Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PJbXDW6wFyFpoCJsY4PZfOb1pps.roa
File:                     PJbXDW6wFyFpoCJsY4PZfOb1pps.roa (raw, json)
Hash identifier:          W5uoDuI1YJHZzSltTa90qcRraryb3wunA/2E2jTFLsU=
Subject key identifier:   3C:96:D7:0D:6E:B0:17:21:69:A0:22:6C:63:83:D9:7C:E6:F5:A6:9B
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018F29EBAF9A1D9E7C799A93FDF4696B848C
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PJbXDW6wFyFpoCJsY4PZfOb1pps.roa
Signing time:             Mon 29 Apr 2024 12:54:22 +0000
ROA not before:           Mon 29 Apr 2024 12:54:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203511
IP address blocks:        45.88.138.0/24 maxlen: 24
                          45.88.139.0/24 maxlen: 24
                          45.94.171.0/24 maxlen: 24
                          45.151.2.0/24 maxlen: 24
                          77.83.37.0/24 maxlen: 24
                          194.15.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 12 May 2024 17:22:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:29:eb:af:9a:1d:9e:7c:79:9a:93:fd:f4:69:6b:84:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Apr 29 12:54:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3c96d70d6eb0172169a0226c6383d97ce6f5a69b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:3e:fe:89:45:08:9b:1c:92:fd:60:7f:3b:67:
                    69:44:d9:c1:40:a4:70:fb:90:27:df:a5:17:7f:92:
                    02:3d:79:27:37:ea:45:f1:36:b6:7f:50:5f:2d:4a:
                    b2:36:9a:83:fa:f9:eb:0d:49:3c:bc:10:98:4e:7f:
                    7e:85:46:a0:d0:42:2d:eb:a1:f1:3f:f5:d5:f3:89:
                    e9:93:96:1e:90:23:73:a2:77:45:cf:3c:20:c8:d8:
                    30:45:bd:00:ea:4f:3b:b8:69:fa:fd:3f:d7:19:6d:
                    7f:38:95:8c:28:f8:ad:56:14:a3:a3:b9:50:85:70:
                    f4:e3:22:30:49:44:fc:9e:11:b6:ee:c5:7a:dd:0c:
                    a4:cc:2c:1b:a3:88:c7:e0:77:5f:ee:76:54:2a:ab:
                    3f:6b:b7:a9:4a:17:83:6c:c7:7a:18:1c:58:1d:77:
                    0c:59:11:e0:c5:df:66:1c:3d:70:38:04:e8:0a:65:
                    8c:c8:47:e4:2a:6a:e1:37:38:09:b6:2d:60:5a:a2:
                    1d:ac:a2:24:29:e0:b6:1d:e7:dd:e6:37:cf:7f:22:
                    0d:23:a4:5b:d6:bf:90:0e:87:2e:67:4c:0b:ef:12:
                    eb:85:ef:4d:3c:ea:13:50:cf:c7:b2:15:9c:e0:de:
                    d9:4f:a4:2d:75:3c:67:ce:28:b8:83:f4:3c:e1:02:
                    3e:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:96:D7:0D:6E:B0:17:21:69:A0:22:6C:63:83:D9:7C:E6:F5:A6:9B
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/PJbXDW6wFyFpoCJsY4PZfOb1pps.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.138.0/23
                  45.94.171.0/24
                  45.151.2.0/24
                  77.83.37.0/24
                  194.15.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bf:f4:36:9b:cb:87:6f:ab:cb:a0:28:c1:f3:86:96:15:c9:5f:
         ee:bf:a9:b2:37:86:28:7d:98:a2:b0:1b:e6:ce:a2:96:23:ca:
         6b:3e:22:f6:62:4b:ce:b1:4c:f9:71:f1:1f:67:eb:a1:eb:71:
         79:f0:1e:2e:a6:48:c1:b2:88:dd:ae:42:d4:f6:96:50:c1:64:
         09:c7:4a:05:fd:54:96:d2:0c:02:93:cc:d0:36:e6:05:67:77:
         83:3b:0b:92:97:8f:d1:f1:93:2e:78:38:36:5d:ed:82:0d:4b:
         e6:57:f0:b6:82:2a:97:d4:e4:ec:37:e5:89:83:22:9b:45:ab:
         19:1c:6f:48:a2:a7:ce:2e:3c:16:6d:79:4c:8a:0d:d3:71:d5:
         cb:18:68:a1:d3:3e:a8:d4:bf:b8:7d:81:ad:c7:d1:41:91:a9:
         37:15:b3:9c:aa:79:be:1b:62:c7:2c:eb:61:b3:3a:d3:83:2d:
         82:28:8e:a0:e5:14:bd:f4:16:54:d7:25:f7:5c:77:36:ac:11:
         52:01:0e:b6:2f:8b:bc:e8:ce:ea:fa:1c:31:41:ed:09:cc:d7:
         2c:77:61:61:25:aa:b3:19:38:3e:40:77:5a:7d:e3:a1:ac:09:
         14:fe:37:fb:bc:ef:80:5f:f0:bd:b1:39:dd:ec:b1:7f:76:47:
         da:0e:e9:31
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8p66+aHZ58eZqT/fRpa4SMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNDI5MTI1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzk2ZDcwZDZlYjAxNzIxNjlhMDIyNmM2MzgzZDk3Y2U2ZjVhNjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyz7+iUUImxyS/WB/O2dpRNnBQKRw
+5An36UXf5ICPXknN+pF8Ta2f1BfLUqyNpqD+vnrDUk8vBCYTn9+hUag0EIt66Hx
P/XV84npk5YekCNzondFzzwgyNgwRb0A6k87uGn6/T/XGW1/OJWMKPitVhSjo7lQ
hXD04yIwSUT8nhG27sV63QykzCwbo4jH4Hdf7nZUKqs/a7epSheDbMd6GBxYHXcM
WRHgxd9mHD1wOAToCmWMyEfkKmrhNzgJti1gWqIdrKIkKeC2Hefd5jfPfyINI6Rb
1r+QDocuZ0wL7xLrhe9NPOoTUM/HshWc4N7ZT6QtdTxnzii4g/Q84QI+qwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDyW1w1usBchaaAibGOD2Xzm9aabMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUEpiWERXNndGeUZwb0NKc1k0UFpmT2IxcHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLViKAwQA
LV6rAwQALZcCAwQATVMlAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQC/9Daby4dv
q8ugKMHzhpYVyV/uv6myN4YofZiisBvmzqKWI8prPiL2YkvOsUz5cfEfZ+uh63F5
8B4upkjBsojdrkLU9pZQwWQJx0oF/VSW0gwCk8zQNuYFZ3eDOwuSl4/R8ZMueDg2
Xe2CDUvmV/C2giqX1OTsN+WJgyKbRasZHG9IoqfOLjwWbXlMig3TcdXLGGih0z6o
1L+4fYGtx9FBkak3FbOcqnm+G2LHLOthszrTgy2CKI6g5RS99BZU1yX3XHc2rBFS
AQ62L4u86M7q+hwxQe0JzNcsd2FhJaqzGTg+QHdafeOhrAkU/jf7vO+AX/C9sTnd
7LF/dkfaDukx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org