Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/OZ75sHAGLn2iWmGSxJPrwE_PLzo.roa
File:                     OZ75sHAGLn2iWmGSxJPrwE_PLzo.roa (raw, json)
Hash identifier:          kPz3gZfnePxSppXial7B8oBVcykA+/ORfn+vxGieS9M=
Subject key identifier:   39:9E:F9:B0:70:06:2E:7D:A2:5A:61:92:C4:93:EB:C0:4F:CF:2F:3A
Certificate issuer:       /CN=7a362d783284659dc04eedaf8b8a6fe6e930bd27
Certificate serial:       0189E04D20BE62835B55C1BDC103D300D6AB
Authority key identifier: 7A:36:2D:78:32:84:65:9D:C0:4E:ED:AF:8B:8A:6F:E6:E9:30:BD:27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ejYteDKEZZ3ATu2vi4pv5ukwvSc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/OZ75sHAGLn2iWmGSxJPrwE_PLzo.roa
Signing time:             Thu 10 Aug 2023 16:34:58 +0000
ROA not before:           Thu 10 Aug 2023 16:34:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203067
IP address blocks:        185.145.49.0/24 maxlen: 24
                          185.145.50.0/24 maxlen: 24
                          185.145.51.0/24 maxlen: 24
                          185.145.48.0/24 maxlen: 24
                          46.175.50.0/24 maxlen: 24
                          46.175.48.0/22 maxlen: 22
                          46.175.54.0/24 maxlen: 24
                          46.175.52.0/24 maxlen: 24
                          46.175.55.0/24 maxlen: 24
                          46.175.53.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 11 Aug 2023 14:52:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e0:4d:20:be:62:83:5b:55:c1:bd:c1:03:d3:00:d6:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a362d783284659dc04eedaf8b8a6fe6e930bd27
        Validity
            Not Before: Aug 10 16:34:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=399ef9b070062e7da25a6192c493ebc04fcf2f3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ae:20:66:17:35:77:78:21:2c:83:ba:91:fa:
                    90:c1:87:c9:f5:a3:a4:3b:78:1a:38:30:38:7c:c9:
                    9b:5d:2c:1b:24:bb:25:f0:6c:93:ed:e3:02:08:0d:
                    07:4b:c8:85:8b:3a:19:0a:b9:46:e0:18:e1:28:be:
                    45:f9:b6:4a:d9:96:04:3a:d8:40:7f:03:9c:72:16:
                    5b:f0:99:19:54:38:ce:0e:66:b1:62:6b:d6:a0:e1:
                    ac:aa:89:74:ed:4c:0c:01:59:0e:2f:1e:8a:11:f7:
                    b4:2e:28:ce:9b:ea:bb:09:80:fe:1e:07:e7:ff:93:
                    21:cd:26:a2:e1:52:1c:00:bc:78:e5:00:52:bd:2a:
                    5d:14:44:17:4b:97:f6:4a:a5:c5:6f:d3:22:c8:11:
                    e8:1a:a6:fc:8b:c1:9c:0f:cd:eb:da:d2:dd:4c:72:
                    eb:cf:5e:aa:a9:83:00:99:fc:fa:4b:03:fe:d5:36:
                    b8:01:3c:fe:29:4c:83:cc:85:a8:a1:8b:64:c7:19:
                    d6:6a:5b:24:04:a1:91:b6:43:a2:d5:b2:db:18:92:
                    fc:38:71:5d:6c:f5:17:1f:38:73:b1:13:40:93:de:
                    bd:7c:57:c4:f0:5c:81:1d:1d:a4:d2:22:af:dd:7f:
                    d6:eb:02:34:bb:c0:c6:9d:3e:a6:d5:8b:11:d3:81:
                    04:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:9E:F9:B0:70:06:2E:7D:A2:5A:61:92:C4:93:EB:C0:4F:CF:2F:3A
            X509v3 Authority Key Identifier:
