990F82AE63207940D516E4F659D72
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7jBrsUQXaoHLc7D8yW7EjgAKxKQ.roa
Signing time:             Mon 18 Mar 2024 12:11:45 +0000
ROA not before:           Mon 18 Mar 2024 12:11:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        45.8.94.0/24 maxlen: 24
                          87.120.68.0/23 maxlen: 24
                          87.121.62.0/24 maxlen: 24
                          87.121.63.0/24 maxlen: 24
                          87.121.114.0/24 maxlen: 24
                          87.121.115.0/24 maxlen: 24
                          93.123.74.0/23 maxlen: 23
                          93.123.75.0/24 maxlen: 24
                          185.252.160.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Mar 2024 10:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:51:79:90:f8:2a:e6:32:07:94:0d:51:6e:4f:65:9d:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Mar 18 12:11:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ee306bb144176a81cb73b0fcc96ec48e000ac4a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a1:cc:85:90:59:a8:ea:1a:41:b6:b0:93:6f:
                    0a:94:da:54:1e:38:01:09:e1:e8:8c:67:c8:7c:36:
                    f4:c8:c8:68:17:7c:d7:4b:d0:00:27:2e:74:2f:7d:
                    7e:ff:0f:c2:90:ce:24:b7:42:64:50:b7:f7:16:1f:
                    f3:dc:de:93:61:1c:84:0f:27:ca:b2:cc:41:dd:ce:
                    fe:2e:e8:ad:0e:f4:f8:c2:ef:d0:f6:53:a6:a4:01:
                    59:5e:bd:4a:30:8c:33:a3:02:2b:7a:01:88:88:0e:
                    24:4d:48:3c:6d:3c:1e:1f:b8:48:de:e7:ce:e4:9d:
                    7d:0e:0f:16:f6:ce:fc:83:18:9c:92:62:4c:2a:c6:
                    a1:e5:4c:15:bb:8f:d0:32:bb:0b:6b:d5:21:b0:83:
                    c9:ae:bd:e8:aa:3a:9d:8c:26:c8:d6:5a:92:02:19:
                    d4:00:f0:46:7d:1c:8f:07:9d:d5:a8:76:71:65:26:
                    47:a7:b4:2b:c9:48:db:1c:ab:0f:b6:48:f7:9c:74:
                    c5:38:9d:97:90:7a:76:25:88:3a:c6:ba:39:bf:4f:
                    fe:13:5e:79:93:52:bb:4a:bc:26:9a:e1:6b:1f:81:
                    74:62:ce:ea:58:36:3b:e3:b6:6c:b5:ef:c4:53:72:
                    61:a3:62:77:25:7a:ea:31:74:80:06:b4:d0:18:85:
                    f6:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:30:6B:B1:44:17:6A:81:CB:73:B0:FC:C9:6E:C4:8E:00:0A:C4:A4
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7jBrsUQXaoHLc7D8yW7EjgAKxKQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.94.0/24
                  87.120.68.0/23
                  87.121.62.0/23
                  87.121.114.0/23
                  93.123.74.0/23
                  185.252.160.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:d8:86:38:a7:22:17:33:53:89:eb:65:29:61:aa:b7:4e:52:
         61:14:bb:f1:f5:95:49:e5:43:59:4e:c6:8e:99:b2:2f:17:b0:
         c2:00:36:77:4d:10:47:8f:d1:08:3f:12:e3:95:da:4f:e3:01:
         f6:20:42:1a:68:de:84:37:dd:69:90:9f:6a:3a:19:d1:d9:48:
         65:97:cf:41:6b:28:51:07:c0:7b:a4:df:78:10:6d:0f:fe:cf:
         94:81:32:f3:00:91:b3:43:d0:53:48:f0:73:12:b7:84:4a:87:
         69:46:43:6e:ca:ca:70:a6:11:2a:97:78:57:36:2a:d1:a3:7d:
         8c:90:45:1b:aa:93:b0:42:64:dc:e3:1a:5e:d1:e8:8f:5f:c4:
         49:5d:db:6c:07:6a:40:ce:e3:f9:96:d8:bb:b7:06:1a:61:88:
         46:29:86:91:db:37:13:47:aa:0e:49:85:13:8e:63:b1:b2:fe:
         21:dc:90:43:15:ef:8a:3b:f0:d2:b2:03:f2:a4:f5:8a:9c:2b:
         fc:96:86:3c:64:09:92:a3:08:f7:e0:8c:84:19:46:78:a3:93:
         e7:d1:d3:71:ce:8a:1c:cc:81:29:cd:7b:9d:e0:f8:4b:05:46:
         2b:de:a6:39:ef:14:80:a4:e6:c8:b4:a1:84:99:38:da:42:b6:
         03:ee:1d:42
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY5ReZD4KuYyB5QNUW5PZZ1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE4MTIxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTMwNmJiMTQ0MTc2YTgxY2I3M2IwZmNjOTZlYzQ4ZTAwMGFjNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqHMhZBZqOoaQbawk28KlNpUHjgB
CeHojGfIfDb0yMhoF3zXS9AAJy50L31+/w/CkM4kt0JkULf3Fh/z3N6TYRyEDyfK
ssxB3c7+LuitDvT4wu/Q9lOmpAFZXr1KMIwzowIregGIiA4kTUg8bTweH7hI3ufO
5J19Dg8W9s78gxickmJMKsah5UwVu4/QMrsLa9UhsIPJrr3oqjqdjCbI1lqSAhnU
APBGfRyPB53VqHZxZSZHp7QryUjbHKsPtkj3nHTFOJ2XkHp2JYg6xro5v0/+E155
k1K7SrwmmuFrH4F0Ys7qWDY747Zste/EU3Jho2J3JXrqMXSABrTQGIX2GwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO4wa7FEF2qBy3Ow/MluxI4ACsSkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN2pCcnNVUVhhb0hMYzdEOHlXN0VqZ0FLeEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQheAwQB
V3hEAwQBV3k+AwQBV3lyAwQBXXtKAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQCM
2IY4pyIXM1OJ62UpYaq3TlJhFLvx9ZVJ5UNZTsaOmbIvF7DCADZ3TRBHj9EIPxLj
ldpP4wH2IEIaaN6EN91pkJ9qOhnR2Uhll89BayhRB8B7pN94EG0P/s+UgTLzAJGz
Q9BTSPBzEreESodpRkNuyspwphEql3hXNirRo32MkEUbqpOwQmTc4xpe0eiPX8RJ
XdtsB2pAzuP5lti7twYaYYhGKYaR2zcTR6oOSYUTjmOxsv4h3JBDFe+KO/DSsgPy
pPWKnCv8loY8ZAmSowj34IyEGUZ4o5Pn0dNxzooczIEpzXud4PhLBUYr3qY57xSA
pObItKGEmTjaQrYD7h1C
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:25 2024 by rpki-client on console-ams.rpki-client.org