Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x6afiqfRSkkmq7D0fo6Nxf9Ay5g.roa
File:                     x6afiqfRSkkmq7D0fo6Nxf9Ay5g.roa (raw, json)
Hash identifier:          0AqcNNcnbPv+i/z4Tlg4iGvPPltUWsujevoGy387HKQ=
Subject key identifier:   C7:A6:9F:8A:A7:D1:4A:49:26:AB:B0:F4:7E:8E:8D:C5:FF:40:CB:98
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018B5B0B6A453FA568E5AB1FDC03D362E6BB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x6afiqfRSkkmq7D0fo6Nxf9Ay5g.roa
Signing time:             Mon 23 Oct 2023 05:39:16 +0000
ROA not before:           Mon 23 Oct 2023 05:39:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8100
IP address blocks:        94.156.2.0/24 maxlen: 24
                          91.92.16.0/24 maxlen: 24
                          87.120.192.0/23 maxlen: 24
                          91.92.27.0/24 maxlen: 24
                          193.58.121.0/24 maxlen: 24
                          193.58.123.0/24 maxlen: 24
                          87.121.38.0/24 maxlen: 24
                          94.156.152.0/24 maxlen: 24
                          45.8.92.0/24 maxlen: 24
                          94.156.154.0/23 maxlen: 24
                          87.121.60.0/22 maxlen: 24
                          91.92.67.0/24 maxlen: 24
                          45.139.123.0/24 maxlen: 24
                          94.154.160.0/23 maxlen: 24
                          94.154.173.0/24 maxlen: 24
                          212.87.205.0/24 maxlen: 24
                          94.156.237.0/24 maxlen: 24
                          94.156.238.0/24 maxlen: 24
                          87.121.146.0/23 maxlen: 24
                          93.123.76.0/22 maxlen: 24
                          141.98.5.0/24 maxlen: 24
                          185.252.177.0/24 maxlen: 24
                          94.156.178.0/24 maxlen: 24
                          193.47.62.0/24 maxlen: 24
                          94.156.180.0/23 maxlen: 24
                          87.121.104.0/24 maxlen: 24
                          93.123.24.0/24 maxlen: 24
                          87.121.103.0/24 maxlen: 24
                          93.123.26.0/23 maxlen: 24
                          87.121.114.0/23 maxlen: 24
                          93.123.112.0/22 maxlen: 24
                          93.123.119.0/24 maxlen: 24
                          5.253.58.0/23 maxlen: 24
                          193.25.219.0/24 maxlen: 24
                          5.253.56.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 23 Oct 2023 13:38:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:5b:0b:6a:45:3f:a5:68:e5:ab:1f:dc:03:d3:62:e6:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Oct 23 05:39:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c7a69f8aa7d14a4926abb0f47e8e8dc5ff40cb98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:e0:6b:1b:19:50:ab:35:7a:d8:c5:a0:60:85:
                    f2:0a:ed:4a:b4:62:bf:33:84:d3:df:84:5f:ab:4e:
                    7d:e9:19:1b:dd:e1:44:ba:dd:78:68:8c:63:0e:a4:
                    ee:c3:89:91:18:5b:bb:e2:ad:9e:9a:00:68:f2:29:
                    9a:f9:f4:d7:a6:76:ec:db:fc:f7:19:0c:7a:30:c9:
                    1d:4a:02:a6:98:3b:8e:a4:40:f1:d5:20:5b:43:a7:
                    5f:df:08:00:70:4f:d7:b2:19:1a:b1:f0:7f:78:86:
                    11:45:bf:2f:9a:3d:fb:82:60:f5:22:4c:1d:40:09:
                    5b:17:d2:27:ce:9e:82:67:0b:26:b3:be:c8:ba:a9:
                    cd:f0:8e:19:c4:2c:96:5f:00:e6:88:c7:8e:5f:f4:
                    ac:25:3f:6e:b7:2a:fe:29:b0:c3:4f:06:93:52:b8:
                    c5:9c:ac:f5:3e:7b:2e:a9:c1:6c:40:b8:28:20:2d:
                    2e:26:2e:72:e4:e7:fa:ae:f2:80:7e:f1:13:8c:22:
                    dd:3b:a0:e8:f9:6c:20:74:ac:63:f5:b3:87:1b:cc:
                    7a:3f:29:2f:bf:9a:28:3d:42:72:d1:19:b0:d6:11:
                    4f:7a:86:20:55:70:9f:1e:9e:c2:09:f2:9f:fa:fc:
                    07:1d:da:48:1e:9a:52:ab:28:2e:cd:ce:21:70:f1:
                    3c:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:A6:9F:8A:A7:D1:4A:49:26:AB:B0:F4:7E:8E:8D:C5:FF:40:CB:98
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x6afiqfRSkkmq7D0fo6Nxf9Ay5g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.56.0/22
                  45.8.92.0/24
                  45.139.123.0/24
                  87.120.192.0/23
                  87.121.38.0/24
                  87.121.60.0/22
                  87.121.103.0-87.121.104.255
                  87.121.114.0/23
                  87.121.146.0/23
                  91.92.16.0/24
                  91.92.27.0/24
                  91.92.67.0/24
                  93.123.24.0/24
                  93.123.26.0/23
                  93.123.76.0/22
                  93.123.112.0/22
                  93.123.119.0/24
                  94.154.160.0/23
                  94.154.173.0/24
                  94.156.2.0/24
                  94.156.152.0/24
                  94.156.154.0/23
                  94.156.178.0/24
                  94.156.180.0/23
                  94.156.237.0-94.156.238.255
                  141.98.5.0/24
                  185.252.177.0/24
                  193.25.219.0/24
                  193.47.62.0/24
                  193.58.121.0/24
                  193.58.123.0/24
                  212.87.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:6b:1b:5e:e4:25:90:05:e7:c7:94:ce:54:96:1b:16:32:ec:
         1a:a3:7e:ef:53:8a:f2:7d:dd:56:19:76:5c:8f:1a:92:36:42:
         fd:bf:92:ac:87:89:9f:26:34:c2:e0:da:26:1d:bd:bc:f6:8c:
         fc:3f:d3:16:98:03:62:a3:6c:45:5e:fb:2f:e7:0b:63:28:c6:
         9b:86:8a:2d:04:05:5e:c3:3a:87:bf:e4:ac:6f:0a:4f:73:e2:
         9f:de:6b:27:06:35:a2:01:aa:5b:70:a7:76:19:04:e3:da:07:
         d9:5d:4b:cb:71:f4:5c:45:96:d2:81:9c:86:fa:f6:39:06:e3:
         60:be:8d:5e:f0:fa:ac:85:40:08:d0:b8:61:3e:4f:53:f4:3d:
         4b:3d:68:d9:0e:c0:d8:67:17:ee:9d:d1:41:63:e0:2b:75:4b:
         b8:c6:db:d1:14:33:4b:7e:6d:e9:9f:71:b2:8f:5a:4b:e2:3e:
         11:3f:2a:76:57:31:f9:b0:22:19:02:c6:82:2b:8b:f0:6d:ab:
         a1:90:62:45:6d:5d:50:71:c0:2d:37:9e:76:2c:46:06:92:07:
         5e:3d:42:b9:27:94:15:07:5c:1d:7b:65:73:1d:d5:e5:f9:f1:
         21:e4:63:21:14:b5:01:25:5d:14:1b:75:df:e3:77:8d:73:ad:
         6b:df:97:c5
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAYtbC2pFP6Vo5asf3APTYua7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDIzMDUzOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2E2OWY4YWE3ZDE0YTQ5MjZhYmIwZjQ3ZThlOGRjNWZmNDBjYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOBrGxlQqzV62MWgYIXyCu1KtGK/
M4TT34Rfq0596Rkb3eFEut14aIxjDqTuw4mRGFu74q2emgBo8ima+fTXpnbs2/z3
GQx6MMkdSgKmmDuOpEDx1SBbQ6df3wgAcE/XshkasfB/eIYRRb8vmj37gmD1Ikwd
QAlbF9Inzp6CZwsms77IuqnN8I4ZxCyWXwDmiMeOX/SsJT9utyr+KbDDTwaTUrjF
nKz1PnsuqcFsQLgoIC0uJi5y5Of6rvKAfvETjCLdO6Do+WwgdKxj9bOHG8x6Pykv
v5ooPUJy0Rmw1hFPeoYgVXCfHp7CCfKf+vwHHdpIHppSqyguzc4hcPE8KwIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFMemn4qn0UpJJquw9H6OjcX/QMuYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveDZhZmlxZlJTa2ttcTdEMGZvNk54ZjlBeTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBAIF
/TgDBAAtCFwDBAAti3sDBAFXeMADBABXeSYDBAJXeTwwDAMEAFd5ZwMEAFd5aAME
AVd5cgMEAVd5kgMEAFtcEAMEAFtcGwMEAFtcQwMEAF17GAMEAV17GgMEAl17TAME
Al17cAMEAF17dwMEAV6aoAMEAF6arQMEAF6cAgMEAF6cmAMEAV6cmgMEAF6csgME
AV6ctDAMAwQAXpztAwQAXpzuAwQAjWIFAwQAufyxAwQAwRnbAwQAwS8+AwQAwTp5
AwQAwTp7AwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQB6axte5CWQBefHlM5UlhsW
Muwao37vU4ryfd1WGXZcjxqSNkL9v5Ksh4mfJjTC4NomHb289oz8P9MWmANio2xF
Xvsv5wtjKMabhootBAVewzqHv+SsbwpPc+Kf3msnBjWiAapbcKd2GQTj2gfZXUvL
cfRcRZbSgZyG+vY5BuNgvo1e8PqshUAI0LhhPk9T9D1LPWjZDsDYZxfundFBY+Ar
dUu4xtvRFDNLfm3pn3Gyj1pL4j4RPyp2VzH5sCIZAsaCK4vwbauhkGJFbV1QccAt
N552LEYGkgdePUK5J5QVB1wde2VzHdXl+fEh5GMhFLUBJV0UG3Xf43eNc61r35fF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:21 2024 by rpki-client on console-fra.rpki-client.org