Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/susROySx18JW6g6y8a4_6dkhtPY.roa
File:                     susROySx18JW6g6y8a4_6dkhtPY.roa (raw, json)
Hash identifier:          1rQsa6bn7s+ix7mvR0eArj6XfTQWP+SrW3PR/rHI83I=
Subject key identifier:   B2:EB:11:3B:24:B1:D7:C2:56:EA:0E:B2:F1:AE:3F:E9:D9:21:B4:F6
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018CD314EC0D10CA0EF67795FBCA4B7FFE69
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/susROySx18JW6g6y8a4_6dkhtPY.roa
Signing time:             Thu 04 Jan 2024 06:06:52 +0000
ROA not before:           Thu 04 Jan 2024 06:06:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        194.15.98.0/24 maxlen: 24
                          188.209.132.0/22 maxlen: 24
                          188.209.136.0/22 maxlen: 24
                          188.209.140.0/22 maxlen: 24
                          45.65.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 05 Jan 2024 04:23:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:d3:14:ec:0d:10:ca:0e:f6:77:95:fb:ca:4b:7f:fe:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jan  4 06:06:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b2eb113b24b1d7c256ea0eb2f1ae3fe9d921b4f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:5c:67:28:75:ed:14:9c:45:ba:24:07:20:ff:
                    b8:4a:a0:d8:60:1a:d7:2a:9c:fd:ad:6a:12:37:e5:
                    43:41:1c:b1:8c:9d:21:a1:fc:45:70:80:f0:bb:81:
                    89:61:72:fe:29:9e:d2:03:41:4c:7e:77:4d:83:c8:
                    2f:60:33:cc:c6:0f:4b:ab:7e:57:47:b6:c8:66:28:
                    9b:70:8d:4e:bb:5e:97:e9:4b:94:ac:68:df:52:f1:
                    2f:2b:65:26:fb:71:05:e7:db:32:fc:4d:c9:f1:27:
                    8a:11:f5:e6:39:0e:3b:b8:81:0f:d1:b9:0a:b7:d0:
                    6d:52:3f:3c:c8:86:55:a2:8c:f3:8b:0a:44:3e:5f:
                    a4:a2:64:74:4f:7d:7b:ec:df:dd:89:38:37:f7:d5:
                    1e:5e:49:bf:eb:fc:5a:ed:35:d4:ae:5d:65:3f:e5:
                    8b:27:47:a4:2b:9d:f4:2c:91:24:4d:cc:3e:87:9a:
                    ab:b1:97:2a:c6:67:a9:6b:74:c3:95:8c:34:10:d9:
                    c5:f3:ac:30:bd:c2:66:47:76:cb:20:0f:ba:f7:65:
                    e4:2e:d3:26:26:58:83:d5:d8:bc:e7:cf:21:9a:84:
                    d0:aa:05:af:e6:59:9d:39:cc:af:4c:77:fb:fe:36:
                    bf:04:b8:21:f8:ec:35:53:4d:3e:69:80:99:54:6f:
                    8d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:EB:11:3B:24:B1:D7:C2:56:EA:0E:B2:F1:AE:3F:E9:D9:21:B4:F6
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/susROySx18JW6g6y8a4_6dkhtPY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.65.113.0/24
                  188.209.132.0-188.209.143.255
                  194.15.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:2a:51:bd:88:2d:aa:b4:f4:21:3f:53:02:5e:b3:f0:fe:c8:
         6b:78:c9:b3:db:5e:b4:25:0a:8a:a7:8e:c2:88:74:3c:83:8c:
         35:4f:6b:62:83:3e:61:ba:05:ce:1c:c5:ff:6e:75:80:e7:ad:
         4a:c5:c0:a7:3c:bc:3c:a7:0f:a2:b3:c2:4a:2f:26:4f:17:a2:
         5f:34:7f:69:4c:76:32:c6:3a:de:ae:68:40:63:93:ab:3d:31:
         2c:08:ca:77:aa:08:e7:8a:83:49:ed:92:5e:18:26:24:5b:53:
         9a:95:58:16:f5:d4:51:3e:5d:ec:f0:97:a0:9a:fa:34:b0:b2:
         66:4b:28:7a:8b:38:00:73:25:d3:79:95:05:ca:1d:98:5b:f1:
         04:f5:92:5b:08:f8:b5:bb:20:d7:ec:53:48:50:a9:8b:2c:4d:
         61:24:c1:24:b7:bf:3e:d0:16:0f:c7:b9:3a:43:ce:7b:76:80:
         15:66:a8:22:5d:14:40:e3:f9:5a:ce:13:42:ae:ef:42:a4:0d:
         9a:46:af:4b:96:e6:6d:12:ba:95:2b:14:fa:b8:9b:1f:03:33:
         6e:5a:60:da:91:0e:de:a5:25:a2:c2:39:a8:61:87:6d:24:8a:
         0e:8f:9a:66:19:cb:de:a9:2e:27:16:f5:1e:fa:77:80:67:eb:
         46:72:22:cc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzTFOwNEMoO9neV+8pLf/5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTA0MDYwNjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmViMTEzYjI0YjFkN2MyNTZlYTBlYjJmMWFlM2ZlOWQ5MjFiNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFxnKHXtFJxFuiQHIP+4SqDYYBrX
Kpz9rWoSN+VDQRyxjJ0hofxFcIDwu4GJYXL+KZ7SA0FMfndNg8gvYDPMxg9Lq35X
R7bIZiibcI1Ou16X6UuUrGjfUvEvK2Um+3EF59sy/E3J8SeKEfXmOQ47uIEP0bkK
t9BtUj88yIZVoozziwpEPl+komR0T3177N/diTg399UeXkm/6/xa7TXUrl1lP+WL
J0ekK530LJEkTcw+h5qrsZcqxmepa3TDlYw0ENnF86wwvcJmR3bLIA+692XkLtMm
JliD1di8588hmoTQqgWv5lmdOcyvTHf7/ja/BLgh+Ow1U00+aYCZVG+N5wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLLrETsksdfCVuoOsvGuP+nZIbT2MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvc3VzUk95U3gxOEpXNmc2eThhNF82ZGtodFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALUFxMAwD
BAK80YQDBAS80YADBADCD2IwDQYJKoZIhvcNAQELBQADggEBAH8qUb2ILaq09CE/
UwJes/D+yGt4ybPbXrQlCoqnjsKIdDyDjDVPa2KDPmG6Bc4cxf9udYDnrUrFwKc8
vDynD6KzwkovJk8Xol80f2lMdjLGOt6uaEBjk6s9MSwIyneqCOeKg0ntkl4YJiRb
U5qVWBb11FE+Xezwl6Ca+jSwsmZLKHqLOABzJdN5lQXKHZhb8QT1klsI+LW7INfs
U0hQqYssTWEkwSS3vz7QFg/HuTpDznt2gBVmqCJdFEDj+VrOE0Ku70KkDZpGr0uW
5m0SupUrFPq4mx8DM25aYNqRDt6lJaLCOahhh20kig6PmmYZy96pLicW9R76d4Bn
60ZyIsw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org