Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/I124Xib4j2OGd8uxX5FwMsRv4Nc.roa
File:                     I124Xib4j2OGd8uxX5FwMsRv4Nc.roa (raw, json)
Hash identifier:          d9r7sxBRAVS6IAxK2j5qW0lB8Y0ya6sYPYhBUzEgU0g=
Subject key identifier:   23:5D:B8:5E:26:F8:8F:63:86:77:CB:B1:5F:91:70:32:C4:6F:E0:D7
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185738FE6E8A39B12189539B0671EB5C77F
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/I124Xib4j2OGd8uxX5FwMsRv4Nc.roa
Signing time:             Mon 02 Jan 2023 17:38:08 +0000
ROA not before:           Mon 02 Jan 2023 17:38:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        193.221.192.0/24 maxlen: 24
                          193.221.195.0/24 maxlen: 24
                          193.221.193.0/24 maxlen: 24
                          193.221.194.0/24 maxlen: 24
                          83.143.118.0/24 maxlen: 24
                          185.227.69.0/24 maxlen: 24
                          83.143.119.0/24 maxlen: 24
                          45.90.144.0/24 maxlen: 24
                          194.56.225.0/24 maxlen: 24
                          212.107.13.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Jan 2023 16:51:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:8f:e6:e8:a3:9b:12:18:95:39:b0:67:1e:b5:c7:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=235db85e26f88f638677cbb15f917032c46fe0d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:9d:ed:88:11:12:a1:f3:69:b3:d2:ce:42:cc:
                    d4:58:54:06:f4:94:94:65:b1:4b:c0:eb:da:94:48:
                    ae:f2:be:c9:3f:31:48:12:4c:37:e5:d5:c6:76:dc:
                    d8:b3:9f:35:d0:08:8d:fb:4b:ac:a2:cb:8e:fc:31:
                    3c:33:32:6e:7a:dc:cc:00:4c:ad:c3:fc:19:6c:d3:
                    6c:0a:a8:b2:0b:e7:c4:5c:e2:5b:91:a3:01:87:94:
                    80:96:63:c7:d4:0d:27:3b:6e:36:82:c5:c9:a3:fb:
                    a4:6a:ea:64:ab:7c:63:26:65:37:88:3e:7b:9d:0d:
                    d9:a0:19:66:2d:bd:c9:fe:1e:23:66:44:8c:0e:a1:
                    9a:ab:22:71:ba:d3:e2:43:f5:a2:f8:05:f3:79:5e:
                    43:45:a6:f4:19:49:7c:03:ba:f2:02:13:48:f1:a9:
                    dc:60:a2:cd:14:58:67:3f:0a:6e:34:ea:ff:10:1f:
                    4b:88:55:9c:4e:40:f0:f0:ce:48:68:49:cc:45:b6:
                    58:83:d1:60:5a:4b:de:81:f5:eb:44:d0:1d:40:c9:
                    a4:13:ac:ca:0d:28:d4:69:6f:4b:b1:86:04:1d:77:
                    d0:59:2c:95:16:9d:69:77:0e:38:9c:96:a7:67:78:
                    f4:99:52:e0:04:96:f8:99:28:1c:ff:b2:76:de:43:
                    6f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:5D:B8:5E:26:F8:8F:63:86:77:CB:B1:5F:91:70:32:C4:6F:E0:D7
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/I124Xib4j2OGd8uxX5FwMsRv4Nc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.144.0/24
                  83.143.118.0/23
                  185.227.69.0/24
                  193.221.192.0/22
                  194.56.225.0/24
                  212.107.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:ef:7d:44:c7:b3:9d:74:76:59:87:40:86:d3:c7:71:73:38:
         05:e5:c3:9b:52:8c:4c:ce:88:23:46:56:35:41:10:70:36:64:
         aa:7e:d2:f7:60:d3:be:d6:c6:9d:93:2e:db:fb:85:95:30:cb:
         27:4d:57:a0:6d:f8:5a:57:93:e4:64:db:85:4e:62:fe:bf:e1:
         ff:99:35:81:a1:f3:7e:1b:c1:e2:f3:c6:45:b5:c3:aa:f7:08:
         b6:a0:b5:61:6a:67:c6:54:51:52:2e:e5:78:53:44:92:d9:61:
         b4:dc:8c:77:8d:9a:dd:21:3e:e7:a3:f7:63:cd:98:58:ac:b0:
         b2:ef:69:dd:1f:f8:9e:d7:7b:3f:98:09:5f:f6:9a:90:9c:26:
         d6:38:72:1b:e4:01:ce:05:a3:31:62:40:7d:95:1c:19:a5:fd:
         32:bd:99:8f:3f:90:5c:2e:05:b8:5b:8a:67:6b:94:9b:aa:55:
         79:44:22:fe:66:6f:27:9b:4a:d4:bd:58:fe:99:d6:d9:ee:bb:
         6f:59:64:01:84:a2:ff:4c:bf:f5:44:26:32:17:d3:74:58:39:
         f3:20:f8:80:74:35:32:2d:c4:db:a1:ed:7b:9b:b1:ec:8d:b3:
         5f:b4:0a:f6:73:5f:59:f2:44:98:49:e8:bc:5d:62:03:11:56:
         ac:69:c7:b6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVzj+boo5sSGJU5sGcetcd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzVkYjg1ZTI2Zjg4ZjYzODY3N2NiYjE1ZjkxNzAzMmM0NmZlMGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ3tiBESofNps9LOQszUWFQG9JSU
ZbFLwOvalEiu8r7JPzFIEkw35dXGdtzYs5810AiN+0usosuO/DE8MzJuetzMAEyt
w/wZbNNsCqiyC+fEXOJbkaMBh5SAlmPH1A0nO242gsXJo/ukaupkq3xjJmU3iD57
nQ3ZoBlmLb3J/h4jZkSMDqGaqyJxutPiQ/Wi+AXzeV5DRab0GUl8A7ryAhNI8anc
YKLNFFhnPwpuNOr/EB9LiFWcTkDw8M5IaEnMRbZYg9FgWkvegfXrRNAdQMmkE6zK
DSjUaW9LsYYEHXfQWSyVFp1pdw44nJanZ3j0mVLgBJb4mSgc/7J23kNvwQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCNduF4m+I9jhnfLsV+RcDLEb+DXMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSTEyNFhpYjRqMk9HZDh1eFg1RndNc1J2NE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVqQAwQB
U492AwQAueNFAwQCwd3AAwQAwjjhAwQA1GsNMA0GCSqGSIb3DQEBCwUAA4IBAQA/
731Ex7OddHZZh0CG08dxczgF5cObUoxMzogjRlY1QRBwNmSqftL3YNO+1sadky7b
+4WVMMsnTVegbfhaV5PkZNuFTmL+v+H/mTWBofN+G8Hi88ZFtcOq9wi2oLVhamfG
VFFSLuV4U0SS2WG03Ix3jZrdIT7no/djzZhYrLCy72ndH/ie13s/mAlf9pqQnCbW
OHIb5AHOBaMxYkB9lRwZpf0yvZmPP5BcLgW4W4pna5SbqlV5RCL+Zm8nm0rUvVj+
mdbZ7rtvWWQBhKL/TL/1RCYyF9N0WDnzIPiAdDUyLcTboe17m7HsjbNftAr2c19Z
8kSYSei8XWIDEVasace2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org