Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iOmiG-uzUX_pfhYyv2fFQIqxfvk.roa
File:                     iOmiG-uzUX_pfhYyv2fFQIqxfvk.roa (raw, json)
Hash identifier:          DEwh2j1gsMS9whKNRdymAzZ4uhalSmLBYbaXXX1HK2I=
Subject key identifier:   88:E9:A2:1B:EB:B3:51:7F:E9:7E:16:32:BF:67:C5:40:8A:B1:7E:F9
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018C02141D450C5DEED46DABB40D02054218
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iOmiG-uzUX_pfhYyv2fFQIqxfvk.roa
Signing time:             Fri 24 Nov 2023 16:05:21 +0000
ROA not before:           Fri 24 Nov 2023 16:05:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        45.148.116.0/22 maxlen: 24
                          194.50.111.0/24 maxlen: 24
                          185.238.188.0/22 maxlen: 24
                          2a0e:b107:1870::/48 maxlen: 48
                          2a0c:3b87:ff00::/40 maxlen: 48
                          2a0e:b107:9f4::/48 maxlen: 48
                          2a0c:3b87:ffff::/48 maxlen: 48
                          2a0e:97c0:791::/48 maxlen: 48
                          2a10:ccc0:110::/44 maxlen: 48
                          2a06:de01:d0::/44 maxlen: 48
                          2a0e:b107:1b9e::/48 maxlen: 48
                          2a10:ccc3:ccce::/48 maxlen: 48
                          2a0e:97c4:ac00::/38 maxlen: 48
                          2a0e:97c0:792::/48 maxlen: 48
                          2a0e:97c0:750::/48 maxlen: 48
                          2a0e:b107:df2::/48 maxlen: 48
                          2a10:ccc7:9000::/38 maxlen: 48
                          2a0e:b107:9f6::/48 maxlen: 48
                          2a0e:97c0:76f::/48 maxlen: 48
                          2a0e:b107:278b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 27 Nov 2023 12:10:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:02:14:1d:45:0c:5d:ee:d4:6d:ab:b4:0d:02:05:42:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Nov 24 16:05:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=88e9a21bebb3517fe97e1632bf67c5408ab17ef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:93:ab:f6:cc:df:cb:8f:c4:69:c9:df:de:22:
                    53:9e:1a:94:0e:7a:6c:b5:e8:68:d8:1a:bf:49:75:
                    38:20:a6:b5:b2:14:60:19:bd:dc:04:84:6b:db:60:
                    e8:7b:75:bb:c4:3d:1e:30:f7:7b:ae:22:81:26:fd:
                    9c:d0:15:ca:2c:4b:bb:8f:58:38:69:53:36:be:d9:
                    81:d8:d9:e6:b3:bb:4b:9c:d5:f0:3d:46:3b:a7:eb:
                    a8:87:59:11:66:5f:d0:84:ce:62:77:84:c3:1e:4d:
                    11:9c:36:44:17:95:9f:d6:10:eb:56:6a:22:e0:04:
                    ad:da:ae:d9:4f:f4:db:e5:47:f6:8b:99:ee:af:ff:
                    16:7a:39:c1:de:3c:9d:7f:58:22:28:48:8d:c3:d1:
                    5a:40:da:7d:de:3d:8f:8c:12:97:7d:48:d4:41:94:
                    89:c9:58:05:6c:df:cf:6e:e7:a6:88:1c:f1:dc:2e:
                    88:33:07:6c:1f:a9:67:a4:08:6d:3c:02:82:fe:fc:
                    fb:26:5c:1e:6b:34:f2:c8:4d:65:2f:e1:6c:a9:c5:
                    9d:05:fb:bb:54:c5:76:58:9b:cd:47:95:67:a4:b8:
                    e4:7c:07:6c:b1:eb:83:d2:de:96:cd:f0:fe:5b:81:
                    6c:61:5d:6f:e4:7e:fd:c4:d2:8d:ec:24:d1:83:15:
                    3f:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:E9:A2:1B:EB:B3:51:7F:E9:7E:16:32:BF:67:C5:40:8A:B1:7E:F9
