Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/O4vhFgyeEOk5ZbL3u4z-VWL_EWg.roa
File:                     O4vhFgyeEOk5ZbL3u4z-VWL_EWg.roa (raw, json)
Hash identifier:          WQ5aHu54yFunjh8zdAeWKRiLWOGeuuJLo89tOUyQmuA=
Subject key identifier:   3B:8B:E1:16:0C:9E:10:E9:39:65:B2:F7:BB:8C:FE:55:62:FF:11:68
Certificate issuer:       /CN=86c4112efc9bed84761d3678b87c483948d2a72f
Certificate serial:       01856E81F0E87FA55C17466BFB5486DCC521
Authority key identifier: 86:C4:11:2E:FC:9B:ED:84:76:1D:36:78:B8:7C:48:39:48:D2:A7:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/O4vhFgyeEOk5ZbL3u4z-VWL_EWg.roa
Signing time:             Sun 01 Jan 2023 18:04:47 +0000
ROA not before:           Sun 01 Jan 2023 18:04:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43773
IP address blocks:        91.225.137.0/24 maxlen: 24
                          91.225.136.0/24 maxlen: 24
                          91.225.139.0/24 maxlen: 24
                          91.225.138.0/24 maxlen: 24
                          91.200.42.0/24 maxlen: 24
                          91.200.41.0/24 maxlen: 24
                          91.200.40.0/24 maxlen: 24
                          91.200.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:81:f0:e8:7f:a5:5c:17:46:6b:fb:54:86:dc:c5:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86c4112efc9bed84761d3678b87c483948d2a72f
        Validity
            Not Before: Jan  1 18:04:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b8be1160c9e10e93965b2f7bb8cfe5562ff1168
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:48:48:ad:e2:1f:7d:fb:c3:ac:08:89:e3:19:
                    31:88:1e:e7:89:1b:bb:0e:c5:6e:bd:da:e3:e7:b7:
                    fa:48:17:87:29:02:6e:71:49:eb:17:8c:bb:62:c3:
                    de:a8:d4:50:49:67:9f:54:e7:0a:ab:8a:6b:4a:09:
                    a3:c5:26:6a:0c:c8:a2:5a:4d:ff:38:df:12:07:af:
                    75:a6:82:e4:eb:27:9f:d9:6e:94:c7:c4:0d:05:08:
                    70:9c:67:1c:52:52:22:3c:92:eb:e2:a2:4b:28:54:
                    cb:b2:fb:b8:6d:56:51:e2:87:f4:2f:68:83:ef:4b:
                    f4:1b:f7:c7:2a:89:d2:11:04:da:ef:80:96:fb:5e:
                    8c:df:bc:e9:7f:6a:5e:2c:c1:05:e3:4f:6a:d2:45:
                    b9:fc:a6:a7:13:a4:0f:90:aa:11:2e:aa:44:89:ae:
                    c7:3d:82:cc:c1:e0:e8:73:8f:73:01:2f:a6:d9:8d:
                    35:4d:0b:33:7e:fd:b7:02:45:f6:eb:4c:6d:6a:4a:
                    44:77:a6:5f:d6:b4:fa:3d:10:22:73:c1:f1:a9:7c:
                    21:0d:10:32:de:b9:da:2b:82:c5:03:eb:e0:6f:bb:
                    78:53:c3:17:78:5a:48:ac:9a:77:39:e0:8c:b8:25:
                    90:2a:fb:5a:40:2e:e2:e4:bc:10:1f:2a:86:95:23:
                    f8:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:8B:E1:16:0C:9E:10:E9:39:65:B2:F7:BB:8C:FE:55:62:FF:11:68
            X509v3 Authority Key Identifier:
