Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/M44JPdw_cgojyV-HVbd6oZ9tB30.roa
File:                     M44JPdw_cgojyV-HVbd6oZ9tB30.roa (raw, json)
Hash identifier:          q3F9OJ41Ik6P76Dz9VNHl/Kz/cfuCgs81wQKSJC0ebQ=
Subject key identifier:   33:8E:09:3D:DC:3F:72:0A:23:C9:5F:87:55:B7:7A:A1:9F:6D:07:7D
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0186EFF9201447DA7D3A149DE164F4A96ECD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/M44JPdw_cgojyV-HVbd6oZ9tB30.roa
Signing time:             Fri 17 Mar 2023 14:28:46 +0000
ROA not before:           Fri 17 Mar 2023 14:28:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213200
IP address blocks:        85.209.132.0/24 maxlen: 24
                          176.125.255.0/24 maxlen: 24
                          185.246.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 Mar 2023 09:42:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ef:f9:20:14:47:da:7d:3a:14:9d:e1:64:f4:a9:6e:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Mar 17 14:28:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=338e093ddc3f720a23c95f8755b77aa19f6d077d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:88:44:68:25:c5:46:f1:2e:e3:26:6c:65:9c:
                    40:ea:85:ae:5f:3f:5f:6c:a7:74:75:d6:7d:42:9b:
                    56:b1:80:e5:74:0d:b6:6a:d9:2d:12:4e:30:0e:61:
                    d8:39:ab:70:e0:78:4c:2c:e5:30:f1:85:db:c8:2d:
                    5e:ec:bd:e5:8d:33:76:c5:33:eb:9b:7e:e5:09:a1:
                    ed:a5:4b:31:9c:53:ee:30:33:1c:13:45:ef:14:fe:
                    71:ad:4e:70:bb:ef:e4:e4:c7:27:1d:f3:38:ec:78:
                    6d:61:fd:61:e5:2c:19:54:48:24:82:d0:55:36:79:
                    7b:0c:88:61:e9:ba:a8:0c:13:3e:9f:db:77:16:f0:
                    6b:a5:a4:a4:13:92:98:56:a5:45:bf:d7:16:cc:bd:
                    b3:be:44:84:3f:b1:4d:f5:f9:f6:6d:48:73:5f:56:
                    5b:06:4d:ae:6e:15:a8:7c:25:97:19:c2:43:af:45:
                    ec:89:a8:da:28:ac:64:1f:a7:ac:f5:67:bb:d1:24:
                    60:05:1b:a3:33:e7:59:fb:41:ce:9e:d4:76:7d:ab:
                    2f:af:30:f7:45:f1:de:31:06:f6:cd:6f:e5:df:c7:
                    86:c4:54:ac:66:18:93:68:b1:e6:4e:d5:ea:ed:6e:
                    16:f6:34:3f:86:ef:83:98:5d:10:58:45:cc:79:d9:
                    92:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:8E:09:3D:DC:3F:72:0A:23:C9:5F:87:55:B7:7A:A1:9F:6D:07:7D
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/M44JPdw_cgojyV-HVbd6oZ9tB30.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.132.0/24
                  176.125.255.0/24
                  185.246.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:ac:6a:fc:89:47:fa:ed:ac:d4:3d:4f:c9:ee:c5:65:99:bd:
         5d:34:20:36:65:35:42:ab:85:02:1d:88:43:1d:25:11:4c:06:
         95:af:01:74:19:8e:ef:b3:85:7f:46:4c:a7:f7:fc:d1:de:bd:
         cd:e2:de:e4:07:22:cc:51:bd:9d:fa:66:9b:7f:ff:61:66:34:
         16:2d:6e:50:00:26:be:6a:f9:ec:27:5f:ed:a1:a2:34:a3:09:
         51:61:21:f7:a3:ed:a9:a2:dc:43:69:ec:5b:a1:ce:32:18:0b:
         ce:01:85:ea:46:17:68:f6:75:b8:86:0e:5d:48:74:7b:a5:b0:
         8c:33:1a:5e:2a:2d:b2:e9:63:1b:d5:ec:99:d3:dd:38:a1:db:
         3e:a2:b8:4e:9b:b4:00:2a:f4:98:4f:30:1c:4a:51:8a:79:7d:
         5f:67:fe:b9:91:13:cc:81:df:23:8b:a6:55:04:73:58:f0:77:
         99:10:87:e2:98:6b:18:cb:43:88:96:75:4d:ba:68:a6:fc:43:
         29:de:9f:0c:ad:81:bc:9f:c8:f4:aa:8a:ca:79:8d:a8:70:22:
         83:b4:a8:66:48:21:f9:32:a4:04:ed:6e:e8:0b:61:7c:90:3a:
         ed:cf:12:37:07:90:83:73:c9:a1:d3:8f:21:c8:b3:96:a0:cb:
         27:1d:a7:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbv+SAUR9p9OhSd4WT0qW7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzE3MTQyODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzhlMDkzZGRjM2Y3MjBhMjNjOTVmODc1NWI3N2FhMTlmNmQwNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IhEaCXFRvEu4yZsZZxA6oWuXz9f
bKd0ddZ9QptWsYDldA22atktEk4wDmHYOatw4HhMLOUw8YXbyC1e7L3ljTN2xTPr
m37lCaHtpUsxnFPuMDMcE0XvFP5xrU5wu+/k5McnHfM47HhtYf1h5SwZVEgkgtBV
Nnl7DIhh6bqoDBM+n9t3FvBrpaSkE5KYVqVFv9cWzL2zvkSEP7FN9fn2bUhzX1Zb
Bk2ubhWofCWXGcJDr0XsiajaKKxkH6es9We70SRgBRujM+dZ+0HOntR2fasvrzD3
RfHeMQb2zW/l38eGxFSsZhiTaLHmTtXq7W4W9jQ/hu+DmF0QWEXMedmSIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDOOCT3cP3IKI8lfh1W3eqGfbQd9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTTQ0SlBkd19jZ29qeVYtSFZiZDZvWjl0QjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVdGEAwQA
sH3/AwQAufbfMA0GCSqGSIb3DQEBCwUAA4IBAQAArGr8iUf67azUPU/J7sVlmb1d
NCA2ZTVCq4UCHYhDHSURTAaVrwF0GY7vs4V/Rkyn9/zR3r3N4t7kByLMUb2d+mab
f/9hZjQWLW5QACa+avnsJ1/toaI0owlRYSH3o+2potxDaexboc4yGAvOAYXqRhdo
9nW4hg5dSHR7pbCMMxpeKi2y6WMb1eyZ0904ods+orhOm7QAKvSYTzAcSlGKeX1f
Z/65kRPMgd8ji6ZVBHNY8HeZEIfimGsYy0OIlnVNumim/EMp3p8MrYG8n8j0qorK
eY2ocCKDtKhmSCH5MqQE7W7oC2F8kDrtzxI3B5CDc8mh048hyLOWoMsnHaer
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:31 2024 by rpki-client on console-ams.rpki-client.org