Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/i6WhQZsFTwzue9NphBe-tT78voU.roa
File:                     i6WhQZsFTwzue9NphBe-tT78voU.roa (raw, json)
Hash identifier:          eN58GzJ1M1SvLPISA8r7Z27NeWTZGDx1XfeSOeqoRok=
Subject key identifier:   8B:A5:A1:41:9B:05:4F:0C:EE:7B:D3:69:84:17:BE:B5:3E:FC:BE:85
Certificate issuer:       /CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Certificate serial:       01856DD4020E7671D1F1CDB50F8E9E62975B
Authority key identifier: C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/i6WhQZsFTwzue9NphBe-tT78voU.roa
Signing time:             Sun 01 Jan 2023 14:54:48 +0000
ROA not before:           Sun 01 Jan 2023 14:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16342
IP address blocks:        85.89.160.0/20 maxlen: 20
                          77.237.0.0/19 maxlen: 19
                          85.89.176.0/20 maxlen: 20
                          185.67.216.0/22 maxlen: 22
                          185.67.217.0/24 maxlen: 24
                          185.67.216.0/24 maxlen: 24
                          185.67.218.0/24 maxlen: 24
                          185.67.219.0/24 maxlen: 24
                          31.182.0.0/15 maxlen: 17
                          217.113.224.0/20 maxlen: 20
                          2a03:af80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 13 Feb 2023 11:50:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d4:02:0e:76:71:d1:f1:cd:b5:0f:8e:9e:62:97:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7983b3a9758fcbe78733d9155aed266c882a23c
        Validity
            Not Before: Jan  1 14:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8ba5a1419b054f0cee7bd3698417beb53efcbe85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7d:d9:6b:02:12:71:4b:01:14:6a:4d:ad:99:
                    c0:f4:f8:20:6c:fe:0b:1b:72:4a:1e:22:3f:1f:1c:
                    75:00:94:5d:da:37:85:4e:5c:2d:e2:32:67:d8:6b:
                    46:4c:a5:45:77:41:9c:2c:91:81:1c:18:50:68:70:
                    b8:ff:3f:d2:6c:c3:c6:b8:1c:2d:b6:20:59:76:c0:
                    1e:d4:46:83:a1:cd:bf:24:af:d0:dc:2d:d6:3d:bd:
                    84:9e:0a:30:53:c9:db:cf:b5:0e:0c:5c:02:8f:ec:
                    84:db:01:79:ac:68:eb:cf:9d:35:3a:60:d9:e8:50:
                    70:b7:6d:59:79:24:01:63:c3:a1:b3:55:90:c8:c0:
                    84:7b:f2:4a:ec:49:79:d6:4b:3a:e5:fc:fe:48:cd:
                    c8:51:61:ce:bf:c7:e8:88:34:76:6d:a2:3c:70:10:
                    bc:7d:c6:50:6e:62:d5:a6:4b:96:fc:32:71:b1:33:
                    33:ae:ed:71:d2:cb:cf:36:d1:d8:f6:9b:d8:72:65:
                    41:c6:f6:0e:15:fe:43:e2:ed:6c:f2:d5:09:28:1c:
                    6b:fc:df:6e:51:b6:ba:c0:4c:3e:bf:ca:b1:b5:c3:
                    8a:42:0e:77:1d:8d:55:3f:c2:cc:69:58:5e:c9:5f:
                    44:23:69:b0:ff:2a:98:f8:26:01:26:0c:d5:00:6c:
                    c2:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:A5:A1:41:9B:05:4F:0C:EE:7B:D3:69:84:17:BE:B5:3E:FC:BE:85
