Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/rC9leTKmY6SMjrbD1-uPMK7Qp34.roa
File:                     rC9leTKmY6SMjrbD1-uPMK7Qp34.roa (raw, json)
Hash identifier:          92WCWsggvtwXjiwcYhGXA5XbbeO00x2ypLbnu7M8lHc=
Subject key identifier:   AC:2F:65:79:32:A6:63:A4:8C:8E:B6:C3:D7:EB:8F:30:AE:D0:A7:7E
Certificate issuer:       /CN=45b9854b044594e6cf0846fb41de7b0908fb5f72
Certificate serial:       018CC56E0A0942E3BD813E86DD183BEED583
Authority key identifier: 45:B9:85:4B:04:45:94:E6:CF:08:46:FB:41:DE:7B:09:08:FB:5F:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/rC9leTKmY6SMjrbD1-uPMK7Qp34.roa
Signing time:             Mon 01 Jan 2024 14:29:32 +0000
ROA not before:           Mon 01 Jan 2024 14:29:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     24679
IP address blocks:        217.175.224.0/19 maxlen: 24
                          195.47.229.0/24 maxlen: 24
                          193.201.52.0/22 maxlen: 24
                          81.3.0.0/18 maxlen: 24
                          83.246.0.0/17 maxlen: 24
                          193.238.228.0/22 maxlen: 24
                          217.195.32.0/20 maxlen: 24
                          2a02:790::/32 maxlen: 48

Validation:               Failed, certificate revoked on Thu 29 Aug 2024 11:40:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:0a:09:42:e3:bd:81:3e:86:dd:18:3b:ee:d5:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45b9854b044594e6cf0846fb41de7b0908fb5f72
        Validity
            Not Before: Jan  1 14:29:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ac2f657932a663a48c8eb6c3d7eb8f30aed0a77e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:1c:e9:31:18:b3:b4:43:9b:95:d5:d5:66:17:
                    bf:15:e3:ef:94:eb:af:be:47:4d:f4:23:1d:7d:03:
                    13:ff:ad:3b:b3:b3:b3:6f:39:e1:ac:72:9d:45:d2:
                    38:df:cc:81:93:39:6f:79:de:e4:4c:fa:84:21:1a:
                    9f:71:ad:a5:af:0e:76:14:98:25:63:4f:71:52:66:
                    27:56:df:54:1e:a2:79:4b:de:5b:ac:50:35:dc:16:
                    93:b3:37:f3:7d:81:40:f0:2e:9c:48:bd:24:d5:98:
                    4a:37:fd:e2:f7:c4:be:8d:cf:dc:58:10:f1:e1:e4:
                    95:30:d8:cc:ff:24:4c:5a:a7:4a:8e:41:4e:3b:02:
                    8c:41:67:60:3c:8d:f5:2a:5a:64:43:a0:7a:c0:cb:
                    f3:73:18:6e:41:b1:d3:a1:a7:e2:98:b1:fb:d0:3e:
                    40:fd:74:7b:15:6c:5f:40:c6:90:1e:0e:1f:8c:ea:
                    ad:45:5d:4c:2c:28:f6:4a:7e:ed:12:b2:d3:70:41:
                    87:49:7e:13:80:9d:87:6e:23:e8:29:64:37:39:98:
                    3f:7d:6c:9c:86:47:45:d7:b4:c2:4a:3a:03:a1:fe:
                    d7:fe:f9:83:e0:e1:28:fb:c6:87:75:a5:68:cd:21:
                    b2:e3:1f:24:1c:6a:cd:24:5a:1c:2b:bb:f4:94:83:
                    af:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:2F:65:79:32:A6:63:A4:8C:8E:B6:C3:D7:EB:8F:30:AE:D0:A7:7E
            X509v3 Authority Key Identifier:
                keyid:45:B9:85:4B:04:45:94:E6:CF:08:46:FB:41:DE:7B:09:08:FB:5F:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/rC9leTKmY6SMjrbD1-uPMK7Qp34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/RbmFSwRFlObPCEb7Qd57CQj7X3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.3.0.0/18