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iOmiG-uzUX_pfhYyv2fFQIqxfvk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.116.0/22
                  185.238.188.0/22
                  194.50.111.0/24
                IPv6:
                  2a06:de01:d0::/44
                  2a0c:3b87:ff00::/40
                  2a0e:97c0:750::/48
                  2a0e:97c0:76f::/48
                  2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
                  2a0e:97c4:ac00::/38
                  2a0e:b107:9f4::/48
                  2a0e:b107:9f6::/48
                  2a0e:b107:df2::/48
                  2a0e:b107:1870::/48
                  2a0e:b107:1b9e::/48
                  2a0e:b107:278b::/48
                  2a10:ccc0:110::/44
                  2a10:ccc3:ccce::/48
                  2a10:ccc7:9000::/38

    Signature Algorithm: sha256WithRSAEncryption
         74:69:b4:f2:45:d1:41:36:93:9c:b6:d8:a9:0e:1d:e3:b5:c1:
         26:74:78:98:7a:6d:6c:53:d8:9c:ed:f5:ad:64:40:4c:f0:17:
         32:21:af:ad:c5:41:59:5b:ad:69:c8:a0:ca:54:22:72:b8:3a:
         26:65:40:03:f9:3c:55:a8:c7:1f:6c:80:79:d0:d8:f4:79:cb:
         33:d6:25:50:2c:72:64:9e:bf:35:3a:8c:ca:b8:26:25:0f:7b:
         e1:6c:f5:8f:60:c9:19:63:63:74:25:9e:99:74:19:d6:a2:c4:
         01:5e:dd:c3:a6:a9:e9:4b:68:9f:71:14:43:9e:4b:06:26:9c:
         85:f3:6d:c0:e4:e8:29:95:2b:b1:2f:c4:87:c3:41:78:7f:cd:
         9e:68:fb:87:6e:04:57:db:e4:1c:99:d6:ab:fd:23:ce:6e:c3:
         7c:c7:8c:e8:d2:56:df:2b:91:92:1a:43:20:d2:27:d5:14:3c:
         97:5e:2e:38:ee:76:76:6f:e1:3a:73:a0:72:06:3c:83:58:b9:
         4c:5b:79:9a:d5:96:db:cc:2f:0c:9c:f0:78:90:e3:1c:64:2f:
         ab:5e:06:a1:45:92:57:89:d9:a7:2e:fc:65:44:d5:73:09:27:
         c8:1f:86:34:d3:e5:1c:56:b5:d7:58:be:b5:6d:1d:4f:6f:f4:
         de:49:0b:be
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYwCFB1FDF3u1G2rtA0CBUIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTI0MTYwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGU5YTIxYmViYjM1MTdmZTk3ZTE2MzJiZjY3YzU0MDhhYjE3ZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5Or9szfy4/Eacnf3iJTnhqUDnps
teho2Bq/SXU4IKa1shRgGb3cBIRr22Doe3W7xD0eMPd7riKBJv2c0BXKLEu7j1g4
aVM2vtmB2Nnms7tLnNXwPUY7p+uoh1kRZl/QhM5id4TDHk0RnDZEF5Wf1hDrVmoi
4ASt2q7ZT/Tb5Uf2i5nur/8WejnB3jydf1giKEiNw9FaQNp93j2PjBKXfUjUQZSJ
yVgFbN/PbuemiBzx3C6IMwdsH6lnpAhtPAKC/vz7JlweazTyyE1lL+FsqcWdBfu7
VMV2WJvNR5VnpLjkfAdsseuD0t6WzfD+W4FsYV1v5H79xNKN7CTRgxU/rwIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFIjpohvrs1F/6X4WMr9nxUCKsX75MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaU9taUctdXpVWF9wZmhZeXYyZkZRSXF4ZnZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszAYBAIAATASAwQCLZR0
AwQCue68AwQAwjJvMIGWBAIAAjCBjwMHBCoG3gEA0AMGACoMO4f/AwcAKg6XwAdQ
AwcAKg6XwAdvMBIDBwAqDpfAB5EDBwAqDpfAB5IDBgIqDpfErAMHACoOsQcJ9AMH
ACoOsQcJ9gMHACoOsQcN8gMHACoOsQcYcAMHACoOsQcbngMHACoOsQcniwMHBCoQ
zMABEAMHACoQzMPMzgMGAioQzMeQMA0GCSqGSIb3DQEBCwUAA4IBAQB0abTyRdFB
NpOcttipDh3jtcEmdHiYem1sU9ic7fWtZEBM8BcyIa+txUFZW61pyKDKVCJyuDom
ZUAD+TxVqMcfbIB50Nj0ecsz1iVQLHJknr81OozKuCYlD3vhbPWPYMkZY2N0JZ6Z
dBnWosQBXt3DpqnpS2ifcRRDnksGJpyF823A5OgplSuxL8SHw0F4f82eaPuHbgRX
2+Qcmdar/SPObsN8x4zo0lbfK5GSGkMg0ifVFDyXXi447nZ2b+E6c6ByBjyDWLlM
W3ma1ZbbzC8MnPB4kOMcZC+rXgahRZJXidmnLvxlRNVzCSfIH4Y00+UcVrXXWL61
bR1Pb/TeSQu+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:36 2024 by rpki-client on console-fra.rpki-client.org