Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/xPVeLfCapCVHOMt3DlET6sosPWY.roa
File:                     xPVeLfCapCVHOMt3DlET6sosPWY.roa (raw, json)
Hash identifier:          TVXtcuMR/Fw9p0gnbyTVPtoTum9VYp8zo63+1K7QNZ8=
Subject key identifier:   C4:F5:5E:2D:F0:9A:A4:25:47:38:CB:77:0E:51:13:EA:CA:2C:3D:66
Certificate issuer:       /CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Certificate serial:       0185718308A202EABE8F49B9B620B0B60D3A
Authority key identifier: A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/xPVeLfCapCVHOMt3DlET6sosPWY.roa
Signing time:             Mon 02 Jan 2023 08:04:50 +0000
ROA not before:           Mon 02 Jan 2023 08:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202087
IP address blocks:        185.83.148.0/23 maxlen: 23
                          185.83.150.0/23 maxlen: 23
                          94.26.95.0/24 maxlen: 24
                          94.26.93.0/24 maxlen: 24
                          94.26.98.0/23 maxlen: 23
                          94.26.97.0/24 maxlen: 24
                          94.26.101.0/24 maxlen: 24
                          94.26.103.0/24 maxlen: 24
                          94.26.109.0/24 maxlen: 24
                          104.255.128.0/21 maxlen: 21
                          185.75.80.0/22 maxlen: 22
                          185.49.216.0/22 maxlen: 22
                          153.94.56.0/21 maxlen: 21
                          185.94.78.0/23 maxlen: 23
                          185.94.76.0/23 maxlen: 23
                          45.94.8.0/22 maxlen: 22
                          185.9.212.0/22 maxlen: 22
                          192.190.168.0/22 maxlen: 22
                          94.190.197.0/24 maxlen: 24
                          94.190.196.0/22 maxlen: 22
                          94.190.196.0/24 maxlen: 24
                          94.190.199.0/24 maxlen: 24
                          94.190.198.0/24 maxlen: 24
                          45.89.212.0/22 maxlen: 22
                          2a03:50c0:1000::/36 maxlen: 36
                          2a03:50c0:3300::/40 maxlen: 40

Validation:               Failed, certificate revoked on Fri 17 Nov 2023 15:49:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:83:08:a2:02:ea:be:8f:49:b9:b6:20:b0:b6:0d:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
        Validity
            Not Before: Jan  2 08:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c4f55e2df09aa4254738cb770e5113eaca2c3d66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ee:e7:6e:20:46:68:b2:62:0f:f4:10:70:03:
                    bf:28:65:1a:11:1c:61:49:55:a5:1f:bb:23:00:1e:
                    06:9b:51:30:3a:cb:65:af:ba:6d:9d:19:93:48:54:
                    03:41:af:3d:1e:f1:bd:b7:71:3c:16:e5:8a:67:b3:
                    38:ca:56:7c:69:82:82:b9:8f:9c:2d:62:1a:86:43:
                    91:69:1c:38:55:bc:09:9f:f6:97:05:d9:32:61:b9:
                    63:3e:15:4f:7a:c6:cc:db:bf:4f:fe:c1:a0:f8:b0:
                    30:04:51:0b:49:d6:74:7a:dd:f2:2a:66:db:ac:a9:
                    75:7f:91:56:0f:a5:79:28:8a:5a:cd:24:af:25:86:
                    19:05:e7:ad:d0:0e:e8:b0:56:a4:72:5c:03:59:83:
                    f9:73:62:0c:32:c6:24:06:fe:5b:11:35:b3:8a:e5:
                    ed:e8:ca:b3:41:f4:47:b0:f0:67:56:e1:48:bc:d2:
                    4c:6b:78:50:89:cb:cf:a0:ef:fe:0c:08:d5:0a:67:
                    28:e5:33:f6:70:99:5e:37:31:83:eb:17:a0:11:cf:
                    c8:0d:ce:d7:8d:78:36:be:03:7c:2e:89:6b:0d:0e:
                    d7:3c:e7:e3:51:dd:81:61:8c:f8:a9:34:83:4e:4e:
                    51:8e:3b:89:cc:2a:47:a9:37:e3:e8:3c:bf:d4:24:
