Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/bdd1e7-b79a-4c21-9ba9-f157c3294d40/1/VfVCahc0u23nSmyOLUmLRUuWrVo.roa
File:                     VfVCahc0u23nSmyOLUmLRUuWrVo.roa (raw, json)
Hash identifier:          lJmqUdhK/R0fjyK8wMcBEDEApRmiyM9BUyjk/s1f/YU=
Subject key identifier:   55:F5:42:6A:17:34:BB:6D:E7:4A:6C:8E:2D:49:8B:45:4B:96:AD:5A
Certificate issuer:       /CN=63b842254bbd6bf33e09d05a458f00a0484cf16f
Certificate serial:       018572835D8BAE032A7C99886B6482D1E223
Authority key identifier: 63:B8:42:25:4B:BD:6B:F3:3E:09:D0:5A:45:8F:00:A0:48:4C:F1:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y7hCJUu9a_M-CdBaRY8AoEhM8W8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/bdd1e7-b79a-4c21-9ba9-f157c3294d40/1/VfVCahc0u23nSmyOLUmLRUuWrVo.roa
Signing time:             Mon 02 Jan 2023 12:44:49 +0000
ROA not before:           Mon 02 Jan 2023 12:44:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58269
IP address blocks:        185.8.60.0/22 maxlen: 22
                          91.220.43.0/24 maxlen: 24
                          2a03:3440::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:83:5d:8b:ae:03:2a:7c:99:88:6b:64:82:d1:e2:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63b842254bbd6bf33e09d05a458f00a0484cf16f
        Validity
            Not Before: Jan  2 12:44:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=55f5426a1734bb6de74a6c8e2d498b454b96ad5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:aa:99:76:a3:20:93:0c:86:17:77:0b:0f:d8:
                    4e:34:72:3a:75:43:ed:11:2b:39:e6:57:a6:61:33:
                    d9:c2:e4:71:cb:5e:65:c5:69:83:d7:c1:cf:7b:83:
                    70:3b:9b:67:a8:54:50:e1:9d:8a:27:d1:52:e7:1c:
                    df:18:53:e0:d2:2b:1a:9e:3c:43:a7:9a:48:e5:8e:
                    10:9e:c8:80:e0:e6:43:e7:3d:0e:0f:aa:35:87:8f:
                    4b:b7:39:b8:3a:0b:b6:76:db:07:24:ed:71:16:68:
                    4b:a8:d4:71:2b:6e:a7:e2:91:74:f1:0e:a3:96:28:
                    4b:d5:56:8e:83:2d:ff:86:ac:36:e8:2b:70:6f:f5:
                    d7:6e:85:6b:0b:57:1d:bd:5c:05:3f:2e:82:f3:27:
                    e3:2f:13:04:7f:6e:ba:9c:2b:e8:7b:85:f4:ec:0d:
                    eb:ee:bd:22:9c:6c:a8:8f:2b:33:ec:88:ed:b6:02:
                    79:a7:84:56:5b:43:3f:91:4e:f2:df:0e:ea:ef:b7:
                    d3:66:45:57:91:78:84:df:1e:5f:53:b6:90:dd:96:
                    0a:dd:6a:5f:0c:9e:79:26:b7:f2:8a:94:e6:64:19:
                    27:24:19:c2:e2:b4:97:fb:38:f9:74:fb:10:0d:cf:
                    d3:fc:da:06:01:c0:a4:90:82:1f:5e:fc:1e:74:0c:
                    75:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:F5:42:6A:17:34:BB:6D:E7:4A:6C:8E:2D:49:8B:45:4B:96:AD:5A
            X509v3 Authority Key Identifier:
                keyid:63:B8:42:25:4B:BD:6B:F3:3E:09:D0:5A:45:8F:00:A0:48:4C:F1:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y7hCJUu9a_M-CdBaRY8AoEhM8W8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/bdd1e7-b79a-4c21-9ba9-f157c3294d40/1/VfVCahc0u23nSmyOLUmLRUuWrVo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/bdd1e7-b79a-4c21-9ba9-f157c3294d40/1/Y7hCJUu9a_M-CdBaRY8AoEhM8W8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.220.43.0/24
