Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oeOvZrdQHYqxA5hw8JH0nlV-aiw.roa
File:                     oeOvZrdQHYqxA5hw8JH0nlV-aiw.roa (raw, json)
Hash identifier:          h6sChZo5HGVx5ofRWfUnVgoKNpqNF4yBGe8SUpLD6qs=
Subject key identifier:   A1:E3:AF:66:B7:50:1D:8A:B1:03:98:70:F0:91:F4:9E:55:7E:6A:2C
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018A818E2B12CE949A90F3B4433129FC39AF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oeOvZrdQHYqxA5hw8JH0nlV-aiw.roa
Signing time:             Mon 11 Sep 2023 00:04:52 +0000
ROA not before:           Mon 11 Sep 2023 00:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        87.120.68.0/23 maxlen: 24
                          164.40.185.0/24 maxlen: 24
                          93.123.74.0/23 maxlen: 23
                          194.180.37.0/24 maxlen: 24
                          45.14.167.0/24 maxlen: 24
                          83.219.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Sep 2023 17:03:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:81:8e:2b:12:ce:94:9a:90:f3:b4:43:31:29:fc:39:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Sep 11 00:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a1e3af66b7501d8ab1039870f091f49e557e6a2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:5d:19:f0:bf:60:7c:c1:8e:00:6d:49:0e:d1:
                    bd:33:2d:e8:50:83:1e:5e:9b:67:0a:93:22:88:e2:
                    2b:88:d6:19:8a:1f:66:84:f1:b8:16:c3:d5:77:d6:
                    da:ca:cc:c6:92:8a:5f:f0:98:69:7d:bf:09:24:db:
                    b7:e5:84:c5:2b:fc:32:8a:59:4c:6e:38:a6:36:45:
                    6b:da:e0:01:2f:61:d8:02:5c:ff:af:71:89:44:eb:
                    d1:5f:57:10:cc:40:60:4b:eb:47:46:5b:2a:77:71:
                    05:ff:4e:e3:43:50:bf:74:00:3c:3c:6c:69:e4:d8:
                    87:6b:bd:70:34:16:dc:85:28:a0:11:05:3a:4f:77:
                    f3:f6:ce:9c:d6:d8:76:50:19:be:29:af:11:8b:65:
                    96:09:88:91:c3:27:7c:3c:3f:12:77:d3:d3:1e:a6:
                    d9:d6:4c:f1:e9:9a:e7:68:32:59:2c:fe:39:ee:78:
                    38:45:08:52:32:c3:87:6f:70:1e:8e:a5:a4:06:39:
                    0b:cf:96:9d:d7:8a:39:24:e6:6c:a7:93:da:b4:ef:
                    6d:ac:29:1a:3f:58:08:61:92:09:86:63:7b:7d:c7:
                    94:2a:02:2f:85:48:c4:ca:ed:29:b2:d4:19:12:74:
                    19:29:37:1f:81:61:89:d9:5a:e7:bb:db:24:d6:aa:
                    0b:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:E3:AF:66:B7:50:1D:8A:B1:03:98:70:F0:91:F4:9E:55:7E:6A:2C
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oeOvZrdQHYqxA5hw8JH0nlV-aiw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.14.167.0/24
                  83.219.99.0/24
                  87.120.68.0/23
                  93.123.74.0/23
                  164.40.185.0/24
                  194.180.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:da:b2:2b:d5:d1:55:93:8d:af:87:60:de:d1:ac:55:df:9d:
         93:4e:d5:d5:af:a3:80:89:2c:3c:01:0f:57:12:a6:09:2a:7a:
         1b:3c:59:f3:49:bf:2c:e1:d3:b6:8a:c6:63:ca:63:70:25:d0:
         a5:7a:70:0e:f0:87:ff:5f:d0:55:dd:2b:87:a1:7f:d4:e6:8c:
         85:66:d3:f0:db:3f:b5:b4:98:9f:7b:60:e2:1b:25:0e:b5:1e:
         d8:58:dc:2f:f1:50:22:18:a6:1f:ec:cb:0d:3e:6d:d2:86:08:
         a8:48:36:4c:2c:9b:35:de:fa:16:1d:a0:6b:f2:78:31:d3:1b:
         fe:36:27:50:7b:93:08:8b:d7:78:d8:d5:06:ee:d1:ec:ff:67:
         89:f3:56:2e:fd:e6:6b:da:2a:c1:5c:f7:9b:bf:c1:34:37:0c:
         91:5b:03:4b:8c:1e:ec:8f:4e:b8:8f:31:f2:b3:e5:54:01:af:
         1f:ac:84:72:a0:c5:dc:77:94:1e:43:cd:f3:1e:f2:c0:24:ae:
         7c:f8:35:65:92:50:ed:fc:7e:28:dc:97:bc:2b:d5:9b:87:ce:
         dc:2c:1d:48:e0:ee:01:c7:fd:e6:18:0c:48:d0:87:2b:03:aa:
         6a:a6:99:23:c2:0f:f4:7c:3a:7a:28:0b:27:1f:26:d5:44:21:
         6f:e9:66:bc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYqBjisSzpSakPO0QzEp/DmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTExMDAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWUzYWY2NmI3NTAxZDhhYjEwMzk4NzBmMDkxZjQ5ZTU1N2U2YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV0Z8L9gfMGOAG1JDtG9My3oUIMe
XptnCpMiiOIriNYZih9mhPG4FsPVd9bayszGkopf8Jhpfb8JJNu35YTFK/wyillM
bjimNkVr2uABL2HYAlz/r3GJROvRX1cQzEBgS+tHRlsqd3EF/07jQ1C/dAA8PGxp
5NiHa71wNBbchSigEQU6T3fz9s6c1th2UBm+Ka8Ri2WWCYiRwyd8PD8Sd9PTHqbZ
1kzx6ZrnaDJZLP457ng4RQhSMsOHb3AejqWkBjkLz5ad14o5JOZsp5PatO9trCka
P1gIYZIJhmN7fceUKgIvhUjEyu0pstQZEnQZKTcfgWGJ2Vrnu9sk1qoLeQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKHjr2a3UB2KsQOYcPCR9J5VfmosMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvb2VPdlpyZFFIWXF4QTVodzhKSDBubFYtYWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQ6nAwQA
U9tjAwQBV3hEAwQBXXtKAwQApCi5AwQAwrQlMA0GCSqGSIb3DQEBCwUAA4IBAQAw
2rIr1dFVk42vh2De0axV352TTtXVr6OAiSw8AQ9XEqYJKnobPFnzSb8s4dO2isZj
ymNwJdClenAO8If/X9BV3SuHoX/U5oyFZtPw2z+1tJife2DiGyUOtR7YWNwv8VAi
GKYf7MsNPm3ShgioSDZMLJs13voWHaBr8ngx0xv+NidQe5MIi9d42NUG7tHs/2eJ
81Yu/eZr2irBXPebv8E0NwyRWwNLjB7sj064jzHys+VUAa8frIRyoMXcd5QeQ83z
HvLAJK58+DVlklDt/H4o3Je8K9Wbh87cLB1I4O4Bx/3mGAxI0IcrA6pqppkjwg/0
fDp6KAsnHybVRCFv6Wa8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:43 2024 by rpki-client on console-ams.rpki-client.org