Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/kwVkJttFruFUO3IEnvkX8VK_YNo.roa
File:                     kwVkJttFruFUO3IEnvkX8VK_YNo.roa (raw, json)
Hash identifier:          iW/0GlljtD+ThTH5NjO+8x7yghr6nuFtOUfxKxbdqkA=
Subject key identifier:   93:05:64:26:DB:45:AE:E1:54:3B:72:04:9E:F9:17:F1:52:BF:60:DA
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       0187B799C896178926897DD958CE65762D1B
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/kwVkJttFruFUO3IEnvkX8VK_YNo.roa
Signing time:             Tue 25 Apr 2023 08:48:41 +0000
ROA not before:           Tue 25 Apr 2023 08:48:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202656
IP address blocks:        45.137.55.0/24 maxlen: 24
                          45.137.52.0/24 maxlen: 24
                          45.140.171.0/24 maxlen: 24
                          45.137.191.0/24 maxlen: 24
                          45.139.28.0/24 maxlen: 24
                          45.139.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 May 2023 19:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b7:99:c8:96:17:89:26:89:7d:d9:58:ce:65:76:2d:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Apr 25 08:48:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=93056426db45aee1543b72049ef917f152bf60da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:22:2c:5b:fa:21:3b:0f:21:2d:3a:04:5d:bc:
                    a4:ac:a9:77:f5:5c:f3:62:0b:b4:d6:1c:52:47:67:
                    b2:01:fa:29:df:73:23:c7:da:d0:b0:a9:82:1e:c3:
                    10:e3:cb:18:8e:d3:0f:1e:c5:66:f9:61:f9:9e:c3:
                    98:63:f0:fe:0d:65:66:79:7e:1b:f6:f1:7e:37:cf:
                    bb:96:6d:49:07:21:22:43:35:bd:ba:78:6b:2e:00:
                    78:9e:46:3b:f9:c6:77:9f:28:b5:32:67:cd:e6:cc:
                    28:0c:b2:44:a5:62:64:e6:05:cb:12:73:93:66:60:
                    1b:eb:f5:b2:0e:fd:ba:cd:63:1c:09:92:16:8b:87:
                    2e:d8:a6:82:11:af:07:34:75:92:93:04:2a:f9:28:
                    ec:4d:3a:10:cc:b5:a1:5c:1a:85:65:9f:1c:2a:67:
                    11:13:6d:42:45:c8:37:2f:e6:5f:05:ac:91:7d:86:
                    4c:51:0f:9a:f2:a3:eb:2b:4b:26:51:43:9a:e2:18:
                    ef:6b:51:3c:5c:78:f1:dd:33:3f:76:74:dd:71:50:
                    ea:21:f9:5f:1b:47:82:4d:f5:a5:71:be:ca:b0:b5:
                    32:b2:9d:38:24:0a:d1:f5:ce:e7:28:73:a6:d2:e7:
                    b4:fa:7f:2b:8e:b8:b7:33:dd:8e:3d:e9:4d:58:18:
                    60:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:05:64:26:DB:45:AE:E1:54:3B:72:04:9E:F9:17:F1:52:BF:60:DA
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/kwVkJttFruFUO3IEnvkX8VK_YNo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.52.0/24
                  45.137.55.0/24
                  45.137.191.0/24
                  45.139.28.0/24
                  45.139.31.0/24
                  45.140.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:62:4f:ab:e4:ca:e4:5c:d5:5f:ee:1b:9c:05:27:08:6d:f8:
         91:a8:d8:7f:b8:fb:5c:1c:61:d7:bd:a8:81:b7:23:71:e6:b9:
         4a:7c:ef:b9:b4:3c:f5:6a:fd:b7:be:8a:4b:0d:bd:a2:65:6d:
         d2:cc:1a:04:03:1a:6e:e9:5d:fe:87:d8:4d:57:89:95:bc:39:
         aa:56:f5:ef:fd:df:4f:0d:be:cf:25:27:2a:1b:60:15:09:1a:
         79:e4:01:21:b4:d5:72:e9:46:b7:3f:a9:65:b5:66:0e:64:bf:
         e0:cb:4d:df:dc:69:90:cd:87:ab:f8:d8:da:51:aa:ce:d3:8f:
         0e:41:09:ce:49:ae:03:11:52:cc:72:e0:5d:d7:7e:56:20:22:
         cf:19:ac:0b:ae:b9:ec:6c:5d:96:df:b7:ab:22:eb:09:fe:0d:
         d3:4a:80:a8:2a:27:35:9f:80:06:68:a6:f1:4e:47:ef:13:77:
         43:17:11:0b:10:b1:8a:56:78:6a:61:65:6f:e4:5d:af:37:0c:
         6e:78:65:a0:15:58:43:77:fc:bd:34:2b:1e:ab:e1:ba:5f:e9:
         18:80:f3:a4:e4:47:7b:62:3d:81:7a:f6:45:2e:c4:86:b3:91:
         e9:ba:6b:c7:b1:9f:84:06:9c:0b:e3:06:a1:0c:c1:ea:1c:5f:
         45:79:47:aa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYe3mciWF4kmiX3ZWM5ldi0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNDI1MDg0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA1NjQyNmRiNDVhZWUxNTQzYjcyMDQ5ZWY5MTdmMTUyYmY2MGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiIsW/ohOw8hLToEXbykrKl39Vzz
Ygu01hxSR2eyAfop33Mjx9rQsKmCHsMQ48sYjtMPHsVm+WH5nsOYY/D+DWVmeX4b
9vF+N8+7lm1JByEiQzW9unhrLgB4nkY7+cZ3nyi1MmfN5swoDLJEpWJk5gXLEnOT
ZmAb6/WyDv26zWMcCZIWi4cu2KaCEa8HNHWSkwQq+SjsTToQzLWhXBqFZZ8cKmcR
E21CRcg3L+ZfBayRfYZMUQ+a8qPrK0smUUOa4hjva1E8XHjx3TM/dnTdcVDqIflf
G0eCTfWlcb7KsLUysp04JArR9c7nKHOm0ue0+n8rjri3M92OPelNWBhgsQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJMFZCbbRa7hVDtyBJ75F/FSv2DaMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEva3dWa0p0dEZydUZVTzNJRW52a1g4VktfWU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYk0AwQA
LYk3AwQALYm/AwQALYscAwQALYsfAwQALYyrMA0GCSqGSIb3DQEBCwUAA4IBAQC0
Yk+r5MrkXNVf7hucBScIbfiRqNh/uPtcHGHXvaiBtyNx5rlKfO+5tDz1av23vopL
Db2iZW3SzBoEAxpu6V3+h9hNV4mVvDmqVvXv/d9PDb7PJScqG2AVCRp55AEhtNVy
6Ua3P6lltWYOZL/gy03f3GmQzYer+NjaUarO048OQQnOSa4DEVLMcuBd135WICLP
GawLrrnsbF2W37erIusJ/g3TSoCoKic1n4AGaKbxTkfvE3dDFxELELGKVnhqYWVv
5F2vNwxueGWgFVhDd/y9NCseq+G6X+kYgPOk5Ed7Yj2BevZFLsSGs5HpumvHsZ+E
BpwL4wahDMHqHF9FeUeq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org