Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ddwUo3tm67OD7OyRLj4mQMFopz4.roa
File:                     ddwUo3tm67OD7OyRLj4mQMFopz4.roa (raw, json)
Hash identifier:          wTDKK31W4f4sWOvr570BJrJHve32ATYyDyFQ3QGnmPA=
Subject key identifier:   75:DC:14:A3:7B:66:EB:B3:83:EC:EC:91:2E:3E:26:40:C1:68:A7:3E
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018C6DFEAB0849C16178787C090378BA9DEA
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ddwUo3tm67OD7OyRLj4mQMFopz4.roa
Signing time:             Fri 15 Dec 2023 15:00:55 +0000
ROA not before:           Fri 15 Dec 2023 15:00:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        46.38.136.0/22 maxlen: 22
                          212.16.94.0/24 maxlen: 24
                          212.80.20.0/22 maxlen: 24
                          46.38.132.0/22 maxlen: 22
                          46.38.130.0/24 maxlen: 24
                          46.38.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 16:25:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:6d:fe:ab:08:49:c1:61:78:78:7c:09:03:78:ba:9d:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Dec 15 15:00:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=75dc14a37b66ebb383ecec912e3e2640c168a73e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:75:66:5d:37:4f:97:29:bd:8a:77:f4:53:39:
                    bc:a0:35:0c:19:44:02:87:45:ea:a9:97:eb:c5:50:
                    23:9b:90:ab:ab:84:ad:ea:8d:f6:65:23:fd:3a:32:
                    fb:e3:77:e0:ef:11:75:e7:8b:c7:a7:9f:21:3e:97:
                    fa:24:6c:31:7d:63:13:fd:de:2b:42:aa:05:a5:13:
                    1e:1c:87:bf:7c:b4:47:f7:af:9f:34:b1:5e:be:31:
                    3c:da:d0:cd:88:e9:5d:6e:a7:ea:74:78:74:49:e6:
                    55:4f:c6:5b:13:df:8a:e6:89:23:a9:4c:97:5e:91:
                    aa:83:a3:3e:4a:3a:75:60:47:2f:29:db:f9:c7:6b:
                    77:ec:e3:70:aa:21:42:27:0b:d2:45:22:f4:16:ef:
                    b7:b5:f5:9f:12:97:a7:b9:40:ab:7b:01:03:4a:4e:
                    2e:1b:91:9d:26:c4:bc:48:9f:2d:bd:73:3a:b5:e5:
                    92:7d:c9:d5:64:e6:a7:dc:3a:6d:1b:b2:2d:94:c9:
                    68:80:7e:c2:6b:22:e9:fd:6e:18:e6:f2:b9:bb:01:
                    60:de:b3:f7:a4:78:e2:9c:34:84:2d:a7:04:c9:28:
                    c0:b1:c4:a1:ef:f2:3a:06:f6:4c:51:e9:a6:51:87:
                    35:37:c0:78:c1:e1:72:f6:20:c0:a7:c1:0d:ea:4a:
                    11:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:DC:14:A3:7B:66:EB:B3:83:EC:EC:91:2E:3E:26:40:C1:68:A7:3E
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ddwUo3tm67OD7OyRLj4mQMFopz4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.128.0/24
                  46.38.130.0/24
                  46.38.132.0-46.38.139.255
                  212.16.94.0/24
                  212.80.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         16:47:6f:6c:ce:a0:9b:71:92:d1:a2:2b:c6:f8:97:ca:59:be:
         10:84:56:53:79:9f:9e:bf:c1:13:e4:04:5f:dd:45:12:8d:f0:
         f3:bf:d2:a3:1d:af:aa:37:18:e1:af:e7:9c:f6:c5:97:29:5d:
         79:cb:c9:79:17:7b:fb:20:36:85:9d:b0:6b:7f:b3:66:31:e8:
         61:41:82:7f:4b:fa:2c:f3:fd:cb:b1:5f:a3:ce:b3:0b:e2:a5:
         03:cd:3d:a5:28:60:82:3d:20:ea:f0:ca:05:8e:f9:4d:10:7d:
         95:99:9d:b0:75:b3:15:19:cf:2e:5c:d8:6b:f3:38:e0:bd:b7:
         e3:07:b4:25:48:1f:b4:85:d6:fb:28:c5:23:cc:2e:f3:2d:e2:
         08:55:77:d6:7d:62:fd:69:e7:d1:ec:a8:6c:64:a9:15:7d:fb:
         06:1a:f3:5e:76:ba:bb:55:07:3f:55:37:30:f0:60:26:80:e6:
         df:63:a1:6a:38:f8:6c:ff:82:72:88:ba:a6:f9:9a:4f:10:63:
         ae:05:24:f4:01:80:20:4b:3b:ca:e1:31:5a:03:35:d7:94:cf:
         9d:bb:9f:1e:db:eb:2c:8a:07:61:92:22:75:16:64:e7:0b:b9:
         55:05:76:d3:b0:f6:64:3a:21:c5:7f:27:35:45:87:99:4d:fc:
         ef:51:59:10
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYxt/qsIScFheHh8CQN4up3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjMxMjE1MTUwMDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWRjMTRhMzdiNjZlYmIzODNlY2VjOTEyZTNlMjY0MGMxNjhhNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnVmXTdPlym9inf0Uzm8oDUMGUQC
h0XqqZfrxVAjm5Crq4St6o32ZSP9OjL743fg7xF154vHp58hPpf6JGwxfWMT/d4r
QqoFpRMeHIe/fLRH96+fNLFevjE82tDNiOldbqfqdHh0SeZVT8ZbE9+K5okjqUyX
XpGqg6M+Sjp1YEcvKdv5x2t37ONwqiFCJwvSRSL0Fu+3tfWfEpenuUCrewEDSk4u
G5GdJsS8SJ8tvXM6teWSfcnVZOan3DptG7ItlMlogH7CayLp/W4Y5vK5uwFg3rP3
pHjinDSELacEySjAscSh7/I6BvZMUemmUYc1N8B4weFy9iDAp8EN6koRxwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHXcFKN7Zuuzg+zskS4+JkDBaKc+MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvZGR3VW8zdG02N09EN095UkxqNG1RTUZvcHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALiaAAwQA
LiaCMAwDBAIuJoQDBAIuJogDBADUEF4DBALUUBQwDQYJKoZIhvcNAQELBQADggEB
ABZHb2zOoJtxktGiK8b4l8pZvhCEVlN5n56/wRPkBF/dRRKN8PO/0qMdr6o3GOGv
55z2xZcpXXnLyXkXe/sgNoWdsGt/s2Yx6GFBgn9L+izz/cuxX6POswvipQPNPaUo
YII9IOrwygWO+U0QfZWZnbB1sxUZzy5c2GvzOOC9t+MHtCVIH7SF1vsoxSPMLvMt
4ghVd9Z9Yv1p59HsqGxkqRV9+wYa8152urtVBz9VNzDwYCaA5t9joWo4+Gz/gnKI
uqb5mk8QY64FJPQBgCBLO8rhMVoDNdeUz527nx7b6yyKB2GSInUWZOcLuVUFdtOw
9mQ6IcV/JzVFh5lN/O9RWRA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org