Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k1-B84Ju1MOPl3gWtFL6L_iLJJA.roa
File:                     k1-B84Ju1MOPl3gWtFL6L_iLJJA.roa (raw, json)
Hash identifier:          wzGJ8OjRFZLUZiw3QZFcRzTmy2dUCCuc+nzeAQBEkDQ=
Subject key identifier:   93:5F:81:F3:82:6E:D4:C3:8F:97:78:16:B4:52:FA:2F:F8:8B:24:90
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018CC8DCCF0AA8A4DBBA14AA91DC525BF2CC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k1-B84Ju1MOPl3gWtFL6L_iLJJA.roa
Signing time:             Tue 02 Jan 2024 06:29:23 +0000
ROA not before:           Tue 02 Jan 2024 06:29:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8100
IP address blocks:        94.156.2.0/24 maxlen: 24
                          91.92.16.0/24 maxlen: 24
                          91.92.27.0/24 maxlen: 24
                          193.58.121.0/24 maxlen: 24
                          193.58.123.0/24 maxlen: 24
                          87.121.38.0/24 maxlen: 24
                          94.156.152.0/24 maxlen: 24
                          45.8.92.0/24 maxlen: 24
                          94.156.154.0/23 maxlen: 24
                          87.121.60.0/22 maxlen: 24
                          91.92.67.0/24 maxlen: 24
                          45.139.123.0/24 maxlen: 24
                          94.154.160.0/23 maxlen: 24
                          94.154.173.0/24 maxlen: 24
                          94.156.237.0/24 maxlen: 24
                          94.156.238.0/24 maxlen: 24
                          93.123.76.0/22 maxlen: 24
                          141.98.5.0/24 maxlen: 24
                          185.252.177.0/24 maxlen: 24
                          94.156.178.0/24 maxlen: 24
                          193.47.62.0/24 maxlen: 24
                          94.156.180.0/23 maxlen: 24
                          87.121.104.0/24 maxlen: 24
                          93.123.24.0/24 maxlen: 24
                          87.121.103.0/24 maxlen: 24
                          93.123.26.0/23 maxlen: 24
                          87.121.114.0/23 maxlen: 24
                          93.123.112.0/22 maxlen: 24
                          5.253.58.0/23 maxlen: 24
                          193.25.219.0/24 maxlen: 24
                          5.253.56.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 Jan 2024 08:18:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:dc:cf:0a:a8:a4:db:ba:14:aa:91:dc:52:5b:f2:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  2 06:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=935f81f3826ed4c38f977816b452fa2ff88b2490
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:97:87:45:35:8c:89:79:80:74:53:28:fd:f2:
                    92:39:88:44:39:37:2c:b1:e2:91:5c:3f:d6:68:51:
                    c1:97:4c:13:5f:f0:84:53:8e:7f:40:7a:31:05:ff:
                    3e:f8:35:51:56:86:5f:a0:e1:f3:f5:32:d5:bc:07:
                    94:52:93:6b:21:66:1c:4c:09:57:a2:45:cb:d2:9c:
                    19:bf:cc:b6:c5:b5:63:1f:e9:48:2c:d9:00:3d:6b:
                    9b:5c:85:9b:ab:8c:ab:bb:86:f1:d5:ad:65:6e:9a:
                    6a:5e:f1:d4:19:b2:55:72:32:51:e8:1a:5d:5e:72:
                    d3:a6:27:1e:5b:4b:18:c0:ac:12:5d:7d:6b:52:12:
                    7e:56:57:ff:4b:df:f0:01:20:ad:8d:5f:fe:d8:74:
                    f7:8e:a3:90:ab:e4:81:b3:f2:47:8f:8e:b7:39:8f:
                    91:30:cf:38:c0:08:49:21:74:c4:e2:c6:58:1a:7e:
                    67:4b:16:65:14:05:09:6e:a6:4a:8f:11:9a:18:ac:
                    4b:f8:4b:76:4d:78:a2:85:7e:ee:60:28:67:6a:26:
                    37:e6:47:76:39:cb:88:bc:b3:cd:da:af:c3:87:d1:
                    d0:85:b2:f8:b6:50:26:3b:ff:b0:0b:d5:e6:b6:f2:
                    cb:04:27:3a:00:8a:12:e3:fb:21:b1:b6:3a:f5:4d:
                    30:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:5F:81:F3:82:6E:D4:C3:8F:97:78:16:B4:52:FA:2F:F8:8B:24:90
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k1-B84Ju1MOPl3gWtFL6L_iLJJA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.56.0/22
                  45.8.92.0/24
                  45.139.123.0/24
                  87.121.38.0/24
                  87.121.60.0/22
                  87.121.103.0-87.121.104.255
                  87.121.114.0/23
                  91.92.16.0/24
                  91.92.27.0/24
                  91.92.67.0/24
                  93.123.24.0/24
                  93.123.26.0/23
                  93.123.76.0/22
                  93.123.112.0/22
                  94.154.160.0/23
                  94.154.173.0/24
                  94.156.2.0/24
                  94.156.152.0/24
                  94.156.154.0/23
                  94.156.178.0/24
                  94.156.180.0/23
                  94.156.237.0-94.156.238.255
                  141.98.5.0/24
                  185.252.177.0/24
                  193.25.219.0/24
                  193.47.62.0/24
                  193.58.121.0/24
                  193.58.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:b1:a1:e2:ec:5d:55:b8:a6:a4:23:3a:4b:ee:aa:db:36:4d:
         cf:d5:9c:ec:f8:78:c1:4c:b6:6a:98:f4:bb:68:22:df:9f:7e:
         c9:0c:61:20:28:1f:76:f0:e3:d6:71:98:c8:d8:96:0e:b0:32:
         44:f9:58:fa:b2:b5:1d:ec:c3:45:19:9e:24:88:b3:f4:e8:c7:
         3e:bd:c9:6a:64:1b:6e:01:2f:50:57:8a:0e:a1:6c:37:e5:6d:
         49:14:32:e4:4e:46:56:bf:e5:5f:91:00:f9:59:68:5e:a4:b8:
         d8:c1:de:f4:cd:15:9d:f4:79:c4:2e:ec:e7:10:28:84:02:a1:
         2b:c0:77:cb:ec:ec:ce:c4:03:17:f8:20:2f:46:fd:89:89:d7:
         22:ec:d8:5b:31:fc:bd:fb:c7:fa:e6:bf:57:16:8f:31:48:53:
         04:3a:4f:d1:c6:e7:0f:0c:46:f2:2e:49:da:f6:fa:3c:3f:f8:
         1e:fd:ad:ca:2a:45:2c:d4:48:95:11:00:38:12:14:a0:8e:c9:
         92:a9:3a:1d:fb:6e:d1:5d:a7:c4:da:e3:f7:03:f3:5f:56:25:
         8a:f0:ea:6d:19:4e:8d:35:f9:f3:72:c3:3a:7a:a7:5a:e0:0a:
         e0:b2:84:2f:97:d7:78:fb:0f:98:f7:26:19:04:3d:dc:ae:6a:
         41:26:b6:99
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAYzI3M8KqKTbuhSqkdxSW/LMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzVmODFmMzgyNmVkNGMzOGY5Nzc4MTZiNDUyZmEyZmY4OGIyNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZeHRTWMiXmAdFMo/fKSOYhEOTcs
seKRXD/WaFHBl0wTX/CEU45/QHoxBf8++DVRVoZfoOHz9TLVvAeUUpNrIWYcTAlX
okXL0pwZv8y2xbVjH+lILNkAPWubXIWbq4yru4bx1a1lbppqXvHUGbJVcjJR6Bpd
XnLTpiceW0sYwKwSXX1rUhJ+Vlf/S9/wASCtjV/+2HT3jqOQq+SBs/JHj463OY+R
MM84wAhJIXTE4sZYGn5nSxZlFAUJbqZKjxGaGKxL+Et2TXiihX7uYChnaiY35kd2
OcuIvLPN2q/Dh9HQhbL4tlAmO/+wC9XmtvLLBCc6AIoS4/shsbY69U0wxwIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFJNfgfOCbtTDj5d4FrRS+i/4iySQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvazEtQjg0SnUxTU9QbDNnV3RGTDZMX2lMSkpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAIF
/TgDBAAtCFwDBAAti3sDBABXeSYDBAJXeTwwDAMEAFd5ZwMEAFd5aAMEAVd5cgME
AFtcEAMEAFtcGwMEAFtcQwMEAF17GAMEAV17GgMEAl17TAMEAl17cAMEAV6aoAME
AF6arQMEAF6cAgMEAF6cmAMEAV6cmgMEAF6csgMEAV6ctDAMAwQAXpztAwQAXpzu
AwQAjWIFAwQAufyxAwQAwRnbAwQAwS8+AwQAwTp5AwQAwTp7MA0GCSqGSIb3DQEB
CwUAA4IBAQAosaHi7F1VuKakIzpL7qrbNk3P1Zzs+HjBTLZqmPS7aCLfn37JDGEg
KB928OPWcZjI2JYOsDJE+Vj6srUd7MNFGZ4kiLP06Mc+vclqZBtuAS9QV4oOoWw3
5W1JFDLkTkZWv+VfkQD5WWhepLjYwd70zRWd9HnELuznECiEAqErwHfL7OzOxAMX
+CAvRv2Jidci7NhbMfy9+8f65r9XFo8xSFMEOk/RxucPDEbyLkna9vo8P/ge/a3K
KkUs1EiVEQA4EhSgjsmSqTod+27RXafE2uP3A/NfViWK8OptGU6NNfnzcsM6eqda
4ArgsoQvl9d4+w+Y9yYZBD3crmpBJraZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:17 2024 by rpki-client on console-fra.rpki-client.org