            X509v3 Authority Key Identifier:
                keyid:C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/i6WhQZsFTwzue9NphBe-tT78voU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.182.0.0/15
                  77.237.0.0/19
                  85.89.160.0/19
                  185.67.216.0/22
                  217.113.224.0/20
                IPv6:
                  2a03:af80::/29

    Signature Algorithm: sha256WithRSAEncryption
         95:53:6c:d3:27:d9:97:e6:7e:89:01:00:11:1c:50:78:8a:3c:
         4d:2e:55:7a:b1:96:7b:06:71:88:48:db:d1:5e:39:9a:ca:e1:
         dd:cd:68:9f:fc:85:a3:91:c7:14:ae:9b:d9:81:ce:2b:31:26:
         2d:1d:c2:74:4f:5f:45:b9:e0:0b:46:42:e6:aa:50:b7:d3:77:
         ca:c2:39:f3:01:e0:2f:aa:22:dc:c5:07:91:34:91:d7:19:bd:
         5c:03:90:97:58:67:df:c9:06:b2:7d:7b:12:b3:fe:1d:eb:73:
         0e:e5:22:af:18:86:e8:14:a3:75:6e:d5:10:c9:32:96:9b:4e:
         5e:84:73:72:64:75:10:38:04:f4:e1:42:59:7a:71:b3:ec:87:
         b4:3b:36:b4:f6:03:7c:10:e7:b0:1a:91:b0:cd:b9:7b:58:20:
         9a:1f:f1:a5:82:a5:90:fd:7e:d1:f2:b4:9a:2d:7e:80:68:3b:
         61:f3:c7:d7:e1:16:9c:06:bf:ac:51:e0:7a:a2:e4:14:f9:e3:
         3d:da:48:39:66:7a:2f:4c:1f:b9:9d:d6:c8:c3:df:14:61:57:
         04:61:ba:9b:fe:db:58:d8:56:b4:32:5e:52:25:1b:c8:71:78:
         91:1e:d0:c5:41:a0:87:6e:2e:36:c7:fa:23:04:cb:7c:0a:5a:
         d2:7b:c3:62
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVt1AIOdnHR8c21D46eYpdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3OTgzYjNhOTc1OGZjYmU3ODczM2Q5MTU1YWVkMjY2Yzg4
MmEyM2MwHhcNMjMwMTAxMTQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmE1YTE0MTliMDU0ZjBjZWU3YmQzNjk4NDE3YmViNTNlZmNiZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH3ZawIScUsBFGpNrZnA9PggbP4L
G3JKHiI/Hxx1AJRd2jeFTlwt4jJn2GtGTKVFd0GcLJGBHBhQaHC4/z/SbMPGuBwt
tiBZdsAe1EaDoc2/JK/Q3C3WPb2EngowU8nbz7UODFwCj+yE2wF5rGjrz501OmDZ
6FBwt21ZeSQBY8Ohs1WQyMCEe/JK7El51ks65fz+SM3IUWHOv8foiDR2baI8cBC8
fcZQbmLVpkuW/DJxsTMzru1x0svPNtHY9pvYcmVBxvYOFf5D4u1s8tUJKBxr/N9u
Uba6wEw+v8qxtcOKQg53HY1VP8LMaVheyV9EI2mw/yqY+CYBJgzVAGzCbQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIuloUGbBU8M7nvTaYQXvrU+/L6FMB8GA1UdIwQY
MBaAFMeYOzqXWPy+eHM9kVWu0mbIgqI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEt
MjM4NDA1ZjJjZGU5LzEvaTZXaFFac0ZUd3p1ZTlOcGhCZS10VDc4dm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEtMjM4NDA1ZjJjZGU5
LzEveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMBH7YDBAVN
7QADBAVVWaADBAK5Q9gDBATZceAwDQQCAAIwBwMFAyoDr4AwDQYJKoZIhvcNAQEL
BQADggEBAJVTbNMn2ZfmfokBABEcUHiKPE0uVXqxlnsGcYhI29FeOZrK4d3NaJ/8
haORxxSum9mBzisxJi0dwnRPX0W54AtGQuaqULfTd8rCOfMB4C+qItzFB5E0kdcZ
vVwDkJdYZ9/JBrJ9exKz/h3rcw7lIq8YhugUo3Vu1RDJMpabTl6Ec3JkdRA4BPTh
Qll6cbPsh7Q7NrT2A3wQ57AakbDNuXtYIJof8aWCpZD9ftHytJotfoBoO2Hzx9fh
FpwGv6xR4Hqi5BT54z3aSDlmei9MH7md1sjD3xRhVwRhupv+21jYVrQyXlIlG8hx
eJEe0MVBoIduLjbH+iMEy3wKWtJ7w2I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:25 2024 by rpki-client on console-fra.rpki-client.org