Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/uy0HctAa94olaxGgr0k9L7irWTk.roa
File:                     uy0HctAa94olaxGgr0k9L7irWTk.roa (raw, json)
Hash identifier:          /JwtAem94u7Cxt1dmqx605GFrvwNWjJIFE/p51zwhkQ=
Subject key identifier:   BB:2D:07:72:D0:1A:F7:8A:25:6B:11:A0:AF:49:3D:2F:B8:AB:59:39
Certificate issuer:       /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial:       01856BE584AA31D101229D705C9C3FB37E0A
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/uy0HctAa94olaxGgr0k9L7irWTk.roa
Signing time:             Sun 01 Jan 2023 05:54:41 +0000
ROA not before:           Sun 01 Jan 2023 05:54:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29405
IP address blocks:        185.176.72.0/22 maxlen: 22
                          46.229.230.0/24 maxlen: 24
                          81.89.48.0/20 maxlen: 20
                          86.110.224.0/19 maxlen: 19
                          176.109.56.0/21 maxlen: 21
                          86.110.229.0/24 maxlen: 24
                          92.240.230.0/24 maxlen: 24
                          92.240.229.0/24 maxlen: 24
                          92.240.228.0/24 maxlen: 24
                          92.240.231.0/24 maxlen: 24
                          92.240.234.0/24 maxlen: 24
                          92.240.237.0/24 maxlen: 24
                          92.240.236.0/24 maxlen: 24
                          92.240.235.0/24 maxlen: 24
                          92.240.241.0/24 maxlen: 24
                          92.240.244.0/24 maxlen: 24
                          92.240.242.0/24 maxlen: 24
                          92.240.245.0/24 maxlen: 24
                          92.240.253.0/24 maxlen: 24
                          92.240.249.0/24 maxlen: 24
                          92.240.254.0/24 maxlen: 24
                          217.73.16.0/24 maxlen: 24
                          217.73.16.0/20 maxlen: 20
                          217.73.17.0/24 maxlen: 24
                          93.184.64.0/20 maxlen: 20
                          46.229.224.0/20 maxlen: 20
                          109.74.144.0/20 maxlen: 20
                          2a01:390::/32 maxlen: 32
                          2a00:10d8::/32 maxlen: 32
                          2a00:10d8:10::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 20 Jan 2023 09:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:e5:84:aa:31:d1:01:22:9d:70:5c:9c:3f:b3:7e:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
        Validity
            Not Before: Jan  1 05:54:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb2d0772d01af78a256b11a0af493d2fb8ab5939
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ca:ae:d3:78:05:ae:9c:e6:b4:ef:f9:d3:21:
                    5d:20:ea:68:2b:b2:af:37:eb:87:b8:69:fc:5b:cf:
                    0c:b8:bc:34:62:09:3f:8f:30:76:f8:ef:4f:cd:67:
                    77:60:0a:bc:82:b3:aa:30:c5:4d:73:10:34:36:de:
                    4f:3d:d7:6b:c8:60:19:ab:a6:a5:ee:1d:2d:20:11:
                    8c:e9:ab:63:22:98:bc:f2:15:63:29:58:f0:e7:c0:
                    7a:d2:7d:f2:d1:7c:3f:4a:81:3e:2b:2d:2d:34:01:
                    6c:12:ba:92:a9:4b:b0:be:4f:07:12:ca:67:0b:26:
                    f6:c7:05:cd:de:ef:df:3f:c0:11:73:5a:c9:86:32:
                    7a:8b:66:44:d3:29:ee:ef:40:a3:72:3b:bf:7a:0f:
                    48:e3:5d:aa:6a:c1:2f:58:0b:b4:84:bd:fe:a2:d2:
                    d6:e9:39:56:17:d2:a7:b3:66:50:92:fd:c7:69:0d:
                    97:89:ee:0e:25:b8:88:95:3c:4e:d7:71:84:a7:33:
                    37:84:9d:0e:ce:e4:b3:b6:34:70:8e:46:a5:cb:ca:
