Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/PQkDSOo-z_ti8dye2svkAiYKkeY.roa
File:                     PQkDSOo-z_ti8dye2svkAiYKkeY.roa (raw, json)
Hash identifier:          aA/AiG5MUelx/bdEfzmCK1T28/smhPJmfeBPvQTwwi4=
Subject key identifier:   3D:09:03:48:EA:3E:CF:FB:62:F1:DC:9E:DA:CB:E4:02:26:0A:91:E6
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018B1B950FE010718E9D09635FF33FD443F9
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/PQkDSOo-z_ti8dye2svkAiYKkeY.roa
Signing time:             Tue 10 Oct 2023 21:53:55 +0000
ROA not before:           Tue 10 Oct 2023 21:53:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        45.141.196.0/24 maxlen: 24
                          213.139.228.0/24 maxlen: 24
                          91.191.186.0/24 maxlen: 24
                          85.209.105.0/24 maxlen: 24
                          85.209.107.0/24 maxlen: 24
                          85.209.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1b:95:0f:e0:10:71:8e:9d:09:63:5f:f3:3f:d4:43:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Oct 10 21:53:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d090348ea3ecffb62f1dc9edacbe402260a91e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:52:9a:6c:00:a3:e5:d1:ae:d8:1b:be:fa:ce:
                    f0:21:b6:9e:ad:3e:79:f4:78:2e:c0:bf:7b:a9:8a:
                    fb:ab:68:ba:06:b4:b6:52:85:1d:f7:a9:0b:81:cb:
                    f9:6a:d6:da:a8:49:e2:75:79:ca:99:ab:c3:5d:3c:
                    39:08:eb:fd:b6:67:f9:59:88:d8:44:6c:02:cd:0e:
                    3c:ff:c4:54:2a:eb:de:4f:19:e7:d7:e1:a9:b1:91:
                    a2:31:d8:94:fc:fd:68:84:41:32:ad:40:e7:b7:22:
                    fd:c2:ee:e0:b7:6d:22:1a:70:24:7d:c6:4f:40:a4:
                    3b:c1:49:28:2a:c1:8d:08:1a:95:8e:8b:cd:36:64:
                    d6:2d:57:30:59:2f:f4:f1:ff:e8:92:ae:c4:fd:41:
                    53:c6:96:ff:62:06:b8:11:b7:ad:56:6c:62:60:c2:
                    08:da:6d:2a:81:24:9e:c2:47:f9:86:2a:4a:10:e7:
                    d0:00:7a:1b:01:a8:f5:45:ee:b4:9f:b5:7d:b7:06:
                    f1:24:b2:61:12:23:14:73:e9:66:0d:92:d2:99:61:
                    45:ef:c9:fd:f8:ca:49:0d:ec:91:4f:b8:d5:d4:bb:
                    81:f4:0a:c8:83:ac:43:29:b2:fa:62:3e:43:88:a7:
                    c7:0e:c2:97:47:8b:c7:02:47:98:c2:ff:91:7e:fa:
                    0f:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:09:03:48:EA:3E:CF:FB:62:F1:DC:9E:DA:CB:E4:02:26:0A:91:E6
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/PQkDSOo-z_ti8dye2svkAiYKkeY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.196.0/24
                  85.209.105.0-85.209.107.255
                  91.191.186.0/24
                  213.139.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:65:21:55:de:25:31:24:cb:ee:4d:14:a2:50:65:4c:d1:0a:
         72:14:67:4f:28:c4:1f:e1:47:04:a0:7a:bb:d9:24:c3:78:d5:
         7c:18:c7:38:3d:e2:f9:56:bd:b6:bc:17:e6:36:8c:c7:d8:e5:
         ab:9a:ac:09:f3:35:44:63:5a:23:80:1c:8c:61:47:d1:83:8b:
         d9:f7:fe:ad:5d:4b:4d:03:3a:fc:49:2d:4e:00:c2:c0:e4:88:
         c1:5c:b9:23:e7:ee:3c:17:d0:47:72:15:30:d7:9e:65:c6:7d:
         78:07:4f:fc:35:e7:8e:f6:7e:dd:65:b6:1c:ab:6c:04:0a:fd:
         00:ab:04:3b:9a:5b:9d:b2:6d:89:db:a3:82:15:40:49:88:5c:
         07:04:58:ed:36:94:3f:d9:f4:9e:55:bb:be:7f:fb:30:18:bb:
         a3:12:72:5d:d4:44:3a:16:4b:78:12:6c:06:62:6c:74:61:6b:
         f4:b7:8c:d3:d7:17:fe:e8:bf:3e:11:83:c9:26:67:14:50:aa:
         ed:42:07:4c:1d:95:3d:34:23:58:e5:47:12:df:41:ab:0e:61:
         2a:0a:70:f5:cf:b6:db:26:5e:12:82:61:51:dd:15:9f:1a:fe:
         1d:6a:4d:5c:53:a2:ab:60:2a:0b:bb:24:78:7e:91:93:86:b8:
         98:cd:fb:4a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYsblQ/gEHGOnQljX/M/1EP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMxMDEwMjE1MzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDA5MDM0OGVhM2VjZmZiNjJmMWRjOWVkYWNiZTQwMjI2MGE5MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lKabACj5dGu2Bu++s7wIbaerT55
9HguwL97qYr7q2i6BrS2UoUd96kLgcv5atbaqEnidXnKmavDXTw5COv9tmf5WYjY
RGwCzQ48/8RUKuveTxnn1+GpsZGiMdiU/P1ohEEyrUDntyL9wu7gt20iGnAkfcZP
QKQ7wUkoKsGNCBqVjovNNmTWLVcwWS/08f/okq7E/UFTxpb/Yga4EbetVmxiYMII
2m0qgSSewkf5hipKEOfQAHobAaj1Re60n7V9twbxJLJhEiMUc+lmDZLSmWFF78n9
+MpJDeyRT7jV1LuB9ArIg6xDKbL6Yj5DiKfHDsKXR4vHAkeYwv+RfvoPnwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFD0JA0jqPs/7YvHcntrL5AImCpHmMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvUFFrRFNPby16X3RpOGR5ZTJzdmtBaVlLa2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALY3EMAwD
BABV0WkDBAJV0WgDBABbv7oDBADVi+QwDQYJKoZIhvcNAQELBQADggEBAGdlIVXe
JTEky+5NFKJQZUzRCnIUZ08oxB/hRwSgervZJMN41XwYxzg94vlWvba8F+Y2jMfY
5auarAnzNURjWiOAHIxhR9GDi9n3/q1dS00DOvxJLU4AwsDkiMFcuSPn7jwX0Edy
FTDXnmXGfXgHT/w15472ft1lthyrbAQK/QCrBDuaW52ybYnbo4IVQEmIXAcEWO02
lD/Z9J5Vu75/+zAYu6MScl3URDoWS3gSbAZibHRha/S3jNPXF/7ovz4Rg8kmZxRQ
qu1CB0wdlT00I1jlRxLfQasOYSoKcPXPttsmXhKCYVHdFZ8a/h1qTVxToqtgKgu7
JHh+kZOGuJjN+0o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org