Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/VDtS6pP0tTaCC-yY2T3nPMWThqI.roa
File:                     VDtS6pP0tTaCC-yY2T3nPMWThqI.roa (raw, json)
Hash identifier:          Sw4y5XxLz6Ip07/0tn2waJDSY5ROVKwgN9Nki5Zf93I=
Subject key identifier:   54:3B:52:EA:93:F4:B5:36:82:0B:EC:98:D9:3D:E7:3C:C5:93:86:A2
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       018726DE51729481174F2C6A10B9B60646B3
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/VDtS6pP0tTaCC-yY2T3nPMWThqI.roa
Signing time:             Tue 28 Mar 2023 06:18:36 +0000
ROA not before:           Tue 28 Mar 2023 06:18:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197897
IP address blocks:        88.203.249.0/24 maxlen: 24
                          88.203.250.0/24 maxlen: 24
                          88.203.248.0/24 maxlen: 24
                          88.203.251.0/24 maxlen: 24
                          88.203.248.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:26:de:51:72:94:81:17:4f:2c:6a:10:b9:b6:06:46:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Mar 28 06:18:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=543b52ea93f4b536820bec98d93de73cc59386a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:01:56:ac:8b:a2:d7:e8:3f:d1:07:f3:f6:13:
                    c4:d5:53:22:b9:ca:ac:5f:41:e1:04:3c:c0:58:dd:
                    bd:82:f4:e3:d5:3f:90:68:b0:99:d7:20:34:1f:3b:
                    46:12:36:f2:2b:b0:98:4e:99:14:32:cd:83:e0:f0:
                    64:10:d2:38:09:1c:f5:ac:f9:32:f6:17:51:ae:89:
                    26:92:0f:e1:37:8b:77:39:ea:89:dc:fb:98:5b:93:
                    70:51:5c:f9:f7:06:c4:49:5b:67:cb:02:2f:9c:f8:
                    5a:1d:8b:89:08:ed:77:0f:ab:04:2c:b1:10:3a:ff:
                    28:8e:46:4f:2d:e1:d5:88:b1:86:e3:aa:ac:3b:e9:
                    df:6c:ff:c6:19:97:18:d5:88:84:9a:4b:7b:23:19:
                    9f:78:e1:c2:d4:69:9c:5a:ea:fb:dc:2a:86:07:aa:
                    9b:23:15:99:f3:ea:cd:4c:6e:08:fc:aa:14:85:ba:
                    62:82:7c:6a:0e:b1:ed:db:bc:cd:26:c6:c8:18:b4:
                    d3:e6:6b:74:2c:30:71:c3:21:a3:a0:4d:5b:27:dc:
                    35:70:94:c0:f0:13:d2:d1:6d:fe:ff:a2:f5:29:b3:
                    3f:5f:a4:7c:2b:3b:7c:ce:ad:4c:14:b6:c0:8a:84:
                    62:05:7c:85:67:b0:d4:ca:6b:b7:f0:21:bd:6e:57:
                    47:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:3B:52:EA:93:F4:B5:36:82:0B:EC:98:D9:3D:E7:3C:C5:93:86:A2
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/VDtS6pP0tTaCC-yY2T3nPMWThqI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.203.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         36:78:dd:b3:1e:4d:e6:ab:03:80:06:f6:d1:0c:de:1e:77:3c:
         51:8b:1f:13:20:a8:1a:42:01:e1:43:7f:fd:78:d8:f4:27:15:
         9b:c7:8f:bf:d6:e9:73:ca:35:8a:90:0c:9c:9c:bd:6a:b6:36:
         8c:e1:ab:6e:3a:5f:9a:49:ff:ac:dc:95:3d:eb:00:6d:ad:d1:
         d3:f9:ca:ff:67:05:0e:c6:7f:3e:a2:37:b0:0d:ae:2c:37:8e:
         5a:79:76:86:86:a8:67:f3:9e:2a:19:58:41:c1:d2:b3:90:18:
         24:57:09:36:5f:73:12:0d:ac:50:e2:cf:87:d6:a6:7b:bb:e4:
         6a:0b:6c:14:17:56:52:6c:3a:a9:de:95:36:0f:3e:d0:68:4a:
         a6:b9:f0:88:c6:d9:8f:aa:36:b5:48:46:65:f8:3a:de:d1:4c:
         53:0e:5f:e1:20:cd:53:f7:a1:0f:d9:c7:8b:36:66:3b:60:47:
         a1:6a:6d:e1:09:32:57:e0:1c:8a:80:ff:01:fa:e6:24:9b:87:
         89:1e:4c:4d:db:37:ba:32:21:a4:3f:a4:02:61:f3:96:91:a2:
         e2:ee:16:95:42:70:7d:f4:d8:60:37:65:a4:49:db:86:05:5d:
         17:08:b9:8d:65:e4:e5:b9:76:3f:97:58:f8:65:eb:06:4d:19:
         6d:27:02:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcm3lFylIEXTyxqELm2BkazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMwMzI4MDYxODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDNiNTJlYTkzZjRiNTM2ODIwYmVjOThkOTNkZTczY2M1OTM4NmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwFWrIui1+g/0Qfz9hPE1VMiucqs
X0HhBDzAWN29gvTj1T+QaLCZ1yA0HztGEjbyK7CYTpkUMs2D4PBkENI4CRz1rPky
9hdRrokmkg/hN4t3OeqJ3PuYW5NwUVz59wbESVtnywIvnPhaHYuJCO13D6sELLEQ
Ov8ojkZPLeHViLGG46qsO+nfbP/GGZcY1YiEmkt7IxmfeOHC1GmcWur73CqGB6qb
IxWZ8+rNTG4I/KoUhbpignxqDrHt27zNJsbIGLTT5mt0LDBxwyGjoE1bJ9w1cJTA
8BPS0W3+/6L1KbM/X6R8Kzt8zq1MFLbAioRiBXyFZ7DUymu38CG9bldHOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQ7UuqT9LU2ggvsmNk95zzFk4aiMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvVkR0UzZwUDB0VGFDQy15WTJUM25QTVdUaHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWMv4MA0G
CSqGSIb3DQEBCwUAA4IBAQA2eN2zHk3mqwOABvbRDN4edzxRix8TIKgaQgHhQ3/9
eNj0JxWbx4+/1ulzyjWKkAycnL1qtjaM4atuOl+aSf+s3JU96wBtrdHT+cr/ZwUO
xn8+ojewDa4sN45aeXaGhqhn854qGVhBwdKzkBgkVwk2X3MSDaxQ4s+H1qZ7u+Rq
C2wUF1ZSbDqp3pU2Dz7QaEqmufCIxtmPqja1SEZl+Dre0UxTDl/hIM1T96EP2ceL
NmY7YEeham3hCTJX4ByKgP8B+uYkm4eJHkxN2ze6MiGkP6QCYfOWkaLi7haVQnB9
9NhgN2WkSduGBV0XCLmNZeTluXY/l1j4ZesGTRltJwJR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:52 2024 by rpki-client on console-ams.rpki-client.org