Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/DlBDN4W5m4PQ4_nuv7v32p3ALFE.roa
File:                     DlBDN4W5m4PQ4_nuv7v32p3ALFE.roa (raw, json)
Hash identifier:          Rd1BZLMjZ+cnj4N83IOy5UoMxag7SK/rcXD+6TmR59A=
Subject key identifier:   0E:50:43:37:85:B9:9B:83:D0:E3:F9:EE:BF:BB:F7:DA:9D:C0:2C:51
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018D60778B8EFEED18A973ED5A859CDE9FE0
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/DlBDN4W5m4PQ4_nuv7v32p3ALFE.roa
Signing time:             Wed 31 Jan 2024 17:01:03 +0000
ROA not before:           Wed 31 Jan 2024 17:01:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9123
IP address blocks:        85.209.8.0/24 maxlen: 24
                          92.246.76.0/24 maxlen: 24
                          185.68.22.0/24 maxlen: 24
                          185.196.117.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Apr 2024 16:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:60:77:8b:8e:fe:ed:18:a9:73:ed:5a:85:9c:de:9f:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jan 31 17:01:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0e50433785b99b83d0e3f9eebfbbf7da9dc02c51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:ef:14:e9:60:02:d5:98:5f:f6:6d:83:63:a0:
                    90:41:97:21:a7:72:a0:07:7d:6f:99:f0:31:09:6e:
                    6c:39:91:08:65:21:31:dd:19:06:dd:41:6a:a3:5e:
                    cf:71:4e:f2:b8:18:5f:21:ec:38:fa:c1:31:c9:c4:
                    1a:ad:6b:24:09:4c:36:99:b8:d9:e8:cd:c0:b2:42:
                    69:b4:2c:74:78:71:fa:99:81:db:d6:fa:3f:6a:61:
                    3e:00:1a:ac:66:7e:39:c1:75:af:d2:c8:5a:17:ce:
                    8c:14:51:a2:fb:c7:c3:ae:fc:b8:70:b0:68:04:b1:
                    9a:1b:ef:10:b5:4f:81:f8:a1:e8:ff:00:01:d9:21:
                    38:c5:3e:cd:b0:92:5e:1b:61:02:a4:49:51:7e:7b:
                    3d:46:4b:83:cd:45:38:78:f5:de:fc:7b:cf:af:91:
                    40:40:76:ad:da:9b:73:69:e6:d9:6c:3f:2e:9d:4a:
                    7d:14:7a:08:fa:88:b4:38:6e:19:23:d7:5c:4e:a6:
                    f3:95:12:72:d9:59:fe:cf:2c:a3:35:c3:c1:d8:ab:
                    71:5f:64:de:9a:3b:59:78:30:7b:05:2d:3f:5c:c5:
                    d6:28:2c:00:4e:65:bc:59:99:4a:45:fd:7b:9d:6b:
                    4f:73:32:a8:41:5b:b6:59:4c:3b:10:1c:b1:6d:92:
                    bd:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:50:43:37:85:B9:9B:83:D0:E3:F9:EE:BF:BB:F7:DA:9D:C0:2C:51
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/DlBDN4W5m4PQ4_nuv7v32p3ALFE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.8.0/24
                  92.246.76.0/24
                  185.68.22.0/24
                  185.196.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:c4:54:57:27:21:03:28:9c:7f:35:16:2e:5b:68:54:44:74:
         5c:a5:d9:92:e6:bc:49:90:f6:f1:6c:86:c9:77:8f:fb:d3:8b:
         a5:c1:4a:c4:de:d2:14:b5:01:82:66:b0:d7:82:ee:0b:20:4c:
         c5:ff:1f:84:e0:9e:c6:64:74:dd:4f:e8:b1:47:2b:68:8d:c5:
         e5:ef:53:00:7a:13:33:5b:e4:50:ac:77:8d:ed:11:6b:5a:b5:
         cb:02:d1:fc:e4:b0:a8:af:77:0b:cd:6b:3c:32:e8:6e:31:3f:
         ff:d5:a8:14:88:76:60:93:e9:86:3c:d1:cc:d0:08:ac:07:c2:
         5e:b3:fb:4b:d6:c8:40:20:e9:a6:85:ed:34:db:5e:a5:28:45:
         07:fe:6c:27:3b:53:f4:17:1c:9b:f4:e4:35:0c:5c:62:2e:24:
         74:3f:74:54:8d:85:7c:ce:d2:4f:c7:76:4b:6c:b0:7e:36:6e:
         8f:e0:d3:aa:a7:08:0a:c2:ba:f9:79:e8:5e:43:22:95:36:b1:
         8b:26:79:af:da:22:49:66:67:0a:d1:0d:2e:89:02:00:df:f5:
         4f:01:b4:26:28:cc:34:e7:ee:01:b7:4e:fa:b0:0a:1a:5c:3e:
         83:06:a4:88:c6:19:ee:1f:e8:56:76:fd:43:c9:f8:32:ed:3d:
         1d:82:63:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1gd4uO/u0YqXPtWoWc3p/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTMxMTcwMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTUwNDMzNzg1Yjk5YjgzZDBlM2Y5ZWViZmJiZjdkYTlkYzAyYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO8U6WAC1Zhf9m2DY6CQQZchp3Kg
B31vmfAxCW5sOZEIZSEx3RkG3UFqo17PcU7yuBhfIew4+sExycQarWskCUw2mbjZ
6M3AskJptCx0eHH6mYHb1vo/amE+ABqsZn45wXWv0shaF86MFFGi+8fDrvy4cLBo
BLGaG+8QtU+B+KHo/wAB2SE4xT7NsJJeG2ECpElRfns9RkuDzUU4ePXe/HvPr5FA
QHat2ptzaebZbD8unUp9FHoI+oi0OG4ZI9dcTqbzlRJy2Vn+zyyjNcPB2KtxX2Te
mjtZeDB7BS0/XMXWKCwATmW8WZlKRf17nWtPczKoQVu2WUw7EByxbZK9ewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA5QQzeFuZuD0OP57r+799qdwCxRMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvRGxCRE40VzVtNFBRNF9udXY3djMycDNBTEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVdEIAwQA
XPZMAwQAuUQWAwQAucR1MA0GCSqGSIb3DQEBCwUAA4IBAQB0xFRXJyEDKJx/NRYu
W2hURHRcpdmS5rxJkPbxbIbJd4/704ulwUrE3tIUtQGCZrDXgu4LIEzF/x+E4J7G
ZHTdT+ixRytojcXl71MAehMzW+RQrHeN7RFrWrXLAtH85LCor3cLzWs8MuhuMT//
1agUiHZgk+mGPNHM0AisB8Jes/tL1shAIOmmhe00216lKEUH/mwnO1P0Fxyb9OQ1
DFxiLiR0P3RUjYV8ztJPx3ZLbLB+Nm6P4NOqpwgKwrr5eeheQyKVNrGLJnmv2iJJ
ZmcK0Q0uiQIA3/VPAbQmKMw05+4Bt076sAoaXD6DBqSIxhnuH+hWdv1Dyfgy7T0d
gmNZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org