Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/aMky2J2OKDmeEK3hTuDo4qWLm50.roa
File:                     aMky2J2OKDmeEK3hTuDo4qWLm50.roa (raw, json)
Hash identifier:          I36J4Brf42oXFedDw8CL665+3v8Hd9HEZ82EL8vRLiw=
Subject key identifier:   68:C9:32:D8:9D:8E:28:39:9E:10:AD:E1:4E:E0:E8:E2:A5:8B:9B:9D
Certificate issuer:       /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial:       0185C8AC0903E816935E93C597DEF3E6EFFE
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/aMky2J2OKDmeEK3hTuDo4qWLm50.roa
Signing time:             Thu 19 Jan 2023 06:16:35 +0000
ROA not before:           Thu 19 Jan 2023 06:16:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        46.143.206.0/24 maxlen: 24
                          46.143.205.0/24 maxlen: 24
                          46.143.204.0/22 maxlen: 22
                          46.143.204.0/24 maxlen: 24
                          109.122.240.0/22 maxlen: 22
                          109.122.244.0/22 maxlen: 22
                          109.122.250.0/24 maxlen: 24
                          109.122.249.0/24 maxlen: 24
                          109.122.248.0/22 maxlen: 22
                          109.122.248.0/24 maxlen: 24
                          109.122.251.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 21 Jan 2023 12:14:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:c8:ac:09:03:e8:16:93:5e:93:c5:97:de:f3:e6:ef:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
        Validity
            Not Before: Jan 19 06:16:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=68c932d89d8e28399e10ade14ee0e8e2a58b9b9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:25:e9:d3:69:d7:af:93:ad:93:34:d9:37:5c:
                    62:05:9e:df:5b:2f:64:ca:66:cf:d0:12:b4:54:59:
                    c4:10:f5:28:77:8e:5b:5b:ab:d6:d7:46:86:66:1a:
                    19:12:70:f1:3b:26:71:e2:6b:2d:ac:d3:62:e3:a5:
                    2c:e7:82:6a:65:34:71:da:d0:23:9f:cd:98:48:ad:
                    05:f9:0a:48:40:cf:e0:3f:6b:a3:13:c1:5d:45:82:
                    61:c2:2d:29:79:00:b7:6a:63:e8:be:03:98:aa:f4:
                    e0:95:f2:37:95:f8:c9:3a:bf:dd:7f:55:10:85:6c:
                    ac:cb:a6:ea:56:29:c2:b2:91:82:b8:1d:69:54:44:
                    34:59:2b:4c:5b:04:b9:57:fb:e9:c1:ed:ba:de:a8:
                    84:ab:a8:6e:0a:43:f3:2c:81:e7:ad:ee:8e:c0:04:
                    72:d7:85:61:bc:09:50:5d:15:86:8a:c5:06:95:e2:
                    07:13:02:ee:2c:9e:ae:8c:8a:d7:1c:e5:c9:87:f5:
                    cf:1e:0d:a9:1f:3d:26:83:f2:d4:33:86:bf:30:a0:
                    f7:a5:51:64:cc:e7:d9:44:e3:b0:bf:77:3a:58:ed:
                    6a:5d:07:ac:4a:59:53:28:cc:37:b4:3a:3e:d2:c1:
                    b9:4f:45:12:e2:30:07:44:51:c6:c5:8d:d3:db:f3:
                    ba:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:C9:32:D8:9D:8E:28:39:9E:10:AD:E1:4E:E0:E8:E2:A5:8B:9B:9D
            X509v3 Authority Key Identifier:
                keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/aMky2J2OKDmeEK3hTuDo4qWLm50.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.143.204.0/22
                  109.122.240.0-109.122.251.255

    Signature Algorithm: sha256WithRSAEncryption
         26:51:4f:7b:88:31:fa:3b:75:c7:b8:fa:ab:c4:54:bb:93:f2:
         e4:34:c8:e0:7e:80:b7:30:27:0b:78:3d:0b:0c:9f:5b:9b:06:
         ab:97:6f:9d:a1:65:43:59:0e:57:e6:6a:50:f6:5e:c5:20:ab:
         d5:11:23:5d:7d:7a:db:ab:f7:0d:21:f6:19:4f:18:b8:5b:8a:
         df:64:db:35:ae:66:ed:b4:36:a8:02:b7:17:48:f4:05:2c:2d:
         1a:a8:cc:0d:ff:c6:33:bb:30:e2:c5:a8:53:a5:b7:0d:28:ee:
         88:ff:2f:d2:3e:93:99:aa:4a:99:90:18:35:92:1e:c7:d6:7f:
         5b:5a:03:a9:03:b7:b3:56:d2:fd:9d:70:dc:27:74:20:ab:33:
         46:cc:38:e8:a9:c0:78:61:d7:89:2d:36:1b:fe:43:b4:42:6e:
         21:8c:16:cc:0d:a7:a6:5b:ea:28:dd:c7:8e:3d:7f:35:db:06:
         bf:f3:06:a1:54:26:6f:2a:05:bb:fe:51:ad:eb:77:6e:13:cf:
         86:1f:5f:bf:a1:3a:00:95:72:8b:a6:12:87:06:ff:a8:60:83:
         d8:2a:1c:73:dc:43:b2:52:4e:71:c0:cc:e0:af:94:1f:f7:72:
         29:81:f6:25:5e:39:33:cc:0b:61:b7:17:26:34:a6:b4:d5:97:
         49:d3:71:7f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYXIrAkD6BaTXpPFl97z5u/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjMwMTE5MDYxNjM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGM5MzJkODlkOGUyODM5OWUxMGFkZTE0ZWUwZThlMmE1OGI5YjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSXp02nXr5OtkzTZN1xiBZ7fWy9k
ymbP0BK0VFnEEPUod45bW6vW10aGZhoZEnDxOyZx4mstrNNi46Us54JqZTRx2tAj
n82YSK0F+QpIQM/gP2ujE8FdRYJhwi0peQC3amPovgOYqvTglfI3lfjJOr/df1UQ
hWysy6bqVinCspGCuB1pVEQ0WStMWwS5V/vpwe263qiEq6huCkPzLIHnre6OwARy
14VhvAlQXRWGisUGleIHEwLuLJ6ujIrXHOXJh/XPHg2pHz0mg/LUM4a/MKD3pVFk
zOfZROOwv3c6WO1qXQesSllTKMw3tDo+0sG5T0US4jAHRFHGxY3T2/O6pQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGjJMtidjig5nhCt4U7g6OKli5udMB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvYU1reTJKMk9LRG1lRUszaFR1RG80cVdMbTUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCLo/MMAwD
BARtevADBAJtevgwDQYJKoZIhvcNAQELBQADggEBACZRT3uIMfo7dce4+qvEVLuT
8uQ0yOB+gLcwJwt4PQsMn1ubBquXb52hZUNZDlfmalD2XsUgq9URI119etur9w0h
9hlPGLhbit9k2zWuZu20NqgCtxdI9AUsLRqozA3/xjO7MOLFqFOltw0o7oj/L9I+
k5mqSpmQGDWSHsfWf1taA6kDt7NW0v2dcNwndCCrM0bMOOipwHhh14ktNhv+Q7RC
biGMFswNp6Zb6ijdx449fzXbBr/zBqFUJm8qBbv+Ua3rd24Tz4YfX7+hOgCVcoum
EocG/6hgg9gqHHPcQ7JSTnHAzOCvlB/3cimB9iVeOTPMC2G3FyY0prTVl0nTcX8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:46 2024 by rpki-client on console-fra.rpki-client.org