Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CkbsZm_E0Bk6g0CioVuzuXKat40.roa
File:                     CkbsZm_E0Bk6g0CioVuzuXKat40.roa (raw, json)
Hash identifier:          IWbiIpRIp6CsLTWpbl2y/7H2ERMNd+vIUmUiUjCEJgE=
Subject key identifier:   0A:46:EC:66:6F:C4:D0:19:3A:83:40:A2:A1:5B:B3:B9:72:9A:B7:8D
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018A201CE972480A35086323B5BCA71ED728
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CkbsZm_E0Bk6g0CioVuzuXKat40.roa
Signing time:             Wed 23 Aug 2023 01:58:00 +0000
ROA not before:           Wed 23 Aug 2023 01:58:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        87.120.68.0/23 maxlen: 24
                          45.14.167.0/24 maxlen: 24
                          93.123.75.0/24 maxlen: 24
                          45.8.94.0/24 maxlen: 24
                          83.219.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 23 Aug 2023 10:09:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:20:1c:e9:72:48:0a:35:08:63:23:b5:bc:a7:1e:d7:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Aug 23 01:58:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0a46ec666fc4d0193a8340a2a15bb3b9729ab78d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:93:41:72:be:9b:1b:8b:6d:f9:52:f9:09:a7:
                    1a:19:fd:c5:38:1a:d7:f1:f8:f1:30:34:8e:e9:29:
                    a1:d9:11:6c:2f:75:a9:38:0e:78:8b:94:b9:9b:ef:
                    63:95:c8:a8:46:11:0d:22:1b:f7:b4:a1:6c:f7:09:
                    7f:62:d9:66:43:e7:11:cc:8b:f3:1c:41:fe:b1:70:
                    d1:84:ea:73:b5:db:61:d3:a4:7b:c7:54:f9:d5:c0:
                    da:f7:ed:82:d5:41:0e:c5:2e:87:03:ae:6b:0f:e2:
                    e8:68:35:dd:31:d8:ba:b3:97:a0:2c:06:0b:03:0a:
                    dc:fd:92:47:8a:71:6a:74:7c:53:da:da:8f:fb:65:
                    ae:96:e4:4b:85:fb:e2:95:c3:28:95:79:e0:ba:33:
                    db:7e:9f:61:47:88:44:16:9e:0d:0c:c5:f0:57:8f:
                    f0:30:48:d3:61:58:b2:3b:b4:a9:a6:f9:f9:3b:0c:
                    5d:54:00:b8:7e:49:c4:1d:07:6f:47:bf:97:cb:8e:
                    08:a5:8a:ed:c1:45:7d:d3:7b:9b:37:97:cd:12:f5:
                    da:21:96:1d:12:b5:7a:4b:cc:88:5a:17:e0:12:0e:
                    d1:a2:f7:2d:a8:ad:fa:ea:25:46:26:8a:5b:65:ec:
                    25:cc:14:ce:97:e2:72:30:5e:f4:f4:20:64:36:09:
                    fe:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:46:EC:66:6F:C4:D0:19:3A:83:40:A2:A1:5B:B3:B9:72:9A:B7:8D
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CkbsZm_E0Bk6g0CioVuzuXKat40.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.94.0/24
                  45.14.167.0/24
                  83.219.99.0/24
                  87.120.68.0/23
                  93.123.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:3d:84:3d:15:46:48:d7:d3:dd:80:f0:e7:8d:95:4b:0c:31:
         ef:cc:0b:0d:e9:05:d4:1a:bf:bf:53:ba:cd:be:f5:a8:44:21:
         c4:61:d4:39:83:46:5b:b5:83:6d:b3:fc:d4:dd:fb:eb:ba:d7:
         a6:02:c5:98:e6:ae:eb:48:ce:e9:b2:1d:c9:47:db:f8:b0:95:
         66:0d:f8:0b:1b:52:44:6e:83:ed:07:91:79:69:3f:10:05:02:
         50:82:cb:68:9f:46:3e:15:95:3b:6e:ec:b6:93:48:d3:c8:39:
         1c:90:0b:a5:b9:68:b9:c0:f8:5b:97:ff:a3:f8:0a:f7:81:09:
         9a:16:a9:21:ba:b6:13:14:cc:fb:65:b5:8d:4f:b8:60:a8:ca:
         bd:37:f7:bf:9b:a5:5b:f0:60:4f:87:a5:34:72:5f:32:2a:b6:
         f6:36:1a:3b:cf:91:ae:08:56:7a:e7:bc:12:ae:9e:3d:61:48:
         ba:ba:a7:7e:3b:1a:49:8d:12:99:18:ff:dd:95:6d:af:ab:1c:
         fd:43:5f:04:fe:af:cc:f2:da:65:f9:20:1c:1e:95:f3:c6:2c:
         71:37:7a:79:a8:92:15:2c:01:21:64:78:a1:95:93:b8:33:02:
         35:45:7d:38:b3:5d:de:9b:bf:b2:ee:4a:73:0e:68:21:8f:cf:
         33:6f:98:a2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYogHOlySAo1CGMjtbynHtcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODIzMDE1ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQ2ZWM2NjZmYzRkMDE5M2E4MzQwYTJhMTViYjNiOTcyOWFiNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5NBcr6bG4tt+VL5CacaGf3FOBrX
8fjxMDSO6Smh2RFsL3WpOA54i5S5m+9jlcioRhENIhv3tKFs9wl/YtlmQ+cRzIvz
HEH+sXDRhOpztdth06R7x1T51cDa9+2C1UEOxS6HA65rD+LoaDXdMdi6s5egLAYL
Awrc/ZJHinFqdHxT2tqP+2WuluRLhfvilcMolXngujPbfp9hR4hEFp4NDMXwV4/w
MEjTYViyO7Sppvn5OwxdVAC4fknEHQdvR7+Xy44IpYrtwUV903ubN5fNEvXaIZYd
ErV6S8yIWhfgEg7RovctqK366iVGJopbZewlzBTOl+JyMF709CBkNgn+DQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFApG7GZvxNAZOoNAoqFbs7lymreNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ2tic1ptX0UwQms2ZzBDaW9WdXp1WEthdDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQheAwQA
LQ6nAwQAU9tjAwQBV3hEAwQAXXtLMA0GCSqGSIb3DQEBCwUAA4IBAQA1PYQ9FUZI
19PdgPDnjZVLDDHvzAsN6QXUGr+/U7rNvvWoRCHEYdQ5g0ZbtYNts/zU3fvrutem
AsWY5q7rSM7psh3JR9v4sJVmDfgLG1JEboPtB5F5aT8QBQJQgston0Y+FZU7buy2
k0jTyDkckAuluWi5wPhbl/+j+Ar3gQmaFqkhurYTFMz7ZbWNT7hgqMq9N/e/m6Vb
8GBPh6U0cl8yKrb2Nho7z5GuCFZ657wSrp49YUi6uqd+OxpJjRKZGP/dlW2vqxz9
Q18E/q/M8tpl+SAcHpXzxixxN3p5qJIVLAEhZHihlZO4MwI1RX04s13em7+y7kpz
Dmghj88zb5ii
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:27 2024 by rpki-client on console-ams.rpki-client.org