Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/e9VXKHpKA-K95D3gY32SF-43mN4.roa
File:                     e9VXKHpKA-K95D3gY32SF-43mN4.roa (raw, json)
Hash identifier:          /O5BMROCzGEGLwbWjhQvwhpotR3PusLAdpU8ZEmdz5E=
Subject key identifier:   7B:D5:57:28:7A:4A:03:E2:BD:E4:3D:E0:63:7D:92:17:EE:37:98:DE
Certificate issuer:       /CN=cc777a08a4564548b518ec3864b341e1fa5225ea
Certificate serial:       01856F670997651D4A85CA2F454CEE1EA2ED
Authority key identifier: CC:77:7A:08:A4:56:45:48:B5:18:EC:38:64:B3:41:E1:FA:52:25:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/e9VXKHpKA-K95D3gY32SF-43mN4.roa
Signing time:             Sun 01 Jan 2023 22:15:01 +0000
ROA not before:           Sun 01 Jan 2023 22:15:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202779
IP address blocks:        213.173.96.0/19 maxlen: 19
                          213.244.248.0/21 maxlen: 21
                          185.154.156.0/24 maxlen: 24
                          185.154.159.0/24 maxlen: 24
                          185.154.157.0/24 maxlen: 24
                          185.154.158.0/24 maxlen: 24
                          91.201.220.0/24 maxlen: 24
                          91.201.220.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sun 29 Jan 2023 10:26:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:67:09:97:65:1d:4a:85:ca:2f:45:4c:ee:1e:a2:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc777a08a4564548b518ec3864b341e1fa5225ea
        Validity
            Not Before: Jan  1 22:15:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7bd557287a4a03e2bde43de0637d9217ee3798de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:0c:86:14:83:43:57:70:3f:4e:61:02:bb:1a:
                    1b:e0:49:be:7c:d9:05:02:67:59:84:ba:7d:22:a9:
                    0f:76:69:87:c9:bf:c1:1e:fc:c3:fc:d4:0d:aa:27:
                    4e:d8:78:88:87:1b:c9:72:fe:8c:24:4b:5b:22:57:
                    b9:91:36:fe:18:b6:89:1b:70:e4:50:1f:07:b5:f5:
                    e5:66:43:f1:a5:3a:26:19:a5:49:89:ce:56:e9:1f:
                    5b:9a:81:41:b6:ff:3d:e3:d6:9b:2c:db:1a:77:f6:
                    39:0d:a7:af:07:8e:d3:ba:e9:ad:0b:3f:ab:0a:b4:
                    f6:f7:18:e9:42:03:d6:a9:ce:8e:2a:dd:68:3d:ea:
                    fe:5d:ab:cc:ab:da:35:a6:77:87:05:88:a9:a7:f7:
                    9e:7b:b0:19:1a:9a:9e:27:8b:2e:2b:c5:a9:da:90:
                    c5:ca:6a:b0:d6:b9:28:2a:1e:37:11:4e:71:11:02:
                    dc:95:b3:aa:b2:c2:70:96:7b:0c:d3:bb:38:0d:af:
                    02:34:0c:11:8d:85:34:ff:93:58:08:dd:15:f4:be:
                    df:c5:c8:4e:56:e4:09:94:73:e6:21:c9:9e:1c:64:
                    49:1d:5b:77:b3:55:dc:24:64:59:cc:a2:a6:7d:87:
                    2a:da:01:3b:51:ab:90:97:54:dd:fb:bf:16:be:b8:
                    e5:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:D5:57:28:7A:4A:03:E2:BD:E4:3D:E0:63:7D:92:17:EE:37:98:DE
            X509v3 Authority Key Identifier:
                keyid:CC:77:7A:08:A4:56:45:48:B5:18:EC:38:64:B3:41:E1:FA:52:25:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/e9VXKHpKA-K95D3gY32SF-43mN4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.201.220.0/22
                  185.154.156.0/22
                  213.173.96.0/19
                  213.244.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         39:4b:38:1e:b7:6a:60:cb:ac:7c:d8:50:96:83:9f:33:73:a3:
         61:cb:4c:0f:70:14:d7:60:34:b5:f2:02:7f:0a:b7:ff:43:f1:
         c2:5d:0b:b1:d4:d2:5d:ea:1a:b5:2d:78:27:84:73:e6:1f:80:
         6a:4f:0f:23:54:4f:29:92:1a:81:4d:10:35:9f:fa:19:88:52:
         16:df:b2:75:1a:32:4c:91:76:17:26:8d:b3:2f:8f:63:03:88:
         86:3d:19:52:fb:93:63:82:7c:57:8c:fb:98:a6:3f:d0:16:c6:
         36:9e:78:56:49:cb:51:77:dd:5b:b1:67:1d:44:99:c7:38:6d:
         da:7a:5e:16:0e:f3:a7:a6:c0:c5:2f:d0:ef:31:66:b8:39:5e:
         83:98:99:cb:f1:96:d0:58:7f:97:30:8e:6c:4d:ba:6a:e9:0d:
         e9:ce:99:dc:3d:c5:b6:06:a0:1e:53:07:c6:aa:82:fd:e9:a0:
         d6:1d:30:41:88:c3:ea:6e:0a:2a:01:8e:0c:6a:ba:78:cd:ee:
         71:a4:a8:47:e4:76:c2:98:17:6a:17:83:cd:26:3b:6a:98:ea:
         32:9f:d2:08:39:c5:38:e3:31:12:18:e6:04:3d:a7:f0:e4:6c:
         e1:52:ff:4a:8c:83:a9:bb:28:15:50:8f:ec:95:c5:49:28:95:
         70:23:ab:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvZwmXZR1KhcovRUzuHqLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNzc3YTA4YTQ1NjQ1NDhiNTE4ZWMzODY0YjM0MWUxZmE1
MjI1ZWEwHhcNMjMwMTAxMjIxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQ1NTcyODdhNGEwM2UyYmRlNDNkZTA2MzdkOTIxN2VlMzc5OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AyGFINDV3A/TmECuxob4Em+fNkF
AmdZhLp9IqkPdmmHyb/BHvzD/NQNqidO2HiIhxvJcv6MJEtbIle5kTb+GLaJG3Dk
UB8HtfXlZkPxpTomGaVJic5W6R9bmoFBtv8949abLNsad/Y5DaevB47TuumtCz+r
CrT29xjpQgPWqc6OKt1oPer+XavMq9o1pneHBYipp/eee7AZGpqeJ4suK8Wp2pDF
ymqw1rkoKh43EU5xEQLclbOqssJwlnsM07s4Da8CNAwRjYU0/5NYCN0V9L7fxchO
VuQJlHPmIcmeHGRJHVt3s1XcJGRZzKKmfYcq2gE7UauQl1Td+78WvrjlMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHvVVyh6SgPiveQ94GN9khfuN5jeMB8GA1UdIwQY
MBaAFMx3egikVkVItRjsOGSzQeH6UiXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhkNkNLUldSVWkxR093NFpMTkI0ZnBTSmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hNzJhNGItMDY5My00ZDFiLTliZmMt
NzY3YjBjYzgwYzA4LzEvZTlWWEtIcEtBLUs5NUQzZ1kzMlNGLTQzbU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hNzJhNGItMDY5My00ZDFiLTliZmMtNzY3YjBjYzgwYzA4
LzEvekhkNkNLUldSVWkxR093NFpMTkI0ZnBTSmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8ncAwQC
uZqcAwQF1a1gAwQD1fT4MA0GCSqGSIb3DQEBCwUAA4IBAQA5Szget2pgy6x82FCW
g58zc6Nhy0wPcBTXYDS18gJ/Crf/Q/HCXQux1NJd6hq1LXgnhHPmH4BqTw8jVE8p
khqBTRA1n/oZiFIW37J1GjJMkXYXJo2zL49jA4iGPRlS+5NjgnxXjPuYpj/QFsY2
nnhWSctRd91bsWcdRJnHOG3ael4WDvOnpsDFL9DvMWa4OV6DmJnL8ZbQWH+XMI5s
Tbpq6Q3pzpncPcW2BqAeUwfGqoL96aDWHTBBiMPqbgoqAY4Marp4ze5xpKhH5HbC
mBdqF4PNJjtqmOoyn9IIOcU44zESGOYEPafw5GzhUv9KjIOpuygVUI/slcVJKJVw
I6s8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:39 2024 by rpki-client on console-ams.rpki-client.org