Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Zq7ssO9aHgl-BZ6cnARIeNH9GVc.roa
File:                     Zq7ssO9aHgl-BZ6cnARIeNH9GVc.roa (raw, json)
Hash identifier:          F73xiVfjWrh5EGaqWx566fvk6zIQyc2yx7lA0ZiqnGE=
Subject key identifier:   66:AE:EC:B0:EF:5A:1E:09:7E:05:9E:9C:9C:04:48:78:D1:FD:19:57
Certificate issuer:       /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial:       018B7314AA26D9A1BD449747390BD443AA10
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Zq7ssO9aHgl-BZ6cnARIeNH9GVc.roa
Signing time:             Fri 27 Oct 2023 21:40:15 +0000
ROA not before:           Fri 27 Oct 2023 21:40:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47583
IP address blocks:        194.55.132.0/24 maxlen: 24
                          194.55.133.0/24 maxlen: 24
                          45.145.184.0/23 maxlen: 24
                          45.145.186.0/23 maxlen: 24
                          193.202.44.0/24 maxlen: 24
                          193.202.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 30 Oct 2023 17:44:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:73:14:aa:26:d9:a1:bd:44:97:47:39:0b:d4:43:aa:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
        Validity
            Not Before: Oct 27 21:40:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=66aeecb0ef5a1e097e059e9c9c044878d1fd1957
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:bb:8a:8d:8e:e3:2e:21:2f:60:88:8f:29:a3:
                    80:68:38:9a:41:40:82:49:de:17:6a:42:67:97:62:
                    b8:0c:38:5b:d3:3d:0d:69:e0:b2:04:e1:b4:df:9e:
                    55:c0:37:fa:72:f8:1a:da:cb:fc:ea:20:27:8e:3a:
                    bd:b9:f7:51:bb:86:12:a9:37:75:a7:4c:9b:13:a9:
                    69:37:e1:23:8f:22:cc:59:29:0b:6f:7e:af:5f:a8:
                    5c:54:64:51:62:99:d4:1a:a6:bf:02:b8:93:84:bf:
                    9a:2f:41:44:21:6e:6e:b9:a3:46:84:78:21:f5:cd:
                    66:56:69:c6:82:1b:6b:71:de:96:ac:80:eb:0a:ef:
                    63:54:e2:46:36:a5:8b:f6:84:1e:f1:79:46:69:a0:
                    7d:a0:ea:21:0e:a5:84:43:37:ef:db:b1:5d:90:f4:
                    59:f4:40:aa:22:45:17:ab:86:d7:69:83:5d:de:8d:
                    1e:72:9f:fe:a2:04:a7:b9:18:60:5f:91:87:2f:e8:
                    22:a2:4b:da:21:17:96:22:17:18:72:3e:71:0f:1d:
                    8e:66:d9:4c:8b:22:56:41:9c:ee:19:23:6a:09:97:
                    36:d7:0f:fd:7b:21:94:ff:a1:02:b5:19:22:03:c9:
                    72:eb:2a:e3:84:26:e3:36:14:22:91:87:62:83:2b:
                    4b:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:AE:EC:B0:EF:5A:1E:09:7E:05:9E:9C:9C:04:48:78:D1:FD:19:57
            X509v3 Authority Key Identifier:
                keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Zq7ssO9aHgl-BZ6cnARIeNH9GVc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.184.0/22
                  193.202.44.0/23
                  194.55.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         83:e6:a0:c4:13:1c:06:42:bb:28:42:9d:45:23:f3:6c:3a:6b:
         44:d2:07:92:a0:f4:a1:b6:00:2b:bc:9c:1c:9f:99:ea:f8:ff:
         af:be:48:9f:5e:06:9d:ed:00:0b:f8:36:86:56:66:7f:67:d5:
         33:1c:6d:35:11:de:3f:8f:d0:b4:8f:80:e9:db:1d:0a:81:87:
         24:d1:98:f4:34:30:9e:97:57:0e:07:57:3f:48:e5:04:7a:c1:
         65:4c:1d:74:05:de:4f:d3:fc:69:39:89:4d:52:17:5c:aa:50:
         4d:85:3d:d2:be:b4:8f:70:cf:34:09:13:de:4f:6f:f5:52:d3:
         8c:9b:fa:1f:80:77:ed:e2:2a:ba:09:0c:88:41:a9:32:5f:b9:
         ec:32:ca:cb:27:04:7a:58:e9:81:3f:a7:c4:47:e3:28:64:bb:
         ac:e6:26:4f:10:97:ad:51:56:78:59:f7:e8:46:cb:99:01:cc:
         1f:aa:b3:99:36:af:d4:c5:14:75:2d:fc:e0:b2:cb:14:58:ab:
         cf:b5:d0:6b:66:35:6d:a7:79:44:0a:b0:bf:52:20:5a:e1:2a:
         01:9f:af:2c:9e:45:a0:f1:d7:0b:f7:79:8f:12:c4:ae:ed:53:
         7e:c0:bc:5a:0a:1e:2f:65:6a:9d:91:80:29:bf:2c:8e:14:1b:
         2f:59:c2:b5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtzFKom2aG9RJdHOQvUQ6oQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMDI3MjE0MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmFlZWNiMGVmNWExZTA5N2UwNTllOWM5YzA0NDg3OGQxZmQxOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLuKjY7jLiEvYIiPKaOAaDiaQUCC
Sd4XakJnl2K4DDhb0z0NaeCyBOG0355VwDf6cvga2sv86iAnjjq9ufdRu4YSqTd1
p0ybE6lpN+EjjyLMWSkLb36vX6hcVGRRYpnUGqa/AriThL+aL0FEIW5uuaNGhHgh
9c1mVmnGghtrcd6WrIDrCu9jVOJGNqWL9oQe8XlGaaB9oOohDqWEQzfv27FdkPRZ
9ECqIkUXq4bXaYNd3o0ecp/+ogSnuRhgX5GHL+giokvaIReWIhcYcj5xDx2OZtlM
iyJWQZzuGSNqCZc21w/9eyGU/6ECtRkiA8ly6yrjhCbjNhQikYdigytLdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGau7LDvWh4JfgWenJwESHjR/RlXMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvWnE3c3NPOWFIZ2wtQlo2Y25BUkllTkg5R1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZG4AwQB
wcosAwQBwjeEMA0GCSqGSIb3DQEBCwUAA4IBAQCD5qDEExwGQrsoQp1FI/NsOmtE
0geSoPShtgArvJwcn5nq+P+vvkifXgad7QAL+DaGVmZ/Z9UzHG01Ed4/j9C0j4Dp
2x0KgYck0Zj0NDCel1cOB1c/SOUEesFlTB10Bd5P0/xpOYlNUhdcqlBNhT3SvrSP
cM80CRPeT2/1UtOMm/ofgHft4iq6CQyIQakyX7nsMsrLJwR6WOmBP6fER+MoZLus
5iZPEJetUVZ4WffoRsuZAcwfqrOZNq/UxRR1LfzgsssUWKvPtdBrZjVtp3lECrC/
UiBa4SoBn68snkWg8dcL93mPEsSu7VN+wLxaCh4vZWqdkYApvyyOFBsvWcK1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org