Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/kWzZYrD1vobQ0TET_ZpNnXmA9fw.roa
File:                     kWzZYrD1vobQ0TET_ZpNnXmA9fw.roa (raw, json)
Hash identifier:          VtgEyCPAzDtxVSknNUoE1lGJCz/ZXiWxr/bWF/R0QK8=
Subject key identifier:   91:6C:D9:62:B0:F5:BE:86:D0:D1:31:13:FD:9A:4D:9D:79:80:F5:FC
Certificate issuer:       /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial:       018B8CA305F1E7AD16EAD461DBF82027CA4A
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/kWzZYrD1vobQ0TET_ZpNnXmA9fw.roa
Signing time:             Wed 01 Nov 2023 20:46:15 +0000
ROA not before:           Wed 01 Nov 2023 20:46:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60150
IP address blocks:        194.38.48.0/22 maxlen: 24
                          43.240.148.0/22 maxlen: 22
                          45.12.100.0/22 maxlen: 24
                          2a07:5b40::/29 maxlen: 48
                          2a05:ff00::/29 maxlen: 48

Validation:               Failed, certificate revoked on Sun 05 Nov 2023 14:41:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:8c:a3:05:f1:e7:ad:16:ea:d4:61:db:f8:20:27:ca:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
        Validity
            Not Before: Nov  1 20:46:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=916cd962b0f5be86d0d13113fd9a4d9d7980f5fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3a:e7:64:6b:fa:c6:7a:1c:2d:18:43:11:7c:
                    2b:e9:66:10:58:76:f8:14:ad:07:f2:3d:e5:af:42:
                    65:c0:0d:72:ac:0a:71:8a:dc:50:cd:99:15:e3:c2:
                    1a:9f:ac:32:ec:82:09:22:41:e0:0a:39:a1:09:39:
                    74:e0:30:d7:dc:23:8b:98:9e:6b:7a:c5:b4:49:13:
                    6e:df:98:e6:c6:73:7e:06:f5:3e:6c:02:7d:a4:0e:
                    6d:bf:1b:9e:68:58:d1:5c:03:97:66:c1:71:83:ec:
                    a8:1f:f0:ec:e5:07:f4:44:bd:52:1e:46:b5:f4:6d:
                    1b:99:a5:e8:95:5a:55:47:99:8f:8c:0f:ac:12:f5:
                    14:fe:cb:23:3f:ed:ff:26:37:d0:1a:23:e3:22:20:
                    28:4c:4e:f6:33:8f:4e:f2:5e:57:99:e4:4f:f5:fd:
                    43:d7:9c:b0:09:f7:68:cc:98:cd:4f:ee:70:ab:46:
                    4b:ed:e8:10:24:16:38:97:9c:64:2a:b4:fb:14:68:
                    ee:1f:ea:aa:f0:62:2d:2d:c1:e4:4c:09:3b:94:8c:
                    fd:27:50:ac:c5:7a:9b:9d:d8:71:36:53:3a:c3:64:
                    ea:9f:b0:f0:8d:4c:f0:97:e1:6a:8b:85:ca:3e:73:
                    52:37:4f:c3:08:74:4f:91:dd:4d:ff:1c:91:e7:75:
                    57:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:6C:D9:62:B0:F5:BE:86:D0:D1:31:13:FD:9A:4D:9D:79:80:F5:FC
            X509v3 Authority Key Identifier:
                keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/kWzZYrD1vobQ0TET_ZpNnXmA9fw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.240.148.0/22
                  45.12.100.0/22
                  194.38.48.0/22
                IPv6:
                  2a05:ff00::/29
                  2a07:5b40::/29

    Signature Algorithm: sha256WithRSAEncryption
         0a:82:11:60:db:2f:29:aa:6e:22:8a:07:b6:52:7e:6d:83:b9:
         09:c3:0c:4f:b9:59:f3:d4:13:e8:19:e0:8b:ea:a4:9d:dc:d6:
         d1:4a:d1:b3:72:42:f9:82:bd:22:0c:e9:b1:52:5a:78:44:0d:
         db:f1:f7:ab:5f:85:7b:f3:5b:04:59:2c:ac:f7:c2:8c:31:38:
         1c:33:e7:15:de:34:a9:6a:e1:bd:6c:09:fe:2d:28:58:55:d3:
         91:8b:e3:54:f4:02:22:cb:8a:b2:51:92:1d:fe:dc:1f:19:7d:
         de:75:5f:02:58:fe:e6:53:4c:75:17:c5:db:7d:69:2a:7b:01:
         68:a8:54:11:85:30:46:8b:eb:42:df:13:72:1a:5b:79:9f:d4:
         0b:b9:00:a6:6d:2e:6d:f5:12:01:74:f8:84:75:d1:f4:0e:22:
         f8:6e:d9:4c:3f:3d:a6:ae:fe:c2:a1:d2:ce:00:f6:d6:ea:45:
         90:69:14:f4:b7:d0:57:e9:22:91:ed:e2:24:6d:fc:1d:1a:30:
         d0:81:c4:3f:84:eb:f1:0f:9e:1c:4b:77:ca:3e:db:1c:7d:37:
         d8:cd:e5:20:68:09:f4:63:86:70:86:1a:4f:5a:42:af:a2:7f:
         1f:3e:d5:20:5a:b1:c3:4f:ed:40:8f:96:cc:31:c9:56:be:fd:
         d8:5e:66:7a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYuMowXx560W6tRh2/ggJ8pKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjMxMTAxMjA0NjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTZjZDk2MmIwZjViZTg2ZDBkMTMxMTNmZDlhNGQ5ZDc5ODBmNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzrnZGv6xnocLRhDEXwr6WYQWHb4
FK0H8j3lr0JlwA1yrApxitxQzZkV48Ian6wy7IIJIkHgCjmhCTl04DDX3COLmJ5r
esW0SRNu35jmxnN+BvU+bAJ9pA5tvxueaFjRXAOXZsFxg+yoH/Ds5Qf0RL1SHka1
9G0bmaXolVpVR5mPjA+sEvUU/ssjP+3/JjfQGiPjIiAoTE72M49O8l5XmeRP9f1D
15ywCfdozJjNT+5wq0ZL7egQJBY4l5xkKrT7FGjuH+qq8GItLcHkTAk7lIz9J1Cs
xXqbndhxNlM6w2Tqn7DwjUzwl+Fqi4XKPnNSN0/DCHRPkd1N/xyR53VX7QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJFs2WKw9b6G0NExE/2aTZ15gPX8MB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEva1d6WllyRDF2b2JRMFRFVF9acE5uWG1BOWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCK/CUAwQC
LQxkAwQCwiYwMBQEAgACMA4DBQMqBf8AAwUDKgdbQDANBgkqhkiG9w0BAQsFAAOC
AQEACoIRYNsvKapuIooHtlJ+bYO5CcMMT7lZ89QT6Bngi+qkndzW0UrRs3JC+YK9
IgzpsVJaeEQN2/H3q1+Fe/NbBFksrPfCjDE4HDPnFd40qWrhvWwJ/i0oWFXTkYvj
VPQCIsuKslGSHf7cHxl93nVfAlj+5lNMdRfF231pKnsBaKhUEYUwRovrQt8Tchpb
eZ/UC7kApm0ubfUSAXT4hHXR9A4i+G7ZTD89pq7+wqHSzgD21upFkGkU9LfQV+ki
ke3iJG38HRow0IHEP4Tr8Q+eHEt3yj7bHH032M3lIGgJ9GOGcIYaT1pCr6J/Hz7V
IFqxw0/tQI+WzDHJVr792F5meg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:23 2024 by rpki-client on console-ams.rpki-client.org