Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kLVW1GNZ6fvvZQkGDoWu57rAN6U.roa
File:                     kLVW1GNZ6fvvZQkGDoWu57rAN6U.roa (raw, json)
Hash identifier:          W6oD8fp1QWbP1/ud3UVyoS7l6EJmz/z0d60S8PeM4+Q=
Subject key identifier:   90:B5:56:D4:63:59:E9:FB:EF:65:09:06:0E:85:AE:E7:BA:C0:37:A5
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018C8B55B362EA70115225FA44412EB3C4E9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kLVW1GNZ6fvvZQkGDoWu57rAN6U.roa
Signing time:             Thu 21 Dec 2023 07:44:58 +0000
ROA not before:           Thu 21 Dec 2023 07:44:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        2.59.255.0/24 maxlen: 24
                          185.218.84.0/22 maxlen: 24
                          94.156.10.0/24 maxlen: 24
                          147.78.101.0/24 maxlen: 24
                          147.78.100.0/24 maxlen: 24
                          147.78.102.0/24 maxlen: 24
                          185.226.172.0/24 maxlen: 24
                          185.226.175.0/24 maxlen: 24
                          87.121.45.0/24 maxlen: 24
                          194.180.36.0/24 maxlen: 24
                          45.129.86.0/24 maxlen: 24
                          94.154.162.0/23 maxlen: 24
                          94.154.161.0/24 maxlen: 24
                          45.151.89.0/24 maxlen: 24
                          178.215.224.0/24 maxlen: 24
                          94.156.239.0/24 maxlen: 24
                          178.215.236.0/24 maxlen: 24
                          171.22.72.0/22 maxlen: 24
                          185.252.176.0/24 maxlen: 24
                          92.119.196.0/23 maxlen: 24
                          185.216.84.0/22 maxlen: 24
                          45.88.90.0/24 maxlen: 24
                          87.120.87.0/24 maxlen: 24
                          83.219.97.0/24 maxlen: 24
                          93.123.116.0/24 maxlen: 24
                          87.121.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Dec 2023 12:10:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:8b:55:b3:62:ea:70:11:52:25:fa:44:41:2e:b3:c4:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Dec 21 07:44:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=90b556d46359e9fbef6509060e85aee7bac037a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:67:17:66:cc:34:a0:c6:91:25:a7:b7:21:fe:
                    b3:e2:ff:49:9f:fb:fd:c5:28:b3:01:17:4d:64:1b:
                    41:be:f0:b3:5e:39:c6:84:4c:29:47:4e:1e:7b:ad:
                    fa:75:8e:9a:9b:ec:51:a5:a4:05:2d:91:10:b9:ad:
                    3c:12:49:f8:6a:32:53:4d:61:fa:8f:b7:49:77:7e:
                    75:00:a3:23:dd:c6:7c:88:d8:36:b4:a6:3f:45:ac:
                    13:a4:93:3e:f0:c7:3f:e5:e8:3a:c9:e5:c7:bb:f1:
                    2f:6a:b9:2f:9f:d7:8e:b9:81:70:7b:d0:1f:5c:80:
                    57:7a:be:47:6b:80:0f:42:bb:d0:0f:c2:3f:a3:0c:
                    14:8b:3a:3f:f8:ce:3a:c1:30:5d:5a:28:3d:09:ec:
                    c8:e2:d4:d4:6d:98:51:f2:4d:ef:90:30:e8:ab:db:
                    33:99:c8:4a:b2:33:df:6b:52:3e:bc:96:6d:39:6c:
                    b7:fb:26:64:3b:d7:9c:7d:a7:40:d7:34:66:73:d3:
                    6e:63:6d:ea:55:b9:e0:7b:e3:aa:73:a6:b0:b2:ac:
                    0a:63:78:fe:fc:cd:e3:94:55:52:83:44:57:d7:19:
                    cb:8f:43:9e:dc:02:c6:3d:12:f1:ef:ec:ac:b7:e6:
                    3b:96:81:1f:e9:2d:d6:5c:09:39:46:80:59:ba:98:
                    7a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:B5:56:D4:63:59:E9:FB:EF:65:09:06:0E:85:AE:E7:BA:C0:37:A5
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kLVW1GNZ6fvvZQkGDoWu57rAN6U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.255.0/24
                  45.88.90.0/24
                  45.129.86.0/24
                  45.151.89.0/24
                  83.219.97.0/24
                  87.120.87.0/24
                  87.121.45.0/24
                  87.121.221.0/24
                  92.119.196.0/23
                  93.123.116.0/24
                  94.154.161.0-94.154.163.255
                  94.156.10.0/24
                  94.156.239.0/24
                  147.78.100.0-147.78.102.255
                  171.22.72.0/22
                  178.215.224.0/24
                  178.215.236.0/24
                  185.216.84.0/22
                  185.218.84.0/22
                  185.226.172.0/24
                  185.226.175.0/24
                  185.252.176.0/24
                  194.180.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:d3:57:5f:9b:e3:ab:c7:ab:a6:78:b2:8c:4a:6a:91:7f:ea:
         06:3e:2c:aa:c4:80:52:b0:85:cf:97:8f:e9:71:c7:15:a5:80:
         03:a0:b8:ef:cc:64:65:1d:df:19:d6:95:74:b2:6a:07:56:f6:
         31:57:58:87:69:26:aa:57:db:23:ce:86:bc:e2:0b:81:8a:e2:
         90:25:2e:e3:01:57:40:a9:60:d9:81:6b:5d:9f:1a:2e:fe:54:
         6a:04:5b:3d:1e:b9:9b:6c:cd:68:6e:f2:f8:a5:10:47:a1:c8:
         b2:c5:15:85:72:3e:b2:40:79:8a:82:19:00:5b:04:9f:1a:37:
         95:54:b2:a5:b4:69:91:3d:11:83:bd:a4:e8:f8:dd:e3:8b:78:
         0d:e9:87:a7:9b:54:e8:58:93:c4:02:8b:12:cf:91:11:6d:9e:
         5c:af:e3:d6:fa:24:ca:65:3e:a9:17:c6:59:6c:39:5f:6f:fe:
         67:96:41:2d:69:3f:f7:50:cb:09:ee:a9:7f:28:c4:8a:92:64:
         95:62:03:e9:3a:ab:10:9a:8c:4a:66:a4:44:c3:88:5d:82:dc:
         57:d5:db:b1:ce:17:01:3e:36:46:10:1d:16:2d:e0:dd:89:5d:
         3e:1a:65:44:82:ed:58:86:81:87:c1:7c:3c:9b:69:6b:0b:21:
         9c:1d:5e:e2
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYyLVbNi6nARUiX6REEus8TpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIxMDc0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGI1NTZkNDYzNTllOWZiZWY2NTA5MDYwZTg1YWVlN2JhYzAzN2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGcXZsw0oMaRJae3If6z4v9Jn/v9
xSizARdNZBtBvvCzXjnGhEwpR04ee636dY6am+xRpaQFLZEQua08Ekn4ajJTTWH6
j7dJd351AKMj3cZ8iNg2tKY/RawTpJM+8Mc/5eg6yeXHu/Evarkvn9eOuYFwe9Af
XIBXer5Ha4APQrvQD8I/owwUizo/+M46wTBdWig9CezI4tTUbZhR8k3vkDDoq9sz
mchKsjPfa1I+vJZtOWy3+yZkO9ecfadA1zRmc9NuY23qVbnge+Oqc6awsqwKY3j+
/M3jlFVSg0RX1xnLj0Oe3ALGPRLx7+yst+Y7loEf6S3WXAk5RoBZuph6GQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFJC1VtRjWen772UJBg6Frue6wDelMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva0xWVzFHTlo2ZnZ2WlFrR0RvV3U1N3JBTjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAAC
O/8DBAAtWFoDBAAtgVYDBAAtl1kDBABT22EDBABXeFcDBABXeS0DBABXed0DBAFc
d8QDBABde3QwDAMEAF6aoQMEAl6aoAMEAF6cCgMEAF6c7zAMAwQCk05kAwQAk05m
AwQCqxZIAwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKsAwQAueKvAwQAufyw
AwQAwrQkMA0GCSqGSIb3DQEBCwUAA4IBAQBv01dfm+Orx6umeLKMSmqRf+oGPiyq
xIBSsIXPl4/pcccVpYADoLjvzGRlHd8Z1pV0smoHVvYxV1iHaSaqV9sjzoa84guB
iuKQJS7jAVdAqWDZgWtdnxou/lRqBFs9HrmbbM1obvL4pRBHociyxRWFcj6yQHmK
ghkAWwSfGjeVVLKltGmRPRGDvaTo+N3ji3gN6Yenm1ToWJPEAosSz5ERbZ5cr+PW
+iTKZT6pF8ZZbDlfb/5nlkEtaT/3UMsJ7ql/KMSKkmSVYgPpOqsQmoxKZqREw4hd
gtxX1duxzhcBPjZGEB0WLeDdiV0+GmVEgu1YhoGHwXw8m2lrCyGcHV7i
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:41 2024 by rpki-client on console-ams.rpki-client.org