Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/eZVGu3xzSBpuzlHY1E0w_haT4Lk.roa
File:                     eZVGu3xzSBpuzlHY1E0w_haT4Lk.roa (raw, json)
Hash identifier:          lkqcF98wEjAd+agPsn7l083TFnIM+YYrAdmsauA3w10=
Subject key identifier:   79:95:46:BB:7C:73:48:1A:6E:CE:51:D8:D4:4D:30:FE:16:93:E0:B9
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018D0E3610A26A39457F0144DC2F3DBCE512
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/eZVGu3xzSBpuzlHY1E0w_haT4Lk.roa
Signing time:             Mon 15 Jan 2024 17:40:40 +0000
ROA not before:           Mon 15 Jan 2024 17:40:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        193.30.241.0/24 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          193.57.41.0/24 maxlen: 24
                          45.94.171.0/24 maxlen: 24
                          195.177.95.0/24 maxlen: 24
                          45.88.139.0/24 maxlen: 24
                          146.19.125.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 Jan 2024 08:22:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:0e:36:10:a2:6a:39:45:7f:01:44:dc:2f:3d:bc:e5:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan 15 17:40:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=799546bb7c73481a6ece51d8d44d30fe1693e0b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:69:bf:bb:c9:30:ff:9e:10:6d:26:4c:57:55:
                    66:d8:00:9a:b4:08:b7:be:c2:5a:68:55:52:68:01:
                    e6:69:fe:32:fb:37:02:71:d8:03:32:f1:87:60:f3:
                    20:b4:3a:49:64:f1:2f:8a:b0:4d:12:a3:1c:f1:73:
                    52:bb:08:79:ec:8c:48:a8:91:df:d8:7c:e2:fd:63:
                    9b:31:19:de:8a:6b:e5:fb:76:53:b4:d3:15:10:87:
                    16:28:3f:c8:33:0c:48:93:6a:3e:c6:da:ef:8f:11:
                    c6:ed:68:d6:87:82:14:12:24:e5:3c:87:81:27:35:
                    78:1e:0e:7f:de:bd:90:65:77:4c:74:35:b6:cd:f4:
                    81:fc:95:a9:4b:9b:85:d1:14:a2:2a:b4:87:c6:bc:
                    a6:81:a6:9a:4b:d5:8d:80:53:99:77:d4:2b:3e:c7:
                    3a:d1:b5:c1:37:08:71:cb:62:06:b9:cd:5a:bb:6e:
                    22:e5:ab:82:1f:89:ce:59:cf:85:22:ae:10:17:bf:
                    a5:f0:86:a6:13:8d:d4:cd:14:f8:f6:73:a7:2d:42:
                    ad:6d:39:7a:02:0e:05:f3:17:55:be:32:48:8e:7b:
                    60:e7:b3:e0:bf:26:59:0b:44:50:d5:b6:e9:69:76:
                    23:40:97:7d:d5:64:76:0c:fe:95:91:b1:97:af:93:
                    5d:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:95:46:BB:7C:73:48:1A:6E:CE:51:D8:D4:4D:30:FE:16:93:E0:B9
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/eZVGu3xzSBpuzlHY1E0w_haT4Lk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.139.0/24
                  45.94.171.0/24
                  85.209.120.0/23
                  146.19.125.0/24
                  193.30.241.0/24
                  193.57.41.0/24
                  195.177.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:d1:28:74:35:ba:ce:40:31:fc:00:b3:df:41:56:e7:d5:b5:
         2c:e5:65:3a:4e:b2:75:95:f2:97:62:34:5d:9d:af:2d:ce:14:
         67:e9:e3:33:b9:9f:4b:4b:7e:4a:4e:a1:62:78:a1:85:00:fb:
         6e:22:cb:9e:ad:74:48:c1:88:5b:63:9c:5b:72:81:f7:05:bd:
         17:44:e5:6b:ab:53:ba:c6:54:fe:fa:20:eb:5e:3a:ce:56:08:
         20:60:94:f7:6e:c2:16:5d:86:4c:66:92:7c:69:0d:ad:2f:6a:
         af:fe:2a:9a:76:e2:6e:53:3d:24:50:98:be:e6:57:ae:0c:4e:
         8f:97:08:4f:83:1a:6d:bc:32:d0:5f:7e:52:b8:61:05:55:44:
         74:4a:0f:c3:a5:d0:54:ce:84:0b:8f:71:c5:26:a8:01:35:69:
         89:e5:02:a7:5f:73:9b:bf:b2:bc:35:cb:2d:a4:c2:cb:a8:8a:
         d2:d0:ee:34:f9:fa:d2:07:33:a9:8d:8e:a1:dd:f7:42:e4:01:
         ff:bc:60:19:e4:90:2f:af:14:02:df:5d:c0:8c:fd:5d:af:61:
         8f:d0:6a:74:f4:80:91:22:46:bc:78:aa:c2:25:ce:60:a1:e3:
         2b:63:15:04:01:63:d6:f6:17:71:84:bd:00:a5:42:86:88:e5:
         6e:bf:fd:74
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0ONhCiajlFfwFE3C89vOUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTE1MTc0MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTk1NDZiYjdjNzM0ODFhNmVjZTUxZDhkNDRkMzBmZTE2OTNlMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2m/u8kw/54QbSZMV1Vm2ACatAi3
vsJaaFVSaAHmaf4y+zcCcdgDMvGHYPMgtDpJZPEvirBNEqMc8XNSuwh57IxIqJHf
2Hzi/WObMRneimvl+3ZTtNMVEIcWKD/IMwxIk2o+xtrvjxHG7WjWh4IUEiTlPIeB
JzV4Hg5/3r2QZXdMdDW2zfSB/JWpS5uF0RSiKrSHxrymgaaaS9WNgFOZd9QrPsc6
0bXBNwhxy2IGuc1au24i5auCH4nOWc+FIq4QF7+l8IamE43UzRT49nOnLUKtbTl6
Ag4F8xdVvjJIjntg57PgvyZZC0RQ1bbpaXYjQJd91WR2DP6VkbGXr5NdqQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHmVRrt8c0gabs5R2NRNMP4Wk+C5MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZVpWR3UzeHpTQnB1emxIWTFFMHdfaGFUNExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALViLAwQA
LV6rAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0GCSqGSIb3DQEBCwUA
A4IBAQAT0Sh0NbrOQDH8ALPfQVbn1bUs5WU6TrJ1lfKXYjRdna8tzhRn6eMzuZ9L
S35KTqFieKGFAPtuIsuerXRIwYhbY5xbcoH3Bb0XROVrq1O6xlT++iDrXjrOVggg
YJT3bsIWXYZMZpJ8aQ2tL2qv/iqaduJuUz0kUJi+5leuDE6PlwhPgxptvDLQX35S
uGEFVUR0Sg/DpdBUzoQLj3HFJqgBNWmJ5QKnX3Obv7K8NcstpMLLqIrS0O40+frS
BzOpjY6h3fdC5AH/vGAZ5JAvrxQC313AjP1dr2GP0Gp09ICRIka8eKrCJc5goeMr
YxUEAWPW9hdxhL0ApUKGiOVuv/10
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org