Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/RCLoFnRaKuEuw6TkX5HIKTo5os8.roa
File:                     RCLoFnRaKuEuw6TkX5HIKTo5os8.roa (raw, json)
Hash identifier:          ppqr/CdNusk/W48fdrpWEcYBm+VkRlPJboqgDxfx77o=
Subject key identifier:   44:22:E8:16:74:5A:2A:E1:2E:C3:A4:E4:5F:91:C8:29:3A:39:A2:CF
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018964895B86C1B1C99103737826040824B7
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/RCLoFnRaKuEuw6TkX5HIKTo5os8.roa
Signing time:             Mon 17 Jul 2023 15:47:50 +0000
ROA not before:           Mon 17 Jul 2023 15:47:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49505
IP address blocks:        45.85.66.0/24 maxlen: 24
                          91.230.38.0/24 maxlen: 24
                          91.230.39.0/24 maxlen: 24
                          195.245.103.0/24 maxlen: 24
                          194.32.222.0/24 maxlen: 24
                          45.144.37.0/24 maxlen: 24
                          194.55.105.0/24 maxlen: 24
                          194.55.102.0/24 maxlen: 24
                          109.196.172.0/24 maxlen: 24
                          45.152.226.0/24 maxlen: 24
                          45.152.224.0/24 maxlen: 24
                          91.220.81.0/24 maxlen: 24
                          45.154.163.0/24 maxlen: 24
                          45.154.160.0/24 maxlen: 24
                          45.154.161.0/24 maxlen: 24
                          91.191.184.0/24 maxlen: 24
                          194.156.93.0/24 maxlen: 24
                          45.155.61.0/24 maxlen: 24
                          45.141.197.0/24 maxlen: 24
                          45.150.60.0/24 maxlen: 24
                          45.150.61.0/24 maxlen: 24
                          45.146.230.0/24 maxlen: 24
                          45.146.231.0/24 maxlen: 24
                          194.61.77.0/24 maxlen: 24
                          45.148.240.0/24 maxlen: 24
                          45.148.241.0/24 maxlen: 24
                          45.148.242.0/24 maxlen: 24
                          45.145.88.0/24 maxlen: 24
                          45.145.89.0/24 maxlen: 24
                          45.145.91.0/24 maxlen: 24
                          193.150.99.0/24 maxlen: 24
                          91.221.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Jul 2023 16:04:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:64:89:5b:86:c1:b1:c9:91:03:73:78:26:04:08:24:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul 17 15:47:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4422e816745a2ae12ec3a4e45f91c8293a39a2cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:0c:2a:b9:10:a5:eb:00:d3:a2:0d:dc:2a:ed:
                    5a:d3:b9:a7:0d:1d:fe:96:89:f4:eb:0a:1c:47:83:
                    5f:79:ae:37:aa:20:75:fb:ba:ce:10:a7:5e:39:bb:
                    dc:68:b1:95:3a:36:43:b4:80:dd:fc:3b:4c:19:c8:
                    02:50:58:85:ff:1e:fc:98:b4:1f:97:df:9f:cd:78:
                    cd:67:3e:4b:55:80:37:79:c0:3d:39:e8:f8:02:37:
                    36:70:b9:17:f3:55:a9:dc:ba:89:f4:15:ae:34:f1:
                    19:40:c3:79:bc:25:b8:da:37:49:6c:24:91:f1:51:
                    54:83:b5:8b:e9:d5:c9:8f:76:a8:63:22:ff:fd:92:
                    f2:ba:82:f6:ab:12:b5:36:b9:4e:02:f6:49:2a:99:
                    78:f9:58:98:ac:49:d8:17:6b:90:59:40:18:ed:1b:
                    f8:e0:bf:01:62:50:6c:aa:64:e4:73:4f:10:46:6b:
                    8a:74:d4:7b:3a:c5:27:9e:0c:f7:7a:a8:1e:7e:80:
                    ec:1e:86:00:42:17:a2:b2:13:6a:38:39:55:36:7e:
                    71:d4:b3:5c:cd:65:63:71:20:d6:41:92:cd:d8:e2:
