Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/UlRpquxz_AigZq-r7xRGWvgCa2U.roa
File:                     UlRpquxz_AigZq-r7xRGWvgCa2U.roa (raw, json)
Hash identifier:          NWo3hjMEElZ6cHV9naxKaxfJVkHaKCzhQ9U+6azg7YI=
Subject key identifier:   52:54:69:AA:EC:73:FC:08:A0:66:AF:AB:EF:14:46:5A:F8:02:6B:65
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185A1BEA8B7725DD85848775DFD9597122A
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/UlRpquxz_AigZq-r7xRGWvgCa2U.roa
Signing time:             Wed 11 Jan 2023 16:51:44 +0000
ROA not before:           Wed 11 Jan 2023 16:51:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        193.221.192.0/24 maxlen: 24
                          193.221.193.0/24 maxlen: 24
                          193.221.194.0/24 maxlen: 24
                          83.143.118.0/24 maxlen: 24
                          185.227.69.0/24 maxlen: 24
                          83.143.119.0/24 maxlen: 24
                          45.90.144.0/24 maxlen: 24
                          194.56.225.0/24 maxlen: 24
                          212.107.13.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Feb 2023 10:13:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a1:be:a8:b7:72:5d:d8:58:48:77:5d:fd:95:97:12:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan 11 16:51:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=525469aaec73fc08a066afabef14465af8026b65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:5a:f9:8d:e9:98:7f:20:29:53:65:2e:04:53:
                    c5:8d:75:07:3f:15:24:a3:11:30:6f:89:3a:af:d5:
                    2e:40:1c:44:3f:1f:ad:ef:70:3d:91:cb:b1:a2:b5:
                    01:20:e0:9b:99:ca:5a:79:22:1c:68:7c:c1:a4:cb:
                    f6:a0:b4:07:f9:89:d3:34:57:f9:55:86:8b:a0:b8:
                    e7:c5:2d:63:09:9e:6f:a1:8b:15:88:e5:8b:3c:6f:
                    a9:96:bc:00:c4:d3:93:ca:86:89:3c:17:31:d1:95:
                    25:09:ce:d8:bb:99:1d:6f:4f:0c:68:55:3a:c6:12:
                    b4:80:ce:b8:63:b7:83:a5:b8:26:28:4d:b4:7d:46:
                    81:21:29:2d:7a:dd:18:ed:7a:88:84:87:01:f7:ab:
                    19:a1:f4:88:14:55:58:83:31:fc:08:27:74:ad:70:
                    c8:57:3d:ad:15:fd:10:6d:c5:50:35:01:ae:0e:68:
                    7b:8b:6f:ac:69:b3:77:9d:93:04:ed:99:8a:f3:4a:
                    bd:dd:54:e6:fa:d1:7f:3c:4e:dd:5d:2b:a7:44:97:
                    4e:6d:69:7c:6f:0a:56:8a:59:0e:44:66:86:0f:82:
                    0b:d6:e5:db:10:e8:2e:e4:ee:7a:fa:64:92:1e:dc:
                    4a:15:32:97:42:50:d5:66:37:e3:be:5e:50:ff:7d:
                    ef:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:54:69:AA:EC:73:FC:08:A0:66:AF:AB:EF:14:46:5A:F8:02:6B:65
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/UlRpquxz_AigZq-r7xRGWvgCa2U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.144.0/24
                  83.143.118.0/23
                  185.227.69.0/24
                  193.221.192.0-193.221.194.255
                  194.56.225.0/24
                  212.107.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:a7:55:aa:61:1e:e1:a2:0c:64:c1:51:b4:6b:97:e3:8d:04:
         42:f5:b3:c2:88:f9:8b:49:59:16:fd:9c:7a:fd:31:b8:91:c8:
         6f:bb:9c:0c:58:f8:e5:ca:80:c5:56:3b:2f:ff:38:78:fc:0c:
         52:b5:7e:00:8c:7d:ff:4b:92:55:e8:4c:b3:63:64:06:f9:24:
         31:7e:0e:92:da:1a:e3:23:67:e4:13:0d:7b:5e:33:3d:c4:d6:
         e9:f3:41:d1:53:45:bc:98:6f:cb:4c:71:47:39:93:f7:89:c4:
         38:9e:82:44:4c:c2:a1:71:30:b1:9f:00:99:ba:5a:d8:c8:d3:
         41:47:5d:6a:bd:c7:86:6f:5f:70:2d:fb:14:fd:2a:f8:a8:77:
         7c:90:8e:fe:c7:21:27:39:ab:40:c3:3b:11:8f:4f:74:71:f3:
         96:f4:c3:94:06:44:ac:d6:b6:3a:2d:b7:15:8a:1b:36:a5:d4:
         ba:02:d4:22:53:1a:19:4e:e2:73:2d:a0:43:61:9f:14:a4:ef:
         39:d8:bb:fd:1c:8a:f2:c8:55:f7:da:3d:a8:ca:1a:e0:c5:80:
         c4:1b:df:cc:c6:b2:d8:57:d7:b0:f8:b4:e5:20:4f:a1:ef:a3:
         dd:30:b9:b8:a4:6a:06:c6:17:37:b5:9c:65:84:5d:92:cb:f9:
         4d:ab:07:de
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYWhvqi3cl3YWEh3Xf2VlxIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTExMTY1MTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjU0NjlhYWVjNzNmYzA4YTA2NmFmYWJlZjE0NDY1YWY4MDI2YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVr5jemYfyApU2UuBFPFjXUHPxUk
oxEwb4k6r9UuQBxEPx+t73A9kcuxorUBIOCbmcpaeSIcaHzBpMv2oLQH+YnTNFf5
VYaLoLjnxS1jCZ5voYsViOWLPG+plrwAxNOTyoaJPBcx0ZUlCc7Yu5kdb08MaFU6
xhK0gM64Y7eDpbgmKE20fUaBISktet0Y7XqIhIcB96sZofSIFFVYgzH8CCd0rXDI
Vz2tFf0QbcVQNQGuDmh7i2+sabN3nZME7ZmK80q93VTm+tF/PE7dXSunRJdObWl8
bwpWilkORGaGD4IL1uXbEOgu5O56+mSSHtxKFTKXQlDVZjfjvl5Q/33vRwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFJUaarsc/wIoGavq+8URlr4AmtlMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvVWxScHF1eHpfQWlnWnEtcjd4UkdXdmdDYTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALVqQAwQB
U492AwQAueNFMAwDBAbB3cADBADB3cIDBADCOOEDBADUaw0wDQYJKoZIhvcNAQEL
BQADggEBAJ6nVaphHuGiDGTBUbRrl+ONBEL1s8KI+YtJWRb9nHr9MbiRyG+7nAxY
+OXKgMVWOy//OHj8DFK1fgCMff9LklXoTLNjZAb5JDF+DpLaGuMjZ+QTDXteMz3E
1unzQdFTRbyYb8tMcUc5k/eJxDiegkRMwqFxMLGfAJm6WtjI00FHXWq9x4ZvX3At
+xT9Kviod3yQjv7HISc5q0DDOxGPT3Rx85b0w5QGRKzWtjottxWKGzal1LoC1CJT
GhlO4nMtoENhnxSk7znYu/0civLIVffaPajKGuDFgMQb38zGsthX17D4tOUgT6Hv
o90wubikagbGFze1nGWEXZLL+U2rB94=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org