Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/dpedAwOGbNza2wzI0kvRTA6Zl6g.roa
File:                     dpedAwOGbNza2wzI0kvRTA6Zl6g.roa (raw, json)
Hash identifier:          22ySSGyKW9C/wuuiXRaPiVCQO/QsfT0Zsbscud0ANLs=
Subject key identifier:   76:97:9D:03:03:86:6C:DC:DA:DB:0C:C8:D2:4B:D1:4C:0E:99:97:A8
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       018E8604810CE852808C6C18D95FA91FC092
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/dpedAwOGbNza2wzI0kvRTA6Zl6g.roa
Signing time:             Thu 28 Mar 2024 17:03:45 +0000
ROA not before:           Thu 28 Mar 2024 17:03:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212667
IP address blocks:        45.86.3.0/24 maxlen: 24
                          46.174.192.0/24 maxlen: 24
                          46.174.193.0/24 maxlen: 24
                          46.174.194.0/24 maxlen: 24
                          46.174.195.0/24 maxlen: 24
                          46.174.196.0/24 maxlen: 24
                          46.174.197.0/24 maxlen: 24
                          46.174.198.0/24 maxlen: 24
                          46.174.199.0/24 maxlen: 24
                          212.60.6.0/24 maxlen: 24
                          212.107.24.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Apr 2024 13:07:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:86:04:81:0c:e8:52:80:8c:6c:18:d9:5f:a9:1f:c0:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Mar 28 17:03:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=76979d0303866cdcdadb0cc8d24bd14c0e9997a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:4f:e4:00:0c:e0:50:59:f8:23:94:6e:3d:1e:
                    15:ac:41:6e:90:5b:41:61:bf:8d:15:78:6b:36:0d:
                    0c:81:71:5a:27:b9:15:ac:e2:04:12:26:f5:da:1c:
                    5f:86:ce:b8:70:a4:f2:55:84:ad:ca:44:91:52:b0:
                    df:0a:5f:c6:8a:78:1d:52:78:7d:b6:ee:bc:cb:68:
                    17:34:73:5f:f5:0d:a5:9a:ab:a1:85:1b:35:b0:f8:
                    56:36:93:58:2b:d2:84:3f:48:f0:08:c9:19:23:df:
                    34:9c:41:58:12:9b:57:70:5f:f6:67:c2:60:ba:e2:
                    de:f2:b0:5e:9a:c5:d2:cd:0a:53:89:af:95:ff:0b:
                    7c:04:bc:d4:dc:30:35:96:ea:dd:68:61:5f:1f:04:
                    d8:bf:de:8f:0d:3c:d0:7b:51:8d:f5:17:72:8f:36:
                    df:aa:64:11:1c:29:49:21:90:e6:8e:4d:9d:32:60:
                    d6:58:c7:f6:e9:b5:b6:09:39:ea:a3:9c:82:12:83:
                    66:2a:48:7d:ad:d4:48:c1:f4:53:56:39:a1:16:65:
                    44:70:09:bb:e6:9a:03:b2:a6:48:06:b7:c4:0d:60:
                    06:ac:57:0f:06:81:84:ae:0d:d7:a4:59:cd:0b:2a:
                    7f:c0:31:56:ca:b2:f6:cb:22:b6:e8:4e:d1:93:dd:
                    19:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:97:9D:03:03:86:6C:DC:DA:DB:0C:C8:D2:4B:D1:4C:0E:99:97:A8
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/dpedAwOGbNza2wzI0kvRTA6Zl6g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.86.3.0/24
                  46.174.192.0/21
                  212.60.6.0/24
                  212.107.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:9a:68:f2:ea:e5:35:b2:29:ff:d9:c9:f7:8e:ed:11:a9:cd:
         3e:c7:06:c1:10:17:98:3e:43:19:59:3c:e4:0d:26:c7:e0:d1:
         9e:59:a1:a7:cc:98:e5:55:2a:6d:2a:f7:7d:08:9e:9d:a3:bb:
         e1:9d:1c:c6:42:2b:1a:62:7f:7f:41:36:d5:a6:b5:38:04:47:
         e1:74:4f:42:5b:99:3f:b1:2e:53:65:48:bf:ea:f4:21:2a:c6:
         bc:1a:26:e8:29:20:b1:41:90:d7:6e:00:85:16:43:63:04:7c:
         0a:2b:26:fd:16:76:df:80:2d:3d:b4:81:81:7c:5e:2b:39:31:
         ad:01:6d:61:49:12:f1:f1:51:70:6c:04:79:86:46:40:86:07:
         d8:45:20:10:4e:e8:16:d1:9d:87:eb:05:43:03:ac:bf:a8:13:
         81:4a:64:f1:30:ca:3b:82:33:f6:29:bf:00:84:ba:c2:c7:24:
         1c:05:bd:38:2d:2b:a0:bb:da:9a:c2:19:a4:9a:95:93:c8:ba:
         d7:35:11:76:be:5e:d1:d3:3b:bc:f4:62:8f:a0:3e:e0:01:e0:
         4d:91:d0:3c:39:4c:79:ce:3e:4f:54:f8:86:b0:e5:2a:1d:3c:
         a1:90:e2:5c:c4:bd:72:65:21:a4:91:52:4b:2c:13:33:b6:3d:
         8a:30:7a:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY6GBIEM6FKAjGwY2V+pH8CSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTcwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njk3OWQwMzAzODY2Y2RjZGFkYjBjYzhkMjRiZDE0YzBlOTk5N2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0/kAAzgUFn4I5RuPR4VrEFukFtB
Yb+NFXhrNg0MgXFaJ7kVrOIEEib12hxfhs64cKTyVYStykSRUrDfCl/GingdUnh9
tu68y2gXNHNf9Q2lmquhhRs1sPhWNpNYK9KEP0jwCMkZI980nEFYEptXcF/2Z8Jg
uuLe8rBemsXSzQpTia+V/wt8BLzU3DA1lurdaGFfHwTYv96PDTzQe1GN9Rdyjzbf
qmQRHClJIZDmjk2dMmDWWMf26bW2CTnqo5yCEoNmKkh9rdRIwfRTVjmhFmVEcAm7
5poDsqZIBrfEDWAGrFcPBoGErg3XpFnNCyp/wDFWyrL2yyK26E7Rk90ZRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHaXnQMDhmzc2tsMyNJL0UwOmZeoMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvZHBlZEF3T0diTnphMnd6STBrdlJUQTZabDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVYDAwQD
Lq7AAwQA1DwGAwQA1GsYMA0GCSqGSIb3DQEBCwUAA4IBAQA9mmjy6uU1sin/2cn3
ju0Rqc0+xwbBEBeYPkMZWTzkDSbH4NGeWaGnzJjlVSptKvd9CJ6do7vhnRzGQisa
Yn9/QTbVprU4BEfhdE9CW5k/sS5TZUi/6vQhKsa8GiboKSCxQZDXbgCFFkNjBHwK
Kyb9FnbfgC09tIGBfF4rOTGtAW1hSRLx8VFwbAR5hkZAhgfYRSAQTugW0Z2H6wVD
A6y/qBOBSmTxMMo7gjP2Kb8AhLrCxyQcBb04LSugu9qawhmkmpWTyLrXNRF2vl7R
0zu89GKPoD7gAeBNkdA8OUx5zj5PVPiGsOUqHTyhkOJcxL1yZSGkkVJLLBMztj2K
MHod
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org