Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XFAH3vZnVl_emF8wx1AFbhOfXRo.roa
File:                     XFAH3vZnVl_emF8wx1AFbhOfXRo.roa (raw, json)
Hash identifier:          ouC69kDpHlT/tgkgb/6bXlZJii9r/JI6E74SWlZcevg=
Subject key identifier:   5C:50:07:DE:F6:67:56:5F:DE:98:5F:30:C7:50:05:6E:13:9F:5D:1A
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       0185D3A228B6EEBF86C3C32FB426B80373F0
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XFAH3vZnVl_emF8wx1AFbhOfXRo.roa
Signing time:             Sat 21 Jan 2023 09:21:37 +0000
ROA not before:           Sat 21 Jan 2023 09:21:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204035
IP address blocks:        46.243.76.0/22 maxlen: 22
                          193.42.60.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sat 11 Feb 2023 10:19:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:d3:a2:28:b6:ee:bf:86:c3:c3:2f:b4:26:b8:03:73:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan 21 09:21:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5c5007def667565fde985f30c750056e139f5d1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b6:bc:4d:2e:93:97:8f:e7:30:74:62:92:9f:
                    8c:bf:0f:7d:f2:6a:09:ae:54:30:05:c5:cb:5f:72:
                    58:75:86:ab:72:37:14:a2:d4:2e:19:b0:e9:7f:57:
                    76:8b:76:19:ea:2c:29:b6:39:6f:d7:5d:3a:76:6a:
                    95:b0:14:36:71:a2:6c:87:76:fe:c9:1c:18:df:c5:
                    50:b8:7d:bb:ab:92:79:5f:aa:a5:c3:a4:eb:b1:b6:
                    19:0b:85:8f:5f:8b:0d:c3:87:1d:14:a6:93:0a:89:
                    35:c5:0b:33:e3:b7:de:12:3d:96:59:3d:27:f2:fe:
                    9b:b2:0f:bc:a1:cf:31:c6:d4:f5:c9:da:94:0f:fe:
                    8c:5a:68:51:57:f3:fd:34:6c:ef:6d:61:f0:fe:16:
                    47:8f:9e:ed:4d:b5:81:d7:8e:6f:b8:44:72:69:b1:
                    d7:03:a8:e1:86:3a:ec:66:48:c2:c8:e9:1d:27:b7:
                    fb:2a:00:ef:cc:1d:f5:91:9b:9e:05:cc:22:c1:15:
                    b1:97:9a:6b:58:08:4d:c0:2d:05:e7:b0:e2:f2:00:
                    1d:cb:51:20:de:93:a6:30:91:be:1c:35:27:ca:4c:
                    de:fc:30:a1:7f:77:a0:d0:fd:ed:b2:ab:c8:a4:ee:
                    94:eb:1a:cf:17:57:da:b2:47:04:10:7f:83:54:c4:
                    c6:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:50:07:DE:F6:67:56:5F:DE:98:5F:30:C7:50:05:6E:13:9F:5D:1A
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XFAH3vZnVl_emF8wx1AFbhOfXRo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.243.76.0/22
                  193.42.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         90:30:84:24:34:5a:61:26:60:d9:ed:a0:a1:d9:58:65:09:a5:
         eb:d2:31:e3:fb:ee:36:85:6e:62:b8:42:b7:6b:c2:2c:ce:9d:
         83:4b:8a:9a:18:f5:9a:81:ae:09:90:c6:bd:d3:da:9d:5c:a0:
         1c:b6:4f:29:13:ac:ee:d7:72:f3:db:12:62:53:af:4c:7f:bf:
         51:55:a9:80:cb:84:40:33:02:f2:c6:d2:87:21:9d:2a:fb:c8:
         eb:b7:5a:3c:79:b3:0b:1c:77:7f:30:31:b3:8a:24:ce:24:fe:
         73:81:da:d8:65:86:c9:60:1d:67:bb:96:b9:4f:30:56:65:77:
         85:c9:84:89:89:09:04:a3:4f:9d:29:5c:2b:2d:40:bf:91:bb:
         6e:de:ed:87:89:e1:33:b3:f6:ca:a0:3f:bc:4c:46:69:70:12:
         3f:3b:fe:e1:e1:90:70:cb:0c:b3:1f:b0:5e:0e:da:9f:73:95:
         41:3b:91:c4:fb:c7:9e:cf:db:91:95:87:68:e8:5b:43:98:35:
         dd:ed:93:40:35:17:38:30:dc:e4:fe:ee:8b:91:8b:5b:f4:b1:
         56:d8:5e:3f:d3:52:61:0d:53:df:ce:bc:24:e4:36:21:ee:e3:
         3c:e5:f3:a8:84:94:3d:8f:00:36:4f:6f:7b:11:be:a3:57:f8:
         5d:ae:eb:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXToii27r+Gw8MvtCa4A3PwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTIxMDkyMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzUwMDdkZWY2Njc1NjVmZGU5ODVmMzBjNzUwMDU2ZTEzOWY1ZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqra8TS6Tl4/nMHRikp+Mvw998moJ
rlQwBcXLX3JYdYarcjcUotQuGbDpf1d2i3YZ6iwptjlv1106dmqVsBQ2caJsh3b+
yRwY38VQuH27q5J5X6qlw6TrsbYZC4WPX4sNw4cdFKaTCok1xQsz47feEj2WWT0n
8v6bsg+8oc8xxtT1ydqUD/6MWmhRV/P9NGzvbWHw/hZHj57tTbWB145vuERyabHX
A6jhhjrsZkjCyOkdJ7f7KgDvzB31kZueBcwiwRWxl5prWAhNwC0F57Di8gAdy1Eg
3pOmMJG+HDUnykze/DChf3eg0P3tsqvIpO6U6xrPF1faskcEEH+DVMTGSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFxQB972Z1Zf3phfMMdQBW4Tn10aMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvWEZBSDN2Wm5WbF9lbUY4d3gxQUZiaE9mWFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLvNMAwQC
wSo8MA0GCSqGSIb3DQEBCwUAA4IBAQCQMIQkNFphJmDZ7aCh2VhlCaXr0jHj++42
hW5iuEK3a8Iszp2DS4qaGPWaga4JkMa909qdXKActk8pE6zu13Lz2xJiU69Mf79R
VamAy4RAMwLyxtKHIZ0q+8jrt1o8ebMLHHd/MDGziiTOJP5zgdrYZYbJYB1nu5a5
TzBWZXeFyYSJiQkEo0+dKVwrLUC/kbtu3u2HieEzs/bKoD+8TEZpcBI/O/7h4ZBw
ywyzH7BeDtqfc5VBO5HE+8eez9uRlYdo6FtDmDXd7ZNANRc4MNzk/u6LkYtb9LFW
2F4/01JhDVPfzrwk5DYh7uM85fOohJQ9jwA2T297Eb6jV/hdrutF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org