Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qBtHaVb0jGgAnpVUFGAwj6WqSkE.roa
File:                     qBtHaVb0jGgAnpVUFGAwj6WqSkE.roa (raw, json)
Hash identifier:          74xZAPtmWs6+w0sqPLk0e/MMT4iRIp88uyyCiFhJGQk=
Subject key identifier:   A8:1B:47:69:56:F4:8C:68:00:9E:95:54:14:60:30:8F:A5:AA:4A:41
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018CE8D325762B12F0DEC20BEB7CF7F83CD2
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qBtHaVb0jGgAnpVUFGAwj6WqSkE.roa
Signing time:             Mon 08 Jan 2024 11:26:40 +0000
ROA not before:           Mon 08 Jan 2024 11:26:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        193.30.241.0/24 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          193.57.41.0/24 maxlen: 24
                          45.94.170.0/24 maxlen: 24
                          45.94.171.0/24 maxlen: 24
                          195.177.95.0/24 maxlen: 24
                          45.88.139.0/24 maxlen: 24
                          146.19.125.0/24 maxlen: 24
                          45.81.112.0/24 maxlen: 24
                          45.81.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Jan 2024 17:14:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:e8:d3:25:76:2b:12:f0:de:c2:0b:eb:7c:f7:f8:3c:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan  8 11:26:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a81b476956f48c68009e95541460308fa5aa4a41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:07:a7:86:f8:07:9d:a8:b2:f2:e4:0d:f2:8e:
                    7a:6c:62:b6:d8:38:6e:c6:ce:3c:d3:a2:41:e9:27:
                    56:e2:8f:8b:f3:95:5c:78:fc:6e:3d:70:0f:1c:23:
                    8a:2f:cd:5f:23:fb:f6:ff:9c:7b:eb:7c:c8:0b:6c:
                    a7:ac:91:bb:de:58:82:4f:52:a4:3a:8a:80:32:cc:
                    e1:56:af:e7:8e:eb:60:64:be:59:b2:ec:ed:2b:52:
                    f5:30:9a:4d:47:a2:e5:95:55:fc:c6:8d:da:04:07:
                    64:9e:04:64:e0:28:4e:97:fa:ea:b4:05:55:3d:9c:
                    81:47:fa:85:ce:3e:a7:c2:11:b5:7d:18:9d:36:41:
                    15:ff:06:ff:d1:71:48:a2:e1:3d:b3:ad:09:00:a7:
                    29:ec:c2:b2:0c:5f:2e:5b:45:72:00:25:cd:f1:ee:
                    8d:7f:80:08:5b:f7:06:53:56:7a:c0:61:26:3c:c9:
                    dd:87:0f:e0:6b:c1:71:87:1c:dd:44:80:2d:9f:bd:
                    53:77:95:a7:64:84:c7:ea:98:a6:c6:9e:49:4a:ae:
                    dc:65:75:15:f4:c4:96:ae:0d:92:f9:d6:e4:49:0f:
                    f8:f0:60:9a:a6:35:59:0e:8a:84:c7:bb:03:d7:b6:
                    7c:c5:a7:c4:e9:25:68:4c:cd:ee:5f:f7:fb:2a:0f:
                    9c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:1B:47:69:56:F4:8C:68:00:9E:95:54:14:60:30:8F:A5:AA:4A:41
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/qBtHaVb0jGgAnpVUFGAwj6WqSkE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.81.112.0/24
                  45.81.115.0/24
                  45.88.139.0/24
                  45.94.170.0/23
                  85.209.120.0/23
                  146.19.125.0/24
                  193.30.241.0/24
                  193.57.41.0/24
                  195.177.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:79:66:82:a7:60:f9:3e:a8:56:2b:90:dc:ac:dc:86:cb:c7:
         05:83:19:d3:24:95:8e:5b:e0:e8:0e:ec:ef:1e:13:56:4e:a7:
         a5:bc:28:3d:72:e4:94:b8:2c:e4:7d:1b:ed:5e:54:14:86:cd:
         0b:87:55:90:36:a4:69:7e:d1:93:96:ca:11:d1:3d:f3:d3:a4:
         bb:25:ff:5b:e2:fb:70:d6:8b:1d:48:b0:46:f1:97:cc:21:0f:
         eb:fe:74:50:c0:d8:56:3c:c2:ca:8d:b9:fc:eb:be:7e:2e:63:
         d0:94:6b:4d:19:33:d6:24:5f:d9:94:15:6b:33:95:e5:11:cc:
         2b:1e:91:27:2c:a6:b7:d9:0d:d0:62:81:8e:41:56:f6:ca:34:
         4b:51:f6:f2:30:95:38:ab:14:2d:c2:94:22:d3:85:fb:10:83:
         23:09:32:6d:e9:aa:2d:38:ed:4c:1b:77:ce:52:61:af:40:b2:
         af:4e:70:38:e9:76:d9:9e:98:b3:63:b1:8e:2f:41:08:e4:fb:
         a5:08:aa:90:34:8a:d0:ee:d7:d8:b0:76:ca:69:2a:43:57:ca:
         f2:11:06:73:1b:a7:0e:25:a8:3e:fd:29:ec:ea:b6:9a:cb:0a:
         5c:b7:10:d6:86:ec:c8:bc:5e:ef:99:d1:e2:ba:c4:66:b2:47:
         dd:2c:94:e4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzo0yV2KxLw3sIL63z3+DzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTA4MTEyNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODFiNDc2OTU2ZjQ4YzY4MDA5ZTk1NTQxNDYwMzA4ZmE1YWE0YTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQenhvgHnaiy8uQN8o56bGK22Dhu
xs4806JB6SdW4o+L85VcePxuPXAPHCOKL81fI/v2/5x763zIC2ynrJG73liCT1Kk
OoqAMszhVq/njutgZL5ZsuztK1L1MJpNR6LllVX8xo3aBAdkngRk4ChOl/rqtAVV
PZyBR/qFzj6nwhG1fRidNkEV/wb/0XFIouE9s60JAKcp7MKyDF8uW0VyACXN8e6N
f4AIW/cGU1Z6wGEmPMndhw/ga8FxhxzdRIAtn71Td5WnZITH6pimxp5JSq7cZXUV
9MSWrg2S+dbkSQ/48GCapjVZDoqEx7sD17Z8xafE6SVoTM3uX/f7Kg+ciQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKgbR2lW9IxoAJ6VVBRgMI+lqkpBMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcUJ0SGFWYjBqR2dBbnBWVUZHQXdqNldxU2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVFwAwQA
LVFzAwQALViLAwQBLV6qAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0G
CSqGSIb3DQEBCwUAA4IBAQAjeWaCp2D5PqhWK5DcrNyGy8cFgxnTJJWOW+DoDuzv
HhNWTqelvCg9cuSUuCzkfRvtXlQUhs0Lh1WQNqRpftGTlsoR0T3z06S7Jf9b4vtw
1osdSLBG8ZfMIQ/r/nRQwNhWPMLKjbn8675+LmPQlGtNGTPWJF/ZlBVrM5XlEcwr
HpEnLKa32Q3QYoGOQVb2yjRLUfbyMJU4qxQtwpQi04X7EIMjCTJt6aotOO1MG3fO
UmGvQLKvTnA46XbZnpizY7GOL0EI5PulCKqQNIrQ7tfYsHbKaSpDV8ryEQZzG6cO
Jag+/Sns6raaywpctxDWhuzIvF7vmdHiusRmskfdLJTk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org