Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mY6LsQCA13PcKjYBibCFh9O7jds.roa
File:                     mY6LsQCA13PcKjYBibCFh9O7jds.roa (raw, json)
Hash identifier:          0VR5CAoKbopm7F68qpeANZGaMWw4GL1p1kq0vxmJA04=
Subject key identifier:   99:8E:8B:B1:00:80:D7:73:DC:2A:36:01:89:B0:85:87:D3:BB:8D:DB
Certificate issuer:       /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial:       0186499C09303044636168F06EE80B440A21
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mY6LsQCA13PcKjYBibCFh9O7jds.roa
Signing time:             Mon 13 Feb 2023 07:10:08 +0000
ROA not before:           Mon 13 Feb 2023 07:10:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        91.200.223.0/24 maxlen: 24
                          109.122.43.0/24 maxlen: 24
                          109.122.44.0/24 maxlen: 24
                          91.226.57.0/24 maxlen: 24
                          91.226.59.0/24 maxlen: 24
                          193.93.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Feb 2023 05:53:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:49:9c:09:30:30:44:63:61:68:f0:6e:e8:0b:44:0a:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
        Validity
            Not Before: Feb 13 07:10:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=998e8bb10080d773dc2a360189b08587d3bb8ddb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a3:24:de:64:79:13:dc:91:50:5c:0e:76:db:
                    ce:00:f9:1f:ff:de:cd:f2:a5:2d:23:b5:3f:70:39:
                    d4:95:e1:41:f2:9d:d0:0b:57:c5:20:03:3a:06:eb:
                    76:27:5f:75:60:62:e2:24:40:84:dd:35:80:e7:db:
                    99:11:88:d1:2f:0d:5b:51:3f:db:14:e4:76:9c:20:
                    5b:a1:7a:54:77:23:dd:7d:4c:56:83:ef:43:d8:72:
                    32:6f:ea:24:69:1c:c6:bc:df:15:59:f0:92:d8:7b:
                    7f:87:b4:6f:82:c4:b8:0d:50:31:9d:30:5b:5b:ea:
                    cd:c2:b3:a2:cc:2d:77:5b:33:e2:54:47:17:70:7f:
                    aa:4c:e2:1b:20:29:b3:40:58:7e:22:8b:bb:a3:04:
                    ec:f6:60:17:07:49:b9:0b:b8:f0:ed:ce:f4:6c:d9:
                    7c:0c:3c:2c:69:db:87:6d:76:82:82:06:fb:f7:f3:
                    5a:e1:2b:e7:05:66:f0:fb:ea:c9:8d:d3:e0:0b:df:
                    a1:2b:a2:9a:e6:06:31:a2:23:9a:b3:79:21:3d:1c:
                    42:e6:b4:77:06:9a:e6:16:21:06:ec:82:97:61:69:
                    4b:0b:d0:37:65:06:08:9f:1f:76:5f:49:25:1b:97:
                    fc:f5:9a:9f:d3:52:3b:b4:16:7f:77:d0:62:dd:9e:
                    22:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:8E:8B:B1:00:80:D7:73:DC:2A:36:01:89:B0:85:87:D3:BB:8D:DB
            X509v3 Authority Key Identifier:
                keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mY6LsQCA13PcKjYBibCFh9O7jds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.200.223.0/24
                  91.226.57.0/24
                  91.226.59.0/24
                  109.122.43.0-109.122.44.255
                  193.93.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:a8:af:d3:96:3b:af:63:1b:9d:07:f1:21:3d:8c:dc:7e:75:
         26:5f:f3:3a:88:f8:60:17:3f:01:d8:5d:9b:98:f7:97:7b:b5:
         a5:6f:83:65:68:33:ad:9a:3c:43:23:6b:dd:17:2a:bb:e1:f5:
         8f:87:99:b3:f8:cd:bf:86:d3:f4:51:1d:98:7a:04:60:88:ef:
         0c:d9:bd:13:22:3b:02:05:28:d6:36:71:f3:70:33:9d:74:bd:
         17:ec:65:e4:35:cd:04:5f:d4:b6:7a:e1:c8:c7:21:f3:c1:3c:
         35:df:8f:d0:03:33:49:de:7b:49:8d:ae:46:d9:6b:9c:ab:65:
         ef:2c:99:44:8d:1f:05:32:8d:13:5f:95:ca:83:37:18:25:15:
         25:82:ca:97:f5:c2:40:be:c5:0e:15:7f:04:9b:b9:a7:c6:cd:
         22:b6:14:c8:1e:9e:fc:d6:43:2e:47:55:7d:6e:d6:6c:f1:66:
         59:3d:60:74:d2:65:76:e8:ac:fb:b4:2f:a1:3e:87:39:74:0d:
         ba:e5:06:eb:10:40:b4:0e:bd:e8:fd:9a:48:2c:82:0e:2a:65:
         8d:c1:83:69:82:43:dc:ae:0e:7c:aa:ee:68:d0:5c:f4:2f:b8:
         53:3f:cf:95:55:26:b9:b2:c2:b5:58:e2:68:7e:b5:d4:c5:63:
         d3:c2:00:6e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYZJnAkwMERjYWjwbugLRAohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMjEzMDcxMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OThlOGJiMTAwODBkNzczZGMyYTM2MDE4OWIwODU4N2QzYmI4ZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaMk3mR5E9yRUFwOdtvOAPkf/97N
8qUtI7U/cDnUleFB8p3QC1fFIAM6But2J191YGLiJECE3TWA59uZEYjRLw1bUT/b
FOR2nCBboXpUdyPdfUxWg+9D2HIyb+okaRzGvN8VWfCS2Ht/h7RvgsS4DVAxnTBb
W+rNwrOizC13WzPiVEcXcH+qTOIbICmzQFh+Iou7owTs9mAXB0m5C7jw7c70bNl8
DDwsaduHbXaCggb79/Na4SvnBWbw++rJjdPgC9+hK6Ka5gYxoiOas3khPRxC5rR3
BprmFiEG7IKXYWlLC9A3ZQYInx92X0klG5f89Zqf01I7tBZ/d9Bi3Z4ihwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJmOi7EAgNdz3Co2AYmwhYfTu43bMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvbVk2THNRQ0ExM1BjS2pZQmliQ0ZoOU83amRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAW8jfAwQA
W+I5AwQAW+I7MAwDBABteisDBABteiwDBADBXTQwDQYJKoZIhvcNAQELBQADggEB
AHWor9OWO69jG50H8SE9jNx+dSZf8zqI+GAXPwHYXZuY95d7taVvg2VoM62aPEMj
a90XKrvh9Y+HmbP4zb+G0/RRHZh6BGCI7wzZvRMiOwIFKNY2cfNwM510vRfsZeQ1
zQRf1LZ64cjHIfPBPDXfj9ADM0nee0mNrkbZa5yrZe8smUSNHwUyjRNflcqDNxgl
FSWCypf1wkC+xQ4VfwSbuafGzSK2FMgenvzWQy5HVX1u1mzxZlk9YHTSZXborPu0
L6E+hzl0DbrlBusQQLQOvej9mkgsgg4qZY3Bg2mCQ9yuDnyq7mjQXPQvuFM/z5VV
JrmywrVY4mh+tdTFY9PCAG4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org