Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/vnpLmNfvEZ70u32IoiGA5MKPh94.roa
File:                     vnpLmNfvEZ70u32IoiGA5MKPh94.roa (raw, json)
Hash identifier:          gfAnVIcnrsrbj/2h+OHkMVW/RZ+0Fcj8QO7Nsv1DjGg=
Subject key identifier:   BE:7A:4B:98:D7:EF:11:9E:F4:BB:7D:88:A2:21:80:E4:C2:8F:87:DE
Certificate issuer:       /CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Certificate serial:       018570B993504CED35CA17342661762EF77B
Authority key identifier: B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/vnpLmNfvEZ70u32IoiGA5MKPh94.roa
Signing time:             Mon 02 Jan 2023 04:24:48 +0000
ROA not before:           Mon 02 Jan 2023 04:24:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202552
IP address blocks:        185.156.148.0/23 maxlen: 23
                          185.156.148.0/22 maxlen: 22
                          185.156.150.0/24 maxlen: 24
                          81.200.128.0/23 maxlen: 23
                          81.200.140.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:b9:93:50:4c:ed:35:ca:17:34:26:61:76:2e:f7:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
        Validity
            Not Before: Jan  2 04:24:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=be7a4b98d7ef119ef4bb7d88a22180e4c28f87de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:79:74:03:25:22:5e:fd:aa:a5:f3:f9:c3:1d:
                    9e:65:66:71:21:bb:f1:06:b9:23:57:71:db:6b:63:
                    7c:7a:88:cf:bc:76:14:39:d2:3a:8a:80:93:18:f9:
                    96:8e:ba:5d:15:63:47:48:24:42:07:6d:7c:4e:34:
                    82:ab:95:ed:5a:88:20:f0:da:d2:94:25:fc:f7:2d:
                    3c:1a:9a:44:39:8b:59:9a:c4:e2:b6:3a:25:93:6c:
                    0f:04:b4:1f:13:0e:6e:ff:1a:d6:5c:ae:20:dc:65:
                    8a:ea:2f:04:fa:55:17:e9:df:89:37:b7:7d:b9:1d:
                    e8:3d:a7:ab:b8:05:b3:9c:6d:70:57:90:4f:ba:7e:
                    05:55:6f:9c:aa:20:0f:4f:78:8c:17:9a:56:c6:41:
                    2e:91:a3:25:8a:ab:53:4d:8e:77:17:57:47:0f:b9:
                    59:61:74:dd:68:ae:d2:ce:a5:cd:9b:e5:9f:b6:c0:
                    0c:c7:e1:99:09:ee:66:d0:90:c9:3e:f2:04:b2:85:
                    9d:06:f6:4e:6e:8d:44:a4:e7:ad:36:b1:96:3b:8d:
                    96:5b:3f:51:7b:5e:bc:c6:7e:12:10:4b:bf:32:c4:
                    38:a0:2f:9b:7d:37:88:90:15:d7:cf:8b:e2:89:3f:
                    d8:0e:b7:3b:7b:f7:02:f0:b9:96:dd:1b:b7:5b:99:
                    59:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:7A:4B:98:D7:EF:11:9E:F4:BB:7D:88:A2:21:80:E4:C2:8F:87:DE
            X509v3 Authority Key Identifier:
                keyid:B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/vnpLmNfvEZ70u32IoiGA5MKPh94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.200.128.0/23
                  81.200.140.0/22
                  185.156.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0d:4b:42:73:6d:9a:a3:e4:da:57:17:cd:34:2f:71:f6:4a:8d:
         43:7c:5f:c8:ba:13:28:3c:62:55:54:4f:23:db:5e:1e:09:69:
         0f:da:84:f1:e4:54:84:86:d2:52:66:ec:c5:ed:07:e1:6e:4b:
         f2:30:c0:f5:6f:d8:18:b5:ee:17:b2:1e:46:9c:c8:a6:e4:29:
         96:41:95:b8:4b:ae:52:22:bd:17:c6:1e:29:27:d7:a5:96:4a:
         4c:9b:b5:51:c4:9c:bd:5f:b9:63:23:be:60:e1:af:8b:1f:2f:
         95:aa:42:c9:36:26:10:cf:bf:81:78:8b:32:5d:99:fe:14:10:
         98:65:a1:4e:26:ae:a5:cb:07:52:3c:d9:9d:ea:ba:9a:cc:f9:
         b2:44:e5:0e:37:02:f3:73:71:9a:7f:b8:c3:ec:8e:5c:84:2c:
         3b:5e:f8:0b:bb:c5:77:fe:a1:7d:67:a9:f1:47:fc:f2:40:b9:
         7f:ef:3d:f5:b6:1b:02:88:6c:85:39:4e:2d:cf:9b:b4:56:16:
         2d:9b:fa:9c:aa:fa:c5:a5:fd:88:ab:74:bb:b7:a4:6b:31:0d:
         3c:fa:81:6e:b0:67:21:50:b8:ca:43:c9:95:43:7a:51:c5:2e:
         4d:5b:11:f4:23:5d:44:b3:76:6c:d8:9f:ef:99:a4:81:f5:87:
         63:3c:ce:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwuZNQTO01yhc0JmF2Lvd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZTBmNzk4NDFjMDIxMGQ5NWI0ZWY1NmZmNjg0NDFjMmFh
OWZjMGYwHhcNMjMwMTAyMDQyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTdhNGI5OGQ3ZWYxMTllZjRiYjdkODhhMjIxODBlNGMyOGY4N2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnl0AyUiXv2qpfP5wx2eZWZxIbvx
BrkjV3Hba2N8eojPvHYUOdI6ioCTGPmWjrpdFWNHSCRCB218TjSCq5XtWogg8NrS
lCX89y08GppEOYtZmsTitjolk2wPBLQfEw5u/xrWXK4g3GWK6i8E+lUX6d+JN7d9
uR3oPaeruAWznG1wV5BPun4FVW+cqiAPT3iMF5pWxkEukaMliqtTTY53F1dHD7lZ
YXTdaK7SzqXNm+WftsAMx+GZCe5m0JDJPvIEsoWdBvZObo1EpOetNrGWO42WWz9R
e168xn4SEEu/MsQ4oC+bfTeIkBXXz4viiT/YDrc7e/cC8LmW3Ru3W5lZKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL56S5jX7xGe9Lt9iKIhgOTCj4feMB8GA1UdIwQY
MBaAFLjg95hBwCENlbTvVv9oRBwqqfwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2Mt
NmVhM2NiZmQzYTg0LzEvdm5wTG1OZnZFWjcwdTMySW9pR0E1TUtQaDk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2MtNmVhM2NiZmQzYTg0
LzEvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUciAAwQC
UciMAwQCuZyUMA0GCSqGSIb3DQEBCwUAA4IBAQANS0JzbZqj5NpXF800L3H2So1D
fF/IuhMoPGJVVE8j214eCWkP2oTx5FSEhtJSZuzF7QfhbkvyMMD1b9gYte4Xsh5G
nMim5CmWQZW4S65SIr0Xxh4pJ9ellkpMm7VRxJy9X7ljI75g4a+LHy+VqkLJNiYQ
z7+BeIsyXZn+FBCYZaFOJq6lywdSPNmd6rqazPmyROUONwLzc3Gaf7jD7I5chCw7
XvgLu8V3/qF9Z6nxR/zyQLl/7z31thsCiGyFOU4tz5u0VhYtm/qcqvrFpf2Iq3S7
t6RrMQ08+oFusGchULjKQ8mVQ3pRxS5NWxH0I11Es3Zs2J/vmaSB9YdjPM6e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:16 2024 by rpki-client on console-ams.rpki-client.org