Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/OJvRf98zUatk7EhcJSomhPdvt5o.roa
File:                     OJvRf98zUatk7EhcJSomhPdvt5o.roa (raw, json)
Hash identifier:          4Uot3AOyDMLFpi191kgOVshstsohEqHlWTmSEQIYl2E=
Subject key identifier:   38:9B:D1:7F:DF:33:51:AB:64:EC:48:5C:25:2A:26:84:F7:6F:B7:9A
Certificate issuer:       /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial:       018CC6B78100CBF8CC5BEFD30469AB7795BA
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/OJvRf98zUatk7EhcJSomhPdvt5o.roa
Signing time:             Mon 01 Jan 2024 20:29:24 +0000
ROA not before:           Mon 01 Jan 2024 20:29:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        46.143.206.0/24 maxlen: 24
                          46.143.205.0/24 maxlen: 24
                          46.143.204.0/22 maxlen: 22
                          46.143.204.0/24 maxlen: 24
                          109.122.240.0/22 maxlen: 22
                          109.122.244.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 05 Mar 2024 11:34:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:81:00:cb:f8:cc:5b:ef:d3:04:69:ab:77:95:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
        Validity
            Not Before: Jan  1 20:29:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=389bd17fdf3351ab64ec485c252a2684f76fb79a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:11:e9:2a:b1:cc:05:2d:6c:43:e9:cf:e9:32:
                    44:8e:0c:f6:ad:99:be:d0:cc:a9:fb:c8:dd:f4:40:
                    13:15:6e:8d:64:45:70:cc:9e:f7:6f:31:10:75:8b:
                    31:e1:26:18:de:24:7f:02:1c:da:0d:bf:31:46:b3:
                    3c:20:55:75:b5:43:13:2b:37:d3:60:dd:af:fd:e6:
                    99:56:15:b2:3a:ab:52:40:98:df:ea:b9:d8:3f:03:
                    6f:cd:b4:fe:d0:5c:13:91:ae:aa:19:c9:ac:d4:63:
                    ea:6a:e7:b2:44:fd:36:1d:65:e2:78:ff:e2:0e:fb:
                    d4:63:04:a4:6a:af:50:72:cc:33:b5:c5:5a:68:da:
                    ff:1d:d8:87:e2:8e:aa:3a:48:5f:4b:ba:b4:7f:b0:
                    33:7a:de:19:7f:61:96:a0:3c:60:a9:58:68:c3:8d:
                    81:b8:f1:1b:9f:11:2d:e5:16:7c:fa:46:da:ba:cd:
                    d5:b6:2e:c8:9f:9f:d5:4c:77:ef:9e:59:90:aa:70:
                    38:63:f5:90:c1:8b:95:b2:c3:27:f7:1c:2c:5e:35:
                    46:2c:47:46:f3:68:55:77:05:79:2c:8a:0d:2d:61:
                    4c:03:71:b7:af:42:e0:a4:fd:a3:f8:bb:24:ae:3d:
                    97:9a:01:e4:5d:23:03:99:1e:e4:e5:18:34:31:3e:
                    33:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:9B:D1:7F:DF:33:51:AB:64:EC:48:5C:25:2A:26:84:F7:6F:B7:9A
            X509v3 Authority Key Identifier:
                keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/OJvRf98zUatk7EhcJSomhPdvt5o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.143.204.0/22
                  109.122.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         80:eb:3f:e4:10:b7:64:86:1c:10:f0:c1:71:cb:f5:6d:f9:1e:
         6c:4e:7b:be:24:16:a5:ff:cc:1d:be:76:77:ef:62:4c:ab:dd:
         f3:e3:30:e4:ba:87:22:5c:6f:83:05:d7:82:ee:c9:90:95:90:
         37:0c:0c:4e:80:ea:da:d8:97:e4:1d:30:df:28:33:3b:42:3d:
         13:e6:b1:1a:6d:2e:9f:3b:cb:de:0a:af:58:fb:ab:08:c3:e4:
         ec:f3:04:62:76:63:8e:cd:21:e4:71:80:cb:ca:3a:5d:a2:f0:
         71:d2:2e:f8:4a:9f:04:a7:bd:00:85:04:18:81:5b:55:fb:cc:
         28:5b:71:8d:04:f7:de:ee:ea:b7:d6:e0:e6:0e:ff:2f:e3:b0:
         c5:78:43:57:15:21:a4:c8:4e:16:c0:2e:55:01:4d:c1:c5:f2:
         74:67:81:b8:0d:78:0a:f1:2d:43:2c:63:cf:7f:1f:f5:be:1a:
         96:be:3c:99:02:0c:13:16:ee:a1:1c:dd:fe:c3:42:41:98:9d:
         7a:b5:67:99:fb:15:0f:cf:eb:d0:f4:97:78:a6:88:48:64:c9:
         5b:81:c2:9e:57:46:d2:63:c1:6d:41:ab:31:82:82:8b:63:b9:
         4f:60:7b:fc:b5:71:19:dd:a3:ef:3a:43:01:9d:6f:69:39:17:
         9f:f8:03:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt4EAy/jMW+/TBGmrd5W6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjQwMTAxMjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODliZDE3ZmRmMzM1MWFiNjRlYzQ4NWMyNTJhMjY4NGY3NmZiNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBHpKrHMBS1sQ+nP6TJEjgz2rZm+
0Myp+8jd9EATFW6NZEVwzJ73bzEQdYsx4SYY3iR/AhzaDb8xRrM8IFV1tUMTKzfT
YN2v/eaZVhWyOqtSQJjf6rnYPwNvzbT+0FwTka6qGcms1GPqaueyRP02HWXieP/i
DvvUYwSkaq9QcswztcVaaNr/HdiH4o6qOkhfS7q0f7Azet4Zf2GWoDxgqVhow42B
uPEbnxEt5RZ8+kbaus3Vti7In5/VTHfvnlmQqnA4Y/WQwYuVssMn9xwsXjVGLEdG
82hVdwV5LIoNLWFMA3G3r0LgpP2j+Lskrj2XmgHkXSMDmR7k5Rg0MT4z+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDib0X/fM1GrZOxIXCUqJoT3b7eaMB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvT0p2UmY5OHpVYXRrN0VoY0pTb21oUGR2dDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLo/MAwQD
bXrwMA0GCSqGSIb3DQEBCwUAA4IBAQCA6z/kELdkhhwQ8MFxy/Vt+R5sTnu+JBal
/8wdvnZ372JMq93z4zDkuociXG+DBdeC7smQlZA3DAxOgOra2JfkHTDfKDM7Qj0T
5rEabS6fO8veCq9Y+6sIw+Ts8wRidmOOzSHkcYDLyjpdovBx0i74Sp8Ep70AhQQY
gVtV+8woW3GNBPfe7uq31uDmDv8v47DFeENXFSGkyE4WwC5VAU3BxfJ0Z4G4DXgK
8S1DLGPPfx/1vhqWvjyZAgwTFu6hHN3+w0JBmJ16tWeZ+xUPz+vQ9Jd4pohIZMlb
gcKeV0bSY8FtQasxgoKLY7lPYHv8tXEZ3aPvOkMBnW9pORef+AOo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:46 2024 by rpki-client on console-fra.rpki-client.org