Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/n2HJuPr4DT8iTJKYSpIei3cnTU0.roa
File:                     n2HJuPr4DT8iTJKYSpIei3cnTU0.roa (raw, json)
Hash identifier:          HK1kScsSiECZJx+0d1Vb3dn5ymaCiLokJlsNzVarFWQ=
Subject key identifier:   9F:61:C9:B8:FA:F8:0D:3F:22:4C:92:98:4A:92:1E:8B:77:27:4D:4D
Certificate issuer:       /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial:       01856F5DE446648F5514612CC4E704009706
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/n2HJuPr4DT8iTJKYSpIei3cnTU0.roa
Signing time:             Sun 01 Jan 2023 22:05:02 +0000
ROA not before:           Sun 01 Jan 2023 22:05:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     45027
IP address blocks:        193.109.217.0/24 maxlen: 24
                          185.66.12.0/22 maxlen: 22
                          185.126.84.0/23 maxlen: 23
                          185.126.86.0/23 maxlen: 23
                          45.153.74.0/23 maxlen: 23
                          195.158.224.0/23 maxlen: 23
                          195.190.12.0/24 maxlen: 24
                          185.80.148.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 22 Aug 2023 16:41:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:e4:46:64:8f:55:14:61:2c:c4:e7:04:00:97:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
        Validity
            Not Before: Jan  1 22:05:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f61c9b8faf80d3f224c92984a921e8b77274d4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:bc:36:b0:8b:d4:fd:00:2b:b2:3c:bd:e5:3b:
                    cd:0c:f8:9b:0a:bd:11:3a:3e:97:24:04:c2:f2:78:
                    15:32:84:a4:87:de:f5:09:f4:7a:4a:67:66:7c:c7:
                    f2:11:b7:e9:04:69:00:0c:8e:17:bc:e7:8c:ca:26:
                    0f:ba:ec:5e:78:0b:91:89:5d:7b:7d:eb:72:e9:42:
                    83:3d:8b:1b:03:30:3f:b3:a3:86:db:4c:80:7f:f2:
                    c9:ac:d7:f4:8f:01:54:ed:f2:8a:80:8c:30:76:34:
                    d8:68:bf:59:2a:97:70:1f:33:ce:48:09:fa:dc:68:
                    07:8f:86:5c:d4:68:c0:04:d3:23:93:55:25:a9:e0:
                    78:69:69:5c:ee:f5:c3:e3:6f:9b:5a:ea:e4:3f:74:
                    08:6e:8c:5c:ed:9c:44:e5:2d:61:42:8b:74:dc:41:
                    ad:61:a7:92:26:a9:3c:21:7f:94:d6:97:4f:db:9b:
                    39:01:89:b3:00:27:28:63:ca:7b:ca:f4:f9:d8:2c:
                    42:ae:91:aa:95:a3:67:b0:3f:c4:33:01:33:80:75:
                    0a:8c:3d:4c:d9:5f:a2:7d:87:27:a4:b2:a7:0c:fa:
                    76:13:85:4b:1b:4b:77:2b:c3:2e:58:4d:6a:8a:8a:
                    38:9e:c4:f0:3a:95:70:ce:31:88:4c:15:4a:80:13:
                    19:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:61:C9:B8:FA:F8:0D:3F:22:4C:92:98:4A:92:1E:8B:77:27:4D:4D
            X509v3 Authority Key Identifier:
                keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/n2HJuPr4DT8iTJKYSpIei3cnTU0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.74.0/23
                  185.66.12.0/22
                  185.80.148.0/22
                  185.126.84.0/22
                  193.109.217.0/24
                  195.158.224.0/23
                  195.190.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:ab:de:f2:39:b4:04:81:eb:cd:e9:82:52:a3:da:7d:1b:68:
         47:12:ac:e9:28:ea:25:46:3e:73:8d:cd:a9:8b:3c:c0:dc:5a:
         ca:0f:23:ee:38:61:a1:93:19:e8:42:19:bf:b7:3d:55:c0:8e:
         f4:40:df:8e:75:a4:38:4d:3d:39:03:c1:7c:72:7c:50:55:4a:
         15:64:cf:fa:ec:06:2c:82:bc:60:30:48:78:a2:91:df:be:10:
         b3:12:0f:b4:de:9b:88:21:ea:ad:6f:a6:83:fa:a5:63:27:84:
         e3:93:e1:6e:67:10:e0:7a:9a:48:00:3f:cd:3c:be:05:c7:f0:
         06:b7:66:df:4a:25:50:4d:5b:c5:bf:d1:2c:6e:86:1d:fa:73:
         76:b1:a7:9b:11:62:7b:de:eb:17:44:aa:44:2a:08:71:58:92:
         38:46:2d:8c:8b:22:a1:5c:cb:fe:ae:e9:27:64:bf:3e:88:2d:
         c8:34:40:5c:24:d1:a7:2d:66:dc:38:47:05:6d:ab:80:b2:33:
         26:b5:7f:76:f5:ac:8a:ee:b7:fd:c3:87:75:b8:8a:1e:9d:33:
         a2:ef:c7:b0:1d:36:11:b5:86:67:08:07:fb:03:f0:9b:24:56:
         2d:56:7d:40:e4:5b:6f:a9:86:c5:a1:42:91:09:1d:68:8a:3d:
         0d:40:02:e2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVvXeRGZI9VFGEsxOcEAJcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjMwMTAxMjIwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjYxYzliOGZhZjgwZDNmMjI0YzkyOTg0YTkyMWU4Yjc3Mjc0ZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubw2sIvU/QArsjy95TvNDPibCr0R
Oj6XJATC8ngVMoSkh971CfR6SmdmfMfyEbfpBGkADI4XvOeMyiYPuuxeeAuRiV17
fety6UKDPYsbAzA/s6OG20yAf/LJrNf0jwFU7fKKgIwwdjTYaL9ZKpdwHzPOSAn6
3GgHj4Zc1GjABNMjk1UlqeB4aWlc7vXD42+bWurkP3QIboxc7ZxE5S1hQot03EGt
YaeSJqk8IX+U1pdP25s5AYmzACcoY8p7yvT52CxCrpGqlaNnsD/EMwEzgHUKjD1M
2V+ifYcnpLKnDPp2E4VLG0t3K8MuWE1qioo4nsTwOpVwzjGITBVKgBMZZQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJ9hybj6+A0/IkySmEqSHot3J01NMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvbjJISnVQcjREVDhpVEpLWVNwSWVpM2NuVFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLZlKAwQC
uUIMAwQCuVCUAwQCuX5UAwQAwW3ZAwQBw57gAwQAw74MMA0GCSqGSIb3DQEBCwUA
A4IBAQB5q97yObQEgevN6YJSo9p9G2hHEqzpKOolRj5zjc2pizzA3FrKDyPuOGGh
kxnoQhm/tz1VwI70QN+OdaQ4TT05A8F8cnxQVUoVZM/67AYsgrxgMEh4opHfvhCz
Eg+03puIIeqtb6aD+qVjJ4Tjk+FuZxDgeppIAD/NPL4Fx/AGt2bfSiVQTVvFv9Es
boYd+nN2saebEWJ73usXRKpEKghxWJI4Ri2MiyKhXMv+ruknZL8+iC3INEBcJNGn
LWbcOEcFbauAsjMmtX929ayK7rf9w4d1uIoenTOi78ewHTYRtYZnCAf7A/CbJFYt
Vn1A5FtvqYbFoUKRCR1oij0NQALi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:18 2024 by rpki-client on console-fra.rpki-client.org