Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tB2urBQWtHmCZtUc2ZXC_1CpgJg.roa
File:                     tB2urBQWtHmCZtUc2ZXC_1CpgJg.roa (raw, json)
Hash identifier:          zc6Rzls1473pgf6uWjkSxLk18fhhCx7IhymLtLuXvg8=
Subject key identifier:   B4:1D:AE:AC:14:16:B4:79:82:66:D5:1C:D9:95:C2:FF:50:A9:80:98
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018CF946925A9E9BC70701AC4CA15CD3A948
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tB2urBQWtHmCZtUc2ZXC_1CpgJg.roa
Signing time:             Thu 11 Jan 2024 16:06:40 +0000
ROA not before:           Thu 11 Jan 2024 16:06:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        193.30.241.0/24 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          193.57.41.0/24 maxlen: 24
                          45.94.171.0/24 maxlen: 24
                          195.177.95.0/24 maxlen: 24
                          45.88.139.0/24 maxlen: 24
                          146.19.125.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 12 Jan 2024 06:19:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f9:46:92:5a:9e:9b:c7:07:01:ac:4c:a1:5c:d3:a9:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Jan 11 16:06:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b41daeac1416b4798266d51cd995c2ff50a98098
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:4e:f8:3b:59:92:8e:98:65:9e:32:42:ae:77:
                    ad:00:0c:33:08:8b:cb:02:46:20:6e:be:23:de:31:
                    a6:e1:fa:92:9f:b4:21:f6:03:21:52:d1:6d:43:6a:
                    30:24:73:5f:94:e8:d1:cf:01:58:69:3a:33:8c:26:
                    ff:c2:ad:ed:1a:61:22:4e:e4:f2:8c:28:46:2f:4e:
                    b5:4c:88:7f:02:88:6a:61:05:6d:29:52:45:a6:0e:
                    ec:df:ac:aa:bd:08:7e:24:25:11:81:a0:47:d0:30:
                    88:31:17:12:ab:fe:74:42:de:74:fb:8a:28:c1:4d:
                    e2:44:33:89:19:ab:70:15:37:ac:85:4f:79:c7:35:
                    89:a1:50:cd:75:0c:24:bc:37:69:64:11:ea:53:ed:
                    68:79:7b:c4:0e:c8:22:7a:c5:ab:f4:86:df:17:f4:
                    57:2c:41:ff:46:0c:a1:07:86:68:9b:74:be:72:0f:
                    14:d3:03:52:95:e0:e5:21:a1:ca:93:27:64:21:9f:
                    b8:20:16:9c:75:d0:dd:40:dd:a0:66:28:1f:3c:0b:
                    3e:34:cc:59:d2:c0:cb:8a:16:cc:19:06:8c:ba:fd:
                    8a:f6:9f:f4:97:26:a9:72:f5:52:33:bf:0f:1b:8f:
                    31:8b:29:c0:49:13:6d:96:47:92:ae:34:b4:eb:a5:
                    83:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:1D:AE:AC:14:16:B4:79:82:66:D5:1C:D9:95:C2:FF:50:A9:80:98
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tB2urBQWtHmCZtUc2ZXC_1CpgJg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.139.0/24
                  45.94.171.0/24
                  85.209.120.0/23
                  146.19.125.0/24
                  193.30.241.0/24
                  193.57.41.0/24
                  195.177.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:cd:c9:70:40:71:c7:d2:1d:5a:2e:e6:58:9c:93:c5:11:16:
         bf:57:68:2d:ef:56:0c:ac:ed:b4:d2:45:2a:e2:d0:6e:a1:79:
         73:eb:3f:aa:34:21:78:6e:b7:e7:1f:49:34:84:fa:2b:97:bf:
         a8:45:af:1d:87:4c:1c:69:7d:62:ae:07:86:33:e7:1f:54:6e:
         6e:4b:7f:52:4b:c7:5f:dd:54:59:b5:5b:8b:41:77:28:9d:f3:
         d2:a1:bf:25:4f:32:ea:ca:3b:36:6c:41:03:54:8b:1d:46:6a:
         85:40:4f:3e:a2:bb:c1:b1:2f:79:a8:15:06:a5:d7:21:0b:63:
         3c:da:6c:fa:1e:10:50:83:4f:f2:d6:ad:7f:fc:7a:77:be:01:
         ea:80:c6:50:ca:68:df:4b:c1:81:9a:06:0c:df:3c:78:3c:88:
         24:60:96:e1:3e:30:18:19:4a:b9:25:1b:bf:ab:96:90:6d:61:
         e9:6a:5c:54:0d:2e:f2:bd:10:43:29:09:4e:50:81:72:fd:36:
         71:3f:63:a3:72:7c:16:26:8e:81:87:f2:2b:ff:de:a3:dc:e2:
         71:9f:7e:d1:a8:c5:89:7c:67:35:01:7a:d3:b7:ed:e6:ba:16:
         c7:55:c8:20:65:57:6b:7e:87:c6:f2:b3:33:36:2e:9b:4e:ef:
         22:d1:ce:6d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYz5RpJanpvHBwGsTKFc06lIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTExMTYwNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDFkYWVhYzE0MTZiNDc5ODI2NmQ1MWNkOTk1YzJmZjUwYTk4MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok74O1mSjphlnjJCrnetAAwzCIvL
AkYgbr4j3jGm4fqSn7Qh9gMhUtFtQ2owJHNflOjRzwFYaTozjCb/wq3tGmEiTuTy
jChGL061TIh/AohqYQVtKVJFpg7s36yqvQh+JCURgaBH0DCIMRcSq/50Qt50+4oo
wU3iRDOJGatwFTeshU95xzWJoVDNdQwkvDdpZBHqU+1oeXvEDsgiesWr9IbfF/RX
LEH/RgyhB4Zom3S+cg8U0wNSleDlIaHKkydkIZ+4IBacddDdQN2gZigfPAs+NMxZ
0sDLihbMGQaMuv2K9p/0lyapcvVSM78PG48xiynASRNtlkeSrjS066WDqwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLQdrqwUFrR5gmbVHNmVwv9QqYCYMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdEIydXJCUVd0SG1DWnRVYzJaWENfMUNwZ0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALViLAwQA
LV6rAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0GCSqGSIb3DQEBCwUA
A4IBAQCrzclwQHHH0h1aLuZYnJPFERa/V2gt71YMrO200kUq4tBuoXlz6z+qNCF4
brfnH0k0hPorl7+oRa8dh0wcaX1irgeGM+cfVG5uS39SS8df3VRZtVuLQXconfPS
ob8lTzLqyjs2bEEDVIsdRmqFQE8+orvBsS95qBUGpdchC2M82mz6HhBQg0/y1q1/
/Hp3vgHqgMZQymjfS8GBmgYM3zx4PIgkYJbhPjAYGUq5JRu/q5aQbWHpalxUDS7y
vRBDKQlOUIFy/TZxP2OjcnwWJo6Bh/Ir/96j3OJxn37RqMWJfGc1AXrTt+3muhbH
VcggZVdrfofG8rMzNi6bTu8i0c5t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org