Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/dVKSk3-sX6Wep5whg8Z5nz_vZq4.roa
File:                     dVKSk3-sX6Wep5whg8Z5nz_vZq4.roa (raw, json)
Hash identifier:          +4NHUfXCih7IA4hIqQoInrmwx5KvtV2qIleF9BhgG6M=
Subject key identifier:   75:52:92:93:7F:AC:5F:A5:9E:A7:9C:21:83:C6:79:9F:3F:EF:66:AE
Certificate issuer:       /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial:       018A9C66158B283A0167770EB6CBE9C7EB70
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/dVKSk3-sX6Wep5whg8Z5nz_vZq4.roa
Signing time:             Sat 16 Sep 2023 05:10:50 +0000
ROA not before:           Sat 16 Sep 2023 05:10:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41378
IP address blocks:        185.145.244.0/24 maxlen: 24
                          45.9.8.0/22 maxlen: 24
                          45.9.8.0/24 maxlen: 24
                          45.9.9.0/24 maxlen: 24
                          45.9.10.0/24 maxlen: 24
                          45.9.11.0/24 maxlen: 24
                          2a0e:aa00:200::/44 maxlen: 48
                          2a0e:aa00:300::/44 maxlen: 48
                          2a0e:aa00:100::/44 maxlen: 48
                          2a0e:aa00:220::/44 maxlen: 48
                          2a0e:aa00:120::/44 maxlen: 48
                          2a0e:aa00:140::/44 maxlen: 48
                          2a0e:aa02::/32 maxlen: 48
                          2a0e:aa00:210::/44 maxlen: 48
                          2a0e:aa00:310::/44 maxlen: 48
                          2a0e:aa00:110::/44 maxlen: 48
                          2a0e:aa00:230::/44 maxlen: 48
                          2a0e:aa00:130::/44 maxlen: 48
                          2a0e:aa00:aa00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:9c:66:15:8b:28:3a:01:67:77:0e:b6:cb:e9:c7:eb:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
        Validity
            Not Before: Sep 16 05:10:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=755292937fac5fa59ea79c2183c6799f3fef66ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:8e:6a:d0:89:25:c0:cf:f0:88:f0:43:b4:f1:
                    14:d3:0e:e3:27:71:a2:4f:c9:bb:c3:6b:cd:45:ef:
                    92:e9:fe:48:ba:2b:03:49:2f:f6:44:9d:1b:0b:8d:
                    09:95:49:6a:04:bc:da:ef:3c:a9:be:4e:e9:01:b0:
                    c9:66:66:ab:c6:b4:66:67:63:5c:98:81:c7:32:6c:
                    3c:00:57:54:f4:d6:cb:fb:3d:2c:74:64:cc:78:b8:
                    ed:0a:06:13:e2:a3:94:5c:1e:c3:51:6b:07:bd:c5:
                    0f:99:28:c2:14:dd:ad:c4:8f:1a:e5:26:47:be:f9:
                    fa:60:f2:e3:c1:8b:52:86:e1:d8:be:cd:0e:05:ea:
                    2b:ab:31:ad:fb:ba:18:8a:e9:ff:84:39:88:c4:8f:
                    c4:dc:44:d3:e3:0a:8d:30:8f:6b:2b:6c:3f:66:67:
                    e0:36:11:c6:79:72:f2:c8:b8:29:91:e5:4d:cf:97:
                    cd:d0:2d:c8:c2:0f:29:6c:e7:e9:42:34:d3:a6:78:
                    d5:f2:d0:a3:cd:22:f8:40:69:bc:9b:5d:1f:73:71:
                    21:0d:58:eb:03:b6:d4:9c:1d:93:b8:80:21:b4:6c:
                    64:bb:b4:3f:70:7a:be:82:08:b0:52:d0:79:53:05:
                    12:cb:b2:48:67:c2:4a:7c:b7:23:3e:7a:4a:99:d6:
                    a2:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:52:92:93:7F:AC:5F:A5:9E:A7:9C:21:83:C6:79:9F:3F:EF:66:AE
            X509v3 Authority Key Identifier:
                keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/dVKSk3-sX6Wep5whg8Z5nz_vZq4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.8.0/22
                  185.145.244.0/24
                IPv6:
                  2a0e:aa00:100::-2a0e:aa00:14f:ffff:ffff:ffff:ffff:ffff
                  2a0e:aa00:200::/42
                  2a0e:aa00:300::/43
                  2a0e:aa00:aa00::/40
                  2a0e:aa02::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:60:2b:4d:4b:d9:eb:88:76:79:ff:6c:2a:e6:e8:e8:b1:88:
         2b:fa:dc:a0:da:cc:a7:c0:82:1f:ce:79:3d:9a:18:e6:b1:09:
         d9:c5:4b:5e:bf:14:98:54:88:e0:16:03:b6:2e:d0:cb:44:e8:
         08:40:02:29:60:13:99:3c:5d:01:09:39:04:5c:53:e2:5d:6a:
         ac:98:20:9c:ed:f9:8b:27:aa:52:25:24:54:de:78:04:9d:70:
         bd:23:2e:3b:49:f0:c5:91:7a:44:1a:e5:be:92:0a:19:64:dd:
         98:a5:83:61:36:79:f7:16:7b:95:41:9e:f0:3c:cb:65:d2:38:
         7d:2d:70:32:e5:5f:7f:49:b9:4d:fc:5a:f1:f1:b2:2a:f2:7c:
         5c:a6:7c:51:8c:87:bc:c1:8e:c6:fe:19:46:fb:d0:4a:ca:c6:
         05:93:f5:95:a4:7a:95:ea:21:b2:cc:23:94:10:09:2d:3e:f0:
         c2:b5:34:1d:00:cb:b9:53:ba:4e:92:e7:9f:74:61:4a:20:0c:
         4d:b0:36:b5:15:7e:a4:12:28:33:7a:a2:7a:7d:8f:1d:4d:6e:
         96:3e:12:c6:24:d9:3b:b7:ad:2d:02:73:94:3b:16:34:2e:02:
         10:e6:4e:2e:44:93:90:7a:48:a0:50:7a:05:aa:00:56:7f:98:
         a6:25:f3:24
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYqcZhWLKDoBZ3cOtsvpx+twMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwOTE2MDUxMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTUyOTI5MzdmYWM1ZmE1OWVhNzljMjE4M2M2Nzk5ZjNmZWY2NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkY5q0IklwM/wiPBDtPEU0w7jJ3Gi
T8m7w2vNRe+S6f5IuisDSS/2RJ0bC40JlUlqBLza7zypvk7pAbDJZmarxrRmZ2Nc
mIHHMmw8AFdU9NbL+z0sdGTMeLjtCgYT4qOUXB7DUWsHvcUPmSjCFN2txI8a5SZH
vvn6YPLjwYtShuHYvs0OBeorqzGt+7oYiun/hDmIxI/E3ETT4wqNMI9rK2w/Zmfg
NhHGeXLyyLgpkeVNz5fN0C3Iwg8pbOfpQjTTpnjV8tCjzSL4QGm8m10fc3EhDVjr
A7bUnB2TuIAhtGxku7Q/cHq+ggiwUtB5UwUSy7JIZ8JKfLcjPnpKmdaiSQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHVSkpN/rF+lnqecIYPGeZ8/72auMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvZFZLU2szLXNYNldlcDV3aGc4WjVuel92WnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDASBAIAATAMAwQCLQkIAwQA
uZH0MDoEAgACMDQwEQMGACoOqgABAwcEKg6qAAFAAwcGKg6qAAIAAwcFKg6qAAMA
AwYAKg6qAKoDBQAqDqoCMA0GCSqGSIb3DQEBCwUAA4IBAQBlYCtNS9nriHZ5/2wq
5ujosYgr+tyg2synwIIfznk9mhjmsQnZxUtevxSYVIjgFgO2LtDLROgIQAIpYBOZ
PF0BCTkEXFPiXWqsmCCc7fmLJ6pSJSRU3ngEnXC9Iy47SfDFkXpEGuW+kgoZZN2Y
pYNhNnn3FnuVQZ7wPMtl0jh9LXAy5V9/SblN/Frx8bIq8nxcpnxRjIe8wY7G/hlG
+9BKysYFk/WVpHqV6iGyzCOUEAktPvDCtTQdAMu5U7pOkuefdGFKIAxNsDa1FX6k
EigzeqJ6fY8dTW6WPhLGJNk7t60tAnOUOxY0LgIQ5k4uRJOQekigUHoFqgBWf5im
JfMk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org