Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/_vbbx0zjEhhryN2SAKiY5PKPJYs.roa
File:                     _vbbx0zjEhhryN2SAKiY5PKPJYs.roa (raw, json)
Hash identifier:          xfwcKNrowVLb9upD5301kZIToJrdZwnWC7YdL+p2a98=
Subject key identifier:   FE:F6:DB:C7:4C:E3:12:18:6B:C8:DD:92:00:A8:98:E4:F2:8F:25:8B
Certificate issuer:       /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial:       018E37D1924586DAB11D7EB9004158EF33E3
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/_vbbx0zjEhhryN2SAKiY5PKPJYs.roa
Signing time:             Wed 13 Mar 2024 12:37:44 +0000
ROA not before:           Wed 13 Mar 2024 12:37:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44592
IP address blocks:        45.142.180.0/24 maxlen: 24
                          45.142.181.0/24 maxlen: 24
                          45.142.182.0/24 maxlen: 24
                          45.153.32.0/24 maxlen: 24
                          45.153.34.0/24 maxlen: 24
                          45.153.35.0/24 maxlen: 24
                          92.246.84.0/24 maxlen: 24
                          92.246.85.0/24 maxlen: 24
                          92.246.86.0/24 maxlen: 24
                          146.19.169.0/24 maxlen: 24
                          195.62.46.0/24 maxlen: 24
                          2a0d:c2c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sat 08 Jun 2024 10:12:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:37:d1:92:45:86:da:b1:1d:7e:b9:00:41:58:ef:33:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
        Validity
            Not Before: Mar 13 12:37:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fef6dbc74ce312186bc8dd9200a898e4f28f258b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:66:f8:5c:33:19:c9:fd:c6:13:60:24:6b:19:
                    dd:b3:f8:b3:9d:8f:f4:a8:94:9b:56:ac:f4:05:86:
                    09:a2:33:53:b3:40:81:0d:75:71:b2:04:2a:cc:9a:
                    50:cc:53:41:24:59:9c:11:d3:0f:03:a4:8b:a6:49:
                    df:2a:03:2e:8d:f6:ea:84:b0:e8:3f:76:42:01:26:
                    9f:21:40:2b:eb:22:92:86:9b:e4:cf:f8:3e:c5:94:
                    b7:a8:73:bb:e5:84:b7:66:65:de:d5:e8:52:c5:cc:
                    05:1d:21:41:47:d6:2b:e6:05:8c:ad:c7:50:46:a1:
                    e6:91:1e:9f:46:f1:11:4d:a0:57:1e:76:c4:15:cf:
                    4f:4f:32:6a:07:c5:5b:41:87:78:20:1d:cc:73:66:
                    65:68:ef:3d:14:b5:46:26:ad:0c:7c:ea:c9:c3:1a:
                    14:3a:07:3c:4f:71:77:dd:a8:38:a0:99:4c:16:15:
                    4c:08:7b:3c:7c:a7:64:26:8f:4a:cb:74:60:b5:ab:
                    64:f2:b8:94:a8:e6:3b:00:01:7c:76:1b:35:47:a4:
                    ab:2a:31:99:7b:f8:9d:c0:f5:ba:c0:32:4a:41:a0:
                    7d:90:21:a6:ba:11:b5:27:6d:ca:d0:a9:64:ac:17:
                    af:ed:1c:dc:ed:b8:3d:ed:aa:89:f3:91:52:61:d8:
                    3b:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:F6:DB:C7:4C:E3:12:18:6B:C8:DD:92:00:A8:98:E4:F2:8F:25:8B
