Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qLz6xUijz9eW-5v-uj6Us5WfGw0.roa
File:                     qLz6xUijz9eW-5v-uj6Us5WfGw0.roa (raw, json)
Hash identifier:          3mvfXctO6xdgrNtDBNtkTf6SQm7j+4oBgE3cR0q/nyw=
Subject key identifier:   A8:BC:FA:C5:48:A3:CF:D7:96:FB:9B:FE:BA:3E:94:B3:95:9F:1B:0D
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018D5E2D3E6D53365984997AF51359C5C699
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qLz6xUijz9eW-5v-uj6Us5WfGw0.roa
Signing time:             Wed 31 Jan 2024 06:20:39 +0000
ROA not before:           Wed 31 Jan 2024 06:20:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207459
IP address blocks:        45.8.93.0/24 maxlen: 24
                          45.12.255.0/24 maxlen: 24
                          45.66.228.0/24 maxlen: 24
                          79.110.50.0/24 maxlen: 24
                          82.115.211.0/24 maxlen: 24
                          87.121.105.0/24 maxlen: 24
                          94.156.176.0/24 maxlen: 24
                          178.215.238.0/24 maxlen: 24
                          193.37.47.0/24 maxlen: 24
                          193.149.28.0/24 maxlen: 24
                          193.149.29.0/24 maxlen: 24
                          193.149.30.0/24 maxlen: 24
                          193.149.31.0/24 maxlen: 24
                          194.180.36.0/24 maxlen: 24
                          212.87.207.0/24 maxlen: 24
                          212.115.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 22 Feb 2024 08:44:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:5e:2d:3e:6d:53:36:59:84:99:7a:f5:13:59:c5:c6:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan 31 06:20:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a8bcfac548a3cfd796fb9bfeba3e94b3959f1b0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:41:e6:f5:2f:56:54:d7:ea:b0:dc:75:f0:84:
                    f9:91:06:3e:07:46:22:38:57:2e:d3:46:ae:a5:20:
                    9d:ef:79:7e:25:d3:f6:d7:b6:5c:82:7e:74:13:b6:
                    f3:2e:f9:02:4f:e3:92:60:c4:9a:3c:9d:43:49:45:
                    7e:ec:6d:06:d1:8c:01:58:4b:a3:46:02:2d:8a:cc:
                    92:7c:12:38:df:d7:24:b5:cf:00:92:05:12:a4:dd:
                    c6:6e:0e:bb:ce:d9:53:78:65:01:8b:6a:66:ac:0a:
                    66:32:c5:9f:26:7f:88:1c:d2:92:6c:16:42:20:12:
                    0b:61:4c:c0:b9:f0:d0:3d:ae:aa:2c:df:37:49:43:
                    b8:cf:5f:09:f7:7c:c6:67:fd:5b:7b:d4:3b:78:51:
                    17:9a:a1:73:b0:a7:f3:c4:dd:78:be:c2:7e:52:2a:
                    68:0b:22:5f:17:5e:dd:b7:07:51:61:bb:b6:64:3f:
                    74:e8:f6:a6:80:b0:e2:3f:c0:cd:af:b1:62:d0:e5:
                    ee:39:0c:81:19:a5:58:10:1f:d4:30:df:49:6a:fc:
                    8b:a4:ae:10:90:e0:5b:30:e4:d7:2d:17:22:95:f8:
                    50:73:a5:c5:00:5d:b0:77:47:04:40:2c:0b:02:dd:
                    43:6b:8d:ff:9b:ef:f0:0b:49:6b:38:e5:21:1c:f6:
                    78:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:BC:FA:C5:48:A3:CF:D7:96:FB:9B:FE:BA:3E:94:B3:95:9F:1B:0D
