Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/9tcjjwDM95f1YTQpla-GyYmTF7o.roa
File:                     9tcjjwDM95f1YTQpla-GyYmTF7o.roa (raw, json)
Hash identifier:          8aFp9e/tDtjDFUDNIJ5hYVwVkMfdsG6eKIvKOYR/xDQ=
Subject key identifier:   F6:D7:23:8F:00:CC:F7:97:F5:61:34:29:95:AF:86:C9:89:93:17:BA
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018D13D7F528312C6D550665DEE069E9E013
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/9tcjjwDM95f1YTQpla-GyYmTF7o.roa
Signing time:             Tue 16 Jan 2024 19:55:36 +0000
ROA not before:           Tue 16 Jan 2024 19:55:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12722
IP address blocks:        45.8.156.0/24 maxlen: 24
                          45.85.64.0/24 maxlen: 24
                          45.85.67.0/24 maxlen: 24
                          45.145.3.0/24 maxlen: 24
                          85.8.187.0/24 maxlen: 24
                          194.32.250.0/24 maxlen: 24
                          213.139.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 21 Jan 2024 19:16:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:13:d7:f5:28:31:2c:6d:55:06:65:de:e0:69:e9:e0:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jan 16 19:55:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f6d7238f00ccf797f561342995af86c9899317ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:c0:ce:74:20:f2:3b:fc:55:bd:40:93:1e:af:
                    b6:cc:97:d1:94:ec:4f:7f:27:65:c8:4f:6f:0b:42:
                    b2:09:e8:fd:ff:e5:bd:50:5b:f7:46:5f:11:82:6f:
                    e7:f3:8b:e4:02:af:97:6f:11:34:d7:f8:3c:cc:a6:
                    0b:3c:2c:e1:a9:6a:a0:a0:e8:a5:d3:5b:db:fe:02:
                    70:47:c9:5c:42:c5:90:84:38:6c:e7:cb:5e:3f:6d:
                    25:c2:5c:72:14:31:b2:95:d2:a6:a9:1e:58:b4:86:
                    fb:3a:06:83:a3:79:b1:0d:80:53:7a:37:72:64:12:
                    21:9a:82:01:cc:46:2e:49:57:b6:ce:df:56:c0:9e:
                    83:4d:79:f4:c1:8c:f3:99:bd:4a:d3:d7:dc:e9:05:
                    e6:2e:18:77:30:0a:17:cf:29:ea:46:54:5d:c8:df:
                    dc:10:00:82:c9:c5:01:ec:b0:c6:9a:8a:d1:e5:d1:
                    5b:b0:ce:70:61:36:27:cc:ba:7b:e9:3a:73:03:a4:
                    e7:03:2b:30:e7:42:f4:2f:37:31:18:3d:63:f7:e3:
                    69:f4:d6:32:e1:35:88:fc:c7:fb:a6:37:a9:90:c1:
                    8a:89:1b:75:de:29:39:a6:13:70:b3:ef:69:9f:c2:
                    f8:0a:71:33:d0:f9:17:43:85:4c:f9:17:3f:ea:0d:
                    9d:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:D7:23:8F:00:CC:F7:97:F5:61:34:29:95:AF:86:C9:89:93:17:BA
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/9tcjjwDM95f1YTQpla-GyYmTF7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.156.0/24
                  45.85.64.0/24
                  45.85.67.0/24
                  45.145.3.0/24
                  85.8.187.0/24
                  194.32.250.0/24
                  213.139.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:c1:6b:26:2e:a8:36:0c:16:d8:ed:99:01:7f:17:d0:82:c8:
         29:f2:70:6b:a4:42:08:bf:a2:f0:d2:79:a8:2a:1b:ae:e3:b1:
         b8:4e:c9:b7:f4:db:64:fe:45:e7:c3:46:d3:f4:7f:45:7c:c0:
         9c:28:09:fa:92:b8:85:d4:2b:ad:57:71:55:ab:c3:50:40:43:
         95:78:57:38:24:9a:4a:a6:4a:1b:07:7a:83:c9:cf:c7:92:7c:
         26:ee:58:d1:2c:42:f8:62:e2:f0:b4:d8:30:b4:d8:3c:5f:57:
         6a:5a:73:76:9c:a0:52:80:68:88:51:1d:f1:05:7d:be:fa:01:
         61:d1:a4:aa:05:f1:18:0f:0b:a0:14:b3:1f:9a:44:10:57:4c:
         3a:b7:5d:3a:51:2e:b8:6d:5c:65:31:36:cd:06:cc:8c:a2:13:
         f3:d4:4d:86:da:96:11:24:8c:3a:f6:c7:ad:3f:d3:3e:6b:8c:
         6c:41:ae:cd:38:3a:51:59:56:d8:61:a4:c6:b2:6f:97:c8:3b:
         c6:4a:02:e8:87:45:9a:6e:84:1b:8a:94:b9:a7:43:9f:e2:7e:
         72:74:fd:85:ad:04:49:d0:05:84:2e:d9:29:81:f9:01:b1:0d:
         8a:c7:d8:7b:90:9d:f9:95:bc:98:72:5c:d6:4b:6c:d2:6a:43:
         30:e0:29:ea
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0T1/UoMSxtVQZl3uBp6eATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTE2MTk1NTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmQ3MjM4ZjAwY2NmNzk3ZjU2MTM0Mjk5NWFmODZjOTg5OTMxN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicDOdCDyO/xVvUCTHq+2zJfRlOxP
fydlyE9vC0KyCej9/+W9UFv3Rl8Rgm/n84vkAq+XbxE01/g8zKYLPCzhqWqgoOil
01vb/gJwR8lcQsWQhDhs58teP20lwlxyFDGyldKmqR5YtIb7OgaDo3mxDYBTejdy
ZBIhmoIBzEYuSVe2zt9WwJ6DTXn0wYzzmb1K09fc6QXmLhh3MAoXzynqRlRdyN/c
EACCycUB7LDGmorR5dFbsM5wYTYnzLp76TpzA6TnAysw50L0LzcxGD1j9+Np9NYy
4TWI/Mf7pjepkMGKiRt13ik5phNws+9pn8L4CnEz0PkXQ4VM+Rc/6g2dNQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPbXI48AzPeX9WE0KZWvhsmJkxe6MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvOXRjamp3RE05NWYxWVRRcGxhLUd5WW1URjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQicAwQA
LVVAAwQALVVDAwQALZEDAwQAVQi7AwQAwiD6AwQA1YvnMA0GCSqGSIb3DQEBCwUA
A4IBAQAhwWsmLqg2DBbY7ZkBfxfQgsgp8nBrpEIIv6Lw0nmoKhuu47G4Tsm39Ntk
/kXnw0bT9H9FfMCcKAn6kriF1CutV3FVq8NQQEOVeFc4JJpKpkobB3qDyc/Hknwm
7ljRLEL4YuLwtNgwtNg8X1dqWnN2nKBSgGiIUR3xBX2++gFh0aSqBfEYDwugFLMf
mkQQV0w6t106US64bVxlMTbNBsyMohPz1E2G2pYRJIw69setP9M+a4xsQa7NODpR
WVbYYaTGsm+XyDvGSgLoh0WaboQbipS5p0Of4n5ydP2FrQRJ0AWELtkpgfkBsQ2K
x9h7kJ35lbyYclzWS2zSakMw4Cnq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org