            X509v3 Authority Key Identifier:
                keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/_vbbx0zjEhhryN2SAKiY5PKPJYs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.180.0-45.142.182.255
                  45.153.32.0/24
                  45.153.34.0/23
                  92.246.84.0-92.246.86.255
                  146.19.169.0/24
                  195.62.46.0/24
                IPv6:
                  2a0d:c2c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         cc:48:30:5e:a2:ba:3f:b7:ef:41:fc:a2:19:8a:31:bb:6c:88:
         bb:e0:2e:19:f8:14:1d:fd:75:0f:2d:ae:e7:8c:39:b7:68:d3:
         cc:fe:22:60:51:c3:27:be:81:0d:cd:66:eb:8b:f1:40:38:78:
         45:03:d1:bd:47:8a:66:46:c2:77:fa:12:56:23:af:93:a7:cf:
         b9:c9:65:3f:7d:85:5d:2f:66:e8:11:2d:91:52:52:03:8b:bb:
         01:87:6f:19:c1:93:ec:26:74:ce:30:1a:09:0a:85:56:52:fa:
         27:62:a1:81:57:12:72:dc:f1:38:a5:6b:eb:8e:1b:bf:27:0b:
         3a:11:35:ef:86:44:6f:d8:e1:d7:f1:e5:71:7e:7e:55:df:d6:
         b2:54:8d:e3:5f:18:16:d6:f7:b5:11:c6:14:53:8b:23:90:fa:
         74:08:bc:04:cf:c3:e8:f2:51:a1:d3:c2:ec:9e:7c:9c:67:8e:
         8f:f1:99:71:a0:5f:4a:66:76:4f:09:c5:0b:b8:a6:a1:89:fc:
         6d:6c:c6:d7:64:7e:96:86:28:59:f9:60:30:f3:43:03:93:d4:
         50:74:a1:28:3d:bb:22:f9:88:6e:83:44:6c:e2:98:44:d9:4b:
         72:94:b0:90:f5:0a:49:d7:7f:4c:de:6d:f8:63:e8:84:22:ef:
         04:2b:df:80
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAY430ZJFhtqxHX65AEFY7zPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjQwMzEzMTIzNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWY2ZGJjNzRjZTMxMjE4NmJjOGRkOTIwMGE4OThlNGYyOGYyNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGb4XDMZyf3GE2Akaxnds/iznY/0
qJSbVqz0BYYJojNTs0CBDXVxsgQqzJpQzFNBJFmcEdMPA6SLpknfKgMujfbqhLDo
P3ZCASafIUAr6yKShpvkz/g+xZS3qHO75YS3ZmXe1ehSxcwFHSFBR9Yr5gWMrcdQ
RqHmkR6fRvERTaBXHnbEFc9PTzJqB8VbQYd4IB3Mc2ZlaO89FLVGJq0MfOrJwxoU
Ogc8T3F33ag4oJlMFhVMCHs8fKdkJo9Ky3Rgtatk8riUqOY7AAF8dhs1R6SrKjGZ
e/idwPW6wDJKQaB9kCGmuhG1J23K0KlkrBev7Rzc7bg97aqJ85FSYdg7NQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFP7228dM4xIYa8jdkgComOTyjyWLMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvX3ZiYngwempFaGhyeU4yU0FLaVk1UEtQSllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0MAwDBAItjrQD
BAAtjrYDBAAtmSADBAEtmSIwDAMEAlz2VAMEAFz2VgMEAJITqQMEAMM+LjANBAIA
AjAHAwUDKg3CwDANBgkqhkiG9w0BAQsFAAOCAQEAzEgwXqK6P7fvQfyiGYoxu2yI
u+AuGfgUHf11Dy2u54w5t2jTzP4iYFHDJ76BDc1m64vxQDh4RQPRvUeKZkbCd/oS
ViOvk6fPucllP32FXS9m6BEtkVJSA4u7AYdvGcGT7CZ0zjAaCQqFVlL6J2KhgVcS
ctzxOKVr644bvycLOhE174ZEb9jh1/HlcX5+Vd/WslSN418YFtb3tRHGFFOLI5D6
dAi8BM/D6PJRodPC7J58nGeOj/GZcaBfSmZ2TwnFC7imoYn8bWzG12R+loYoWflg
MPNDA5PUUHShKD27IvmIboNEbOKYRNlLcpSwkPUKSdd/TN5t+GPohCLvBCvfgA==
-----END CERTIFICATE-----
Generated at Sat Jun 8 13:50:39 2024 by rpki-client on console-ams.rpki-client.org