                    dc:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:F5:5E:2D:F0:9A:A4:25:47:38:CB:77:0E:51:13:EA:CA:2C:3D:66
            X509v3 Authority Key Identifier:
                keyid:A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/xPVeLfCapCVHOMt3DlET6sosPWY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.212.0/22
                  45.94.8.0/22
                  94.26.93.0/24
                  94.26.95.0/24
                  94.26.97.0-94.26.99.255
                  94.26.101.0/24
                  94.26.103.0/24
                  94.26.109.0/24
                  94.190.196.0/22
                  104.255.128.0/21
                  153.94.56.0/21
                  185.9.212.0/22
                  185.49.216.0/22
                  185.75.80.0/22
                  185.83.148.0/22
                  185.94.76.0/22
                  192.190.168.0/22
                IPv6:
                  2a03:50c0:1000::/36
                  2a03:50c0:3300::/40

    Signature Algorithm: sha256WithRSAEncryption
         94:ad:c9:19:bd:76:81:fd:1d:6f:3e:40:14:77:8b:56:f9:62:
         74:7f:64:fe:95:7f:28:3e:00:f8:f7:ab:3a:49:65:76:b2:21:
         68:7c:9e:4d:8f:3e:06:f0:b1:a4:47:0e:c9:a5:83:c9:a5:40:
         54:bc:83:0c:2f:3d:9e:cb:b6:7c:3d:02:16:ee:37:b1:d4:db:
         d0:5e:82:3c:e9:51:68:53:61:25:50:01:01:87:12:94:70:6e:
         91:d1:c9:b0:1c:7a:ea:4f:20:06:cf:99:e2:db:83:b2:79:03:
         da:76:6a:d0:c7:86:f5:9a:bc:de:5a:68:cc:b0:3c:7e:31:82:
         aa:03:4b:d0:cc:e7:02:45:c3:0e:56:94:da:6a:fb:1a:15:d0:
         a0:c5:59:b6:30:77:5c:34:18:32:8e:b2:b0:33:e2:8f:ce:f2:
         dd:b4:eb:10:4d:1d:19:ca:f7:98:5f:02:26:5d:17:7a:21:a2:
         6c:24:25:85:5f:87:04:fc:b8:de:26:95:dc:bd:a3:d7:65:53:
         fa:f1:2a:97:aa:36:66:37:b7:f7:0b:7b:a8:3e:d6:4b:6f:fd:
         24:03:25:41:d2:a1:80:f2:3a:28:b5:06:b1:18:4f:74:f1:43:
         89:07:76:54:e6:85:29:8a:fe:e8:a0:f1:e9:3c:32:9a:a4:82:
         31:00:1e:15
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYVxgwiiAuq+j0m5tiCwtg06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OWM0ZTBjZjVjOGRiYmI2YTY3Y2YxZGEyZjMxZjQxNjI3
NDlmZGQwHhcNMjMwMTAyMDgwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGY1NWUyZGYwOWFhNDI1NDczOGNiNzcwZTUxMTNlYWNhMmMzZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+7nbiBGaLJiD/QQcAO/KGUaERxh
SVWlH7sjAB4Gm1EwOstlr7ptnRmTSFQDQa89HvG9t3E8FuWKZ7M4ylZ8aYKCuY+c
LWIahkORaRw4VbwJn/aXBdkyYbljPhVPesbM279P/sGg+LAwBFELSdZ0et3yKmbb
rKl1f5FWD6V5KIpazSSvJYYZBeet0A7osFakclwDWYP5c2IMMsYkBv5bETWziuXt
6MqzQfRHsPBnVuFIvNJMa3hQicvPoO/+DAjVCmco5TP2cJleNzGD6xegEc/IDc7X
jXg2vgN8LolrDQ7XPOfjUd2BYYz4qTSDTk5RjjuJzCpHqTfj6Dy/1CTc2wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFMT1Xi3wmqQlRzjLdw5RE+rKLD1mMB8GA1UdIwQY
MBaAFKScTgz1yNu7amfPHaLzH0FidJ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMt
ODhlZDhkNzcxN2E0LzEveFBWZUxmQ2FwQ1ZIT010M0RsRVQ2c29zUFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMtODhlZDhkNzcxN2E0
LzEvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB0BAIAATBuAwQCLVnU
AwQCLV4IAwQAXhpdAwQAXhpfMAwDBABeGmEDBAJeGmADBABeGmUDBABeGmcDBABe
Gm0DBAJevsQDBANo/4ADBAOZXjgDBAK5CdQDBAK5MdgDBAK5S1ADBAK5U5QDBAK5
XkwDBALAvqgwFgQCAAIwEAMGBCoDUMAQAwYAKgNQwDMwDQYJKoZIhvcNAQELBQAD
ggEBAJStyRm9doH9HW8+QBR3i1b5YnR/ZP6Vfyg+APj3qzpJZXayIWh8nk2PPgbw
saRHDsmlg8mlQFS8gwwvPZ7Ltnw9AhbuN7HU29BegjzpUWhTYSVQAQGHEpRwbpHR
ybAceupPIAbPmeLbg7J5A9p2atDHhvWavN5aaMywPH4xgqoDS9DM5wJFww5WlNpq
+xoV0KDFWbYwd1w0GDKOsrAz4o/O8t206xBNHRnK95hfAiZdF3ohomwkJYVfhwT8
uN4mldy9o9dlU/rxKpeqNmY3t/cLe6g+1ktv/SQDJUHSoYDyOii1BrEYT3TxQ4kH
dlTmhSmK/uig8ek8MpqkgjEAHhU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:22 2024 by rpki-client on console-ams.rpki-client.org