                keyid:86:C4:11:2E:FC:9B:ED:84:76:1D:36:78:B8:7C:48:39:48:D2:A7:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/O4vhFgyeEOk5ZbL3u4z-VWL_EWg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/45ebda-c2c7-4c27-95d4-00b96d74d8b0/1/hsQRLvyb7YR2HTZ4uHxIOUjSpy8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.200.40.0/22
                  91.225.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:08:e8:f9:5b:a1:87:f9:2a:d8:92:07:0e:7b:66:98:19:96:
         0d:89:cc:f5:6c:43:72:cd:7b:38:95:28:7b:b4:b2:5e:93:6d:
         f8:39:fa:6b:9e:92:45:96:5e:54:72:52:c0:7b:b1:35:9b:8d:
         1b:49:ab:77:63:66:f1:d8:b3:7b:aa:1d:ac:40:76:d6:0e:06:
         90:a7:84:cd:17:95:41:f7:b8:1e:c0:ac:c6:00:9e:95:17:d7:
         61:fb:86:aa:4a:c1:c6:7f:c3:dc:b5:64:d9:6c:b8:73:de:c1:
         7b:26:7a:fe:e6:90:5a:e0:cc:7f:90:70:33:78:87:73:41:d9:
         cd:19:eb:21:6c:35:1d:58:81:49:8e:6c:a7:bd:c1:04:b3:c9:
         79:7f:4b:1a:69:0b:be:16:de:b0:17:19:ce:7f:4b:b3:97:a0:
         70:c8:16:19:91:4f:b2:98:9d:a7:6b:a9:8a:88:c3:25:90:b9:
         24:9c:14:1d:ce:1b:01:51:9c:10:75:41:03:6d:1d:30:2f:bd:
         fb:6d:6f:d8:a7:f0:a4:60:dc:7c:bb:d8:11:c8:bc:a4:30:24:
         38:12:c2:87:cb:2e:98:01:a4:13:42:7a:5f:5c:32:85:41:73:
         ea:d3:1c:27:04:9d:29:df:f4:03:73:37:06:d4:9b:fc:6c:9f:
         15:f8:7c:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVugfDof6VcF0Zr+1SG3MUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YzQxMTJlZmM5YmVkODQ3NjFkMzY3OGI4N2M0ODM5NDhk
MmE3MmYwHhcNMjMwMTAxMTgwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjhiZTExNjBjOWUxMGU5Mzk2NWIyZjdiYjhjZmU1NTYyZmYxMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUhIreIfffvDrAiJ4xkxiB7niRu7
DsVuvdrj57f6SBeHKQJucUnrF4y7YsPeqNRQSWefVOcKq4prSgmjxSZqDMiiWk3/
ON8SB691poLk6yef2W6Ux8QNBQhwnGccUlIiPJLr4qJLKFTLsvu4bVZR4of0L2iD
70v0G/fHKonSEQTa74CW+16M37zpf2peLMEF409q0kW5/KanE6QPkKoRLqpEia7H
PYLMweDoc49zAS+m2Y01TQszfv23AkX260xtakpEd6Zf1rT6PRAic8HxqXwhDRAy
3rnaK4LFA+vgb7t4U8MXeFpIrJp3OeCMuCWQKvtaQC7i5LwQHyqGlSP45QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDuL4RYMnhDpOWWy97uM/lVi/xFoMB8GA1UdIwQY
MBaAFIbEES78m+2Edh02eLh8SDlI0qcvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHNRUkx2eWI3WVIySFRaNHVIeElPVWpTcHk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC80NWViZGEtYzJjNy00YzI3LTk1ZDQt
MDBiOTZkNzRkOGIwLzEvTzR2aEZneWVFT2s1WmJMM3U0ei1WV0xfRVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC80NWViZGEtYzJjNy00YzI3LTk1ZDQtMDBiOTZkNzRkOGIw
LzEvaHNRUkx2eWI3WVIySFRaNHVIeElPVWpTcHk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8goAwQC
W+GIMA0GCSqGSIb3DQEBCwUAA4IBAQBwCOj5W6GH+SrYkgcOe2aYGZYNicz1bENy
zXs4lSh7tLJek234OfprnpJFll5UclLAe7E1m40bSat3Y2bx2LN7qh2sQHbWDgaQ
p4TNF5VB97gewKzGAJ6VF9dh+4aqSsHGf8PctWTZbLhz3sF7Jnr+5pBa4Mx/kHAz
eIdzQdnNGeshbDUdWIFJjmynvcEEs8l5f0saaQu+Ft6wFxnOf0uzl6BwyBYZkU+y
mJ2na6mKiMMlkLkknBQdzhsBUZwQdUEDbR0wL737bW/Yp/CkYNx8u9gRyLykMCQ4
EsKHyy6YAaQTQnpfXDKFQXPq0xwnBJ0p3/QDczcG1Jv8bJ8V+Hx8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:22 2024 by rpki-client on console-ams.rpki-client.org