Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X428vFGEjcTFeG4iWEL2qL-M2OE.roa
File:                     X428vFGEjcTFeG4iWEL2qL-M2OE.roa (raw, json)
Hash identifier:          SgDzkDJycwI/O5gNnnENOEXe03+OtguRZ7OljKdxI4k=
Subject key identifier:   5F:8D:BC:BC:51:84:8D:C4:C5:78:6E:22:58:42:F6:A8:BF:8C:D8:E1
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018B9A4C57E3F92B289668675D3165877865
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X428vFGEjcTFeG4iWEL2qL-M2OE.roa
Signing time:             Sat 04 Nov 2023 12:26:16 +0000
ROA not before:           Sat 04 Nov 2023 12:26:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209193
IP address blocks:        185.216.69.0/24 maxlen: 24
                          185.207.12.0/24 maxlen: 24
                          185.147.102.0/24 maxlen: 24
                          185.147.103.0/24 maxlen: 24
                          185.147.100.0/24 maxlen: 24
                          185.147.101.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 17:10:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:9a:4c:57:e3:f9:2b:28:96:68:67:5d:31:65:87:78:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Nov  4 12:26:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f8dbcbc51848dc4c5786e225842f6a8bf8cd8e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:70:a9:6e:c9:d7:2c:b3:98:84:0a:b2:77:47:
                    4a:9d:05:eb:7c:fc:ac:26:5b:14:51:e3:71:f7:1a:
                    5d:c2:be:37:25:2a:45:dc:e6:c7:1b:32:27:9c:9a:
                    48:80:36:d4:83:2a:97:ce:3e:ff:dd:93:ca:ec:29:
                    3c:10:aa:0e:10:a2:72:c1:60:c4:1c:bc:1e:f9:b9:
                    2a:fb:a3:ae:c5:76:df:43:49:ed:d2:a3:81:c9:60:
                    ca:ac:da:86:0b:00:3d:69:50:b2:dd:95:92:69:ea:
                    11:7d:f9:f5:01:04:22:8a:e2:aa:d9:c8:99:b6:ba:
                    36:ce:71:29:9a:77:00:7d:78:52:2a:f6:30:3c:59:
                    84:7b:6b:d5:e1:d3:1e:07:e9:38:97:36:52:d7:9a:
                    b3:ce:51:a8:30:9f:27:7d:c0:bd:f5:d8:a8:84:87:
                    cd:46:43:ef:2b:da:88:9f:29:1b:9c:ba:69:d6:06:
                    5d:9a:d8:86:d7:c3:e3:6c:0a:97:5b:04:41:b3:7f:
                    fa:f1:1d:91:0f:55:eb:28:31:2d:3d:bd:52:55:a6:
                    ad:bc:b7:18:b4:4c:19:e1:d3:db:73:e9:97:a4:2a:
                    67:03:e9:8d:b2:ad:74:6c:1a:a6:d3:24:2b:c0:27:
                    f5:1b:70:1a:41:d8:3c:d8:cd:9e:84:8c:5d:37:02:
                    dc:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:8D:BC:BC:51:84:8D:C4:C5:78:6E:22:58:42:F6:A8:BF:8C:D8:E1
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X428vFGEjcTFeG4iWEL2qL-M2OE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.147.100.0/22
                  185.207.12.0/24
                  185.216.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:4d:1d:b5:67:3e:83:1c:06:68:b1:c5:34:1a:a0:a0:d9:39:
         af:46:05:d0:4a:2c:8b:f2:14:61:fc:b0:73:d6:89:db:9b:16:
         c5:6d:2b:29:e7:cb:bc:68:32:98:64:f4:e1:f8:74:a7:62:cb:
         6b:0c:9b:2a:72:78:bb:5f:b0:bf:62:ea:60:d0:0a:01:55:03:
         67:56:d5:1f:39:2b:c1:a6:06:5b:f0:8a:98:a7:5e:9d:a5:b2:
         2f:d7:44:81:1e:84:e6:a8:a8:f1:cc:6c:90:37:75:a6:54:85:
         c7:1d:a4:be:35:c7:12:0c:89:21:20:2b:80:40:8e:77:3b:9f:
         13:f5:19:9f:d2:a9:48:42:2f:16:d9:b4:75:6f:df:ec:39:b9:
         aa:df:e5:63:df:bd:d2:48:ab:02:1b:b4:49:0a:98:94:86:54:
         fe:8a:82:0c:0e:98:92:dd:8a:c7:76:a6:3b:6d:fb:0c:4b:15:
         5f:d5:dc:b0:d0:ae:86:ce:ca:f4:e1:32:1d:4f:6c:7b:a9:c5:
         fd:31:47:aa:cd:25:5b:53:1d:9f:a4:55:1e:0d:73:02:41:bf:
         7a:de:b2:11:82:b8:b5:af:9b:68:5e:7c:31:a7:4c:16:23:8e:
         0f:a5:80:6b:6f:00:1a:c8:cb:6c:ba:ac:51:58:69:05:7f:5d:
         a8:aa:da:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuaTFfj+SsolmhnXTFlh3hlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTA0MTIyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjhkYmNiYzUxODQ4ZGM0YzU3ODZlMjI1ODQyZjZhOGJmOGNkOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXCpbsnXLLOYhAqyd0dKnQXrfPys
JlsUUeNx9xpdwr43JSpF3ObHGzInnJpIgDbUgyqXzj7/3ZPK7Ck8EKoOEKJywWDE
HLwe+bkq+6OuxXbfQ0nt0qOByWDKrNqGCwA9aVCy3ZWSaeoRffn1AQQiiuKq2ciZ
tro2znEpmncAfXhSKvYwPFmEe2vV4dMeB+k4lzZS15qzzlGoMJ8nfcC99diohIfN
RkPvK9qInykbnLpp1gZdmtiG18PjbAqXWwRBs3/68R2RD1XrKDEtPb1SVaatvLcY
tEwZ4dPbc+mXpCpnA+mNsq10bBqm0yQrwCf1G3AaQdg82M2ehIxdNwLcVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF+NvLxRhI3ExXhuIlhC9qi/jNjhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWDQyOHZGR0VqY1RGZUc0aVdFTDJxTC1NMk9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuZNkAwQA
uc8MAwQAudhFMA0GCSqGSIb3DQEBCwUAA4IBAQBLTR21Zz6DHAZoscU0GqCg2Tmv
RgXQSiyL8hRh/LBz1onbmxbFbSsp58u8aDKYZPTh+HSnYstrDJsqcni7X7C/Yupg
0AoBVQNnVtUfOSvBpgZb8IqYp16dpbIv10SBHoTmqKjxzGyQN3WmVIXHHaS+NccS
DIkhICuAQI53O58T9Rmf0qlIQi8W2bR1b9/sObmq3+Vj373SSKsCG7RJCpiUhlT+
ioIMDpiS3YrHdqY7bfsMSxVf1dyw0K6Gzsr04TIdT2x7qcX9MUeqzSVbUx2fpFUe
DXMCQb963rIRgri1r5toXnwxp0wWI44PpYBrbwAayMtsuqxRWGkFf12oqtqi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:13 2024 by rpki-client on console-fra.rpki-client.org