Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/08oqgyKYsEvcf9kRh57MkLu4O0o.roa
File:                     08oqgyKYsEvcf9kRh57MkLu4O0o.roa (raw, json)
Hash identifier:          +RiBST1HvdLHO0NCXH9NVRwDsR/CQFGfI5dMqaXu7oc=
Subject key identifier:   D3:CA:2A:83:22:98:B0:4B:DC:7F:D9:11:87:9E:CC:90:BB:B8:3B:4A
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       0188D299D978C4028B4A17DA9FB8C1706D26
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/08oqgyKYsEvcf9kRh57MkLu4O0o.roa
Signing time:             Mon 19 Jun 2023 07:41:17 +0000
ROA not before:           Mon 19 Jun 2023 07:41:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        77.83.39.0/24 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          91.223.110.0/24 maxlen: 24
                          45.94.171.0/24 maxlen: 24
                          45.138.183.0/24 maxlen: 24
                          77.83.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Jun 2023 12:18:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d2:99:d9:78:c4:02:8b:4a:17:da:9f:b8:c1:70:6d:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jun 19 07:41:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d3ca2a832298b04bdc7fd911879ecc90bbb83b4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:99:2d:51:eb:8a:2b:25:c2:78:27:5c:b5:5b:
                    bb:10:7d:74:8b:2e:f8:e0:a2:2c:80:e8:71:36:51:
                    d2:79:18:4d:dd:90:1c:8b:8d:94:ff:0c:9c:d6:da:
                    6c:fd:eb:93:2d:7a:29:f7:e9:9b:8a:7b:c4:79:fb:
                    38:6c:0c:aa:ba:fc:55:89:f2:9c:04:e0:06:be:81:
                    da:b7:ed:f8:46:f0:79:e7:72:fe:54:b4:0b:fb:09:
                    a8:46:62:2f:06:33:f4:3c:0c:c4:ab:77:c4:83:27:
                    a3:fa:3f:4a:53:25:b6:92:81:cb:2a:17:4c:81:0e:
                    88:6e:d4:d7:f7:bd:88:6b:06:02:53:99:29:24:cb:
                    15:b1:0f:d8:a7:87:e7:04:80:f6:20:41:88:dc:6e:
                    f9:50:71:93:2a:64:73:48:27:84:52:24:08:8f:68:
                    bb:47:3b:21:b7:4e:c3:1e:a7:88:0a:7d:a5:11:60:
                    32:60:cc:37:ad:e3:15:fc:9d:4b:74:48:ee:7c:9a:
                    d3:6f:4d:48:af:a1:1c:94:c7:f8:de:19:74:ec:10:
                    c2:9f:d7:b1:9b:9f:07:4c:26:12:01:74:dc:80:d0:
                    bd:e1:eb:96:e4:dc:34:a9:13:ab:13:16:26:af:b0:
                    c1:5b:9d:85:d3:d2:4a:6d:06:23:80:9c:04:8a:f2:
                    f8:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:CA:2A:83:22:98:B0:4B:DC:7F:D9:11:87:9E:CC:90:BB:B8:3B:4A
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/08oqgyKYsEvcf9kRh57MkLu4O0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.171.0/24
                  45.138.183.0/24
                  77.83.38.0/23
                  85.209.120.0/23
                  91.223.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:b2:e6:da:5d:d9:69:9c:28:64:03:4a:b3:89:3b:1d:19:8d:
         f3:7e:f6:f1:74:01:87:04:55:dc:75:f4:cc:db:a8:de:8d:08:
         c0:4f:35:da:7b:0c:1b:96:86:ad:5a:0c:7c:8a:a8:99:de:25:
         7e:4a:c8:1e:e8:12:a0:55:ca:76:9e:cd:78:5a:26:22:12:cc:
         20:0f:99:21:49:bf:a7:35:c3:27:d2:cd:5e:e5:93:b4:10:df:
         74:52:e6:94:87:86:c1:84:19:38:cd:8a:74:e5:da:0a:3e:a0:
         36:c5:9f:35:f5:f1:fb:48:bf:dd:a9:19:2d:8d:53:8e:b5:90:
         47:76:c4:af:bc:86:ae:d1:b6:05:55:70:dd:77:c9:85:52:1e:
         88:44:bc:83:dc:4e:6d:49:f3:fd:11:45:c6:b1:b4:1f:8f:72:
         2f:fb:80:cf:60:c1:b5:ab:4b:3a:ca:8d:74:bd:2f:3e:21:e6:
         76:99:0d:a1:1b:42:5a:12:1f:e6:60:3b:84:1c:90:6e:bc:a0:
         5c:21:f0:cc:8c:29:8c:52:51:e2:b5:84:1b:04:3e:a7:39:07:
         a9:04:4a:c7:36:cb:9a:ae:49:4c:49:73:44:01:6c:9c:b5:4d:
         ee:10:54:4d:73:35:52:cb:1f:b8:3a:11:52:97:2e:f7:ec:29:
         ca:0d:3a:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYjSmdl4xAKLShfan7jBcG0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNjE5MDc0MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2NhMmE4MzIyOThiMDRiZGM3ZmQ5MTE4NzllY2M5MGJiYjgzYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZktUeuKKyXCeCdctVu7EH10iy74
4KIsgOhxNlHSeRhN3ZAci42U/wyc1tps/euTLXop9+mbinvEefs4bAyquvxVifKc
BOAGvoHat+34RvB553L+VLQL+wmoRmIvBjP0PAzEq3fEgyej+j9KUyW2koHLKhdM
gQ6IbtTX972IawYCU5kpJMsVsQ/Yp4fnBID2IEGI3G75UHGTKmRzSCeEUiQIj2i7
Rzsht07DHqeICn2lEWAyYMw3reMV/J1LdEjufJrTb01Ir6EclMf43hl07BDCn9ex
m58HTCYSAXTcgNC94euW5Nw0qROrExYmr7DBW52F09JKbQYjgJwEivL4OQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNPKKoMimLBL3H/ZEYeezJC7uDtKMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMDhvcWd5S1lzRXZjZjlrUmg1N01rTHU0TzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALV6rAwQA
LYq3AwQBTVMmAwQBVdF4AwQAW99uMA0GCSqGSIb3DQEBCwUAA4IBAQCVsubaXdlp
nChkA0qziTsdGY3zfvbxdAGHBFXcdfTM26jejQjATzXaewwbloatWgx8iqiZ3iV+
Ssge6BKgVcp2ns14WiYiEswgD5khSb+nNcMn0s1e5ZO0EN90UuaUh4bBhBk4zYp0
5doKPqA2xZ819fH7SL/dqRktjVOOtZBHdsSvvIau0bYFVXDdd8mFUh6IRLyD3E5t
SfP9EUXGsbQfj3Iv+4DPYMG1q0s6yo10vS8+IeZ2mQ2hG0JaEh/mYDuEHJBuvKBc
IfDMjCmMUlHitYQbBD6nOQepBErHNsuarklMSXNEAWyctU3uEFRNczVSyx+4OhFS
ly737CnKDTqv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:30 2024 by rpki-client on console-fra.rpki-client.org