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qLz6xUijz9eW-5v-uj6Us5WfGw0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.93.0/24
                  45.12.255.0/24
                  45.66.228.0/24
                  79.110.50.0/24
                  82.115.211.0/24
                  87.121.105.0/24
                  94.156.176.0/24
                  178.215.238.0/24
                  193.37.47.0/24
                  193.149.28.0/22
                  194.180.36.0/24
                  212.87.207.0/24
                  212.115.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:ac:a5:95:26:ef:2a:f9:33:01:37:1c:92:78:da:ea:f2:62:
         e9:9f:44:e7:12:31:b8:6f:44:13:45:0b:dd:70:28:fa:1b:96:
         8b:df:e2:ad:c0:ca:12:fc:b6:6d:13:1c:0e:27:76:a3:a5:e9:
         97:fe:f7:00:ac:68:c1:d0:01:32:55:8b:53:b8:50:b2:df:81:
         0f:f6:30:6e:cb:34:db:91:e8:09:31:3c:25:a1:b4:e7:47:53:
         9f:e7:61:57:64:fb:fd:a9:d8:e2:48:aa:4e:5c:29:d4:c5:1e:
         68:6e:8a:13:63:64:c5:d5:bb:d2:60:51:14:a5:da:f9:49:29:
         d7:ff:e6:7d:d9:bb:09:e6:2e:96:03:72:21:9d:e3:3e:5d:d0:
         91:12:e2:06:2c:c1:f3:b1:30:2a:91:64:54:7c:ca:54:5d:7d:
         74:86:67:e6:ff:4f:4a:e9:9c:59:42:83:1d:c8:bd:45:04:9f:
         20:7d:1d:30:67:97:05:32:6c:19:63:cc:09:af:f4:2f:87:0d:
         89:53:11:7b:39:51:bd:cd:5d:fc:69:0c:39:24:f2:cc:58:d6:
         b8:22:df:23:e5:fb:48:b9:0e:07:ed:8e:eb:fe:29:25:5a:bb:
         81:a8:2b:91:94:5a:ba:f3:df:07:22:1b:ec:35:35:da:0f:75:
         d9:7e:63:30
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY1eLT5tUzZZhJl69RNZxcaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTMxMDYyMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGJjZmFjNTQ4YTNjZmQ3OTZmYjliZmViYTNlOTRiMzk1OWYxYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0Hm9S9WVNfqsNx18IT5kQY+B0Yi
OFcu00aupSCd73l+JdP217Zcgn50E7bzLvkCT+OSYMSaPJ1DSUV+7G0G0YwBWEuj
RgItisySfBI439cktc8AkgUSpN3Gbg67ztlTeGUBi2pmrApmMsWfJn+IHNKSbBZC
IBILYUzAufDQPa6qLN83SUO4z18J93zGZ/1be9Q7eFEXmqFzsKfzxN14vsJ+Uipo
CyJfF17dtwdRYbu2ZD906PamgLDiP8DNr7Fi0OXuOQyBGaVYEB/UMN9JavyLpK4Q
kOBbMOTXLRcilfhQc6XFAF2wd0cEQCwLAt1Da43/m+/wC0lrOOUhHPZ4+wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFKi8+sVIo8/Xlvub/ro+lLOVnxsNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcUx6NnhVaWp6OWVXLTV2LXVqNlVzNVdmR3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQhdAwQA
LQz/AwQALULkAwQAT24yAwQAUnPTAwQAV3lpAwQAXpywAwQAstfuAwQAwSUvAwQC
wZUcAwQAwrQkAwQA1FfPAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQAlrKWVJu8q
+TMBNxySeNrq8mLpn0TnEjG4b0QTRQvdcCj6G5aL3+KtwMoS/LZtExwOJ3ajpemX
/vcArGjB0AEyVYtTuFCy34EP9jBuyzTbkegJMTwlobTnR1Of52FXZPv9qdjiSKpO
XCnUxR5obooTY2TF1bvSYFEUpdr5SSnX/+Z92bsJ5i6WA3IhneM+XdCREuIGLMHz
sTAqkWRUfMpUXX10hmfm/09K6ZxZQoMdyL1FBJ8gfR0wZ5cFMmwZY8wJr/Qvhw2J
UxF7OVG9zV38aQw5JPLMWNa4It8j5ftIuQ4H7Y7r/iklWruBqCuRlFq6898HIhvs
NTXaD3XZfmMw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:44 2024 by rpki-client on console-ams.rpki-client.org