                  185.8.60.0/22
                IPv6:
                  2a03:3440::/32

    Signature Algorithm: sha256WithRSAEncryption
         16:25:57:a6:65:6b:73:36:9c:bf:4f:b6:d7:a5:17:99:fd:86:
         34:dc:0e:47:01:55:38:76:4f:aa:8e:28:31:45:68:47:b1:f5:
         06:e1:e6:51:f1:28:8c:4a:ff:e3:6c:b6:25:f4:d8:df:c1:ac:
         fa:3e:a0:d2:6b:9c:c1:e6:51:de:f2:15:3a:d8:67:31:04:fd:
         df:32:8d:1f:2d:2a:6f:9e:93:7e:08:d3:af:bc:42:76:05:55:
         7b:f5:2f:3d:23:ed:ab:28:f5:02:d2:bb:bd:db:86:a0:b2:78:
         b3:a8:5e:8f:12:e6:a6:ba:4c:bd:5a:9a:94:33:52:d2:a5:78:
         90:6c:16:9e:5d:38:54:d4:8a:7e:69:31:c7:76:e9:40:ae:79:
         b1:35:81:89:a4:25:06:0a:aa:66:6e:1b:45:28:14:b9:7d:9c:
         a5:19:e2:88:11:a0:db:a7:03:87:c7:16:ba:e5:94:63:63:39:
         7f:c1:4d:92:ad:8e:91:ac:46:a0:cc:fe:c2:18:03:19:e0:be:
         7a:92:50:bf:bd:eb:dc:10:6c:f8:00:0c:a5:f9:20:dd:78:4e:
         d9:6b:b5:e9:86:b8:00:40:08:02:2c:93:45:90:56:aa:9a:94:
         f4:dc:f1:52:bd:d5:d2:e3:d4:26:48:83:22:6d:89:fe:23:1e:
         75:ee:39:0e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyg12LrgMqfJmIa2SC0eIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYjg0MjI1NGJiZDZiZjMzZTA5ZDA1YTQ1OGYwMGEwNDg0
Y2YxNmYwHhcNMjMwMTAyMTI0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWY1NDI2YTE3MzRiYjZkZTc0YTZjOGUyZDQ5OGI0NTRiOTZhZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aqZdqMgkwyGF3cLD9hONHI6dUPt
ESs55lemYTPZwuRxy15lxWmD18HPe4NwO5tnqFRQ4Z2KJ9FS5xzfGFPg0isanjxD
p5pI5Y4QnsiA4OZD5z0OD6o1h49Ltzm4Ogu2dtsHJO1xFmhLqNRxK26n4pF08Q6j
lihL1VaOgy3/hqw26Ctwb/XXboVrC1cdvVwFPy6C8yfjLxMEf266nCvoe4X07A3r
7r0inGyojysz7IjttgJ5p4RWW0M/kU7y3w7q77fTZkVXkXiE3x5fU7aQ3ZYK3Wpf
DJ55JrfyipTmZBknJBnC4rSX+zj5dPsQDc/T/NoGAcCkkIIfXvwedAx1aQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFX1QmoXNLtt50psji1Ji0VLlq1aMB8GA1UdIwQY
MBaAFGO4QiVLvWvzPgnQWkWPAKBITPFvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTdoQ0pVdTlhX00tQ2RCYVJZOEFvRWhNOFc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9iZGQxZTctYjc5YS00YzIxLTliYTkt
ZjE1N2MzMjk0ZDQwLzEvVmZWQ2FoYzB1MjNuU215T0xVbUxSVXVXclZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9iZGQxZTctYjc5YS00YzIxLTliYTktZjE1N2MzMjk0ZDQw
LzEvWTdoQ0pVdTlhX00tQ2RCYVJZOEFvRWhNOFc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9wrAwQC
uQg8MA0EAgACMAcDBQAqAzRAMA0GCSqGSIb3DQEBCwUAA4IBAQAWJVemZWtzNpy/
T7bXpReZ/YY03A5HAVU4dk+qjigxRWhHsfUG4eZR8SiMSv/jbLYl9Njfwaz6PqDS
a5zB5lHe8hU62GcxBP3fMo0fLSpvnpN+CNOvvEJ2BVV79S89I+2rKPUC0ru924ag
snizqF6PEuamuky9WpqUM1LSpXiQbBaeXThU1Ip+aTHHdulArnmxNYGJpCUGCqpm
bhtFKBS5fZylGeKIEaDbpwOHxxa65ZRjYzl/wU2SrY6RrEagzP7CGAMZ4L56klC/
vevcEGz4AAyl+SDdeE7Za7XphrgAQAgCLJNFkFaqmpT03PFSvdXS49QmSIMibYn+
Ix517jkO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:41 2024 by rpki-client on console-fra.rpki-client.org