Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tyyd2mvZiFI4LufrVynnoyjmez4.roa
File:                     tyyd2mvZiFI4LufrVynnoyjmez4.roa (raw, json)
Hash identifier:          KVyw+m4K0wFjJksrCasPwx8bmbQQqO6DN3AAQmtSJkA=
Subject key identifier:   B7:2C:9D:DA:6B:D9:88:52:38:2E:E7:EB:57:29:E7:A3:28:E6:7B:3E
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018835E0CCBD2FBD0958705E857183FE6C19
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tyyd2mvZiFI4LufrVynnoyjmez4.roa
Signing time:             Fri 19 May 2023 21:18:24 +0000
ROA not before:           Fri 19 May 2023 21:18:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46308
IP address blocks:        109.206.242.0/24 maxlen: 24
                          2.59.255.0/24 maxlen: 24
                          79.110.49.0/24 maxlen: 24
                          87.121.47.0/24 maxlen: 24
                          87.120.88.0/24 maxlen: 24
                          185.252.179.0/24 maxlen: 24
                          85.208.139.0/24 maxlen: 24
                          185.246.222.0/24 maxlen: 24
                          194.59.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 May 2023 13:31:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:35:e0:cc:bd:2f:bd:09:58:70:5e:85:71:83:fe:6c:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May 19 21:18:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b72c9dda6bd98852382ee7eb5729e7a328e67b3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:65:e8:8a:b5:b7:f0:ce:32:e2:e8:8b:de:fb:
                    25:92:26:e4:64:1c:c1:b2:df:22:7e:fa:1c:01:ef:
                    4c:0f:f3:3d:4f:3f:cb:49:08:07:46:dd:d4:c4:dd:
                    2b:f5:8b:71:d0:48:fd:72:32:19:79:5e:3b:fa:24:
                    b2:9e:40:a3:87:56:8e:74:6e:4d:c3:66:c8:c6:71:
                    70:af:77:c4:12:24:dd:4f:50:60:ff:1a:0a:90:f9:
                    98:b1:fd:b0:21:b9:46:e8:52:7e:0f:95:53:70:12:
                    9b:d2:1c:2b:91:2f:3e:2e:5b:63:0e:b4:25:44:52:
                    97:b6:ee:62:92:b5:18:bd:db:2c:47:23:09:bc:18:
                    69:69:83:88:68:52:72:10:61:24:67:9e:f5:46:21:
                    60:33:2b:f8:eb:fa:1b:df:e5:e2:19:17:79:d7:19:
                    b5:78:8b:0e:d2:f9:04:25:35:43:14:69:6c:84:4f:
                    ce:d1:b2:c2:95:c3:3c:cc:de:27:1e:a2:c1:e6:41:
                    e3:0b:1e:39:9c:90:b1:cb:15:ad:8d:4c:9b:b3:1a:
                    0f:7f:3e:91:36:b6:79:b2:55:29:6e:fb:d1:58:41:
                    d0:05:8f:a2:0d:57:1a:73:55:96:ef:00:f5:54:b2:
                    07:3c:d5:aa:9f:b3:02:b4:89:9b:9a:69:f6:b3:40:
                    34:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:2C:9D:DA:6B:D9:88:52:38:2E:E7:EB:57:29:E7:A3:28:E6:7B:3E
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tyyd2mvZiFI4LufrVynnoyjmez4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.255.0/24
                  79.110.49.0/24
                  85.208.139.0/24
                  87.120.88.0/24
                  87.121.47.0/24
                  109.206.242.0/24
                  185.246.222.0/24
                  185.252.179.0/24
                  194.59.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:c1:b5:d4:47:d9:6a:33:63:ce:b1:fd:65:88:65:c0:ad:f2:
         b1:9b:2b:64:cd:ab:9b:a1:7d:b8:0f:36:b0:b6:3f:3d:6f:dd:
         2e:0d:10:f2:f0:ae:d3:2b:5b:81:39:11:36:17:4f:c1:ea:d8:
         ef:db:1f:47:2f:53:1d:f2:77:54:60:c9:de:fa:c0:5c:49:39:
         b0:18:f1:be:33:98:dd:bd:82:77:26:56:0e:6f:1a:54:fe:a0:
         2d:8c:b2:5c:5b:fc:f4:d1:9f:f2:b7:06:62:d8:11:4d:b1:02:
         13:37:f8:cd:68:89:4e:b0:33:38:1c:57:72:d9:d6:9b:c4:d6:
         41:7e:2e:11:c2:b5:6c:8c:16:9b:77:72:a7:84:9f:78:c7:4c:
         0d:44:f4:63:66:02:1b:16:27:f8:3d:ca:da:7f:fb:74:5e:fb:
         70:08:04:bb:8a:cc:8e:94:a6:d3:91:65:a0:79:20:ce:17:b2:
         67:fb:9e:12:ff:9e:42:25:81:e6:af:1c:da:4f:b6:79:7d:f9:
         ff:bc:38:71:20:58:fc:cf:59:e5:9b:4e:f0:40:d0:a5:97:24:
         ad:27:ea:03:83:ca:4b:f1:b3:9e:8f:6d:d2:a3:d5:3d:89:a7:
         1e:9c:b8:53:5a:2d:6f:7d:14:cd:47:e4:b8:4b:d2:72:ef:d0:
         b8:8e:db:c9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYg14My9L70JWHBehXGD/mwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MjExODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzJjOWRkYTZiZDk4ODUyMzgyZWU3ZWI1NzI5ZTdhMzI4ZTY3YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmXoirW38M4y4uiL3vslkibkZBzB
st8ifvocAe9MD/M9Tz/LSQgHRt3UxN0r9Ytx0Ej9cjIZeV47+iSynkCjh1aOdG5N
w2bIxnFwr3fEEiTdT1Bg/xoKkPmYsf2wIblG6FJ+D5VTcBKb0hwrkS8+LltjDrQl
RFKXtu5ikrUYvdssRyMJvBhpaYOIaFJyEGEkZ571RiFgMyv46/ob3+XiGRd51xm1
eIsO0vkEJTVDFGlshE/O0bLClcM8zN4nHqLB5kHjCx45nJCxyxWtjUybsxoPfz6R
NrZ5slUpbvvRWEHQBY+iDVcac1WW7wD1VLIHPNWqn7MCtImbmmn2s0A0IQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLcsndpr2YhSOC7n61cp56Mo5ns+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdHl5ZDJtdlppRkk0THVmclZ5bm5veWptZXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjv/AwQA
T24xAwQAVdCLAwQAV3hYAwQAV3kvAwQAbc7yAwQAufbeAwQAufyzAwQAwjsfMA0G
CSqGSIb3DQEBCwUAA4IBAQCQwbXUR9lqM2POsf1liGXArfKxmytkzauboX24Dzaw
tj89b90uDRDy8K7TK1uBORE2F0/B6tjv2x9HL1Md8ndUYMne+sBcSTmwGPG+M5jd
vYJ3JlYObxpU/qAtjLJcW/z00Z/ytwZi2BFNsQITN/jNaIlOsDM4HFdy2dabxNZB
fi4RwrVsjBabd3KnhJ94x0wNRPRjZgIbFif4Pcraf/t0XvtwCAS7isyOlKbTkWWg
eSDOF7Jn+54S/55CJYHmrxzaT7Z5ffn/vDhxIFj8z1nlm07wQNCllyStJ+oDg8pL
8bOej23So9U9iacenLhTWi1vfRTNR+S4S9Jy79C4jtvJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:20 2024 by rpki-client on console-fra.rpki-client.org