Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/VoYdeCCVXGxtTvCVnxo3xffI1Dw.roa
File:                     VoYdeCCVXGxtTvCVnxo3xffI1Dw.roa (raw, json)
Hash identifier:          DqVHMAwEPQFB+MhGmZU8sSlKW8bPakoeZfS+4n/flmo=
Subject key identifier:   56:86:1D:78:20:95:5C:6C:6D:4E:F0:95:9F:1A:37:C5:F7:C8:D4:3C
Certificate issuer:       /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial:       01856C780E682BF3F6598F450A90782AEAF7
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/VoYdeCCVXGxtTvCVnxo3xffI1Dw.roa
Signing time:             Sun 01 Jan 2023 08:34:45 +0000
ROA not before:           Sun 01 Jan 2023 08:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        45.94.136.0/24 maxlen: 24
                          45.94.137.0/24 maxlen: 24
                          45.94.138.0/24 maxlen: 24
                          45.94.139.0/24 maxlen: 24
                          5.253.184.0/23 maxlen: 23
                          185.114.204.0/24 maxlen: 24
                          5.253.187.0/24 maxlen: 24
                          185.114.206.0/23 maxlen: 23
                          193.135.220.0/22 maxlen: 22
                          88.218.196.0/22 maxlen: 22
                          185.219.160.0/24 maxlen: 24
                          185.219.163.0/24 maxlen: 24
                          45.81.161.0/24 maxlen: 24
                          45.81.162.0/24 maxlen: 24
                          45.81.163.0/24 maxlen: 24
                          45.130.33.0/24 maxlen: 24
                          45.130.34.0/23 maxlen: 23
                          193.111.184.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 02 Jan 2023 12:31:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:78:0e:68:2b:f3:f6:59:8f:45:0a:90:78:2a:ea:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
        Validity
            Not Before: Jan  1 08:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=56861d7820955c6c6d4ef0959f1a37c5f7c8d43c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:58:d4:23:e5:38:51:fc:9a:ad:b7:f9:aa:b1:
                    cd:5a:86:b5:0a:31:74:d1:fb:1a:ae:99:41:37:4a:
                    44:53:d0:e4:98:4a:b3:4c:49:54:85:0d:69:49:e4:
                    3c:83:fa:db:39:ff:da:a3:b8:53:6f:7c:f3:0d:b2:
                    16:60:19:e6:41:87:c4:8b:a6:f1:19:72:3d:ea:30:
                    7a:18:7f:1e:0d:7b:11:d9:38:01:f9:3d:0f:3b:ad:
                    85:c8:54:f2:d9:2a:41:86:2f:78:9f:a3:85:26:5f:
                    0b:de:96:94:a1:49:b7:30:69:dc:5e:d0:08:25:4c:
                    69:6b:44:16:6a:b8:9b:bd:d5:3a:5a:1d:ac:32:bb:
                    09:2b:78:b7:72:0b:d2:02:90:75:24:42:be:6d:a9:
                    ea:85:28:9e:21:b3:3c:a8:4b:48:d2:9a:2f:75:a7:
                    1c:cc:dc:e3:75:7e:cf:77:50:29:80:7d:9e:e9:31:
                    36:4b:6b:e1:21:7d:bc:7a:db:fc:39:de:2a:05:0b:
                    fe:fe:d0:8a:9a:4a:b0:c8:4b:44:4a:5a:94:c3:12:
                    27:21:c4:06:da:90:c3:79:dc:8e:f1:d6:d4:17:88:
                    66:db:eb:91:8a:df:ec:4b:4b:47:4e:a6:b8:29:c1:
                    17:f2:7d:53:2a:4a:7f:8f:ba:70:44:d4:17:e1:e3:
                    c3:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:86:1D:78:20:95:5C:6C:6D:4E:F0:95:9F:1A:37:C5:F7:C8:D4:3C
            X509v3 Authority Key Identifier:
                keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/VoYdeCCVXGxtTvCVnxo3xffI1Dw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.184.0/23
                  5.253.187.0/24
                  45.81.161.0-45.81.163.255
                  45.94.136.0/22
                  45.130.33.0-45.130.35.255
                  88.218.196.0/22
                  185.114.204.0/24
                  185.114.206.0/23
                  185.219.160.0/24
                  185.219.163.0/24
                  193.111.184.0/22
                  193.135.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:da:4a:df:8d:73:a4:71:0e:f2:c5:ce:0e:bc:28:62:64:e6:
         3c:5c:ef:67:c2:4a:47:74:33:f1:d4:d7:fd:07:c1:df:94:f8:
         e6:ce:f8:a6:17:97:80:b5:ca:55:10:95:9f:55:15:e4:18:a8:
         a8:44:fc:60:cc:a4:ff:ef:c5:93:ad:e2:55:6c:b0:b1:de:e3:
         d0:a8:43:18:bd:1a:bd:31:dc:9a:54:77:6f:b5:d2:83:13:b6:
         39:36:9b:4e:94:14:96:b0:59:5a:2b:66:f8:12:3e:9b:8d:b8:
         0d:f7:d1:10:f7:54:1a:6c:70:02:af:63:1c:5c:a7:5b:a4:65:
         5c:8f:70:1d:50:a0:a8:09:93:1d:5e:17:90:37:30:66:d9:ae:
         87:0a:c3:13:00:81:3a:c2:4d:93:ee:74:42:9a:85:59:90:33:
         c4:ba:56:bc:3b:01:fc:e9:9f:a3:12:fa:c4:72:81:53:0b:94:
         88:9b:67:18:c1:ac:37:f1:58:56:e1:83:78:02:ab:07:7b:13:
         83:33:d0:6b:3b:4d:8a:6f:7d:dc:a0:a8:72:0e:1c:57:47:e7:
         0b:c0:f7:c7:97:6c:36:87:36:e3:26:34:91:88:7a:2e:0d:ba:
         87:1f:bd:cf:fc:c0:5e:b4:6c:9e:0d:73:5b:24:2e:9a:8f:2e:
         e3:51:8a:bc
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYVseA5oK/P2WY9FCpB4Kur3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMwMTAxMDgzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njg2MWQ3ODIwOTU1YzZjNmQ0ZWYwOTU5ZjFhMzdjNWY3YzhkNDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1jUI+U4Ufyarbf5qrHNWoa1CjF0
0fsarplBN0pEU9DkmEqzTElUhQ1pSeQ8g/rbOf/ao7hTb3zzDbIWYBnmQYfEi6bx
GXI96jB6GH8eDXsR2TgB+T0PO62FyFTy2SpBhi94n6OFJl8L3paUoUm3MGncXtAI
JUxpa0QWaribvdU6Wh2sMrsJK3i3cgvSApB1JEK+banqhSieIbM8qEtI0povdacc
zNzjdX7Pd1ApgH2e6TE2S2vhIX28etv8Od4qBQv+/tCKmkqwyEtESlqUwxInIcQG
2pDDedyO8dbUF4hm2+uRit/sS0tHTqa4KcEX8n1TKkp/j7pwRNQX4ePDUwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFFaGHXgglVxsbU7wlZ8aN8X3yNQ8MB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvVm9ZZGVDQ1ZYR3h0VHZDVm54bzN4ZmZJMUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBBf24AwQA
Bf27MAwDBAAtUaEDBAItUaADBAItXogwDAMEAC2CIQMEAi2CIAMEAljaxAMEALly
zAMEAblyzgMEALnboAMEALnbowMEAsFvuAMEAsGH3DANBgkqhkiG9w0BAQsFAAOC
AQEAHdpK341zpHEO8sXODrwoYmTmPFzvZ8JKR3Qz8dTX/QfB35T45s74pheXgLXK
VRCVn1UV5BioqET8YMyk/+/Fk63iVWywsd7j0KhDGL0avTHcmlR3b7XSgxO2OTab
TpQUlrBZWitm+BI+m424DffREPdUGmxwAq9jHFynW6RlXI9wHVCgqAmTHV4XkDcw
ZtmuhwrDEwCBOsJNk+50QpqFWZAzxLpWvDsB/OmfoxL6xHKBUwuUiJtnGMGsN/FY
VuGDeAKrB3sTgzPQaztNim993KCocg4cV0fnC8D3x5dsNoc24yY0kYh6Lg26hx+9
z/zAXrRsng1zWyQumo8u41GKvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:16 2024 by rpki-client on console-fra.rpki-client.org