Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dfsrRAeERBraoZj_90X5uXm0O7o.roa
File:                     dfsrRAeERBraoZj_90X5uXm0O7o.roa (raw, json)
Hash identifier:          74YvR1h6qUcwA6bjl+LM6Pr6hOPD8EgYOwMDfAwY/rM=
Subject key identifier:   75:FB:2B:44:07:84:44:1A:DA:A1:98:FF:F7:45:F9:B9:79:B4:3B:BA
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018E043CFA24465740264FD5D5FA9B8B8885
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dfsrRAeERBraoZj_90X5uXm0O7o.roa
Signing time:             Sun 03 Mar 2024 12:14:48 +0000
ROA not before:           Sun 03 Mar 2024 12:14:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        85.209.132.0/24 maxlen: 24
                          178.215.226.0/24 maxlen: 24
                          185.225.73.0/24 maxlen: 24
                          192.145.28.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 May 2024 13:10:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:04:3c:fa:24:46:57:40:26:4f:d5:d5:fa:9b:8b:88:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Mar  3 12:14:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=75fb2b440784441adaa198fff745f9b979b43bba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:fe:c3:e7:88:f2:e8:08:d8:6a:68:d1:be:21:
                    a7:7d:24:f7:49:7e:49:f7:c1:09:20:34:f8:97:fc:
                    01:27:1c:1a:84:41:bd:49:89:67:be:be:00:5d:f4:
                    f1:3f:6a:21:25:a5:c5:cd:a9:e0:af:25:24:80:62:
                    fd:b1:96:81:b6:fb:2a:18:89:f2:23:0e:81:e4:26:
                    f6:a7:a0:b7:51:9a:d8:6f:8e:fc:e6:9c:c3:62:f2:
                    30:e0:92:1e:09:c8:8d:4f:49:b9:37:03:14:4a:36:
                    08:a4:b2:47:a7:16:4b:a3:20:4e:a0:9d:c8:51:47:
                    59:bc:f0:d5:0a:76:d3:c8:16:eb:7f:32:a1:fb:c9:
                    2a:31:9b:22:b6:50:cd:76:81:f9:60:76:37:4f:9c:
                    c2:67:44:86:c0:44:70:50:66:a1:fa:c8:08:b0:4a:
                    1c:5f:3f:ab:ca:a3:8c:25:06:2b:ae:0d:a0:aa:b7:
                    d6:df:e2:e5:d2:57:2f:e8:02:5b:c2:a4:95:f6:4e:
                    3a:d4:84:79:be:88:26:a1:09:5d:8e:5a:d3:90:5f:
                    e3:f9:46:e8:80:5c:79:01:dc:3f:50:38:29:87:1b:
                    26:98:1a:55:c0:52:4b:aa:06:61:71:64:6a:38:fd:
                    63:c8:67:1a:87:9d:ce:dd:41:9c:e2:bc:bb:a7:aa:
                    49:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:FB:2B:44:07:84:44:1A:DA:A1:98:FF:F7:45:F9:B9:79:B4:3B:BA
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dfsrRAeERBraoZj_90X5uXm0O7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.132.0/24
                  178.215.226.0/24
                  185.225.73.0/24
                  192.145.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6d:d9:82:87:06:e7:26:7b:f4:ff:e0:f7:54:5a:55:67:6b:c1:
         36:ec:91:30:b8:74:fe:70:a1:05:78:b6:4b:7a:c9:e4:1f:54:
         57:18:97:c5:43:39:96:af:c3:23:9d:57:d0:6b:8c:1b:43:68:
         20:a3:29:a7:40:fc:56:81:4c:94:0c:a1:25:41:56:ab:6f:07:
         4b:8a:b7:27:51:b7:ab:1f:af:12:30:01:a4:a9:6c:33:48:a7:
         0c:96:06:73:ab:7e:5b:ec:f5:58:54:74:ad:13:4a:6d:d2:a7:
         60:fc:a5:ad:8f:8b:bd:56:f4:2e:c1:bb:9c:da:cf:db:27:aa:
         e6:25:b7:fc:10:0d:85:ef:2f:c6:ff:7e:41:86:d4:98:d4:00:
         2a:65:4b:b3:b1:1b:46:f5:17:92:da:fa:98:ab:b3:10:66:81:
         ff:e0:c4:00:46:22:4f:a6:9f:ca:b4:46:34:9f:b5:b4:46:6f:
         4b:8b:f3:e2:80:a5:fa:3e:f7:1f:c4:ed:9a:a1:16:ea:ff:6c:
         6d:15:0b:e2:dd:d1:5e:85:9c:c2:94:39:fe:5a:e5:00:75:e0:
         b7:7a:54:d3:cd:cd:17:01:2a:80:38:d7:c6:54:4b:04:58:3c:
         51:ea:e0:aa:9e:93:96:96:b3:6d:fb:03:8b:df:ff:5e:82:49:
         18:c1:8b:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4EPPokRldAJk/V1fqbi4iFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzAzMTIxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWZiMmI0NDA3ODQ0NDFhZGFhMTk4ZmZmNzQ1ZjliOTc5YjQzYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif7D54jy6AjYamjRviGnfST3SX5J
98EJIDT4l/wBJxwahEG9SYlnvr4AXfTxP2ohJaXFzangryUkgGL9sZaBtvsqGIny
Iw6B5Cb2p6C3UZrYb4785pzDYvIw4JIeCciNT0m5NwMUSjYIpLJHpxZLoyBOoJ3I
UUdZvPDVCnbTyBbrfzKh+8kqMZsitlDNdoH5YHY3T5zCZ0SGwERwUGah+sgIsEoc
Xz+ryqOMJQYrrg2gqrfW3+Ll0lcv6AJbwqSV9k461IR5vogmoQldjlrTkF/j+Ubo
gFx5Adw/UDgphxsmmBpVwFJLqgZhcWRqOP1jyGcah53O3UGc4ry7p6pJVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHX7K0QHhEQa2qGY//dF+bl5tDu6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZGZzclJBZUVSQnJhb1pqXzkwWDV1WG0wTzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVdGEAwQA
stfiAwQAueFJAwQCwJEcMA0GCSqGSIb3DQEBCwUAA4IBAQBt2YKHBucme/T/4PdU
WlVna8E27JEwuHT+cKEFeLZLesnkH1RXGJfFQzmWr8MjnVfQa4wbQ2ggoymnQPxW
gUyUDKElQVarbwdLircnUberH68SMAGkqWwzSKcMlgZzq35b7PVYVHStE0pt0qdg
/KWtj4u9VvQuwbuc2s/bJ6rmJbf8EA2F7y/G/35BhtSY1AAqZUuzsRtG9ReS2vqY
q7MQZoH/4MQARiJPpp/KtEY0n7W0Rm9Li/PigKX6PvcfxO2aoRbq/2xtFQvi3dFe
hZzClDn+WuUAdeC3elTTzc0XASqAONfGVEsEWDxR6uCqnpOWlrNt+wOL3/9egkkY
wYt+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:15 2024 by rpki-client on console-fra.rpki-client.org