                  83.246.0.0/17
                  193.201.52.0/22
                  193.238.228.0/22
                  195.47.229.0/24
                  217.175.224.0/19
                  217.195.32.0/20
                IPv6:
                  2a02:790::/32

    Signature Algorithm: sha256WithRSAEncryption
         03:86:9d:9e:87:ad:e9:c3:f3:3e:d2:69:2c:8b:b5:2b:a3:49:
         b0:cb:7e:66:41:fb:53:a1:a7:86:a1:8a:eb:a4:02:6d:f4:a6:
         3d:c3:d0:ee:c7:0f:a8:f5:63:7b:5e:e8:2c:40:21:4c:35:c5:
         e7:b6:83:0c:ee:79:9b:7e:b3:e4:3f:10:c2:99:15:6f:e4:8a:
         84:48:01:98:9a:96:cc:45:22:6d:4e:75:a1:a1:aa:ea:b0:53:
         2a:04:df:8d:b6:08:43:75:2c:26:2d:ae:aa:75:ad:8b:56:9a:
         00:08:ca:bd:07:3b:d7:9e:2e:fc:c3:a2:cd:ba:66:e8:00:61:
         91:0a:95:d4:f2:cd:97:78:ca:d0:63:4b:46:2e:16:73:0f:89:
         5d:bd:34:c4:12:6f:61:56:3f:f8:22:37:13:3c:4b:54:e4:5f:
         e5:a7:1e:4e:9a:96:47:e5:ea:55:c5:75:85:5b:b9:e2:a1:61:
         53:ae:68:de:68:75:27:40:21:59:1c:c0:b1:3f:a3:95:75:73:
         d3:ba:30:23:e3:26:17:2b:4b:df:de:cb:cd:be:ef:00:7d:65:
         45:f9:62:23:6e:dd:34:49:58:e6:4d:e0:32:d6:16:73:a6:a6:
         46:8c:9a:d1:a6:e6:b8:56:8b:5f:81:24:fa:c0:71:7c:cf:9c:
         28:4f:2c:fd
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzFbgoJQuO9gT6G3Rg77tWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1Yjk4NTRiMDQ0NTk0ZTZjZjA4NDZmYjQxZGU3YjA5MDhm
YjVmNzIwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzJmNjU3OTMyYTY2M2E0OGM4ZWI2YzNkN2ViOGYzMGFlZDBhNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xzpMRiztEObldXVZhe/FePvlOuv
vkdN9CMdfQMT/607s7OzbznhrHKdRdI438yBkzlved7kTPqEIRqfca2lrw52FJgl
Y09xUmYnVt9UHqJ5S95brFA13BaTszfzfYFA8C6cSL0k1ZhKN/3i98S+jc/cWBDx
4eSVMNjM/yRMWqdKjkFOOwKMQWdgPI31KlpkQ6B6wMvzcxhuQbHToafimLH70D5A
/XR7FWxfQMaQHg4fjOqtRV1MLCj2Sn7tErLTcEGHSX4TgJ2HbiPoKWQ3OZg/fWyc
hkdF17TCSjoDof7X/vmD4OEo+8aHdaVozSGy4x8kHGrNJFocK7v0lIOvKwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKwvZXkypmOkjI62w9frjzCu0Kd+MB8GA1UdIwQY
MBaAFEW5hUsERZTmzwhG+0HeewkI+19yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJtRlN3UkZsT2JQQ0ViN1FkNTdDUWo3WDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi81ZTYxMTYtNTZlNi00YzFkLTk2ODMt
NGIyMmZjNTE4NGEyLzEvckM5bGVUS21ZNlNNanJiRDEtdVBNSzdRcDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi81ZTYxMTYtNTZlNi00YzFkLTk2ODMtNGIyMmZjNTE4NGEy
LzEvUmJtRlN3UkZsT2JQQ0ViN1FkNTdDUWo3WDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQGUQMAAwQH
U/YAAwQCwck0AwQCwe7kAwQAwy/lAwQF2a/gAwQE2cMgMA0EAgACMAcDBQAqAgeQ
MA0GCSqGSIb3DQEBCwUAA4IBAQADhp2eh63pw/M+0mksi7Uro0mwy35mQftToaeG
oYrrpAJt9KY9w9Duxw+o9WN7XugsQCFMNcXntoMM7nmbfrPkPxDCmRVv5IqESAGY
mpbMRSJtTnWhoarqsFMqBN+NtghDdSwmLa6qda2LVpoACMq9BzvXni78w6LNumbo
AGGRCpXU8s2XeMrQY0tGLhZzD4ldvTTEEm9hVj/4IjcTPEtU5F/lpx5OmpZH5epV
xXWFW7nioWFTrmjeaHUnQCFZHMCxP6OVdXPTujAj4yYXK0vf3svNvu8AfWVF+WIj
bt00SVjmTeAy1hZzpqZGjJrRpua4VotfgST6wHF8z5woTyz9
-----END CERTIFICATE-----
Generated at Thu Aug 29 13:19:42 2024 by rpki-client on console-fra.rpki-client.org