Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/G6mETtfv4fKp8jS_phCPFnXXxlQ.roa
File:                     G6mETtfv4fKp8jS_phCPFnXXxlQ.roa (raw, json)
Hash identifier:          hicgFdg8qp41kJIu9y5P5Ifzd47dLj6jK9Ix8BFMu3g=
Subject key identifier:   1B:A9:84:4E:D7:EF:E1:F2:A9:F2:34:BF:A6:10:8F:16:75:D7:C6:54
Certificate issuer:       /CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
Certificate serial:       0187E17C27640B86B97458A0A07E75585C88
Authority key identifier: 09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/G6mETtfv4fKp8jS_phCPFnXXxlQ.roa
Signing time:             Wed 03 May 2023 12:00:22 +0000
ROA not before:           Wed 03 May 2023 12:00:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202914
IP address blocks:        84.246.242.0/24 maxlen: 24
                          141.98.12.0/24 maxlen: 24
                          141.98.13.0/24 maxlen: 24
                          141.98.14.0/23 maxlen: 24
                          141.98.12.0/22 maxlen: 22
                          185.121.172.0/22 maxlen: 22
                          185.121.172.0/23 maxlen: 24
                          185.150.196.0/22 maxlen: 24
                          84.246.240.0/22 maxlen: 24
                          84.246.240.0/23 maxlen: 23
                          185.121.174.0/24 maxlen: 24
                          185.121.174.0/23 maxlen: 23
                          185.121.175.0/24 maxlen: 24
                          91.210.56.0/22 maxlen: 24
                          2a0d:3e80::/29 maxlen: 64

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e1:7c:27:64:0b:86:b9:74:58:a0:a0:7e:75:58:5c:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
        Validity
            Not Before: May  3 12:00:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ba9844ed7efe1f2a9f234bfa6108f1675d7c654
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:59:7b:07:16:2b:d8:2f:e4:df:e0:ee:2e:c9:
                    27:07:2f:3b:eb:03:04:e8:42:5f:2a:14:df:a8:22:
                    05:d6:79:7d:a3:87:7b:bd:0c:8b:10:8d:20:a3:b2:
                    87:6c:fb:ca:71:81:27:8f:1e:95:bf:12:a8:d3:f3:
                    3b:a6:7a:88:89:e1:46:53:46:04:cb:49:6d:be:0c:
                    37:ee:44:ec:74:00:6a:c3:82:6e:62:51:fd:bb:0b:
                    27:2e:d6:d2:cb:30:e5:aa:70:8a:34:59:b5:e5:81:
                    ed:93:bc:44:a9:39:98:6b:41:e9:9a:53:b5:2e:1a:
                    ca:68:1a:46:f0:9f:16:61:a7:70:26:c5:af:fd:b8:
                    aa:db:df:53:a1:53:a4:db:0b:bf:b2:6c:de:5e:ad:
                    6c:0f:40:26:08:c5:b4:e4:f8:be:ab:28:b2:15:82:
                    5b:eb:49:03:94:d9:32:31:3d:1e:46:c0:f3:c3:63:
                    89:52:25:86:0e:96:97:83:fa:ce:db:3d:cc:34:cd:
                    23:0f:7e:57:77:f7:6a:62:97:9f:51:13:d5:96:67:
                    7d:f0:90:b3:f0:6e:77:61:3e:3b:29:c6:61:4f:29:
                    48:54:f9:b4:49:b2:3e:50:0e:89:87:64:23:38:7a:
                    ab:31:e4:21:bb:99:d4:96:9c:95:1f:2e:58:b3:4d:
                    9a:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:A9:84:4E:D7:EF:E1:F2:A9:F2:34:BF:A6:10:8F:16:75:D7:C6:54
            X509v3 Authority Key Identifier:
                keyid:09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/G6mETtfv4fKp8jS_phCPFnXXxlQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.246.240.0/22
                  91.210.56.0/22
                  141.98.12.0/22
                  185.121.172.0/22
                  185.150.196.0/22
                IPv6:
                  2a0d:3e80::/29

    Signature Algorithm: sha256WithRSAEncryption
         0e:76:de:c2:f9:2b:6e:52:dd:36:cc:39:42:03:c1:1c:8c:80:
         97:81:35:85:1c:10:c3:6e:6c:2b:3c:01:69:fa:d1:27:52:ce:
         ce:fa:67:b0:7f:d3:d7:c4:90:ae:28:ab:1c:f6:ce:fa:f1:8d:
         8b:d1:87:a0:63:06:d2:9c:73:6a:c3:09:8d:ea:ed:e5:fa:7a:
         8b:4a:8b:69:11:a0:53:c8:31:ef:cb:b6:5c:b4:7f:b9:0c:6e:
         bb:db:c1:23:e8:de:ae:08:db:46:1e:5e:65:90:1b:d4:d1:6d:
         eb:3e:d5:1e:29:b8:03:7f:58:03:eb:eb:e2:f0:0a:74:41:aa:
         24:26:b2:11:34:21:b7:f8:27:a7:49:ec:ac:20:db:ea:4b:66:
         59:dc:da:ec:d7:37:28:b4:83:0a:b8:52:56:25:16:ee:2a:b1:
         b9:ae:a6:42:51:9e:53:cb:ec:d2:9c:6e:5f:05:f8:79:d9:3b:
         0c:8c:c5:a2:68:08:22:f6:d4:dd:77:24:61:24:a3:ef:dc:68:
         d2:ab:c3:31:87:af:63:63:73:08:eb:e2:e3:1c:74:dc:b0:96:
         0d:47:4d:ef:00:f6:73:c4:d9:aa:8b:b5:98:62:31:3a:3a:55:
         56:b8:5d:04:70:b7:f8:f4:59:af:e1:2d:52:ab:72:98:0a:0a:
         65:5c:c0:20
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYfhfCdkC4a5dFigoH51WFyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZGNmMWU4OTdlNTk4ZWMzZjFhYjYwYmQ0NDMzMjg3MjZk
ZWRhZTQwHhcNMjMwNTAzMTIwMDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmE5ODQ0ZWQ3ZWZlMWYyYTlmMjM0YmZhNjEwOGYxNjc1ZDdjNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1l7BxYr2C/k3+DuLsknBy876wME
6EJfKhTfqCIF1nl9o4d7vQyLEI0go7KHbPvKcYEnjx6VvxKo0/M7pnqIieFGU0YE
y0ltvgw37kTsdABqw4JuYlH9uwsnLtbSyzDlqnCKNFm15YHtk7xEqTmYa0HpmlO1
LhrKaBpG8J8WYadwJsWv/biq299ToVOk2wu/smzeXq1sD0AmCMW05Pi+qyiyFYJb
60kDlNkyMT0eRsDzw2OJUiWGDpaXg/rO2z3MNM0jD35Xd/dqYpefURPVlmd98JCz
8G53YT47KcZhTylIVPm0SbI+UA6Jh2QjOHqrMeQhu5nUlpyVHy5Ys02aDQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBuphE7X7+HyqfI0v6YQjxZ118ZUMB8GA1UdIwQY
MBaAFAnc8eiX5ZjsPxq2C9RDMocm3trkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUt
NjIzZTE5OWZkYmU5LzEvRzZtRVR0ZnY0ZktwOGpTX3BoQ1BGblhYeGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUtNjIzZTE5OWZkYmU5
LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCVPbwAwQC
W9I4AwQCjWIMAwQCuXmsAwQCuZbEMA0EAgACMAcDBQMqDT6AMA0GCSqGSIb3DQEB
CwUAA4IBAQAOdt7C+StuUt02zDlCA8EcjICXgTWFHBDDbmwrPAFp+tEnUs7O+mew
f9PXxJCuKKsc9s768Y2L0YegYwbSnHNqwwmN6u3l+nqLSotpEaBTyDHvy7ZctH+5
DG6728Ej6N6uCNtGHl5lkBvU0W3rPtUeKbgDf1gD6+vi8Ap0QaokJrIRNCG3+Cen
SeysINvqS2ZZ3Nrs1zcotIMKuFJWJRbuKrG5rqZCUZ5Ty+zSnG5fBfh52TsMjMWi
aAgi9tTddyRhJKPv3GjSq8Mxh69jY3MI6+LjHHTcsJYNR03vAPZzxNmqi7WYYjE6
OlVWuF0EcLf49Fmv4S1Sq3KYCgplXMAg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:07 2024 by rpki-client on console-fra.rpki-client.org