Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0kZ71jasCARN7mLFIJ1jyI_h6go.roa
File:                     0kZ71jasCARN7mLFIJ1jyI_h6go.roa (raw, json)
Hash identifier:          7xTCXN278y66Y4vmb7obcwC3bp7CuiZwB9Ou4XUj2DY=
Subject key identifier:   D2:46:7B:D6:36:AC:08:04:4D:EE:62:C5:20:9D:63:C8:8F:E1:EA:0A
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018D2D6E2ED28EDACE5F9C514EB00C33B9A1
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0kZ71jasCARN7mLFIJ1jyI_h6go.roa
Signing time:             Sun 21 Jan 2024 19:10:12 +0000
ROA not before:           Sun 21 Jan 2024 19:10:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212667
IP address blocks:        45.8.156.0/24 maxlen: 24
                          45.85.64.0/24 maxlen: 24
                          45.85.67.0/24 maxlen: 24
                          45.144.38.0/24 maxlen: 24
                          45.145.3.0/24 maxlen: 24
                          85.8.187.0/24 maxlen: 24
                          194.32.250.0/24 maxlen: 24
                          194.61.234.0/24 maxlen: 24
                          194.61.235.0/24 maxlen: 24
                          213.139.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Jan 2024 08:06:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:2d:6e:2e:d2:8e:da:ce:5f:9c:51:4e:b0:0c:33:b9:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jan 21 19:10:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d2467bd636ac08044dee62c5209d63c88fe1ea0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:da:4a:98:86:2d:b5:25:8e:ef:3e:b9:c6:1a:
                    c7:50:f4:37:ff:78:99:f4:d1:bc:c0:b0:3a:60:55:
                    84:08:55:ce:7b:ed:8e:43:c0:28:20:5f:1e:79:e5:
                    34:9a:38:0c:c7:10:8c:b8:9d:63:b0:b3:d9:c6:38:
                    0f:13:81:e0:e8:be:ba:34:f0:1a:46:ed:4b:6b:32:
                    29:df:a5:c8:13:50:70:d8:df:70:79:3e:52:ee:94:
                    f9:35:8d:fe:ff:06:99:51:a3:8c:40:90:b3:c3:1e:
                    8e:ce:c0:13:53:68:d0:a0:c6:54:48:39:09:a7:f7:
                    32:1f:4f:b5:be:65:7f:73:24:3a:4b:3f:eb:ca:e9:
                    41:b5:4f:1a:fc:57:cd:de:85:f0:75:fd:6b:8e:3a:
                    84:4d:f8:ed:f1:b3:ec:8f:23:1e:c7:2f:74:4c:09:
                    3f:3a:7f:c4:98:95:c9:88:b0:f2:63:4a:26:91:20:
                    81:ea:08:de:17:f4:bb:be:d4:6f:55:b0:17:7e:0c:
                    24:79:a8:7f:1d:6b:01:f0:31:db:48:0f:4f:9a:53:
                    0b:0d:7f:6e:47:d8:43:9f:12:fe:ce:3b:42:8a:f8:
                    ba:34:50:4d:ea:05:6a:2a:21:c8:63:0c:19:a0:c9:
                    2d:43:55:22:ee:c1:3c:4b:d5:ea:f1:0f:a3:c9:c5:
                    8e:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:46:7B:D6:36:AC:08:04:4D:EE:62:C5:20:9D:63:C8:8F:E1:EA:0A
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0kZ71jasCARN7mLFIJ1jyI_h6go.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.156.0/24
                  45.85.64.0/24
                  45.85.67.0/24
                  45.144.38.0/24
                  45.145.3.0/24
                  85.8.187.0/24
                  194.32.250.0/24
                  194.61.234.0/23
                  213.139.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:41:23:72:02:0b:4a:28:98:7a:03:c5:be:cb:41:9f:78:8a:
         42:13:01:5a:f8:cd:ef:15:fa:ca:3f:b0:79:f5:20:67:da:e4:
         dc:75:16:d7:67:7f:6c:50:1c:6c:1a:33:e6:6a:55:5c:8e:82:
         2c:cb:7d:ef:65:fa:34:1d:10:62:9b:97:72:51:13:be:e5:da:
         07:37:d7:57:ab:2f:ee:b7:d9:35:f9:1f:12:3a:cb:cd:a5:f5:
         46:12:7c:d5:ff:e5:5d:77:b6:1e:2e:3c:51:24:31:b8:cd:90:
         76:3a:c3:ca:35:23:bf:96:2c:9e:35:c5:69:1d:e4:f6:31:f4:
         e0:43:7f:af:dd:89:53:a4:93:a3:68:18:12:b8:a2:32:20:ff:
         13:57:cf:f2:38:c3:60:6b:75:e0:95:0f:1a:a0:3f:db:7d:23:
         2e:33:f0:88:34:9b:0b:4c:ef:2f:1d:6f:28:73:69:8f:2d:66:
         17:32:df:26:57:94:1b:a4:c8:5e:5b:ff:3f:d5:ad:09:02:50:
         85:21:3f:c2:99:bb:f6:97:77:11:75:8a:f6:3a:2f:cf:98:1d:
         96:b7:65:07:fa:d3:60:2f:77:65:c0:ac:86:83:58:72:af:15:
         29:32:85:73:ca:9a:a2:80:6c:bf:e2:28:13:79:f8:29:87:8b:
         e8:18:94:8b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY0tbi7SjtrOX5xRTrAMM7mhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTIxMTkxMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjQ2N2JkNjM2YWMwODA0NGRlZTYyYzUyMDlkNjNjODhmZTFlYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudpKmIYttSWO7z65xhrHUPQ3/3iZ
9NG8wLA6YFWECFXOe+2OQ8AoIF8eeeU0mjgMxxCMuJ1jsLPZxjgPE4Hg6L66NPAa
Ru1LazIp36XIE1Bw2N9weT5S7pT5NY3+/waZUaOMQJCzwx6OzsATU2jQoMZUSDkJ
p/cyH0+1vmV/cyQ6Sz/ryulBtU8a/FfN3oXwdf1rjjqETfjt8bPsjyMexy90TAk/
On/EmJXJiLDyY0omkSCB6gjeF/S7vtRvVbAXfgwkeah/HWsB8DHbSA9PmlMLDX9u
R9hDnxL+zjtCivi6NFBN6gVqKiHIYwwZoMktQ1Ui7sE8S9Xq8Q+jycWO8QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNJGe9Y2rAgETe5ixSCdY8iP4eoKMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvMGtaNzFqYXNDQVJON21MRklKMWp5SV9oNmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQicAwQA
LVVAAwQALVVDAwQALZAmAwQALZEDAwQAVQi7AwQAwiD6AwQBwj3qAwQA1YvnMA0G
CSqGSIb3DQEBCwUAA4IBAQBPQSNyAgtKKJh6A8W+y0GfeIpCEwFa+M3vFfrKP7B5
9SBn2uTcdRbXZ39sUBxsGjPmalVcjoIsy33vZfo0HRBim5dyURO+5doHN9dXqy/u
t9k1+R8SOsvNpfVGEnzV/+Vdd7YeLjxRJDG4zZB2OsPKNSO/liyeNcVpHeT2MfTg
Q3+v3YlTpJOjaBgSuKIyIP8TV8/yOMNga3XglQ8aoD/bfSMuM/CINJsLTO8vHW8o
c2mPLWYXMt8mV5QbpMheW/8/1a0JAlCFIT/Cmbv2l3cRdYr2Oi/PmB2Wt2UH+tNg
L3dlwKyGg1hyrxUpMoVzypqigGy/4igTefgph4voGJSL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org