Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/OLLkT7bLwTawfEpRtmXI5VPWur8.roa
File:                     OLLkT7bLwTawfEpRtmXI5VPWur8.roa (raw, json)
Hash identifier:          kjyP9doQyVnyJSizpdjuHoxtv96x+OLClDv6tfMvAio=
Subject key identifier:   38:B2:E4:4F:B6:CB:C1:36:B0:7C:4A:51:B6:65:C8:E5:53:D6:BA:BF
Certificate issuer:       /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial:       0186BCDBB4DAF95F212D341C2D29E0BED988
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/OLLkT7bLwTawfEpRtmXI5VPWur8.roa
Signing time:             Tue 07 Mar 2023 16:16:00 +0000
ROA not before:           Tue 07 Mar 2023 16:16:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7155
IP address blocks:        77.222.136.0/24 maxlen: 24
                          188.0.64.0/23 maxlen: 23
                          194.146.197.0/24 maxlen: 24
                          93.183.215.0/24 maxlen: 24
                          188.0.66.0/24 maxlen: 24
                          93.183.228.0/24 maxlen: 24
                          93.183.229.0/24 maxlen: 24
                          46.164.152.0/23 maxlen: 23
                          193.108.50.0/24 maxlen: 24
                          193.108.51.0/24 maxlen: 24
                          93.183.197.0/24 maxlen: 24
                          195.69.176.0/24 maxlen: 24
                          46.164.160.0/22 maxlen: 22
                          91.204.95.0/24 maxlen: 24
                          185.8.41.0/24 maxlen: 24
                          185.8.40.0/24 maxlen: 24
                          185.8.42.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:bc:db:b4:da:f9:5f:21:2d:34:1c:2d:29:e0:be:d9:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
        Validity
            Not Before: Mar  7 16:16:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=38b2e44fb6cbc136b07c4a51b665c8e553d6babf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:87:46:bf:ee:bb:ee:d9:0e:f7:ec:10:e4:d5:
                    5d:8f:30:b6:c4:b5:90:5d:21:b8:8d:49:9e:99:76:
                    14:05:84:2c:12:47:35:f6:65:c6:56:87:01:6a:9b:
                    2e:77:59:d2:1d:e3:44:7b:a4:6a:6d:f5:56:b1:b5:
                    50:00:ae:f4:d5:be:63:ae:90:46:87:93:5f:3d:83:
                    48:e5:62:77:eb:5b:14:e1:eb:19:53:2f:3f:3d:45:
                    93:ee:b3:b1:7c:98:e4:b7:92:2f:38:ea:47:68:b3:
                    36:91:3d:33:73:d6:c6:45:13:76:b4:12:a3:ba:d1:
                    6c:26:5a:59:9c:3c:c9:e6:17:04:77:82:3b:9a:72:
                    3e:77:a9:28:c6:33:aa:a3:f7:5d:4e:33:b5:f7:94:
                    d5:ba:5f:0e:8c:fb:a6:c4:9e:8a:cc:19:d2:16:78:
                    23:20:20:f9:eb:38:c7:98:64:20:5f:bf:dd:6e:4e:
                    f3:49:09:67:e0:2d:0b:17:48:4e:56:0a:8f:54:7d:
                    54:a8:22:85:5c:87:79:5d:88:ad:23:86:56:ac:85:
                    18:61:1f:53:14:25:d2:13:77:a5:76:0e:2a:0b:5b:
                    19:bd:d8:19:fd:22:3f:dd:db:51:6b:7f:ea:98:6e:
                    3e:f2:eb:72:2a:fd:47:31:62:d6:f3:f4:a4:20:a9:
                    da:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:B2:E4:4F:B6:CB:C1:36:B0:7C:4A:51:B6:65:C8:E5:53:D6:BA:BF
            X509v3 Authority Key Identifier:
                keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/OLLkT7bLwTawfEpRtmXI5VPWur8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.164.152.0/23
                  46.164.160.0/22
                  77.222.136.0/24
                  91.204.95.0/24
                  93.183.197.0/24
                  93.183.215.0/24
                  93.183.228.0/23
                  185.8.40.0/22
                  188.0.64.0-188.0.66.255
                  193.108.50.0/23
                  194.146.197.0/24
                  195.69.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:c2:8c:5f:86:a3:6b:5f:09:7e:1f:f2:27:e0:d5:6f:5c:d3:
         c9:bc:92:47:5f:16:f6:ff:6c:84:d9:77:ad:2c:1c:99:f6:5b:
         6d:18:7e:7d:cf:d6:f1:da:f6:24:15:dd:53:c4:78:30:cd:90:
         4c:9a:57:49:53:24:e7:bc:00:93:d4:bb:b0:6a:cb:0b:14:33:
         e4:a2:75:22:d5:05:da:14:0e:d2:e4:07:d9:99:93:70:d8:2f:
         21:4e:3a:00:23:20:ee:2a:0f:9c:89:db:4c:6c:f8:04:9c:9f:
         6e:8d:f4:96:95:79:d8:b2:48:60:b8:23:53:c1:39:bb:3c:45:
         62:49:7d:19:2e:bc:c8:46:d0:78:07:f1:a3:52:65:e6:83:40:
         1f:bc:66:cb:fd:02:5a:85:5b:fc:d8:29:c0:7f:a2:8a:55:dc:
         88:d3:38:25:4a:c8:b1:ad:64:c4:fb:32:8a:dd:b7:38:7d:ae:
         7f:1a:a0:78:be:09:92:b8:1e:9c:48:44:aa:7c:07:1b:84:fb:
         14:4e:a4:e1:ae:50:54:19:54:4c:71:96:fc:81:3a:a9:f6:4d:
         3f:dc:b6:d9:62:43:6a:4f:1c:e6:65:6f:e0:a1:8f:f8:4f:26:
         24:4d:8f:ec:8f:37:c9:bc:00:2d:e4:3f:30:50:b9:4d:3b:fe:
         c2:15:90:43
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYa827Ta+V8hLTQcLSngvtmIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzhkYmU1MjA4M2FkMzM1YzlmMWZkZTYwMTZlYzhiNDky
OTMxNDAwHhcNMjMwMzA3MTYxNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGIyZTQ0ZmI2Y2JjMTM2YjA3YzRhNTFiNjY1YzhlNTUzZDZiYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqodGv+677tkO9+wQ5NVdjzC2xLWQ
XSG4jUmemXYUBYQsEkc19mXGVocBapsud1nSHeNEe6RqbfVWsbVQAK701b5jrpBG
h5NfPYNI5WJ361sU4esZUy8/PUWT7rOxfJjkt5IvOOpHaLM2kT0zc9bGRRN2tBKj
utFsJlpZnDzJ5hcEd4I7mnI+d6koxjOqo/ddTjO195TVul8OjPumxJ6KzBnSFngj
ICD56zjHmGQgX7/dbk7zSQln4C0LF0hOVgqPVH1UqCKFXId5XYitI4ZWrIUYYR9T
FCXSE3eldg4qC1sZvdgZ/SI/3dtRa3/qmG4+8utyKv1HMWLW8/SkIKna9wIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFDiy5E+2y8E2sHxKUbZlyOVT1rq/MB8GA1UdIwQY
MBaAFKvI2+Ugg60zXJ8f3mAW7ItJKTFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2Qt
MzA1NmFmOWEzMzVlLzEvT0xMa1Q3Ykx3VGF3ZkVwUnRtWEk1VlBXdXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jZTZjY2ItMjVjZi00OTE3LWIzY2QtMzA1NmFmOWEzMzVl
LzEvcThqYjVTQ0RyVE5jbnhfZVlCYnNpMGtwTVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQBLqSYAwQC
LqSgAwQATd6IAwQAW8xfAwQAXbfFAwQAXbfXAwQBXbfkAwQCuQgoMAwDBAa8AEAD
BAC8AEIDBAHBbDIDBADCksUDBADDRbAwDQYJKoZIhvcNAQELBQADggEBAEjCjF+G
o2tfCX4f8ifg1W9c08m8kkdfFvb/bITZd60sHJn2W20Yfn3P1vHa9iQV3VPEeDDN
kEyaV0lTJOe8AJPUu7BqywsUM+SidSLVBdoUDtLkB9mZk3DYLyFOOgAjIO4qD5yJ
20xs+AScn26N9JaVediySGC4I1PBObs8RWJJfRkuvMhG0HgH8aNSZeaDQB+8Zsv9
AlqFW/zYKcB/oopV3IjTOCVKyLGtZMT7Mordtzh9rn8aoHi+CZK4HpxIRKp8BxuE
+xROpOGuUFQZVExxlvyBOqn2TT/cttliQ2pPHOZlb+Chj/hPJiRNj+yPN8m8AC3k
PzBQuU07/sIVkEM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:32 2024 by rpki-client on console-fra.rpki-client.org