Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/9TtHhnF7KgSQ5dS8_bJRYEyIVGY.roa
File:                     9TtHhnF7KgSQ5dS8_bJRYEyIVGY.roa (raw, json)
Hash identifier:          SL+tBE6FBfYHBy74b1E1D/0dlZodIzvEOYrCPxJu2Ho=
Subject key identifier:   F5:3B:47:86:71:7B:2A:04:90:E5:D4:BC:FD:B2:51:60:4C:88:54:66
Certificate issuer:       /CN=84c17102b6e92e292ec8acaf659e3c290a8d0b68
Certificate serial:       018572033C64C59DE859F29006B5D315BDF5
Authority key identifier: 84:C1:71:02:B6:E9:2E:29:2E:C8:AC:AF:65:9E:3C:29:0A:8D:0B:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hMFxArbpLikuyKyvZZ48KQqNC2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/9TtHhnF7KgSQ5dS8_bJRYEyIVGY.roa
Signing time:             Mon 02 Jan 2023 10:24:52 +0000
ROA not before:           Mon 02 Jan 2023 10:24:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212752
IP address blocks:        45.90.80.0/24 maxlen: 24
                          45.90.83.0/24 maxlen: 24
                          45.90.82.0/24 maxlen: 24
                          45.90.81.0/24 maxlen: 24
                          91.240.165.0/24 maxlen: 24
                          2a10:b480::/29 maxlen: 64

Validation:               Failed, certificate revoked on Wed 13 Sep 2023 08:07:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:03:3c:64:c5:9d:e8:59:f2:90:06:b5:d3:15:bd:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84c17102b6e92e292ec8acaf659e3c290a8d0b68
        Validity
            Not Before: Jan  2 10:24:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f53b4786717b2a0490e5d4bcfdb251604c885466
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:62:66:8f:db:3c:96:98:70:74:a2:37:de:72:
                    76:9b:d2:07:81:e3:43:67:ae:0f:08:bf:a4:84:6f:
                    fd:fa:52:0d:0b:2e:6f:be:7f:a8:73:44:d3:f1:b8:
                    65:9c:3b:90:26:64:03:15:6e:e7:50:d9:40:53:aa:
                    5e:e7:e1:09:af:2d:a6:7f:8e:ae:36:f1:0d:8f:c0:
                    e4:d3:9d:2a:25:c4:06:88:a3:cd:0a:8b:75:9a:6e:
                    cf:99:10:59:49:79:7d:a7:47:54:af:73:51:a2:1e:
                    a3:6d:98:f7:2f:eb:0c:c5:db:bd:1f:77:5e:d1:ea:
                    9d:5b:09:1d:cf:b2:7d:11:fd:37:84:06:d8:06:a2:
                    1d:52:a1:54:b6:6c:cb:3a:83:81:c0:4d:a1:52:6b:
                    37:b0:5e:01:a6:15:c5:9a:fd:44:87:2c:cd:47:cf:
                    92:08:93:9e:96:c7:eb:c2:ca:91:8d:4e:d9:07:a2:
                    d0:9d:f9:3a:70:b8:d8:e1:ac:a7:69:96:40:48:0d:
                    9b:38:57:9c:fb:0e:7a:f0:15:8f:12:18:95:cf:5d:
                    99:4e:84:aa:90:ae:4f:63:9d:82:1d:4d:01:b9:9c:
                    33:71:91:6c:13:85:00:af:04:34:36:d8:38:b9:b5:
                    c9:22:b6:4e:09:2a:a2:41:d9:6f:8c:9a:3e:25:50:
                    30:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:3B:47:86:71:7B:2A:04:90:E5:D4:BC:FD:B2:51:60:4C:88:54:66
            X509v3 Authority Key Identifier:
                keyid:84:C1:71:02:B6:E9:2E:29:2E:C8:AC:AF:65:9E:3C:29:0A:8D:0B:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hMFxArbpLikuyKyvZZ48KQqNC2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/9TtHhnF7KgSQ5dS8_bJRYEyIVGY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/hMFxArbpLikuyKyvZZ48KQqNC2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.90.80.0/22
                  91.240.165.0/24
                IPv6:
                  2a10:b480::/29

    Signature Algorithm: sha256WithRSAEncryption
         be:4b:3b:9e:41:18:13:aa:b2:dd:7c:2f:fc:32:62:93:21:b1:
         08:4a:2c:5b:9f:70:35:7c:b4:14:3a:f8:24:65:d7:9f:f8:c1:
         da:26:5e:14:82:c3:be:5f:20:ee:bb:d6:b5:b6:99:bf:04:4c:
         81:41:e4:5a:c8:ca:a9:88:ff:45:e4:4b:37:31:dd:eb:3b:b1:
         55:e5:79:d6:5c:62:47:a9:f1:40:1a:c0:cc:e1:49:c3:9e:63:
         dd:2d:7f:0c:10:77:ff:da:c6:51:2c:b5:6f:a1:e0:88:16:04:
         31:5e:0b:e1:ef:b4:3e:fc:fb:54:7a:a4:8c:eb:bf:9c:46:1f:
         8e:d5:9e:4a:de:ba:a8:d8:e8:c0:6c:23:cc:0a:82:20:0d:29:
         34:8a:d4:08:4a:37:e6:fe:54:08:09:2c:db:58:48:9b:0b:1a:
         39:59:93:28:3c:7e:cb:a9:82:29:93:3b:50:af:6a:93:7b:88:
         55:46:f4:da:53:49:52:86:72:51:f6:f8:0e:1e:da:61:24:96:
         e5:9b:b0:a7:09:dc:96:d0:5a:5c:3a:a9:85:cd:79:6d:d3:61:
         6f:3e:ee:f9:0e:00:62:72:58:aa:f6:b7:d0:b1:4b:3f:1f:6e:
         f5:b0:50:e9:44:73:71:09:99:49:b1:72:b0:54:d2:c4:6c:6f:
         80:59:50:00
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyAzxkxZ3oWfKQBrXTFb31MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YzE3MTAyYjZlOTJlMjkyZWM4YWNhZjY1OWUzYzI5MGE4
ZDBiNjgwHhcNMjMwMTAyMTAyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTNiNDc4NjcxN2IyYTA0OTBlNWQ0YmNmZGIyNTE2MDRjODg1NDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWJmj9s8lphwdKI33nJ2m9IHgeND
Z64PCL+khG/9+lINCy5vvn+oc0TT8bhlnDuQJmQDFW7nUNlAU6pe5+EJry2mf46u
NvENj8Dk050qJcQGiKPNCot1mm7PmRBZSXl9p0dUr3NRoh6jbZj3L+sMxdu9H3de
0eqdWwkdz7J9Ef03hAbYBqIdUqFUtmzLOoOBwE2hUms3sF4BphXFmv1EhyzNR8+S
CJOelsfrwsqRjU7ZB6LQnfk6cLjY4aynaZZASA2bOFec+w568BWPEhiVz12ZToSq
kK5PY52CHU0BuZwzcZFsE4UArwQ0Ntg4ubXJIrZOCSqiQdlvjJo+JVAwLQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPU7R4ZxeyoEkOXUvP2yUWBMiFRmMB8GA1UdIwQY
MBaAFITBcQK26S4pLsisr2WePCkKjQtoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE1GeEFyYnBMaWt1eUt5dlpaNDhLUXFOQzJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82ZDU2OWQtYzQ0Yi00YzM0LWExNTkt
ZDU4M2Y5YTY2ZTNiLzEvOVR0SGhuRjdLZ1NRNWRTOF9iSlJZRXlJVkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82ZDU2OWQtYzQ0Yi00YzM0LWExNTktZDU4M2Y5YTY2ZTNi
LzEvaE1GeEFyYnBMaWt1eUt5dlpaNDhLUXFOQzJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVpQAwQA
W/ClMA0EAgACMAcDBQMqELSAMA0GCSqGSIb3DQEBCwUAA4IBAQC+SzueQRgTqrLd
fC/8MmKTIbEISixbn3A1fLQUOvgkZdef+MHaJl4UgsO+XyDuu9a1tpm/BEyBQeRa
yMqpiP9F5Es3Md3rO7FV5XnWXGJHqfFAGsDM4UnDnmPdLX8MEHf/2sZRLLVvoeCI
FgQxXgvh77Q+/PtUeqSM67+cRh+O1Z5K3rqo2OjAbCPMCoIgDSk0itQISjfm/lQI
CSzbWEibCxo5WZMoPH7LqYIpkztQr2qTe4hVRvTaU0lShnJR9vgOHtphJJblm7Cn
CdyW0FpcOqmFzXlt02FvPu75DgBicliq9rfQsUs/H271sFDpRHNxCZlJsXKwVNLE
bG+AWVAA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:40 2024 by rpki-client on console-fra.rpki-client.org