                    d6:f1:b7:0e:de:6c:f3:2e:fe:de:c3:a8:05:bf:cb:
                    be:87:95:4c:e5:8b:78:f6:21:0a:8b:4b:9d:4b:79:
                    d1:e9:4a:08:97:3e:8a:4e:12:11:eb:03:27:50:f1:
                    98:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:2D:07:72:D0:1A:F7:8A:25:6B:11:A0:AF:49:3D:2F:B8:AB:59:39
            X509v3 Authority Key Identifier:
                keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/uy0HctAa94olaxGgr0k9L7irWTk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.229.224.0/20
                  81.89.48.0/20
                  86.110.224.0/19
                  92.240.228.0/22
                  92.240.234.0-92.240.237.255
                  92.240.241.0-92.240.242.255
                  92.240.244.0/23
                  92.240.249.0/24
                  92.240.253.0-92.240.254.255
                  93.184.64.0/20
                  109.74.144.0/20
                  176.109.56.0/21
                  185.176.72.0/22
                  217.73.16.0/20
                IPv6:
                  2a00:10d8::/32
                  2a01:390::/32

    Signature Algorithm: sha256WithRSAEncryption
         20:a9:e3:c2:f6:07:af:0f:94:77:f0:d5:b9:50:19:74:3a:a6:
         a9:e9:dc:cf:1e:11:11:8e:67:91:fb:ee:71:43:fc:28:f4:cb:
         ba:89:4c:ce:92:1d:98:38:26:b9:af:72:b0:84:5c:70:ff:ae:
         1f:66:7e:d1:6f:be:af:b7:9a:48:4d:81:c2:84:44:f5:4b:0d:
         20:17:3f:c9:b1:14:52:eb:cf:99:1b:80:ed:44:b7:18:76:ee:
         b4:74:5f:55:8f:13:35:69:bf:70:05:59:a6:48:b3:da:b6:bb:
         7f:fe:12:86:d5:6a:03:01:32:75:49:db:84:6c:f7:ed:bf:0f:
         e9:a5:79:d7:cd:ea:2f:37:fb:3c:bf:51:c1:e4:9d:ff:c5:99:
         70:60:f9:8b:82:16:0d:6d:30:2c:41:3e:ee:00:9c:59:38:56:
         20:9e:a4:f0:d7:86:7c:79:ab:50:52:9f:0a:fb:11:54:c6:84:
         47:d6:d2:e2:82:26:cc:52:0c:da:94:97:1f:b3:41:94:ee:82:
         80:03:32:17:ff:79:bc:5b:91:c4:bb:1c:58:9c:1a:f5:22:54:
         37:26:ca:ad:5e:d9:ed:e1:2e:ac:8f:2f:93:cd:be:83:5a:f3:
         8b:8e:e6:ed:74:d3:67:28:ef:da:8e:96:af:92:4b:54:69:e8:
         f8:28:ec:06
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYVr5YSqMdEBIp1wXJw/s34KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjMwMTAxMDU1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjJkMDc3MmQwMWFmNzhhMjU2YjExYTBhZjQ5M2QyZmI4YWI1OTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMqu03gFrpzmtO/50yFdIOpoK7Kv
N+uHuGn8W88MuLw0Ygk/jzB2+O9PzWd3YAq8grOqMMVNcxA0Nt5PPddryGAZq6al
7h0tIBGM6atjIpi88hVjKVjw58B60n3y0Xw/SoE+Ky0tNAFsErqSqUuwvk8HEspn
Cyb2xwXN3u/fP8ARc1rJhjJ6i2ZE0ynu70Cjcju/eg9I412qasEvWAu0hL3+otLW
6TlWF9Kns2ZQkv3HaQ2Xie4OJbiIlTxO13GEpzM3hJ0OzuSztjRwjkaly8rW8bcO
3mzzLv7ew6gFv8u+h5VM5Yt49iEKi0udS3nR6UoIlz6KThIR6wMnUPGY/wIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFLstB3LQGveKJWsRoK9JPS+4q1k5MB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEvdXkwSGN0QWE5NG9sYXhHZ3IwazlMN2lyV1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQELuXg
AwQEUVkwAwQFVm7gAwQCXPDkMAwDBAFc8OoDBAFc8OwwDAMEAFzw8QMEAFzw8gME
AVzw9AMEAFzw+TAMAwQAXPD9AwQAXPD+AwQEXbhAAwQEbUqQAwQDsG04AwQCubBI
AwQE2UkQMBQEAgACMA4DBQAqABDYAwUAKgEDkDANBgkqhkiG9w0BAQsFAAOCAQEA
IKnjwvYHrw+Ud/DVuVAZdDqmqenczx4REY5nkfvucUP8KPTLuolMzpIdmDgmua9y
sIRccP+uH2Z+0W++r7eaSE2BwoRE9UsNIBc/ybEUUuvPmRuA7US3GHbutHRfVY8T
NWm/cAVZpkiz2ra7f/4ShtVqAwEydUnbhGz37b8P6aV5183qLzf7PL9RweSd/8WZ
cGD5i4IWDW0wLEE+7gCcWThWIJ6k8NeGfHmrUFKfCvsRVMaER9bS4oImzFIM2pSX
H7NBlO6CgAMyF/95vFuRxLscWJwa9SJUNybKrV7Z7eEurI8vk82+g1rzi47m7XTT
Zyjv2o6Wr5JLVGno+CjsBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:30 2024 by rpki-client on console-ams.rpki-client.org