Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I7e4OqTW4cLbDX0z8XaOBLfoau0.roa
File:                     I7e4OqTW4cLbDX0z8XaOBLfoau0.roa (raw, json)
Hash identifier:          rgoNiXsgtVzuyKRMKLhF+2J95ZJEUQawXkHQRFhStlU=
Subject key identifier:   23:B7:B8:3A:A4:D6:E1:C2:DB:0D:7D:33:F1:76:8E:04:B7:E8:6A:ED
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018B93F7DB9DB5610DC9151AFAA196135FDA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I7e4OqTW4cLbDX0z8XaOBLfoau0.roa
Signing time:             Fri 03 Nov 2023 06:56:16 +0000
ROA not before:           Fri 03 Nov 2023 06:56:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201749
IP address blocks:        194.55.226.0/24 maxlen: 24
                          87.120.87.0/24 maxlen: 24
                          80.76.50.0/24 maxlen: 24
                          83.171.204.0/22 maxlen: 24
                          45.139.105.0/24 maxlen: 24
                          194.49.87.0/24 maxlen: 24
                          176.125.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 17:10:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:93:f7:db:9d:b5:61:0d:c9:15:1a:fa:a1:96:13:5f:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Nov  3 06:56:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23b7b83aa4d6e1c2db0d7d33f1768e04b7e86aed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:9f:51:0f:26:33:18:88:6d:1a:e5:89:67:3b:
                    96:e5:7b:d8:bc:38:c1:95:af:83:2a:53:c6:2c:29:
                    0a:f3:bf:3c:97:2c:9e:dd:21:ea:17:76:01:f0:24:
                    94:cd:10:5c:e8:29:0d:84:d0:02:9b:19:9b:20:5c:
                    9b:1f:48:08:d8:be:9f:b9:ff:12:f7:e7:a4:a8:5d:
                    04:d6:61:01:34:16:9b:7f:71:bd:f4:a1:95:0d:6e:
                    a2:02:f7:31:70:98:21:c6:55:55:90:69:13:ba:d7:
                    90:df:04:45:a5:5f:4c:b6:42:93:96:25:20:ff:b7:
                    9d:99:32:7c:92:e9:d9:e9:4e:ea:e8:c0:ff:d4:31:
                    7a:81:13:db:00:38:e4:48:57:c3:58:d7:bf:9e:b4:
                    3c:26:d1:12:60:2d:4d:1c:ea:18:35:6d:2d:d5:f4:
                    7e:ea:b4:c0:59:01:a1:8a:47:31:63:e4:a3:ec:13:
                    02:48:bd:df:66:27:83:d6:c4:74:cf:0e:65:dc:ff:
                    85:ce:27:13:78:9f:5e:6e:9e:c3:92:e7:db:3d:07:
                    08:66:4e:de:8c:a6:16:b7:4c:37:d8:cb:98:3c:c9:
                    1f:28:45:e4:89:11:d9:81:bb:8a:06:c9:c0:6b:06:
                    52:a5:bf:c9:60:5e:4b:74:96:58:49:44:0b:2b:73:
                    3b:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:B7:B8:3A:A4:D6:E1:C2:DB:0D:7D:33:F1:76:8E:04:B7:E8:6A:ED
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I7e4OqTW4cLbDX0z8XaOBLfoau0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.139.105.0/24
                  80.76.50.0/24
                  83.171.204.0/22
                  87.120.87.0/24
                  176.125.255.0/24
                  194.49.87.0/24
                  194.55.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:1c:5f:7d:ad:bb:53:66:da:cd:6c:cd:80:f3:01:53:3c:d4:
         30:33:a7:e5:7b:6f:fa:d8:de:16:10:1a:40:e7:6d:f3:7e:f7:
         23:f3:ed:7f:1b:16:7f:21:0b:ec:df:d8:41:17:10:21:e4:85:
         36:2f:e1:a4:a8:2c:a1:d7:15:91:0b:c8:7c:13:91:c5:78:80:
         37:b4:a3:ba:60:4b:89:df:0b:60:ae:51:69:4f:0c:5a:50:52:
         dc:79:02:5d:af:db:91:51:47:23:d9:31:21:a3:74:f3:13:18:
         55:0e:32:1f:05:6e:61:4d:99:f0:d2:15:54:6f:d3:2f:bc:84:
         43:71:73:fe:38:67:76:bd:e5:c9:bb:c5:90:ac:e3:e8:69:ed:
         b2:01:ea:51:29:3f:26:16:e4:72:d0:4b:fe:5d:c1:6c:fa:00:
         9c:75:01:64:41:c0:fa:3e:39:36:30:b5:50:18:08:9f:66:ea:
         c1:b4:84:bf:b9:42:d0:a2:97:88:b7:60:26:87:7d:c8:bf:40:
         a1:d7:68:07:47:c1:2e:87:b2:9a:36:a6:39:93:27:45:d7:f9:
         04:4b:fb:89:41:72:9b:d9:74:71:1e:cc:f7:8d:aa:a4:81:b9:
         83:d9:86:52:e4:3a:e2:0c:8a:fd:e2:45:53:e4:52:39:60:b5:
         21:7c:bd:e3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYuT99udtWENyRUa+qGWE1/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAzMDY1NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2I3YjgzYWE0ZDZlMWMyZGIwZDdkMzNmMTc2OGUwNGI3ZTg2YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ9RDyYzGIhtGuWJZzuW5XvYvDjB
la+DKlPGLCkK8788lyye3SHqF3YB8CSUzRBc6CkNhNACmxmbIFybH0gI2L6fuf8S
9+ekqF0E1mEBNBabf3G99KGVDW6iAvcxcJghxlVVkGkTuteQ3wRFpV9MtkKTliUg
/7edmTJ8kunZ6U7q6MD/1DF6gRPbADjkSFfDWNe/nrQ8JtESYC1NHOoYNW0t1fR+
6rTAWQGhikcxY+Sj7BMCSL3fZieD1sR0zw5l3P+FzicTeJ9ebp7DkufbPQcIZk7e
jKYWt0w32MuYPMkfKEXkiRHZgbuKBsnAawZSpb/JYF5LdJZYSUQLK3M70wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCO3uDqk1uHC2w19M/F2jgS36GrtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSTdlNE9xVFc0Y0xiRFgwejhYYU9CTGZvYXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALYtpAwQA
UEwyAwQCU6vMAwQAV3hXAwQAsH3/AwQAwjFXAwQAwjfiMA0GCSqGSIb3DQEBCwUA
A4IBAQBXHF99rbtTZtrNbM2A8wFTPNQwM6fle2/62N4WEBpA523zfvcj8+1/GxZ/
IQvs39hBFxAh5IU2L+GkqCyh1xWRC8h8E5HFeIA3tKO6YEuJ3wtgrlFpTwxaUFLc
eQJdr9uRUUcj2TEho3TzExhVDjIfBW5hTZnw0hVUb9MvvIRDcXP+OGd2veXJu8WQ
rOPoae2yAepRKT8mFuRy0Ev+XcFs+gCcdQFkQcD6Pjk2MLVQGAifZurBtIS/uULQ
opeIt2Amh33Iv0Ch12gHR8Euh7KaNqY5kydF1/kES/uJQXKb2XRxHsz3jaqkgbmD
2YZS5DriDIr94kVT5FI5YLUhfL3j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:04 2024 by rpki-client on console-fra.rpki-client.org