                keyid:7A:36:2D:78:32:84:65:9D:C0:4E:ED:AF:8B:8A:6F:E6:E9:30:BD:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejYteDKEZZ3ATu2vi4pv5ukwvSc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/OZ75sHAGLn2iWmGSxJPrwE_PLzo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/ejYteDKEZZ3ATu2vi4pv5ukwvSc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.175.48.0/21
                  185.145.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         90:08:75:0a:40:b2:3e:a5:02:6e:34:1e:73:c1:0d:d7:b5:41:
         db:16:5c:cb:52:73:bc:17:1c:00:95:ae:f1:54:80:cf:30:53:
         4a:90:a9:09:0c:68:71:9c:13:1e:48:de:0b:bf:aa:b0:5b:e1:
         ae:d7:e5:00:f3:d4:48:20:bc:ce:12:29:ec:97:52:6a:ce:29:
         91:bf:f5:1d:f6:b3:27:05:41:07:ad:c0:cf:0b:a4:be:54:63:
         17:b0:75:a0:c2:0d:da:96:7b:5a:c0:ec:59:e7:a9:99:f7:7c:
         34:fd:97:da:f1:58:69:86:15:62:bf:3b:c3:3e:53:5d:05:8d:
         8d:a2:f3:72:e3:a0:4d:e7:0e:1b:7d:a4:cb:0c:88:96:d5:9e:
         51:6c:04:6b:2d:7f:94:d7:96:c2:45:3c:6d:f8:78:c3:91:9b:
         41:e5:00:d2:7c:66:10:86:64:40:e1:89:f6:22:98:7e:81:d4:
         98:e1:c0:3f:e7:e4:65:89:41:1a:b2:3d:e1:e5:de:03:4a:64:
         76:27:a4:09:f2:c2:70:7b:77:f9:28:6d:74:25:78:0a:ed:d3:
         e8:fa:28:c0:ea:e9:23:75:a0:7a:2f:9b:cf:49:4c:65:62:46:
         c0:df:0a:08:4f:48:19:12:27:43:05:53:38:58:e7:7c:2d:fe:
         14:9f:86:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYngTSC+YoNbVcG9wQPTANarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzYyZDc4MzI4NDY1OWRjMDRlZWRhZjhiOGE2ZmU2ZTkz
MGJkMjcwHhcNMjMwODEwMTYzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTllZjliMDcwMDYyZTdkYTI1YTYxOTJjNDkzZWJjMDRmY2YyZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt64gZhc1d3ghLIO6kfqQwYfJ9aOk
O3gaODA4fMmbXSwbJLsl8GyT7eMCCA0HS8iFizoZCrlG4BjhKL5F+bZK2ZYEOthA
fwOcchZb8JkZVDjODmaxYmvWoOGsqol07UwMAVkOLx6KEfe0LijOm+q7CYD+Hgfn
/5MhzSai4VIcALx45QBSvSpdFEQXS5f2SqXFb9MiyBHoGqb8i8GcD83r2tLdTHLr
z16qqYMAmfz6SwP+1Ta4ATz+KUyDzIWooYtkxxnWalskBKGRtkOi1bLbGJL8OHFd
bPUXHzhzsRNAk969fFfE8FyBHR2k0iKv3X/W6wI0u8DGnT6m1YsR04EEawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDme+bBwBi59olphksST68BPzy86MB8GA1UdIwQY
MBaAFHo2LXgyhGWdwE7tr4uKb+bpML0nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpZdGVES0VaWjNBVHUydmk0cHY1dWt3dlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iZTY4YjktOWI2Mi00YjNlLWE2YTQt
ODY1MDMxZmEwYmY3LzEvT1o3NXNIQUdMbjJpV21HU3hKUHJ3RV9QTHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9iZTY4YjktOWI2Mi00YjNlLWE2YTQtODY1MDMxZmEwYmY3
LzEvZWpZdGVES0VaWjNBVHUydmk0cHY1dWt3dlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLq8wAwQC
uZEwMA0GCSqGSIb3DQEBCwUAA4IBAQCQCHUKQLI+pQJuNB5zwQ3XtUHbFlzLUnO8
FxwAla7xVIDPMFNKkKkJDGhxnBMeSN4Lv6qwW+Gu1+UA89RIILzOEinsl1JqzimR
v/Ud9rMnBUEHrcDPC6S+VGMXsHWgwg3alntawOxZ56mZ93w0/Zfa8VhphhVivzvD
PlNdBY2NovNy46BN5w4bfaTLDIiW1Z5RbARrLX+U15bCRTxt+HjDkZtB5QDSfGYQ
hmRA4Yn2Iph+gdSY4cA/5+RliUEasj3h5d4DSmR2J6QJ8sJwe3f5KG10JXgK7dPo
+ijA6ukjdaB6L5vPSUxlYkbA3woIT0gZEidDBVM4WOd8Lf4Un4ZX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:54 2024 by rpki-client on console-ams.rpki-client.org