Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/uTh1ZtwEbQTo_3uPWutoyynrbao.roa
File:                     uTh1ZtwEbQTo_3uPWutoyynrbao.roa (raw, json)
Hash identifier:          fR6+fOMvBK/50h5YMEH4OaUis9wZHnQnNFuSgR///o8=
Subject key identifier:   B9:38:75:66:DC:04:6D:04:E8:FF:7B:8F:5A:EB:68:CB:29:EB:6D:AA
Certificate issuer:       /CN=1cee91296c94992d151a232240e6cf3a176d2039
Certificate serial:       01888B086EC98E6D4829D67CA6E98C36587F
Authority key identifier: 1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/uTh1ZtwEbQTo_3uPWutoyynrbao.roa
Signing time:             Mon 05 Jun 2023 10:09:25 +0000
ROA not before:           Mon 05 Jun 2023 10:09:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43110
IP address blocks:        46.172.64.0/24 maxlen: 24
                          46.172.70.0/24 maxlen: 24
                          46.172.69.0/24 maxlen: 24
                          46.172.65.0/24 maxlen: 24
                          46.172.66.0/24 maxlen: 24
                          46.172.71.0/24 maxlen: 24
                          46.172.92.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8b:08:6e:c9:8e:6d:48:29:d6:7c:a6:e9:8c:36:58:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1cee91296c94992d151a232240e6cf3a176d2039
        Validity
            Not Before: Jun  5 10:09:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b9387566dc046d04e8ff7b8f5aeb68cb29eb6daa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:50:ba:97:f2:c6:40:ba:c9:fa:39:4d:a2:4c:
                    5f:de:9d:24:07:31:9a:ce:e4:e1:a3:ef:a6:20:8f:
                    26:33:23:aa:d0:5d:af:ee:3b:e5:13:46:d6:de:2c:
                    f2:23:89:bb:4d:c8:5d:e0:1c:83:35:d1:b0:b0:70:
                    c5:ca:90:15:a0:f9:ac:9c:84:d8:bb:63:98:e0:3a:
                    c7:89:a6:e3:35:cf:cd:1f:ca:25:41:57:8f:05:d9:
                    b0:3f:17:6e:8a:4a:c5:e3:a7:9f:c6:eb:40:af:68:
                    86:29:20:6c:8a:bd:75:cc:2e:ef:51:c2:54:ac:ec:
                    6f:b1:92:c0:11:6e:90:7d:02:0e:72:41:1f:61:45:
                    12:72:68:f9:4b:17:39:78:78:d1:02:c7:19:8c:eb:
                    a9:c3:35:85:f4:88:9d:7a:d1:02:6e:53:8e:51:66:
                    e6:f9:28:79:a3:0e:d7:04:33:31:92:6c:01:01:03:
                    ec:50:9f:b3:9b:ca:58:4e:6e:ed:69:7c:0a:ce:13:
                    1e:8b:0e:b3:50:b8:f8:fe:71:f0:ba:5d:96:b1:49:
                    d4:20:a4:f0:de:ad:1c:22:59:96:59:62:98:e3:c0:
                    c9:43:8f:53:07:ef:e7:d3:1d:08:4c:ab:6f:fa:85:
                    b9:d5:97:76:7f:22:36:03:45:5a:e2:c6:d3:f6:6e:
                    45:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:38:75:66:DC:04:6D:04:E8:FF:7B:8F:5A:EB:68:CB:29:EB:6D:AA
            X509v3 Authority Key Identifier:
