Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9zgqwrbbDX5alLOt9wAMuf2dOQg.roa
File:                     9zgqwrbbDX5alLOt9wAMuf2dOQg.roa (raw, json)
Hash identifier:          RwTV1K2iFQHZRLmBCHjWaMZ0Z0LeeqDdHWid5h8A8Ek=
Subject key identifier:   F7:38:2A:C2:B6:DB:0D:7E:5A:94:B3:AD:F7:00:0C:B9:FD:9D:39:08
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       018654905F09733C0F45F56D7EAC25284A30
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9zgqwrbbDX5alLOt9wAMuf2dOQg.roa
Signing time:             Wed 15 Feb 2023 10:13:13 +0000
ROA not before:           Wed 15 Feb 2023 10:13:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        193.221.192.0/24 maxlen: 24
                          193.221.193.0/24 maxlen: 24
                          193.221.194.0/24 maxlen: 24
                          83.143.118.0/24 maxlen: 24
                          83.143.119.0/24 maxlen: 24
                          45.90.144.0/24 maxlen: 24
                          194.56.225.0/24 maxlen: 24
                          212.107.13.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Feb 2023 21:19:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:54:90:5f:09:73:3c:0f:45:f5:6d:7e:ac:25:28:4a:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Feb 15 10:13:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f7382ac2b6db0d7e5a94b3adf7000cb9fd9d3908
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7b:47:ee:b1:9f:94:00:ff:a8:28:78:e6:56:
                    c2:51:69:55:15:00:8b:16:ad:c8:69:fa:c7:fe:fa:
                    e4:08:4e:8e:d9:89:03:f1:62:60:2f:b4:fb:fc:a1:
                    ca:96:12:e9:90:07:3f:3e:ee:ed:5b:33:77:85:ad:
                    be:e2:83:c5:43:4e:0b:0c:58:3b:82:48:2e:92:3e:
                    fe:0f:8e:61:52:f5:5e:ec:a3:0c:aa:94:f9:8f:90:
                    7e:13:a9:7b:71:7b:4b:bd:af:20:36:f9:cd:45:82:
                    0b:0e:f7:09:e8:e4:61:5a:fe:e8:f9:ac:20:5d:44:
                    0c:1e:d7:83:aa:51:be:15:85:28:4e:39:84:42:27:
                    11:9b:99:0b:65:54:87:fe:83:1c:7f:64:d4:ad:bc:
                    23:48:c3:ef:e9:58:bc:2b:f3:27:7b:9b:e1:b7:ba:
                    1a:e9:0b:81:c3:02:a2:e1:27:e3:85:09:89:63:e8:
                    d0:11:fa:54:7b:b0:9f:aa:92:37:f8:c8:24:4c:c7:
                    e4:cf:cd:bb:12:0a:e6:e7:10:98:13:4d:15:f7:fe:
                    f4:cd:4c:b6:ff:2c:34:48:0d:43:9f:1a:73:6f:af:
                    0a:d7:3b:1d:7c:af:91:fd:09:0a:4e:fe:a7:b6:a0:
                    44:28:28:2f:7b:4f:82:0b:a6:5d:e5:89:73:31:f1:
                    30:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:38:2A:C2:B6:DB:0D:7E:5A:94:B3:AD:F7:00:0C:B9:FD:9D:39:08
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9zgqwrbbDX5alLOt9wAMuf2dOQg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.144.0/24
                  83.143.118.0/23
                  193.221.192.0-193.221.194.255
                  194.56.225.0/24
                  212.107.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:82:b5:d2:ab:22:7a:ef:5d:ed:5f:a1:b7:2b:f0:0f:6f:b0:
         ab:b2:78:d0:48:95:67:9a:94:b0:23:e5:d8:97:7e:b3:48:64:
         73:2b:62:fa:c9:f4:3b:6b:ea:dc:eb:fd:06:de:ae:86:c3:c2:
         37:90:c6:0a:f0:2d:2a:dc:5c:eb:9a:ec:be:2a:4f:91:e5:f7:
         63:98:16:81:b2:6d:0e:3e:10:bf:39:03:de:5a:95:5e:35:4c:
         6a:17:47:c2:ea:60:1b:d3:14:cb:2a:44:29:dc:d5:9e:2a:37:
         98:2a:69:f0:05:df:44:14:97:2c:49:70:6e:71:26:9a:45:fb:
         bf:d4:97:17:6e:e4:5c:2b:04:f2:d9:c9:d8:d4:8e:4e:8c:57:
         4c:e6:81:0f:bb:70:14:d9:e8:0f:be:46:2c:e3:d1:b5:27:2e:
         c2:fe:1a:68:5f:b8:3e:91:d2:ae:cd:97:80:2f:f6:8f:98:67:
         71:3b:d7:9e:52:8f:19:c6:de:11:f0:8e:b7:5b:83:8f:02:18:
         8a:e1:98:b2:cf:a7:e7:9f:fc:33:1b:da:9f:7d:07:e5:22:c3:
         4e:c8:7b:b7:51:2a:1f:9a:92:28:a7:37:c7:53:28:c8:2b:42:
         e1:59:18:5d:51:d9:d4:e2:89:09:01:10:a2:3f:0a:e6:66:ee:
         2d:54:0e:ce
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYZUkF8JczwPRfVtfqwlKEowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMjE1MTAxMzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzM4MmFjMmI2ZGIwZDdlNWE5NGIzYWRmNzAwMGNiOWZkOWQzOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXtH7rGflAD/qCh45lbCUWlVFQCL
Fq3IafrH/vrkCE6O2YkD8WJgL7T7/KHKlhLpkAc/Pu7tWzN3ha2+4oPFQ04LDFg7
gkgukj7+D45hUvVe7KMMqpT5j5B+E6l7cXtLva8gNvnNRYILDvcJ6ORhWv7o+awg
XUQMHteDqlG+FYUoTjmEQicRm5kLZVSH/oMcf2TUrbwjSMPv6Vi8K/Mne5vht7oa
6QuBwwKi4SfjhQmJY+jQEfpUe7CfqpI3+MgkTMfkz827Egrm5xCYE00V9/70zUy2
/yw0SA1Dnxpzb68K1zsdfK+R/QkKTv6ntqBEKCgve0+CC6Zd5YlzMfEwGwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPc4KsK22w1+WpSzrfcADLn9nTkIMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvOXpncXdyYmJEWDVhbExPdDl3QU11ZjJkT1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALVqQAwQB
U492MAwDBAbB3cADBADB3cIDBADCOOEDBADUaw0wDQYJKoZIhvcNAQELBQADggEB
AGmCtdKrInrvXe1fobcr8A9vsKuyeNBIlWealLAj5diXfrNIZHMrYvrJ9Dtr6tzr
/QberobDwjeQxgrwLSrcXOua7L4qT5Hl92OYFoGybQ4+EL85A95alV41TGoXR8Lq
YBvTFMsqRCnc1Z4qN5gqafAF30QUlyxJcG5xJppF+7/Ulxdu5FwrBPLZydjUjk6M
V0zmgQ+7cBTZ6A++Rizj0bUnLsL+GmhfuD6R0q7Nl4Av9o+YZ3E7155SjxnG3hHw
jrdbg48CGIrhmLLPp+ef/DMb2p99B+Uiw07Ie7dRKh+akiinN8dTKMgrQuFZGF1R
2dTiiQkBEKI/CuZm7i1UDs4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org