Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/oNmS5_fFOGqZqVuwS3L3R6Z8LwY.roa
File:                     oNmS5_fFOGqZqVuwS3L3R6Z8LwY.roa (raw, json)
Hash identifier:          SnofQ93Pwi130XKTOQYkxCkJAxhNxE7urz9Xa0fW46Y=
Subject key identifier:   A0:D9:92:E7:F7:C5:38:6A:99:A9:5B:B0:4B:72:F7:47:A6:7C:2F:06
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       0187916449103F3F96056306917922995A57
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/oNmS5_fFOGqZqVuwS3L3R6Z8LwY.roa
Signing time:             Mon 17 Apr 2023 22:44:41 +0000
ROA not before:           Mon 17 Apr 2023 22:44:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     22773
IP address blocks:        85.8.160.0/23 maxlen: 23
                          85.8.162.0/23 maxlen: 23
                          84.54.0.0/23 maxlen: 23
                          84.54.2.0/23 maxlen: 23
                          85.8.144.0/23 maxlen: 23
                          85.8.146.0/23 maxlen: 23
                          176.53.168.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 02 Oct 2023 10:20:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:91:64:49:10:3f:3f:96:05:63:06:91:79:22:99:5a:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Apr 17 22:44:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a0d992e7f7c5386a99a95bb04b72f747a67c2f06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:cc:47:cf:8a:d0:fb:98:da:c9:e7:61:f8:e9:
                    52:04:e9:40:0d:a0:b2:26:e4:66:13:a1:df:12:f8:
                    7a:46:2d:71:4b:7a:99:3a:25:df:98:82:bc:57:a4:
                    89:61:12:7e:55:7e:1f:ad:39:09:5f:ac:99:cc:40:
                    b1:2f:1d:58:b6:f8:bb:93:7d:48:b2:7b:b1:76:e5:
                    e4:1c:69:eb:ec:1b:ec:23:f7:e5:f7:d0:0f:9b:28:
                    6f:5d:f6:c2:dd:92:35:f5:04:26:8d:c7:e0:2a:ee:
                    9e:98:73:9d:12:44:ad:d8:93:fb:d0:a7:03:b9:ac:
                    bd:1f:9e:15:27:d4:96:46:d5:ca:e5:a3:4a:e7:27:
                    85:dc:d5:4d:7b:89:43:51:1b:95:e8:0f:89:4c:dc:
                    32:26:4f:b3:1b:6e:07:3d:87:ad:8e:f2:54:73:1e:
                    25:75:3c:a1:8b:ba:cc:c1:dd:23:70:16:cd:8c:e6:
                    1c:29:dc:2b:84:88:e1:45:4c:dc:32:45:2c:1b:49:
                    d1:f0:ab:c7:f2:a0:7c:ee:8e:83:2a:bd:23:a1:74:
                    f5:0b:c7:3b:dc:20:34:f9:32:14:b4:e5:d6:7d:98:
                    10:f2:e3:1f:ea:32:eb:72:c2:d4:a8:70:a6:b2:96:
                    7d:7a:62:df:b9:70:a9:22:95:17:80:5e:d6:76:17:
                    ed:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:D9:92:E7:F7:C5:38:6A:99:A9:5B:B0:4B:72:F7:47:A6:7C:2F:06
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/oNmS5_fFOGqZqVuwS3L3R6Z8LwY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.54.0.0/22
                  85.8.144.0/22
                  85.8.160.0/22
                  176.53.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:f5:9b:3c:38:67:cc:f4:95:fb:70:85:19:38:62:d4:d4:7c:
         50:34:d1:d2:7b:6e:78:73:e2:24:6b:70:20:6d:95:1d:d7:e2:
         19:f9:79:9b:52:86:73:5a:3b:8b:46:87:e7:86:7a:e1:0b:69:
         1e:a5:13:b0:26:41:f2:e5:9a:1c:f1:f8:63:ed:b4:5a:f7:4c:
         3b:0f:06:05:f7:a6:8a:af:cf:8c:1e:4d:3c:ef:d1:1e:85:bf:
         c5:33:96:36:56:b2:0f:c2:41:53:a9:33:93:85:d0:e2:c9:ee:
         cd:94:7e:0c:87:b8:cd:1e:3a:9e:19:6d:ff:d4:69:14:3c:cd:
         bf:21:13:f5:aa:91:d9:4b:89:4c:75:5d:77:c3:eb:5e:be:fb:
         4e:4c:3f:60:26:a9:ca:14:38:26:16:fd:31:71:1a:62:65:2f:
         7c:2f:28:97:7c:aa:ca:84:8f:34:85:b1:59:c3:a6:03:b2:6e:
         6d:3b:b0:fc:22:2b:b1:62:28:fc:e4:cd:24:ee:cc:d4:e1:8b:
         8e:4b:b3:4f:b5:42:39:5e:d9:ff:a1:43:e4:f4:1a:4c:c5:b5:
         6e:83:7c:1d:2d:9f:7f:d1:2b:fb:bf:05:8c:64:2b:39:ed:4f:
         0f:9e:2d:0d:84:2a:8b:7a:04:84:60:f9:28:fb:9c:56:0f:73:
         2a:7b:04:e7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYeRZEkQPz+WBWMGkXkimVpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwNDE3MjI0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGQ5OTJlN2Y3YzUzODZhOTlhOTViYjA0YjcyZjc0N2E2N2MyZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcxHz4rQ+5jayedh+OlSBOlADaCy
JuRmE6HfEvh6Ri1xS3qZOiXfmIK8V6SJYRJ+VX4frTkJX6yZzECxLx1Ytvi7k31I
snuxduXkHGnr7BvsI/fl99APmyhvXfbC3ZI19QQmjcfgKu6emHOdEkSt2JP70KcD
uay9H54VJ9SWRtXK5aNK5yeF3NVNe4lDURuV6A+JTNwyJk+zG24HPYetjvJUcx4l
dTyhi7rMwd0jcBbNjOYcKdwrhIjhRUzcMkUsG0nR8KvH8qB87o6DKr0joXT1C8c7
3CA0+TIUtOXWfZgQ8uMf6jLrcsLUqHCmspZ9emLfuXCpIpUXgF7WdhftYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKDZkuf3xThqmalbsEty90emfC8GMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvb05tUzVfZkZPR3FacVZ1d1MzTDNSNlo4THdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVDYAAwQC
VQiQAwQCVQigAwQCsDWoMA0GCSqGSIb3DQEBCwUAA4IBAQBy9Zs8OGfM9JX7cIUZ
OGLU1HxQNNHSe254c+Ika3AgbZUd1+IZ+XmbUoZzWjuLRofnhnrhC2kepROwJkHy
5Zoc8fhj7bRa90w7DwYF96aKr8+MHk0879Eehb/FM5Y2VrIPwkFTqTOThdDiye7N
lH4Mh7jNHjqeGW3/1GkUPM2/IRP1qpHZS4lMdV13w+tevvtOTD9gJqnKFDgmFv0x
cRpiZS98LyiXfKrKhI80hbFZw6YDsm5tO7D8IiuxYij85M0k7szU4YuOS7NPtUI5
Xtn/oUPk9BpMxbVug3wdLZ9/0Sv7vwWMZCs57U8Pni0NhCqLegSEYPko+5xWD3Mq
ewTn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org