Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/TKeDSmgdTi4QoyuonEM9mJ9iKBg.roa
File:                     TKeDSmgdTi4QoyuonEM9mJ9iKBg.roa (raw, json)
Hash identifier:          HPQVk0LTB3QIydoBunjBNKf214yVFeWNp9d3YpnWFBc=
Subject key identifier:   4C:A7:83:4A:68:1D:4E:2E:10:A3:2B:A8:9C:43:3D:98:9F:62:28:18
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       01896553B74D46E6007E803054F8302EE6AC
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/TKeDSmgdTi4QoyuonEM9mJ9iKBg.roa
Signing time:             Mon 17 Jul 2023 19:28:52 +0000
ROA not before:           Mon 17 Jul 2023 19:28:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202656
IP address blocks:        45.149.83.0/24 maxlen: 24
                          195.245.110.0/24 maxlen: 24
                          45.140.171.0/24 maxlen: 24
                          45.140.173.0/24 maxlen: 24
                          45.139.28.0/24 maxlen: 24
                          45.139.31.0/24 maxlen: 24
                          194.33.9.0/24 maxlen: 24
                          194.33.8.0/24 maxlen: 24
                          92.249.13.0/24 maxlen: 24
                          92.249.14.0/24 maxlen: 24
                          194.55.104.0/24 maxlen: 24
                          194.55.103.0/24 maxlen: 24
                          91.220.126.0/24 maxlen: 24
                          213.139.194.0/24 maxlen: 24
                          45.152.225.0/24 maxlen: 24
                          45.137.191.0/24 maxlen: 24
                          45.154.162.0/24 maxlen: 24
                          91.220.84.0/24 maxlen: 24
                          91.220.90.0/24 maxlen: 24
                          45.141.186.0/24 maxlen: 24
                          45.141.187.0/24 maxlen: 24
                          91.212.82.0/24 maxlen: 24
                          194.61.76.0/24 maxlen: 24
                          193.150.171.0/24 maxlen: 24
                          193.150.170.0/24 maxlen: 24
                          45.137.55.0/24 maxlen: 24
                          45.137.53.0/24 maxlen: 24
                          45.137.52.0/24 maxlen: 24
                          45.145.162.0/24 maxlen: 24
                          45.147.1.0/24 maxlen: 24
                          193.150.98.0/24 maxlen: 24
                          91.221.38.0/24 maxlen: 24
                          85.202.166.0/24 maxlen: 24
                          85.202.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:65:53:b7:4d:46:e6:00:7e:80:30:54:f8:30:2e:e6:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul 17 19:28:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4ca7834a681d4e2e10a32ba89c433d989f622818
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:c4:54:48:76:e7:de:59:af:df:c4:0f:a1:6f:
                    fd:98:f4:14:36:4b:9e:b1:6a:9d:ae:22:4a:c4:35:
                    e9:d7:03:71:18:d2:5f:e4:9f:28:66:85:fd:c6:0b:
                    b8:d4:22:89:e1:54:57:13:ad:b6:d5:e8:d4:57:30:
                    25:7e:ce:3c:f3:14:5b:c3:8a:dc:ae:55:15:f4:1d:
                    12:07:7a:62:eb:c7:99:b9:d0:10:d7:06:ff:2b:06:
                    d8:20:6b:2d:c5:1d:33:d6:0e:3c:d0:49:1a:48:69:
                    7e:40:10:25:fe:99:ca:95:09:bf:25:bf:4e:a2:0c:
                    a7:10:34:71:30:1c:de:b9:e0:82:11:1d:40:7e:2f:
                    ea:41:82:82:ed:87:74:1b:e5:38:b8:6f:e6:bb:ad:
                    52:77:39:e5:80:e4:c3:17:9f:6f:50:97:ef:60:56:
                    9c:7e:a2:42:27:c3:40:89:bf:60:69:35:37:eb:45:
                    0f:87:12:2b:2f:1f:8e:40:67:79:13:ec:f3:83:bc:
                    88:b1:0a:2d:73:0d:3f:65:10:01:85:65:fc:77:fc:
                    f1:fe:4f:43:16:ed:8e:74:65:cd:ee:27:8c:81:d1:
                    14:b6:52:d4:6f:e0:4f:ca:6a:16:40:11:b2:78:8c:
                    38:a5:db:ea:ea:d1:e9:6d:29:4b:3d:40:dd:a7:bd:
                    9d:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:A7:83:4A:68:1D:4E:2E:10:A3:2B:A8:9C:43:3D:98:9F:62:28:18
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/TKeDSmgdTi4QoyuonEM9mJ9iKBg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.52.0/23
                  45.137.55.0/24
                  45.137.191.0/24
                  45.139.28.0/24
                  45.139.31.0/24
                  45.140.171.0/24
                  45.140.173.0/24
                  45.141.186.0/23
                  45.145.162.0/24
                  45.147.1.0/24
                  45.149.83.0/24
                  45.152.225.0/24
                  45.154.162.0/24
                  85.202.166.0/23
                  91.212.82.0/24
                  91.220.84.0/24
                  91.220.90.0/24
                  91.220.126.0/24
                  91.221.38.0/24
                  92.249.13.0-92.249.14.255
                  193.150.98.0/24
                  193.150.170.0/23
                  194.33.8.0/23
                  194.55.103.0-194.55.104.255
                  194.61.76.0/24
                  195.245.110.0/24
                  213.139.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:da:55:63:5b:61:25:04:d9:7f:14:df:18:af:ff:82:23:64:
         9f:b9:9f:52:88:3b:aa:fe:9c:78:62:25:60:11:5c:82:29:4e:
         19:be:fb:32:2d:e7:aa:ff:da:04:cb:ac:81:40:e5:86:7e:29:
         ab:a5:fe:8e:96:01:f0:d4:66:cc:e9:2e:17:af:4d:6a:23:66:
         f7:54:d6:9b:1c:7a:08:63:bc:e2:91:ed:05:0b:60:c5:61:35:
         4f:35:fe:50:7a:58:d1:d5:71:44:45:8e:04:ba:7e:eb:a8:12:
         8f:45:22:d8:68:ab:4b:d0:e7:03:5e:26:04:0b:51:33:47:05:
         15:6a:37:a0:6b:fc:fb:83:82:f6:0c:9a:ac:f7:3d:1b:a3:dd:
         8b:a9:3f:81:90:b0:6b:47:a6:64:25:9a:7d:75:bd:d9:4d:c9:
         a4:e7:40:0a:f9:10:f6:48:4e:c0:62:d0:d5:00:e1:4e:d2:34:
         68:6e:53:87:70:31:70:c1:7c:fb:56:3d:1f:80:01:2c:54:d3:
         e4:ed:49:16:36:14:5d:24:53:aa:c4:02:69:ab:70:99:5f:2e:
         a6:bb:6a:8b:74:5c:89:d2:51:50:cf:69:95:36:9a:6b:4d:e9:
         6e:16:fa:f2:25:e3:49:68:09:93:7b:02:1b:e4:a8:99:16:5d:
         d3:0d:3e:14
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYllU7dNRuYAfoAwVPgwLuasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzE3MTkyODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E3ODM0YTY4MWQ0ZTJlMTBhMzJiYTg5YzQzM2Q5ODlmNjIyODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsRUSHbn3lmv38QPoW/9mPQUNkue
sWqdriJKxDXp1wNxGNJf5J8oZoX9xgu41CKJ4VRXE6221ejUVzAlfs488xRbw4rc
rlUV9B0SB3pi68eZudAQ1wb/KwbYIGstxR0z1g480EkaSGl+QBAl/pnKlQm/Jb9O
ogynEDRxMBzeueCCER1Afi/qQYKC7Yd0G+U4uG/mu61SdznlgOTDF59vUJfvYFac
fqJCJ8NAib9gaTU360UPhxIrLx+OQGd5E+zzg7yIsQotcw0/ZRABhWX8d/zx/k9D
Fu2OdGXN7ieMgdEUtlLUb+BPymoWQBGyeIw4pdvq6tHpbSlLPUDdp72dxQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFEyng0poHU4uEKMrqJxDPZifYigYMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvVEtlRFNtZ2RUaTRRb3l1b25FTTltSjlpS0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAEt
iTQDBAAtiTcDBAAtib8DBAAtixwDBAAtix8DBAAtjKsDBAAtjK0DBAEtjboDBAAt
kaIDBAAtkwEDBAAtlVMDBAAtmOEDBAAtmqIDBAFVyqYDBABb1FIDBABb3FQDBABb
3FoDBABb3H4DBABb3SYwDAMEAFz5DQMEAFz5DgMEAMGWYgMEAcGWqgMEAcIhCDAM
AwQAwjdnAwQAwjdoAwQAwj1MAwQAw/VuAwQA1YvCMA0GCSqGSIb3DQEBCwUAA4IB
AQA22lVjW2ElBNl/FN8Yr/+CI2SfuZ9SiDuq/px4YiVgEVyCKU4ZvvsyLeeq/9oE
y6yBQOWGfimrpf6OlgHw1GbM6S4Xr01qI2b3VNabHHoIY7zike0FC2DFYTVPNf5Q
eljR1XFERY4Eun7rqBKPRSLYaKtL0OcDXiYEC1EzRwUVajega/z7g4L2DJqs9z0b
o92LqT+BkLBrR6ZkJZp9db3ZTcmk50AK+RD2SE7AYtDVAOFO0jRoblOHcDFwwXz7
Vj0fgAEsVNPk7UkWNhRdJFOqxAJpq3CZXy6mu2qLdFyJ0lFQz2mVNpprTeluFvry
JeNJaAmTewIb5KiZFl3TDT4U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org