                keyid:1C:EE:91:29:6C:94:99:2D:15:1A:23:22:40:E6:CF:3A:17:6D:20:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HO6RKWyUmS0VGiMiQObPOhdtIDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/uTh1ZtwEbQTo_3uPWutoyynrbao.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c91ec3-2820-417b-9aad-bacab475e6cc/1/HO6RKWyUmS0VGiMiQObPOhdtIDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.172.64.0-46.172.66.255
                  46.172.69.0-46.172.71.255
                  46.172.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:62:4a:4a:91:54:42:f0:7e:27:d5:6c:08:8b:eb:5f:d5:e8:
         4e:05:63:d2:68:32:21:e2:15:c4:4e:8b:d0:d6:ce:65:31:f4:
         3c:17:54:79:dd:6f:31:6f:c9:f5:0f:23:aa:73:33:d4:9e:1b:
         f1:91:e6:a8:ad:15:6e:db:59:1e:18:c3:c7:3b:2c:54:c9:df:
         63:f9:01:6b:ef:10:bc:a4:c9:92:d5:07:a3:3d:87:06:ad:bb:
         a7:05:f1:21:43:22:2a:00:b5:28:5d:b3:03:fd:85:c7:30:48:
         d6:3d:2a:62:33:1b:7e:7a:f0:9e:27:a7:a6:75:55:66:a0:22:
         1a:2a:20:60:d7:12:f2:8d:64:f7:d0:47:99:70:66:54:65:23:
         cb:b4:d0:cf:a5:1d:8a:6b:5d:35:44:e6:0f:9c:96:48:d2:82:
         ef:04:7c:a8:6f:3e:4f:12:c9:56:63:68:07:d0:dd:24:4c:ce:
         47:61:1c:f9:f1:11:80:ed:8a:92:f5:63:95:30:d8:34:ea:1e:
         39:53:7e:0f:f7:a2:ce:f1:e1:9c:7b:0c:a9:c0:14:28:2c:62:
         f0:98:f0:17:78:ac:2a:84:41:ba:e2:2c:17:c9:69:56:5f:1e:
         8c:6d:03:1e:fb:79:13:55:49:50:f3:5a:74:bd:70:f5:c4:b7:
         1e:51:f4:6d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYiLCG7Jjm1IKdZ8pumMNlh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZWU5MTI5NmM5NDk5MmQxNTFhMjMyMjQwZTZjZjNhMTc2
ZDIwMzkwHhcNMjMwNjA1MTAwOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTM4NzU2NmRjMDQ2ZDA0ZThmZjdiOGY1YWViNjhjYjI5ZWI2ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVC6l/LGQLrJ+jlNokxf3p0kBzGa
zuTho++mII8mMyOq0F2v7jvlE0bW3izyI4m7Tchd4ByDNdGwsHDFypAVoPmsnITY
u2OY4DrHiabjNc/NH8olQVePBdmwPxduikrF46efxutAr2iGKSBsir11zC7vUcJU
rOxvsZLAEW6QfQIOckEfYUUScmj5Sxc5eHjRAscZjOupwzWF9IidetECblOOUWbm
+Sh5ow7XBDMxkmwBAQPsUJ+zm8pYTm7taXwKzhMeiw6zULj4/nHwul2WsUnUIKTw
3q0cIlmWWWKY48DJQ49TB+/n0x0ITKtv+oW51Zd2fyI2A0Va4sbT9m5FGwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLk4dWbcBG0E6P97j1rraMsp622qMB8GA1UdIwQY
MBaAFBzukSlslJktFRojIkDmzzoXbSA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQt
YmFjYWI0NzVlNmNjLzEvdVRoMVp0d0ViUVRvXzN1UFd1dG95eW5yYmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jOTFlYzMtMjgyMC00MTdiLTlhYWQtYmFjYWI0NzVlNmNj
LzEvSE82UktXeVVtUzBWR2lNaVFPYlBPaGR0SURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAYurEAD
BAAurEIwDAMEAC6sRQMEAy6sQAMEAC6sXDANBgkqhkiG9w0BAQsFAAOCAQEAImJK
SpFUQvB+J9VsCIvrX9XoTgVj0mgyIeIVxE6L0NbOZTH0PBdUed1vMW/J9Q8jqnMz
1J4b8ZHmqK0VbttZHhjDxzssVMnfY/kBa+8QvKTJktUHoz2HBq27pwXxIUMiKgC1
KF2zA/2FxzBI1j0qYjMbfnrwnienpnVVZqAiGiogYNcS8o1k99BHmXBmVGUjy7TQ
z6UdimtdNUTmD5yWSNKC7wR8qG8+TxLJVmNoB9DdJEzOR2Ec+fERgO2KkvVjlTDY
NOoeOVN+D/eizvHhnHsMqcAUKCxi8JjwF3isKoRBuuIsF8lpVl8ejG0DHvt5E1VJ
UPNadL1w9cS3HlH0bQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:04 2024 by rpki-client on console-fra.rpki-client.org