Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pQhiS3sWtkC5_HIbHYFdfRIIu5U.roa
File:                     pQhiS3sWtkC5_HIbHYFdfRIIu5U.roa (raw, json)
Hash identifier:          zqi+G+ZSHgkhC15CoN/I9VbKL9HSjKnE55ESbiQMCaQ=
Subject key identifier:   A5:08:62:4B:7B:16:B6:40:B9:FC:72:1B:1D:81:5D:7D:12:08:BB:95
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018AB965E4C3C02F41A5AF508B680860952F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pQhiS3sWtkC5_HIbHYFdfRIIu5U.roa
Signing time:             Thu 21 Sep 2023 20:19:37 +0000
ROA not before:           Thu 21 Sep 2023 20:19:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        85.209.120.0/23 maxlen: 24
                          45.94.171.0/24 maxlen: 24
                          2.56.110.0/24 maxlen: 24
                          45.138.183.0/24 maxlen: 24
                          195.62.24.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 07:42:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b9:65:e4:c3:c0:2f:41:a5:af:50:8b:68:08:60:95:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Sep 21 20:19:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a508624b7b16b640b9fc721b1d815d7d1208bb95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:3e:bb:ac:ca:44:ae:e7:38:7e:8f:67:5b:4e:
                    b6:98:fe:2e:94:33:f8:3a:2b:ef:4d:58:80:c3:3c:
                    83:b6:72:e2:c6:15:17:b2:fe:ed:58:f8:9c:71:2c:
                    4c:e0:83:87:2a:12:73:19:4c:d7:34:3f:c3:d3:5f:
                    69:06:76:29:38:87:23:d7:fd:79:6a:1e:7b:cd:18:
                    c8:17:12:32:ca:37:66:05:07:fc:13:72:1b:3e:4e:
                    b0:60:55:0b:6e:bd:1f:25:23:d8:2e:08:3e:6d:e7:
                    05:f0:d1:9a:1c:46:ad:4d:eb:cf:3d:b3:54:3e:ba:
                    55:40:a7:03:75:29:51:34:ec:0e:46:3a:47:59:0b:
                    59:01:24:41:8e:a1:03:f9:56:f4:57:63:99:8f:3d:
                    ad:c9:7d:99:7a:34:c7:86:31:00:8b:90:85:3f:b4:
                    eb:39:31:c4:fa:0e:d1:c7:86:4e:95:4d:cf:6a:f8:
                    a3:cf:18:ed:05:cd:fb:48:3e:a3:56:44:42:3d:e9:
                    ba:58:3a:e7:6b:05:13:02:5f:ff:3c:17:77:46:af:
                    2a:b1:86:62:a0:6c:db:84:2d:7f:3e:c6:39:2a:29:
                    82:b5:14:ab:5a:70:ae:13:e8:ab:50:d3:57:44:24:
                    d3:58:ea:da:f5:83:7e:e4:92:9b:bb:1c:6d:c5:42:
                    a2:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:08:62:4B:7B:16:B6:40:B9:FC:72:1B:1D:81:5D:7D:12:08:BB:95
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pQhiS3sWtkC5_HIbHYFdfRIIu5U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.110.0/24
                  45.94.171.0/24
                  45.138.183.0/24
                  85.209.120.0/23
                  195.62.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:b3:aa:5b:90:f7:02:64:21:63:b5:34:5b:bc:92:74:25:27:
         9e:51:f1:c6:b2:38:1c:09:9f:a6:bd:88:f6:96:67:20:22:18:
         90:76:6c:d0:cc:05:a6:b5:43:69:bf:c6:6a:cc:3a:95:40:0f:
         f5:06:2a:74:95:02:ca:91:99:97:d2:e6:73:fc:bc:82:57:c0:
         e4:06:c4:31:ae:6e:36:b5:80:bf:6b:5b:a6:2a:b6:9d:76:f9:
         f9:f1:6e:8a:26:4e:88:19:d7:5b:1e:5b:22:6b:c5:65:6f:8c:
         80:31:03:be:21:4e:ad:3d:e6:8e:d6:e5:a3:37:eb:f4:46:76:
         3f:29:5d:12:e9:79:9f:78:cb:f6:e9:6b:bf:0a:da:d1:55:32:
         e5:16:26:5f:2f:2f:77:99:df:ca:b8:16:9e:52:f8:b6:25:8e:
         f6:e4:9e:d7:f8:aa:c7:8b:a6:34:19:bf:3d:02:19:61:3a:94:
         ad:4e:82:23:2a:39:d6:51:9b:f0:a7:71:25:50:ed:06:2d:6c:
         42:96:7b:ea:f3:09:c4:65:3c:f2:42:3f:ad:36:57:ba:6f:26:
         82:56:55:73:88:e6:d0:ec:4c:34:01:83:0e:fb:29:c2:de:4e:
         f5:25:e5:71:4b:50:c5:27:ce:ec:22:a0:0e:77:e7:a6:34:e2:
         01:24:d6:ca
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYq5ZeTDwC9Bpa9Qi2gIYJUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTIxMjAxOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA4NjI0YjdiMTZiNjQwYjlmYzcyMWIxZDgxNWQ3ZDEyMDhiYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD67rMpEruc4fo9nW062mP4ulDP4
OivvTViAwzyDtnLixhUXsv7tWPiccSxM4IOHKhJzGUzXND/D019pBnYpOIcj1/15
ah57zRjIFxIyyjdmBQf8E3IbPk6wYFULbr0fJSPYLgg+becF8NGaHEatTevPPbNU
PrpVQKcDdSlRNOwORjpHWQtZASRBjqED+Vb0V2OZjz2tyX2ZejTHhjEAi5CFP7Tr
OTHE+g7Rx4ZOlU3PavijzxjtBc37SD6jVkRCPem6WDrnawUTAl//PBd3Rq8qsYZi
oGzbhC1/PsY5KimCtRSrWnCuE+irUNNXRCTTWOra9YN+5JKbuxxtxUKi9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKUIYkt7FrZAufxyGx2BXX0SCLuVMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcFFoaVMzc1d0a0M1X0hJYkhZRmRmUklJdTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjhuAwQA
LV6rAwQALYq3AwQBVdF4AwQAwz4YMA0GCSqGSIb3DQEBCwUAA4IBAQCls6pbkPcC
ZCFjtTRbvJJ0JSeeUfHGsjgcCZ+mvYj2lmcgIhiQdmzQzAWmtUNpv8ZqzDqVQA/1
Bip0lQLKkZmX0uZz/LyCV8DkBsQxrm42tYC/a1umKraddvn58W6KJk6IGddbHlsi
a8Vlb4yAMQO+IU6tPeaO1uWjN+v0RnY/KV0S6XmfeMv26Wu/CtrRVTLlFiZfLy93
md/KuBaeUvi2JY725J7X+KrHi6Y0Gb89AhlhOpStToIjKjnWUZvwp3ElUO0GLWxC
lnvq8wnEZTzyQj+tNle6byaCVlVziObQ7Ew0AYMO+ynC3k71JeVxS1DFJ87sIqAO
d+emNOIBJNbK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org