Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/1-ojKo4D3-tvNmiG7Ou92oVvtJK8.roa
File:                     1-ojKo4D3-tvNmiG7Ou92oVvtJK8.roa (raw, json)
Hash identifier:          ZV21vePZGQoq6oI0wCgU/AnKjYEeAinnfmMZ0FP0J10=
Subject key identifier:   FA:88:CA:A3:80:F7:FA:DB:CD:9A:21:BB:3A:EF:76:A1:5B:ED:24:AF
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       0188542E109B092396FE916EB31BFCBCAFCA
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/1-ojKo4D3-tvNmiG7Ou92oVvtJK8.roa
Signing time:             Thu 25 May 2023 18:31:24 +0000
ROA not before:           Thu 25 May 2023 18:31:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202656
IP address blocks:        45.149.83.0/24 maxlen: 24
                          45.140.171.0/24 maxlen: 24
                          45.139.28.0/24 maxlen: 24
                          45.139.31.0/24 maxlen: 24
                          194.33.9.0/24 maxlen: 24
                          194.33.8.0/24 maxlen: 24
                          92.249.13.0/24 maxlen: 24
                          92.249.14.0/24 maxlen: 24
                          194.55.104.0/24 maxlen: 24
                          194.55.103.0/24 maxlen: 24
                          91.220.126.0/24 maxlen: 24
                          45.137.191.0/24 maxlen: 24
                          91.220.84.0/24 maxlen: 24
                          91.220.90.0/24 maxlen: 24
                          45.141.186.0/24 maxlen: 24
                          45.141.187.0/24 maxlen: 24
                          194.61.76.0/24 maxlen: 24
                          193.150.170.0/24 maxlen: 24
                          45.137.55.0/24 maxlen: 24
                          45.137.53.0/24 maxlen: 24
                          45.137.52.0/24 maxlen: 24
                          45.145.162.0/24 maxlen: 24
                          45.147.1.0/24 maxlen: 24
                          91.221.38.0/24 maxlen: 24
                          85.202.166.0/24 maxlen: 24
                          85.202.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Jul 2023 15:47:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:54:2e:10:9b:09:23:96:fe:91:6e:b3:1b:fc:bc:af:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: May 25 18:31:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fa88caa380f7fadbcd9a21bb3aef76a15bed24af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:85:fd:ed:60:7f:d1:97:29:2f:24:0f:c3:f4:
                    13:20:97:2e:b1:92:74:8f:63:07:69:d1:f7:ba:ba:
                    c2:a8:1f:44:2b:9d:a0:85:6e:df:5f:4f:37:f9:7d:
                    64:51:d1:8e:ad:55:15:03:3d:ec:3f:02:68:ad:a6:
                    ac:ea:49:70:04:42:be:2b:8c:c4:fa:2a:96:35:e0:
                    75:b3:5e:af:61:51:6a:38:09:cf:55:75:cf:7e:47:
                    31:25:6a:d0:bf:e0:8d:d3:01:f1:ef:18:05:e1:81:
                    b3:e7:a5:87:df:de:81:e8:b8:dc:d7:8e:bf:7e:f2:
                    63:a1:db:3a:6b:1d:35:8c:e6:f6:d1:2f:5d:9e:18:
                    08:c4:e1:84:cb:f1:af:b3:81:27:1f:4f:1b:33:c7:
                    85:8c:92:da:3f:7f:fe:b0:be:39:1d:b8:9f:ff:a1:
                    1f:f2:36:66:c0:3a:a3:61:42:63:71:66:9f:de:ee:
                    4c:8f:68:41:5c:7a:48:47:fa:c6:99:16:29:1e:ca:
                    fd:c7:c3:64:cf:0c:9e:7c:f1:30:b5:2c:95:86:e4:
                    05:d8:55:ce:b0:99:f8:2b:12:2a:bd:2c:64:5e:af:
                    7d:0e:58:f3:e8:a8:91:d7:37:5c:45:78:96:01:e8:
                    6b:33:ea:30:96:8a:41:3d:f2:07:16:54:1a:4b:6a:
                    c0:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:88:CA:A3:80:F7:FA:DB:CD:9A:21:BB:3A:EF:76:A1:5B:ED:24:AF
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/1-ojKo4D3-tvNmiG7Ou92oVvtJK8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.52.0/23
                  45.137.55.0/24
                  45.137.191.0/24
                  45.139.28.0/24
                  45.139.31.0/24
                  45.140.171.0/24
                  45.141.186.0/23
                  45.145.162.0/24
                  45.147.1.0/24
                  45.149.83.0/24
                  85.202.166.0/23
                  91.220.84.0/24
                  91.220.90.0/24
                  91.220.126.0/24
                  91.221.38.0/24
                  92.249.13.0-92.249.14.255
                  193.150.170.0/24
                  194.33.8.0/23
                  194.55.103.0-194.55.104.255
                  194.61.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:00:e4:ab:62:18:71:1c:a9:94:d1:83:9f:8c:6a:f8:3c:cc:
         a7:8a:ff:52:fe:b1:b5:26:47:2b:0a:9c:4a:9d:5f:97:36:ee:
         d4:18:26:03:3d:fb:ee:8c:33:63:9c:76:4a:3d:aa:dc:72:a9:
         2d:2e:b3:c8:6b:cd:25:34:75:09:51:c7:be:58:10:dc:41:7a:
         27:a2:64:d4:d2:d2:e6:e4:32:7b:10:c8:f3:6b:08:ee:bc:0f:
         bf:4e:e9:26:f1:7a:b2:cb:28:60:9a:05:19:71:2d:f2:54:0d:
         bb:50:96:55:54:35:8e:70:5f:5e:9c:f6:d5:bb:09:74:5d:82:
         fc:59:3f:4a:2c:90:f8:ed:f7:50:5d:d6:09:89:fd:08:99:a9:
         82:62:8f:29:42:fa:57:03:f2:95:44:41:c5:87:ea:e0:e1:d2:
         14:b3:a6:15:cf:a3:25:9b:f7:07:65:e9:19:3f:12:38:13:a7:
         1c:d3:19:ac:90:7d:c0:4c:0e:60:3a:12:df:2a:b2:cd:ee:cc:
         5b:36:ab:4e:d8:83:e8:a7:8f:df:20:ce:dd:8a:87:04:66:ae:
         85:99:11:f9:c6:26:90:8c:6b:79:43:ca:be:2d:3b:ab:94:77:
         8c:e1:c8:2a:9a:3b:dd:ca:f6:cc:20:79:01:fd:a0:d1:42:ed:
         db:ad:c9:11
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAYhULhCbCSOW/pFusxv8vK/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNTI1MTgzMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTg4Y2FhMzgwZjdmYWRiY2Q5YTIxYmIzYWVmNzZhMTViZWQyNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YX97WB/0ZcpLyQPw/QTIJcusZJ0
j2MHadH3urrCqB9EK52ghW7fX083+X1kUdGOrVUVAz3sPwJoraas6klwBEK+K4zE
+iqWNeB1s16vYVFqOAnPVXXPfkcxJWrQv+CN0wHx7xgF4YGz56WH396B6Ljc146/
fvJjods6ax01jOb20S9dnhgIxOGEy/Gvs4EnH08bM8eFjJLaP3/+sL45Hbif/6Ef
8jZmwDqjYUJjcWaf3u5Mj2hBXHpIR/rGmRYpHsr9x8NkzwyefPEwtSyVhuQF2FXO
sJn4KxIqvSxkXq99Dljz6KiR1zdcRXiWAehrM+owlopBPfIHFlQaS2rAsQIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFPqIyqOA9/rbzZohuzrvdqFb7SSvMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvMS1vaktvNEQzLXR2Tm1pRzdPdTkyb1Z2dEpLOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjUvOTk5Yjk3LWM3MzEtNDE5Mi04NWYxLTU3MzcwMWM4NDgz
My8xL1lpTGh3cVV4VXpTMmJZRDNqVnRRdEM1SUM1dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBpQYIKwYBBQUHAQcBAf8EgZUwgZIwgY8EAgABMIGIAwQB
LYk0AwQALYk3AwQALYm/AwQALYscAwQALYsfAwQALYyrAwQBLY26AwQALZGiAwQA
LZMBAwQALZVTAwQBVcqmAwQAW9xUAwQAW9xaAwQAW9x+AwQAW90mMAwDBABc+Q0D
BABc+Q4DBADBlqoDBAHCIQgwDAMEAMI3ZwMEAMI3aAMEAMI9TDANBgkqhkiG9w0B
AQsFAAOCAQEApgDkq2IYcRyplNGDn4xq+DzMp4r/Uv6xtSZHKwqcSp1flzbu1Bgm
Az377owzY5x2Sj2q3HKpLS6zyGvNJTR1CVHHvlgQ3EF6J6Jk1NLS5uQyexDI82sI
7rwPv07pJvF6sssoYJoFGXEt8lQNu1CWVVQ1jnBfXpz21bsJdF2C/Fk/SiyQ+O33
UF3WCYn9CJmpgmKPKUL6VwPylURBxYfq4OHSFLOmFc+jJZv3B2XpGT8SOBOnHNMZ
rJB9wEwOYDoS3yqyze7MWzarTtiD6KeP3yDO3YqHBGauhZkR+cYmkIxreUPKvi07
q5R3jOHIKpo73cr2zCB5Af2g0ULt263JEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org