Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BrGLIClqT3MI8uwTpkVWsBMH9wY.roa
File:                     BrGLIClqT3MI8uwTpkVWsBMH9wY.roa (raw, json)
Hash identifier:          uqt27qRwUsFgxRz7TYrGsjdyLURWQutYX7+m+dALpBc=
Subject key identifier:   06:B1:8B:20:29:6A:4F:73:08:F2:EC:13:A6:45:56:B0:13:07:F7:06
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018CEED9175D68476D40ECC7F5DFBD6542A2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BrGLIClqT3MI8uwTpkVWsBMH9wY.roa
Signing time:             Tue 09 Jan 2024 15:30:53 +0000
ROA not before:           Tue 09 Jan 2024 15:30:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        185.218.84.0/22 maxlen: 24
                          147.78.101.0/24 maxlen: 24
                          147.78.102.0/24 maxlen: 24
                          185.226.172.0/24 maxlen: 24
                          185.226.173.0/24 maxlen: 24
                          185.226.175.0/24 maxlen: 24
                          87.121.45.0/24 maxlen: 24
                          94.154.162.0/23 maxlen: 24
                          94.154.161.0/24 maxlen: 24
                          37.139.129.0/24 maxlen: 24
                          94.154.172.0/24 maxlen: 24
                          45.151.89.0/24 maxlen: 24
                          178.215.224.0/24 maxlen: 24
                          178.215.226.0/24 maxlen: 24
                          94.156.239.0/24 maxlen: 24
                          178.215.236.0/24 maxlen: 24
                          31.13.211.0/24 maxlen: 24
                          171.22.72.0/22 maxlen: 24
                          185.252.176.0/24 maxlen: 24
                          193.37.41.0/24 maxlen: 24
                          45.84.89.0/24 maxlen: 24
                          194.55.186.0/24 maxlen: 24
                          92.119.196.0/23 maxlen: 24
                          185.216.84.0/22 maxlen: 24
                          45.88.90.0/24 maxlen: 24
                          87.120.87.0/24 maxlen: 24
                          87.121.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 06:26:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ee:d9:17:5d:68:47:6d:40:ec:c7:f5:df:bd:65:42:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  9 15:30:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=06b18b20296a4f7308f2ec13a64556b01307f706
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:69:f6:d9:02:ae:9b:7c:58:b0:ab:af:80:09:
                    22:fb:db:fa:a9:ec:45:6e:1c:7b:0c:4b:e4:25:f5:
                    01:b2:9f:79:05:c4:51:23:40:95:4b:72:de:50:d4:
                    65:9f:a7:c7:3b:0c:d3:c9:5a:48:2e:0e:ee:28:2d:
                    25:bb:b4:a2:c6:84:5f:8c:23:c1:89:7d:16:e2:ee:
                    89:74:84:28:57:33:fa:4f:a2:ab:91:dd:92:64:fd:
                    c2:a9:81:8d:3b:e9:87:52:f7:d6:d0:d0:93:bf:91:
                    d4:39:cf:9f:45:3c:d9:7f:8f:9a:13:42:d0:2a:11:
                    0c:66:c8:9a:1b:71:1f:7f:ba:b6:c1:10:13:14:d4:
                    01:fa:ae:71:f5:1e:84:84:4d:11:61:20:1a:11:73:
                    59:a2:fb:f8:5c:37:ab:79:75:05:59:59:14:4a:83:
                    20:b9:4d:d3:8c:72:0b:8a:6f:0a:f0:c2:12:9e:b2:
                    a5:a7:18:be:d3:b0:98:ac:03:a9:cf:ed:44:c1:b0:
                    ed:69:ce:76:c2:cb:0b:2d:36:15:4b:1c:d8:67:fa:
                    0d:8b:46:3b:26:df:4c:7f:31:c0:67:5b:54:98:35:
                    f4:da:4e:5d:7d:ad:89:31:a5:2f:ae:97:3c:cf:2a:
                    d4:dc:68:1d:54:9c:72:3d:b8:29:cc:43:c5:59:41:
                    9d:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:B1:8B:20:29:6A:4F:73:08:F2:EC:13:A6:45:56:B0:13:07:F7:06
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BrGLIClqT3MI8uwTpkVWsBMH9wY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.13.211.0/24
                  37.139.129.0/24
                  45.84.89.0/24
                  45.88.90.0/24
                  45.151.89.0/24
                  87.120.87.0/24
                  87.121.45.0/24
                  87.121.221.0/24
                  92.119.196.0/23
                  94.154.161.0-94.154.163.255
                  94.154.172.0/24
                  94.156.239.0/24
                  147.78.101.0-147.78.102.255
                  171.22.72.0/22
                  178.215.224.0/24
                  178.215.226.0/24
                  178.215.236.0/24
                  185.216.84.0/22
                  185.218.84.0/22
                  185.226.172.0/23
                  185.226.175.0/24
                  185.252.176.0/24
                  193.37.41.0/24
                  194.55.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:bb:57:50:9b:4f:d3:36:6f:43:df:33:24:63:d9:06:66:73:
         6c:e2:83:ce:50:25:95:86:ff:e2:6d:02:9b:c9:fd:1c:e9:a8:
         27:e1:5d:dc:a0:a7:b6:26:c6:ec:ee:28:ef:60:a8:84:e3:65:
         e4:7b:f0:de:d9:79:a0:be:1b:b3:cb:2e:71:27:e6:7f:0d:bb:
         06:38:c2:1d:7f:dd:92:57:5e:7a:99:1b:8d:31:0c:04:61:df:
         12:c6:16:7c:ef:3d:ab:fc:aa:01:98:3a:8b:67:51:4e:cb:16:
         cf:65:52:80:c8:0d:37:72:63:72:e1:75:e8:51:f4:94:11:9d:
         8b:39:f7:eb:ec:95:35:33:bd:71:ee:72:bf:b2:3b:0a:69:37:
         26:ba:d9:06:ab:c6:cb:ed:92:c7:04:bc:02:e5:13:8a:82:d7:
         8e:a0:ed:1f:2c:c0:1d:3a:2e:8c:2d:d3:6a:8c:56:8d:68:f0:
         ae:75:ca:53:33:78:27:19:ac:49:9b:dc:a4:bb:f2:f3:bf:2b:
         6e:df:20:e1:dd:a5:6e:b5:5b:32:e1:4e:5b:1a:e8:ff:08:a4:
         a2:9c:7c:01:ee:b6:4e:cd:8b:b9:9c:20:44:f2:34:b5:a4:aa:
         25:64:5c:ab:c4:dc:e6:29:9c:99:bb:43:4e:d7:22:97:1a:4f:
         83:ad:25:ba
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYzu2RddaEdtQOzH9d+9ZUKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTA5MTUzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmIxOGIyMDI5NmE0ZjczMDhmMmVjMTNhNjQ1NTZiMDEzMDdmNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGn22QKum3xYsKuvgAki+9v6qexF
bhx7DEvkJfUBsp95BcRRI0CVS3LeUNRln6fHOwzTyVpILg7uKC0lu7SixoRfjCPB
iX0W4u6JdIQoVzP6T6Krkd2SZP3CqYGNO+mHUvfW0NCTv5HUOc+fRTzZf4+aE0LQ
KhEMZsiaG3Eff7q2wRATFNQB+q5x9R6EhE0RYSAaEXNZovv4XDereXUFWVkUSoMg
uU3TjHILim8K8MISnrKlpxi+07CYrAOpz+1EwbDtac52wssLLTYVSxzYZ/oNi0Y7
Jt9MfzHAZ1tUmDX02k5dfa2JMaUvrpc8zyrU3GgdVJxyPbgpzEPFWUGdGQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFAaxiyApak9zCPLsE6ZFVrATB/cGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQnJHTElDbHFUM01JOHV3VHBrVldzQk1IOXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAAf
DdMDBAAli4EDBAAtVFkDBAAtWFoDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFc
d8QwDAMEAF6aoQMEAl6aoAMEAF6arAMEAF6c7zAMAwQAk05lAwQAk05mAwQCqxZI
AwQAstfgAwQAstfiAwQAstfsAwQCudhUAwQCudpUAwQBueKsAwQAueKvAwQAufyw
AwQAwSUpAwQAwje6MA0GCSqGSIb3DQEBCwUAA4IBAQB8u1dQm0/TNm9D3zMkY9kG
ZnNs4oPOUCWVhv/ibQKbyf0c6agn4V3coKe2Jsbs7ijvYKiE42Xke/De2Xmgvhuz
yy5xJ+Z/DbsGOMIdf92SV156mRuNMQwEYd8SxhZ87z2r/KoBmDqLZ1FOyxbPZVKA
yA03cmNy4XXoUfSUEZ2LOffr7JU1M71x7nK/sjsKaTcmutkGq8bL7ZLHBLwC5ROK
gteOoO0fLMAdOi6MLdNqjFaNaPCudcpTM3gnGaxJm9yku/Lzvytu3yDh3aVutVsy
4U5bGuj/CKSinHwB7rZOzYu5nCBE8jS1pKolZFyrxNzmKZyZu0NO1yKXGk+DrSW6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:27 2024 by rpki-client on console-ams.rpki-client.org