Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RpTbRgRhHzfJFWxqyaaPrHvkiMY.roa
File:                     RpTbRgRhHzfJFWxqyaaPrHvkiMY.roa (raw, json)
Hash identifier:          aLK7cq3wo0yklayoQkGElEIswU6g0j7Hh/9TGSVNAgk=
Subject key identifier:   46:94:DB:46:04:61:1F:37:C9:15:6C:6A:C9:A6:8F:AC:7B:E4:88:C6
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018E562BA7504549DCD64649EA19F54B1B60
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RpTbRgRhHzfJFWxqyaaPrHvkiMY.roa
Signing time:             Tue 19 Mar 2024 10:04:45 +0000
ROA not before:           Tue 19 Mar 2024 10:04:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        45.8.94.0/24 maxlen: 24
                          87.120.68.0/23 maxlen: 24
                          87.121.62.0/24 maxlen: 24
                          87.121.63.0/24 maxlen: 24
                          93.123.74.0/23 maxlen: 23
                          93.123.75.0/24 maxlen: 24
                          185.252.160.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Mar 2024 04:16:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:56:2b:a7:50:45:49:dc:d6:46:49:ea:19:f5:4b:1b:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Mar 19 10:04:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4694db4604611f37c9156c6ac9a68fac7be488c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:b0:13:60:62:bd:cd:da:2d:6f:0e:73:c6:12:
                    83:a0:5b:64:d4:f7:0f:aa:5f:cf:82:59:fd:01:af:
                    76:a5:72:08:73:34:14:36:c8:4b:cc:f5:f0:a9:c9:
                    3a:2a:df:38:96:8e:bd:ac:0b:24:d0:3b:6c:e9:79:
                    2f:68:d4:07:b7:49:03:b1:bb:76:ca:9c:c1:76:a2:
                    f5:c4:9c:d0:df:eb:cf:db:f0:de:04:1a:89:97:de:
                    05:55:6d:fc:ea:7f:0d:45:65:fa:08:91:6a:95:a3:
                    c6:04:71:08:21:1e:3b:d8:ef:58:29:b0:77:ad:99:
                    7c:30:e7:f2:e1:71:4b:cb:c9:2b:fe:13:40:c8:19:
                    d5:57:82:ce:54:a0:81:16:c3:ea:4b:f3:93:d3:30:
                    85:f3:e0:15:8c:e9:a5:ec:1f:74:37:de:24:e7:8d:
                    30:63:85:79:7e:0e:d2:d3:3e:5e:85:f2:f6:7e:e6:
                    29:5c:60:52:f9:a4:ec:85:1f:41:d0:87:29:b5:a5:
                    eb:b6:a2:5a:27:a3:fd:8e:fa:91:7b:9b:54:dd:1a:
                    72:09:4f:91:ef:7e:e1:31:3d:8d:fb:21:5b:b1:b4:
                    25:6c:50:13:06:23:fc:8f:a0:b7:03:5b:ee:a9:e3:
                    1d:c7:c1:6c:e5:ae:4d:fa:76:34:6c:03:9b:49:ef:
                    56:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:94:DB:46:04:61:1F:37:C9:15:6C:6A:C9:A6:8F:AC:7B:E4:88:C6
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RpTbRgRhHzfJFWxqyaaPrHvkiMY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.94.0/24
                  87.120.68.0/23
                  87.121.62.0/23
                  93.123.74.0/23
                  185.252.160.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6f:6a:44:f2:95:1c:c6:de:e2:0c:dc:5a:94:c1:df:78:e4:02:
         ec:37:5c:f8:e3:e3:75:23:79:51:e1:ea:fc:a3:63:74:87:ad:
         cb:f5:25:f8:8a:30:ba:d5:00:b2:51:e5:87:36:cb:2f:44:e3:
         22:6c:c5:cc:f0:88:0d:1b:80:8a:5f:5b:88:2a:ae:ef:4c:2f:
         3f:3e:99:88:ab:5c:70:f5:e1:a4:88:89:05:41:6c:aa:16:a3:
         08:8b:64:57:42:0b:cd:06:72:d0:c1:a1:ea:44:7e:1e:5d:6a:
         21:6e:d1:be:e4:22:6a:2d:37:13:ba:ac:c1:0b:04:29:85:bd:
         f8:a6:1b:67:be:d9:ab:9c:02:fc:0a:d8:23:37:44:e8:32:f0:
         07:0d:3c:55:da:56:bc:db:ea:53:c6:c8:1f:37:47:d6:4c:67:
         bc:69:11:4a:6b:a3:e8:38:6e:5c:75:ff:4f:38:83:5d:80:e7:
         59:5b:1d:f7:12:1e:58:29:87:bf:c3:bf:b5:7f:2c:45:1d:cd:
         14:27:87:38:1e:23:20:94:39:eb:3c:3d:7f:78:49:3b:ee:0c:
         78:77:c1:c2:b0:64:fe:bd:43:c8:cf:e9:91:01:44:b4:78:89:
         ca:26:4b:6f:94:11:88:a7:9f:20:61:e1:3c:e8:23:f7:87:29:
         1d:9d:05:7b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY5WK6dQRUnc1kZJ6hn1SxtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE5MTAwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njk0ZGI0NjA0NjExZjM3YzkxNTZjNmFjOWE2OGZhYzdiZTQ4OGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bATYGK9zdotbw5zxhKDoFtk1PcP
ql/Pgln9Aa92pXIIczQUNshLzPXwqck6Kt84lo69rAsk0Dts6XkvaNQHt0kDsbt2
ypzBdqL1xJzQ3+vP2/DeBBqJl94FVW386n8NRWX6CJFqlaPGBHEIIR472O9YKbB3
rZl8MOfy4XFLy8kr/hNAyBnVV4LOVKCBFsPqS/OT0zCF8+AVjOml7B90N94k540w
Y4V5fg7S0z5ehfL2fuYpXGBS+aTshR9B0IcptaXrtqJaJ6P9jvqRe5tU3RpyCU+R
737hMT2N+yFbsbQlbFATBiP8j6C3A1vuqeMdx8Fs5a5N+nY0bAObSe9WAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEaU20YEYR83yRVsasmmj6x75IjGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUnBUYlJnUmhIemZKRld4cXlhYVBySHZraU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQheAwQB
V3hEAwQBV3k+AwQBXXtKAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQBvakTylRzG
3uIM3FqUwd945ALsN1z44+N1I3lR4er8o2N0h63L9SX4ijC61QCyUeWHNssvROMi
bMXM8IgNG4CKX1uIKq7vTC8/PpmIq1xw9eGkiIkFQWyqFqMIi2RXQgvNBnLQwaHq
RH4eXWohbtG+5CJqLTcTuqzBCwQphb34phtnvtmrnAL8CtgjN0ToMvAHDTxV2la8
2+pTxsgfN0fWTGe8aRFKa6PoOG5cdf9POINdgOdZWx33Eh5YKYe/w7+1fyxFHc0U
J4c4HiMglDnrPD1/eEk77gx4d8HCsGT+vUPIz+mRAUS0eInKJktvlBGIp58gYeE8
6CP3hykdnQV7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:07 2024 by rpki-client on console-fra.rpki-client.org