Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/twUGz7gR7qbeyK00Bcv5wLiUffE.roa
File:                     twUGz7gR7qbeyK00Bcv5wLiUffE.roa (raw, json)
Hash identifier:          1JdKLCSVinY5IaRhOwWeHw5eZ0i1tmJcT8TZbGAA0gA=
Subject key identifier:   B7:05:06:CF:B8:11:EE:A6:DE:C8:AD:34:05:CB:F9:C0:B8:94:7D:F1
Certificate issuer:       /CN=7b75d372039b1ab2d416ad83bf6914058411c2a2
Certificate serial:       018CC7932E5CB338A75D60D75DCF8402FB3A
Authority key identifier: 7B:75:D3:72:03:9B:1A:B2:D4:16:AD:83:BF:69:14:05:84:11:C2:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e3XTcgObGrLUFq2Dv2kUBYQRwqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/twUGz7gR7qbeyK00Bcv5wLiUffE.roa
Signing time:             Tue 02 Jan 2024 00:29:20 +0000
ROA not before:           Tue 02 Jan 2024 00:29:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49099
IP address blocks:        109.94.166.0/24 maxlen: 24
                          109.94.167.0/24 maxlen: 24
                          109.94.166.0/23 maxlen: 23
                          193.34.246.0/24 maxlen: 24
                          193.34.244.0/24 maxlen: 24
                          193.34.244.0/23 maxlen: 23
                          193.34.245.0/24 maxlen: 24
                          193.34.247.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 25 May 2024 13:27:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:93:2e:5c:b3:38:a7:5d:60:d7:5d:cf:84:02:fb:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b75d372039b1ab2d416ad83bf6914058411c2a2
        Validity
            Not Before: Jan  2 00:29:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b70506cfb811eea6dec8ad3405cbf9c0b8947df1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:76:f8:a0:99:6e:45:2b:ec:7e:ff:fa:b4:06:
                    43:a1:23:6d:10:2d:e3:5b:65:b9:82:bb:d1:d5:24:
                    79:8e:39:f9:0f:4a:50:a9:7d:e5:34:5e:d8:a2:2b:
                    c2:4d:61:5d:1b:4b:5e:a2:ed:fa:a3:1e:6f:2c:ab:
                    9b:0f:77:a0:34:5b:d3:8a:a6:19:8f:2d:38:b5:e8:
                    aa:b0:1d:65:89:1b:5b:12:d8:fd:61:98:c1:fc:af:
                    e4:9d:ba:30:3c:e4:a3:0d:07:45:10:d0:2c:0a:bd:
                    61:64:67:eb:f4:5b:55:8e:77:34:ba:f5:99:a9:85:
                    63:a7:5a:d3:42:67:5a:de:1d:f3:bc:14:81:86:a9:
                    2b:0c:dc:e8:b2:c4:27:18:da:5a:e2:b1:ea:fa:ca:
                    7b:62:6c:40:03:6c:22:83:09:d2:8b:38:e5:7b:40:
                    14:71:b6:56:a2:31:54:91:76:40:b2:09:e0:82:99:
                    f8:95:de:18:08:51:13:43:1c:36:c4:f8:e5:b8:1c:
                    97:2f:8f:c9:2d:67:fd:77:3d:a6:b5:d8:92:a8:53:
                    d8:cb:7d:d3:e1:98:c4:fc:71:8d:72:5a:5f:b7:ac:
                    94:43:cc:96:7e:a9:05:05:23:f3:22:6d:68:08:99:
                    ba:61:ae:78:00:9d:e3:bb:e9:84:45:4f:43:06:4a:
                    9a:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:05:06:CF:B8:11:EE:A6:DE:C8:AD:34:05:CB:F9:C0:B8:94:7D:F1
            X509v3 Authority Key Identifier:
                keyid:7B:75:D3:72:03:9B:1A:B2:D4:16:AD:83:BF:69:14:05:84:11:C2:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3XTcgObGrLUFq2Dv2kUBYQRwqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/twUGz7gR7qbeyK00Bcv5wLiUffE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/e3XTcgObGrLUFq2Dv2kUBYQRwqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.94.166.0/23
                  193.34.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:83:c7:41:70:63:2c:57:58:ca:3f:9b:c4:73:b8:4c:ec:b8:
         0c:9d:81:fa:d1:f1:3d:18:b2:5e:ad:89:93:c6:61:8b:c7:e4:
         b0:4a:d8:7d:df:96:81:5a:39:4e:a5:13:d6:0e:86:24:29:a3:
         a2:8e:81:4c:e8:80:15:b9:7e:e8:4e:16:eb:c7:94:60:ef:cc:
         3e:76:d0:9e:44:66:95:e4:43:ea:cc:e4:96:2b:08:27:c9:66:
         5c:72:88:63:34:cb:fa:c8:90:9f:02:d4:8f:ba:b9:08:db:33:
         df:3d:e2:88:61:3c:55:c4:93:65:e7:30:d8:b0:f2:bd:e0:65:
         2b:d8:46:dd:2a:60:80:ed:25:8e:2f:7a:b4:0f:e9:fd:11:86:
         da:85:e6:51:61:64:9e:ef:96:cf:31:04:0c:1e:99:cf:bc:b7:
         05:1c:1a:c3:91:00:4e:85:d2:eb:78:35:a6:65:62:19:59:59:
         69:d0:dc:85:f6:a7:9c:9b:50:d0:b4:7d:ea:9a:c4:e1:df:cf:
         bd:a1:80:70:ce:4a:1f:7b:53:ca:50:af:e4:81:3e:b4:07:d2:
         29:81:43:f1:82:da:a1:4c:0a:22:73:72:3a:02:fc:49:5d:2e:
         90:63:5b:04:de:69:7a:ec:68:58:d9:ed:31:c4:5a:42:98:61:
         b5:a7:9b:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHky5cszinXWDXXc+EAvs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNzVkMzcyMDM5YjFhYjJkNDE2YWQ4M2JmNjkxNDA1ODQx
MWMyYTIwHhcNMjQwMTAyMDAyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA1MDZjZmI4MTFlZWE2ZGVjOGFkMzQwNWNiZjljMGI4OTQ3ZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3b4oJluRSvsfv/6tAZDoSNtEC3j
W2W5grvR1SR5jjn5D0pQqX3lNF7YoivCTWFdG0teou36ox5vLKubD3egNFvTiqYZ
jy04teiqsB1liRtbEtj9YZjB/K/knbowPOSjDQdFENAsCr1hZGfr9FtVjnc0uvWZ
qYVjp1rTQmda3h3zvBSBhqkrDNzossQnGNpa4rHq+sp7YmxAA2wigwnSizjle0AU
cbZWojFUkXZAsgnggpn4ld4YCFETQxw2xPjluByXL4/JLWf9dz2mtdiSqFPYy33T
4ZjE/HGNclpft6yUQ8yWfqkFBSPzIm1oCJm6Ya54AJ3ju+mERU9DBkqarwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLcFBs+4Ee6m3sitNAXL+cC4lH3xMB8GA1UdIwQY
MBaAFHt103IDmxqy1Batg79pFAWEEcKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTNYVGNnT2JHckxVRnEyRHYya1VCWVFSd3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85NTZlN2QtNmI5My00MmZiLTk5M2Yt
NmIwMDM4ODc1YTE0LzEvdHdVR3o3Z1I3cWJleUswMEJjdjV3TGlVZmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85NTZlN2QtNmI5My00MmZiLTk5M2YtNmIwMDM4ODc1YTE0
LzEvZTNYVGNnT2JHckxVRnEyRHYya1VCWVFSd3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBbV6mAwQC
wSL0MA0GCSqGSIb3DQEBCwUAA4IBAQBag8dBcGMsV1jKP5vEc7hM7LgMnYH60fE9
GLJerYmTxmGLx+SwSth935aBWjlOpRPWDoYkKaOijoFM6IAVuX7oThbrx5Rg78w+
dtCeRGaV5EPqzOSWKwgnyWZccohjNMv6yJCfAtSPurkI2zPfPeKIYTxVxJNl5zDY
sPK94GUr2EbdKmCA7SWOL3q0D+n9EYbaheZRYWSe75bPMQQMHpnPvLcFHBrDkQBO
hdLreDWmZWIZWVlp0NyF9qecm1DQtH3qmsTh38+9oYBwzkofe1PKUK/kgT60B9Ip
gUPxgtqhTAoic3I6AvxJXS6QY1sE3ml67GhY2e0xxFpCmGG1p5sQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:13 2024 by rpki-client on console-fra.rpki-client.org