Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/RkEjJKKY_HSAGqwEPXavwqgKV_8.roa
File:                     RkEjJKKY_HSAGqwEPXavwqgKV_8.roa (raw, json)
Hash identifier:          JEHVW515Daqe9OV7X4c4v1/S2OGR6mQcpwvKrqz9B0A=
Subject key identifier:   46:41:23:24:A2:98:FC:74:80:1A:AC:04:3D:76:AF:C2:A8:0A:57:FF
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       0188EF41A6E71E32C0A5DEA01232D64F700C
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/RkEjJKKY_HSAGqwEPXavwqgKV_8.roa
Signing time:             Sat 24 Jun 2023 21:13:57 +0000
ROA not before:           Sat 24 Jun 2023 21:13:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        185.45.94.0/24 maxlen: 24
                          171.22.60.0/23 maxlen: 23
                          5.183.240.0/23 maxlen: 23
                          92.119.24.0/23 maxlen: 23
                          171.22.62.0/23 maxlen: 23
                          5.183.242.0/23 maxlen: 23
                          92.119.26.0/23 maxlen: 23
                          45.14.80.0/24 maxlen: 24
                          45.86.24.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:ef:41:a6:e7:1e:32:c0:a5:de:a0:12:32:d6:4f:70:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Jun 24 21:13:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=46412324a298fc74801aac043d76afc2a80a57ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:7f:b8:07:6b:4e:1f:85:5c:5b:2e:cf:d1:73:
                    13:f8:f5:e5:56:56:00:81:30:4f:8d:0f:f7:2c:b9:
                    d9:12:4d:c0:e0:76:23:74:d7:d1:46:7c:7a:6c:93:
                    86:b9:fb:82:7b:92:a3:90:4b:c1:1b:e9:a8:ed:13:
                    9d:f5:38:8d:2c:d7:e5:2f:77:a0:21:9b:f3:54:7c:
                    bc:30:29:1f:0a:aa:45:c1:fb:af:ce:e5:aa:b4:e9:
                    ee:16:f0:9a:83:60:12:15:25:e9:8a:9c:f9:34:ca:
                    8a:36:0a:76:0d:1c:6d:43:6d:2f:4e:85:dd:7c:8d:
                    25:76:c2:26:05:9d:7b:1a:7f:90:de:b5:f7:30:27:
                    ee:bc:41:b9:4d:bd:ed:7a:51:a3:54:17:52:06:c8:
                    e7:6c:32:64:f2:4e:1b:78:e4:76:04:ac:f4:d1:b6:
                    08:90:6a:64:d4:3f:51:55:1a:a7:08:44:08:fc:48:
                    6e:b3:8d:3d:d4:99:be:fb:5e:76:66:82:b1:b7:16:
                    2b:06:62:6e:d3:1d:3b:78:8c:ed:4e:83:5d:46:b7:
                    91:3c:15:e9:a7:c5:ef:6c:db:35:c6:eb:4b:63:dd:
                    e0:67:95:4b:f2:15:df:04:50:ec:db:f6:6d:44:ad:
                    15:7a:33:a7:c5:0a:07:c7:72:11:dc:1f:ac:9d:a6:
                    a6:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:41:23:24:A2:98:FC:74:80:1A:AC:04:3D:76:AF:C2:A8:0A:57:FF
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/RkEjJKKY_HSAGqwEPXavwqgKV_8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.240.0/22
                  45.14.80.0/24
                  45.86.24.0/22
                  92.119.24.0/22
                  171.22.60.0/22
                  185.45.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:04:5d:2a:40:ff:ba:86:cf:f3:bd:f6:ba:ec:35:87:1e:af:
         a7:28:02:80:15:56:0c:c2:d8:2a:82:ac:f7:8b:c8:55:5d:43:
         21:38:24:49:d5:7e:dc:50:a7:b9:56:f0:66:01:84:df:61:88:
         39:9e:d7:43:46:e5:e7:95:ad:3b:b9:e6:75:48:89:47:77:ec:
         68:04:18:87:53:25:ff:5e:0f:7a:2b:f8:21:78:52:a4:f8:de:
         20:53:bd:17:62:d3:4d:29:ee:7d:44:c3:89:cc:da:2b:7a:de:
         da:80:41:dc:7d:87:9b:e0:66:89:ff:4d:90:72:fb:4d:54:fa:
         75:97:61:b4:45:41:24:37:c7:a1:b1:c4:2e:23:59:b7:88:2a:
         0f:37:87:4b:b3:e8:76:33:10:de:04:01:af:68:73:ef:80:68:
         f3:9c:5e:af:e8:c1:1d:67:b1:b0:15:ce:b5:14:0d:55:3f:b8:
         a6:56:90:bb:40:9e:d3:3e:bd:00:61:a5:bb:6c:74:d9:0f:30:
         3d:fa:bd:46:07:8f:a6:51:d6:ff:60:ce:9c:45:aa:6a:2e:40:
         3b:d8:5b:4d:c5:ab:78:9e:2b:90:5e:c7:63:85:b4:9f:8d:db:
         22:d9:31:80:88:36:a9:72:31:49:e7:5b:7c:51:a2:36:4d:cd:
         e3:6e:f1:05
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYjvQabnHjLApd6gEjLWT3AMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjMwNjI0MjExMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjQxMjMyNGEyOThmYzc0ODAxYWFjMDQzZDc2YWZjMmE4MGE1N2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX+4B2tOH4VcWy7P0XMT+PXlVlYA
gTBPjQ/3LLnZEk3A4HYjdNfRRnx6bJOGufuCe5KjkEvBG+mo7ROd9TiNLNflL3eg
IZvzVHy8MCkfCqpFwfuvzuWqtOnuFvCag2ASFSXpipz5NMqKNgp2DRxtQ20vToXd
fI0ldsImBZ17Gn+Q3rX3MCfuvEG5Tb3telGjVBdSBsjnbDJk8k4beOR2BKz00bYI
kGpk1D9RVRqnCEQI/Ehus4091Jm++152ZoKxtxYrBmJu0x07eIztToNdRreRPBXp
p8XvbNs1xutLY93gZ5VL8hXfBFDs2/ZtRK0VejOnxQoHx3IR3B+snaamGQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEZBIySimPx0gBqsBD12r8KoClf/MB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvUmtFakpLS1lfSFNBR3F3RVBYYXZ3cWdLVl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBbfwAwQA
LQ5QAwQCLVYYAwQCXHcYAwQCqxY8AwQAuS1eMA0GCSqGSIb3DQEBCwUAA4IBAQAy
BF0qQP+6hs/zvfa67DWHHq+nKAKAFVYMwtgqgqz3i8hVXUMhOCRJ1X7cUKe5VvBm
AYTfYYg5ntdDRuXnla07ueZ1SIlHd+xoBBiHUyX/Xg96K/gheFKk+N4gU70XYtNN
Ke59RMOJzNoret7agEHcfYeb4GaJ/02QcvtNVPp1l2G0RUEkN8ehscQuI1m3iCoP
N4dLs+h2MxDeBAGvaHPvgGjznF6v6MEdZ7GwFc61FA1VP7imVpC7QJ7TPr0AYaW7
bHTZDzA9+r1GB4+mUdb/YM6cRapqLkA72FtNxat4niuQXsdjhbSfjdsi2TGAiDap
cjFJ51t8UaI2Tc3jbvEF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:50 2024 by rpki-client on console-ams.rpki-client.org