                    ed:d1:e6:d4:c7:73:89:35:ac:e2:c6:54:0f:7b:f3:
                    77:e5:0f:60:7c:67:4f:c5:18:1d:80:a4:ad:3a:8f:
                    0b:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:22:E8:16:74:5A:2A:E1:2E:C3:A4:E4:5F:91:C8:29:3A:39:A2:CF
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/RCLoFnRaKuEuw6TkX5HIKTo5os8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.66.0/24
                  45.141.197.0/24
                  45.144.37.0/24
                  45.145.88.0/23
                  45.145.91.0/24
                  45.146.230.0/23
                  45.148.240.0-45.148.242.255
                  45.150.60.0/23
                  45.152.224.0/24
                  45.152.226.0/24
                  45.154.160.0/23
                  45.154.163.0/24
                  45.155.61.0/24
                  91.191.184.0/24
                  91.220.81.0/24
                  91.221.39.0/24
                  91.230.38.0/23
                  109.196.172.0/24
                  193.150.99.0/24
                  194.32.222.0/24
                  194.55.102.0/24
                  194.55.105.0/24
                  194.61.77.0/24
                  194.156.93.0/24
                  195.245.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:40:b0:03:4c:8f:0c:3a:1b:a0:cf:b8:3d:b0:3d:c0:9f:96:
         df:8d:09:0d:ce:89:4f:c1:fd:6f:2c:c5:42:8a:10:f3:99:1e:
         36:54:b8:46:ad:e7:5b:ca:b5:50:28:06:a3:f3:43:9f:f4:e0:
         44:01:87:6c:5c:db:4a:9f:67:5b:ce:5b:4c:62:27:14:23:90:
         47:19:6d:dd:e6:fe:b4:a2:31:2e:7e:f1:82:f3:85:74:4f:68:
         01:50:d8:c2:ba:09:35:ce:f5:63:3c:f6:51:f1:6d:a8:ca:bd:
         fc:e6:63:4a:52:1a:a8:35:63:6d:a3:4c:ba:58:f1:25:06:b3:
         4f:7d:62:1f:82:0c:12:77:c4:c9:ac:43:8e:29:86:f8:ad:6d:
         cb:85:0b:84:ca:89:b0:33:fc:7e:33:b3:c5:70:e8:f2:95:c2:
         48:34:c3:96:7a:d0:ec:97:12:b7:8b:d1:32:73:a0:50:11:b0:
         87:8b:f8:b3:f3:96:d9:bc:e7:2c:4d:8e:75:8a:29:8a:ea:fb:
         3c:bc:13:07:c7:50:8a:ce:98:1b:d1:24:88:3c:fd:47:50:1d:
         5b:1b:aa:cb:6d:54:93:11:e0:e5:84:45:5f:61:02:56:ff:2c:
         21:cb:c8:79:e9:a0:b1:f1:b4:21:e1:86:19:a2:13:5c:53:04:
         29:ac:55:c4
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYlkiVuGwbHJkQNzeCYECCS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzE3MTU0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDIyZTgxNjc0NWEyYWUxMmVjM2E0ZTQ1ZjkxYzgyOTNhMzlhMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgwquRCl6wDTog3cKu1a07mnDR3+
lon06wocR4Nfea43qiB1+7rOEKdeObvcaLGVOjZDtIDd/DtMGcgCUFiF/x78mLQf
l9+fzXjNZz5LVYA3ecA9Oej4Ajc2cLkX81Wp3LqJ9BWuNPEZQMN5vCW42jdJbCSR
8VFUg7WL6dXJj3aoYyL//ZLyuoL2qxK1NrlOAvZJKpl4+ViYrEnYF2uQWUAY7Rv4
4L8BYlBsqmTkc08QRmuKdNR7OsUnngz3eqgefoDsHoYAQheishNqODlVNn5x1LNc
zWVjcSDWQZLN2OLt0ebUx3OJNazixlQPe/N35Q9gfGdPxRgdgKStOo8LOQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFEQi6BZ0WirhLsOk5F+RyCk6OaLPMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvUkNMb0ZuUmFLdUV1dzZUa1g1SElLVG81b3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAt
VUIDBAAtjcUDBAAtkCUDBAEtkVgDBAAtkVsDBAEtkuYwDAMEBC2U8AMEAC2U8gME
AS2WPAMEAC2Y4AMEAC2Y4gMEAS2aoAMEAC2aowMEAC2bPQMEAFu/uAMEAFvcUQME
AFvdJwMEAVvmJgMEAG3ErAMEAMGWYwMEAMIg3gMEAMI3ZgMEAMI3aQMEAMI9TQME
AMKcXQMEAMP1ZzANBgkqhkiG9w0BAQsFAAOCAQEAaUCwA0yPDDoboM+4PbA9wJ+W
340JDc6JT8H9byzFQooQ85keNlS4Rq3nW8q1UCgGo/NDn/TgRAGHbFzbSp9nW85b
TGInFCOQRxlt3eb+tKIxLn7xgvOFdE9oAVDYwroJNc71Yzz2UfFtqMq9/OZjSlIa
qDVjbaNMuljxJQazT31iH4IMEnfEyaxDjimG+K1ty4ULhMqJsDP8fjOzxXDo8pXC
SDTDlnrQ7JcSt4vRMnOgUBGwh4v4s/OW2bznLE2OdYopiur7PLwTB8dQis6YG9Ek
iDz9R1AdWxuqy21UkxHg5YRFX2ECVv8sIcvIeemgsfG0IeGGGaITXFMEKaxVxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org