Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/D9HUjrR0L2hpaKKTfMrk___pl5o.roa
File:                     D9HUjrR0L2hpaKKTfMrk___pl5o.roa (raw, json)
Hash identifier:          kTNn6w08tmIj30VfAjwVC5HjgnzAYCX3BEHGmkYR2RA=
Subject key identifier:   0F:D1:D4:8E:B4:74:2F:68:69:68:A2:93:7C:CA:E4:FF:FF:E9:97:9A
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018A50C94F0C2A7E260055924119CE5FD431
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/D9HUjrR0L2hpaKKTfMrk___pl5o.roa
Signing time:             Fri 01 Sep 2023 12:48:04 +0000
ROA not before:           Fri 01 Sep 2023 12:48:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200385
IP address blocks:        45.144.213.0/24 maxlen: 24
                          2.56.109.0/24 maxlen: 24
                          45.81.112.0/24 maxlen: 24
                          77.83.37.0/24 maxlen: 24
                          45.81.115.0/24 maxlen: 24
                          45.81.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Sep 2023 07:57:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:50:c9:4f:0c:2a:7e:26:00:55:92:41:19:ce:5f:d4:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Sep  1 12:48:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0fd1d48eb4742f686968a2937ccae4ffffe9979a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:5b:8c:f1:92:20:00:a7:9a:ec:b6:35:9a:2c:
                    a4:0e:fd:5d:09:1a:99:c2:3b:a2:cd:12:c2:81:c3:
                    50:b2:79:f9:60:3c:af:41:ee:c1:d7:d9:b5:8f:d7:
                    2d:44:2b:10:55:a5:f6:4c:5a:4e:18:3d:a9:45:ba:
                    6b:77:a5:d3:71:23:6c:17:c1:4f:70:33:16:96:96:
                    d9:4f:15:45:e7:15:d7:91:15:9d:62:45:f0:19:80:
                    e0:ce:3a:14:50:58:07:96:29:cd:b8:78:4a:95:c0:
                    6c:91:1d:99:ba:99:77:97:89:1f:d7:ce:4b:18:0b:
                    33:c6:77:3c:57:2a:99:e6:cc:92:a6:73:80:ea:62:
                    d7:1e:31:17:ee:b5:e0:5c:2d:25:23:32:95:1f:f8:
                    9d:39:95:96:2f:26:f3:56:03:01:05:bf:63:12:29:
                    ff:37:94:7e:0d:0e:b7:97:b3:da:0a:03:a7:96:86:
                    77:cc:0e:8f:0f:cc:c5:c0:ba:b2:cb:c0:4c:90:53:
                    5d:7c:94:a9:fb:49:98:05:f5:3b:b0:e6:4e:72:9c:
                    57:ed:56:db:78:2d:64:78:76:76:14:e9:32:4e:e3:
                    12:a0:7e:50:44:8d:a1:6a:6a:21:78:cc:79:8b:d5:
                    57:88:7b:0e:4b:15:71:38:09:ee:00:b9:97:8b:e0:
                    6d:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:D1:D4:8E:B4:74:2F:68:69:68:A2:93:7C:CA:E4:FF:FF:E9:97:9A
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/D9HUjrR0L2hpaKKTfMrk___pl5o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.109.0/24
                  45.81.112.0/23
                  45.81.115.0/24
                  45.144.213.0/24
                  77.83.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:ea:75:23:36:fc:e0:cf:1a:33:28:e1:7d:8d:3a:23:32:be:
         d8:fa:34:23:9a:ad:b4:bc:4d:af:0a:dd:03:e4:19:6a:2c:04:
         e6:94:2b:2d:1b:48:18:ae:39:8a:5a:f6:c4:cb:42:cd:ff:3c:
         9b:2e:37:8b:b1:07:30:e0:96:df:83:f1:41:63:c8:84:99:ff:
         66:fc:42:47:c3:7f:7a:2b:8f:63:45:cf:30:60:e2:09:26:7a:
         0b:82:18:e7:d3:11:d3:0c:54:2a:4f:b0:cb:03:4c:ea:d7:84:
         6b:91:0e:eb:82:00:1e:79:a6:e8:2b:52:d0:65:47:16:f4:df:
         ea:53:4c:27:25:bb:b1:f5:cd:2e:7b:2f:d8:e0:bf:43:4e:11:
         26:b8:e5:5c:36:20:c4:61:11:2d:05:4b:f7:c4:4c:03:7b:af:
         b3:46:fa:75:5b:45:d3:06:5f:4d:14:00:63:a5:a0:b2:fe:62:
         bd:75:9a:2e:16:5a:aa:eb:22:5a:f8:91:7d:42:0e:62:ed:3d:
         1a:1e:48:aa:55:0e:74:60:d5:78:a1:de:43:e6:58:07:0f:48:
         4e:4e:cd:ad:ce:32:bd:98:d9:d4:67:02:63:35:c0:92:83:99:
         9d:ad:5f:37:fb:36:a8:77:c5:56:3c:81:e1:96:47:82:39:85:
         7b:72:f2:5c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYpQyU8MKn4mAFWSQRnOX9QxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTAxMTI0ODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQxZDQ4ZWI0NzQyZjY4Njk2OGEyOTM3Y2NhZTRmZmZmZTk5NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFuM8ZIgAKea7LY1miykDv1dCRqZ
wjuizRLCgcNQsnn5YDyvQe7B19m1j9ctRCsQVaX2TFpOGD2pRbprd6XTcSNsF8FP
cDMWlpbZTxVF5xXXkRWdYkXwGYDgzjoUUFgHlinNuHhKlcBskR2Zupl3l4kf185L
GAszxnc8VyqZ5sySpnOA6mLXHjEX7rXgXC0lIzKVH/idOZWWLybzVgMBBb9jEin/
N5R+DQ63l7PaCgOnloZ3zA6PD8zFwLqyy8BMkFNdfJSp+0mYBfU7sOZOcpxX7Vbb
eC1keHZ2FOkyTuMSoH5QRI2hamoheMx5i9VXiHsOSxVxOAnuALmXi+Bt7wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA/R1I60dC9oaWiik3zK5P//6ZeaMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvRDlIVWpyUjBMMmhwYUtLVGZNcmtfX19wbDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjhtAwQB
LVFwAwQALVFzAwQALZDVAwQATVMlMA0GCSqGSIb3DQEBCwUAA4IBAQCf6nUjNvzg
zxozKOF9jTojMr7Y+jQjmq20vE2vCt0D5BlqLATmlCstG0gYrjmKWvbEy0LN/zyb
LjeLsQcw4Jbfg/FBY8iEmf9m/EJHw396K49jRc8wYOIJJnoLghjn0xHTDFQqT7DL
A0zq14RrkQ7rggAeeaboK1LQZUcW9N/qU0wnJbux9c0uey/Y4L9DThEmuOVcNiDE
YREtBUv3xEwDe6+zRvp1W0XTBl9NFABjpaCy/mK9dZouFlqq6yJa+JF9Qg5i7T0a
HkiqVQ50YNV4od5D5lgHD0hOTs2tzjK9mNnUZwJjNcCSg5mdrV83+zaod8VWPIHh
lkeCOYV7cvJc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org