Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/6DIruzDtNLKY1KvbdU4FS7XhypI.roa
File:                     6DIruzDtNLKY1KvbdU4FS7XhypI.roa (raw, json)
Hash identifier:          53jiJ/d4P/JJYdJgNQ8EuImodhF9BPPsybfL9g9nxqk=
Subject key identifier:   E8:32:2B:BB:30:ED:34:B2:98:D4:AB:DB:75:4E:05:4B:B5:E1:CA:92
Certificate issuer:       /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial:       018CC7953325470999368C4CC127BEB443FF
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/6DIruzDtNLKY1KvbdU4FS7XhypI.roa
Signing time:             Tue 02 Jan 2024 00:31:33 +0000
ROA not before:           Tue 02 Jan 2024 00:31:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50437
IP address blocks:        31.131.164.0/22 maxlen: 22
                          46.151.224.0/22 maxlen: 22
                          176.116.132.0/22 maxlen: 22
                          176.116.131.0/24 maxlen: 24
                          176.116.128.0/24 maxlen: 24
                          176.116.130.0/24 maxlen: 24
                          176.116.129.0/24 maxlen: 24
                          46.151.228.0/22 maxlen: 22
                          91.228.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 26 Jul 2024 14:42:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:33:25:47:09:99:36:8c:4c:c1:27:be:b4:43:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
        Validity
            Not Before: Jan  2 00:31:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e8322bbb30ed34b298d4abdb754e054bb5e1ca92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c5:7c:8e:c0:c9:46:65:01:13:5a:66:58:29:
                    a5:af:34:97:7f:03:67:88:fe:50:68:d4:1c:69:75:
                    bd:91:33:b8:81:02:84:ef:85:b8:2a:da:02:2f:38:
                    10:28:ad:b1:7c:66:d2:72:db:85:26:7f:d3:97:b5:
                    d0:f6:bc:c2:de:f2:a3:83:53:d3:4b:2a:10:c0:fb:
                    6e:dd:24:64:c1:19:aa:10:4e:85:e9:66:b0:b0:4e:
                    64:7a:70:73:f4:da:d8:df:6b:54:26:cf:49:ff:a9:
                    14:2b:99:c4:92:62:61:f4:34:fc:af:82:a8:6e:8a:
                    40:00:6b:fc:d1:da:2b:99:9d:3d:0c:c7:b9:8a:a6:
                    6a:02:02:f7:c4:96:a7:32:93:e6:ba:d3:4b:d3:b5:
                    d8:c1:a0:29:4f:e4:05:58:5d:75:4e:67:88:df:48:
                    1a:9f:0e:5d:cb:77:b6:1b:30:22:79:f4:0b:2b:20:
                    19:8e:2f:0c:8f:e0:0d:e3:0b:4b:b4:a3:38:aa:3a:
                    5f:b6:19:73:64:86:aa:e1:ef:12:2c:ee:08:2c:40:
                    db:81:e2:f7:65:c5:18:42:43:21:b3:f8:b3:2c:29:
                    56:b8:87:61:9e:ca:89:a4:80:6c:74:8d:90:31:64:
                    c9:de:85:b1:47:aa:37:8a:5c:a9:c8:55:ba:f1:9d:
                    76:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:32:2B:BB:30:ED:34:B2:98:D4:AB:DB:75:4E:05:4B:B5:E1:CA:92
            X509v3 Authority Key Identifier:
                keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/6DIruzDtNLKY1KvbdU4FS7XhypI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.131.164.0/22
                  46.151.224.0/21
                  91.228.145.0/24
                  176.116.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         4e:0a:19:e9:af:97:a8:7a:a9:46:f6:d6:2f:9f:89:f1:d0:ce:
         a8:e8:f0:26:e0:56:55:ab:40:ba:ab:45:8a:c3:a5:9f:5c:fa:
         f8:75:b0:c8:18:95:95:37:d2:93:cb:2b:0b:e4:20:7e:37:c5:
         2e:ee:ee:3a:ad:74:41:b3:36:86:9d:b3:e2:83:ba:5f:71:a7:
         9f:8e:23:ae:fd:82:6f:dc:fa:53:68:b0:cb:bd:51:6f:98:89:
         6b:8e:ba:5e:b4:00:95:7f:00:9f:76:98:db:80:15:12:d1:97:
         94:b5:f0:2c:a4:bf:a8:6a:c4:26:dd:8b:ea:30:f3:56:23:f4:
         7a:18:0a:af:5b:56:20:e5:04:23:e3:d2:c8:ce:6e:b7:5c:5e:
         ca:6b:33:13:75:f3:97:16:0a:48:39:e2:3f:19:ad:31:9b:0d:
         8b:f9:6c:98:a1:a8:2a:41:ea:9c:07:af:35:a7:fd:08:6d:50:
         99:e3:a7:c8:83:9a:58:55:94:cf:72:ff:14:bc:68:2a:6b:a4:
         61:04:52:b9:c1:92:39:22:95:cc:eb:94:8d:a5:74:af:57:0f:
         98:27:fa:9a:ba:e1:28:95:fe:97:19:23:8c:77:48:be:41:b2:
         0e:21:43:9c:c8:fc:0c:d3:0a:c0:ce:e4:81:f6:ac:20:92:79:
         be:1b:53:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlTMlRwmZNoxMwSe+tEP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODMyMmJiYjMwZWQzNGIyOThkNGFiZGI3NTRlMDU0YmI1ZTFjYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosV8jsDJRmUBE1pmWCmlrzSXfwNn
iP5QaNQcaXW9kTO4gQKE74W4KtoCLzgQKK2xfGbSctuFJn/Tl7XQ9rzC3vKjg1PT
SyoQwPtu3SRkwRmqEE6F6WawsE5kenBz9NrY32tUJs9J/6kUK5nEkmJh9DT8r4Ko
bopAAGv80dormZ09DMe5iqZqAgL3xJanMpPmutNL07XYwaApT+QFWF11TmeI30ga
nw5dy3e2GzAiefQLKyAZji8Mj+AN4wtLtKM4qjpfthlzZIaq4e8SLO4ILEDbgeL3
ZcUYQkMhs/izLClWuIdhnsqJpIBsdI2QMWTJ3oWxR6o3ilypyFW68Z12kwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOgyK7sw7TSymNSr23VOBUu14cqSMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvNkRJcnV6RHROTEtZMUt2YmRVNEZTN1hoeXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH4OkAwQD
LpfgAwQAW+SRAwQDsHSAMA0GCSqGSIb3DQEBCwUAA4IBAQBOChnpr5eoeqlG9tYv
n4nx0M6o6PAm4FZVq0C6q0WKw6WfXPr4dbDIGJWVN9KTyysL5CB+N8Uu7u46rXRB
szaGnbPig7pfcaefjiOu/YJv3PpTaLDLvVFvmIlrjrpetACVfwCfdpjbgBUS0ZeU
tfAspL+oasQm3YvqMPNWI/R6GAqvW1Yg5QQj49LIzm63XF7KazMTdfOXFgpIOeI/
Ga0xmw2L+WyYoagqQeqcB681p/0IbVCZ46fIg5pYVZTPcv8UvGgqa6RhBFK5wZI5
IpXM65SNpXSvVw+YJ/qauuEolf6XGSOMd0i+QbIOIUOcyPwM0wrAzuSB9qwgknm+
G1Oa
-----END CERTIFICATE-----
Generated at Fri Jul 26 18:15:48 2024 by rpki-client on console-fra.rpki-client.org