Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-6-PezmLtb-v5dVUO866bf-GysU.roa
File:                     1-6-PezmLtb-v5dVUO866bf-GysU.roa (raw, json)
Hash identifier:          tz50cckMrxL2Ru1fLFY8Vs3CNuHq/CbEOAJuvSj7zXo=
Subject key identifier:   FB:AF:8F:7B:39:8B:B5:BF:AF:E5:D5:54:3B:CE:BA:6D:FF:86:CA:C5
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       0185BCC4A2EDD8863ADA42FAE9058B452722
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-6-PezmLtb-v5dVUO866bf-GysU.roa
Signing time:             Mon 16 Jan 2023 22:48:01 +0000
ROA not before:           Mon 16 Jan 2023 22:48:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        85.209.120.0/23 maxlen: 24
                          45.94.171.0/24 maxlen: 24
                          77.83.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Mar 2023 09:14:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:bc:c4:a2:ed:d8:86:3a:da:42:fa:e9:05:8b:45:27:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan 16 22:48:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fbaf8f7b398bb5bfafe5d5543bceba6dff86cac5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:62:eb:45:c4:bd:9f:11:dd:d9:83:7f:f8:22:
                    a7:6d:2a:af:ab:99:b1:6f:fa:8b:c2:13:b2:d1:68:
                    f8:7e:98:dd:2c:3f:be:d7:b1:16:e0:3a:92:a5:42:
                    97:fa:6c:2f:fc:a7:aa:d6:c0:ef:d0:24:fb:ce:da:
                    ea:7f:8d:12:13:5c:81:bb:70:63:a2:56:17:14:1b:
                    d1:d2:3c:5f:61:f3:ac:ad:d3:1b:7e:03:6c:12:a2:
                    06:e0:09:8c:41:7b:41:ba:af:f6:f5:cf:7c:a0:cd:
                    b4:5e:c9:49:99:1e:38:1f:ff:ef:7e:3b:4a:6a:a3:
                    8c:f4:67:4c:a7:ad:71:40:53:e3:9e:ac:63:7e:f3:
                    6a:5d:ea:1b:24:83:6c:e7:6e:63:e3:72:d4:a9:45:
                    fe:ed:af:5e:3a:e2:cf:a6:04:64:e8:80:c1:f6:ed:
                    4b:96:7a:51:85:53:ea:36:a3:3a:e7:3e:ed:2d:df:
                    47:f8:c7:ab:64:15:09:d3:76:b1:40:17:5d:e1:13:
                    58:56:e7:9e:0f:ee:c4:04:c9:f4:27:f2:c2:26:47:
                    d1:ec:22:a0:45:89:a2:10:28:3b:87:81:ed:28:da:
                    03:31:8a:32:f7:c6:da:4f:7e:93:e9:a1:e7:ba:0a:
                    5c:63:eb:2f:0b:52:af:7f:cd:6f:65:6d:89:be:ca:
                    28:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:AF:8F:7B:39:8B:B5:BF:AF:E5:D5:54:3B:CE:BA:6D:FF:86:CA:C5
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-6-PezmLtb-v5dVUO866bf-GysU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.94.171.0/24
                  77.83.38.0/24
                  85.209.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6b:d5:62:77:1d:dc:e3:e1:3d:89:11:c5:df:3d:d1:b0:10:89:
         f3:b7:8b:0e:94:cc:60:c8:4b:8d:a0:6c:3f:a9:96:42:92:80:
         39:7c:7e:19:f1:9a:98:4f:3c:36:50:38:1d:db:72:cb:96:c1:
         39:04:0f:d7:52:26:5a:3d:10:39:45:24:2f:c0:f3:69:78:7f:
         18:d1:75:5b:3d:2f:86:0b:28:b3:52:ff:cf:69:ef:df:11:42:
         f2:fa:87:92:19:1a:c8:f2:28:98:61:bf:09:c5:48:f2:e4:80:
         7b:5c:5f:c6:15:8f:bd:19:f3:36:9a:4c:ca:31:84:27:86:03:
         8e:21:7c:d7:db:98:13:dc:0e:6a:1d:29:25:79:2f:ef:b8:6d:
         f2:1d:7b:eb:00:23:f4:38:e7:d9:91:25:7f:f2:1f:2c:b3:b2:
         8a:4f:82:8b:dd:55:54:cd:b8:0b:eb:ed:56:a7:f8:06:cb:06:
         a7:5a:98:ac:86:1f:3f:6d:a2:72:33:55:ed:de:e8:af:5b:c9:
         e2:41:0d:ef:b4:0d:1b:23:2d:94:17:dc:77:67:96:ee:27:56:
         00:35:12:ec:86:5c:42:50:a7:eb:d8:90:6b:86:96:08:a2:e4:
         b6:e8:58:67:77:47:1f:ee:60:c4:72:fb:15:14:63:09:9b:7e:
         eb:ff:19:6f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYW8xKLt2IY62kL66QWLRSciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTE2MjI0ODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmFmOGY3YjM5OGJiNWJmYWZlNWQ1NTQzYmNlYmE2ZGZmODZjYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGLrRcS9nxHd2YN/+CKnbSqvq5mx
b/qLwhOy0Wj4fpjdLD++17EW4DqSpUKX+mwv/Keq1sDv0CT7ztrqf40SE1yBu3Bj
olYXFBvR0jxfYfOsrdMbfgNsEqIG4AmMQXtBuq/29c98oM20XslJmR44H//vfjtK
aqOM9GdMp61xQFPjnqxjfvNqXeobJINs525j43LUqUX+7a9eOuLPpgRk6IDB9u1L
lnpRhVPqNqM65z7tLd9H+MerZBUJ03axQBdd4RNYVueeD+7EBMn0J/LCJkfR7CKg
RYmiECg7h4HtKNoDMYoy98baT36T6aHnugpcY+svC1Kvf81vZW2JvsooUwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPuvj3s5i7W/r+XVVDvOum3/hsrFMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMS02LVBlem1MdGItdjVkVlVPODY2YmYtR3lzVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2
MC8xL25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC1eqwME
AE1TJgMEAVXReDANBgkqhkiG9w0BAQsFAAOCAQEAa9Vidx3c4+E9iRHF3z3RsBCJ
87eLDpTMYMhLjaBsP6mWQpKAOXx+GfGamE88NlA4Hdtyy5bBOQQP11ImWj0QOUUk
L8DzaXh/GNF1Wz0vhgsos1L/z2nv3xFC8vqHkhkayPIomGG/CcVI8uSAe1xfxhWP
vRnzNppMyjGEJ4YDjiF819uYE9wOah0pJXkv77ht8h176wAj9Djn2ZElf/IfLLOy
ik+Ci91VVM24C+vtVqf4BssGp1qYrIYfP22icjNV7d7or1vJ4kEN77QNGyMtlBfc
d2eW7idWADUS7IZcQlCn69iQa4aWCKLktuhYZ3dHH+5gxHL7FRRjCZt+6/8Zbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:30 2024 by rpki-client on console-fra.rpki-client.org