Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/vISecz_OV5p8nSLQuX5o-N_kIeY.roa
File:                     vISecz_OV5p8nSLQuX5o-N_kIeY.roa (raw, json)
Hash identifier:          d9ymbMqdiNuFS3qUkxj/I0NdPpIEnqwafLzLyU5WtQI=
Subject key identifier:   BC:84:9E:73:3F:CE:57:9A:7C:9D:22:D0:B9:7E:68:F8:DF:E4:21:E6
Certificate issuer:       /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial:       0189781C9A29272D27F5FA933F835337DD8D
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/vISecz_OV5p8nSLQuX5o-N_kIeY.roa
Signing time:             Fri 21 Jul 2023 11:01:27 +0000
ROA not before:           Fri 21 Jul 2023 11:01:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209408
IP address blocks:        80.71.232.0/24 maxlen: 24
                          45.66.224.0/22 maxlen: 22
                          81.29.149.0/24 maxlen: 24
                          81.29.151.0/24 maxlen: 24
                          2a09:6c40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Fri 21 Jul 2023 15:56:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:78:1c:9a:29:27:2d:27:f5:fa:93:3f:83:53:37:dd:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
        Validity
            Not Before: Jul 21 11:01:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bc849e733fce579a7c9d22d0b97e68f8dfe421e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a0:fc:6f:fb:cf:c8:49:e2:c4:96:c6:af:f8:
                    f1:56:63:5d:1a:71:5c:59:25:29:86:70:92:76:23:
                    a3:f0:2f:d5:f4:95:fa:08:d1:f5:f5:d9:07:99:f1:
                    cd:ed:25:98:c7:40:73:bd:19:51:6b:35:f5:4a:3b:
                    c3:2a:8d:35:27:6a:15:0f:3c:01:f6:2f:5a:04:b6:
                    36:fe:1a:fc:cb:91:af:5c:b7:4d:78:8c:92:7b:95:
                    bd:3e:8e:6c:34:b5:b8:df:23:c4:f9:5d:9b:49:dd:
                    1c:87:6d:5e:e7:58:ae:88:66:a6:4b:66:c7:51:d5:
                    50:4a:9f:16:7a:b5:dc:36:83:75:f3:a7:27:d2:91:
                    c2:ce:97:69:c8:3d:23:94:c9:36:d6:34:13:d7:b6:
                    7b:85:00:9d:16:8a:93:eb:32:6d:c9:59:69:cc:47:
                    21:7e:f0:e6:21:73:a7:b8:69:90:4e:cc:bb:38:50:
                    9f:1e:1e:7a:f8:c0:b7:5d:3d:e1:63:1f:5e:ff:3d:
                    ed:2d:be:82:70:8c:c6:9e:a0:a3:33:f5:85:40:12:
                    c7:e2:1c:54:e3:5f:be:e4:96:bf:c0:59:0e:0a:29:
                    ae:8f:0f:9d:0d:3a:1f:40:0e:d2:52:31:21:e0:fe:
                    37:53:84:1f:ea:09:45:4f:4f:64:94:51:b8:32:8f:
                    4d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:84:9E:73:3F:CE:57:9A:7C:9D:22:D0:B9:7E:68:F8:DF:E4:21:E6
            X509v3 Authority Key Identifier:
                keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/vISecz_OV5p8nSLQuX5o-N_kIeY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.66.224.0/22
                  80.71.232.0/24
                  81.29.149.0/24
                  81.29.151.0/24
                IPv6:
                  2a09:6c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         02:65:60:58:d7:dc:79:0d:ef:ac:5b:9c:09:6f:52:60:9d:7f:
         54:09:00:05:51:67:42:fb:fc:48:a7:25:89:3e:5a:d1:34:d5:
         04:c6:6a:5a:8e:23:ec:57:c2:8c:03:3f:2b:a7:29:9a:57:94:
         06:16:ac:46:f9:7a:e2:4a:43:a7:da:ce:9e:29:ef:58:28:4d:
         83:af:e8:33:55:01:7e:59:0f:8b:36:4d:1d:82:33:d3:78:08:
         4d:2b:b2:54:55:77:4f:6e:c2:74:f4:90:bb:c5:63:a8:e5:7a:
         6e:59:88:03:d6:cd:47:74:e6:65:d3:f9:85:5e:12:15:44:33:
         72:1b:a7:c7:d5:8a:bf:8c:b9:71:57:89:10:0f:a8:00:fe:bc:
         bd:0f:08:2e:6e:a7:3e:6d:fd:94:65:6d:c8:0b:f2:99:1f:2f:
         6a:8f:a1:af:64:e4:22:b2:48:6d:ed:cc:cb:13:53:a8:28:9d:
         00:22:e4:46:91:fa:3f:b0:55:43:13:eb:75:da:d2:f2:e1:43:
         23:04:b9:35:8b:95:76:b8:92:da:56:49:5f:42:a8:c3:6a:54:
         c2:81:af:1c:03:d6:d1:ac:ad:38:91:e2:22:76:ff:ea:6f:da:
         7d:2c:f1:65:a0:84:84:79:3e:52:a0:d6:a7:3c:70:fa:0e:01:
         f6:56:92:b9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYl4HJopJy0n9fqTP4NTN92NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNzIxMTEwMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzg0OWU3MzNmY2U1NzlhN2M5ZDIyZDBiOTdlNjhmOGRmZTQyMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6D8b/vPyEnixJbGr/jxVmNdGnFc
WSUphnCSdiOj8C/V9JX6CNH19dkHmfHN7SWYx0BzvRlRazX1SjvDKo01J2oVDzwB
9i9aBLY2/hr8y5GvXLdNeIySe5W9Po5sNLW43yPE+V2bSd0ch21e51iuiGamS2bH
UdVQSp8WerXcNoN186cn0pHCzpdpyD0jlMk21jQT17Z7hQCdFoqT6zJtyVlpzEch
fvDmIXOnuGmQTsy7OFCfHh56+MC3XT3hYx9e/z3tLb6CcIzGnqCjM/WFQBLH4hxU
41++5Ja/wFkOCimujw+dDTofQA7SUjEh4P43U4Qf6glFT09klFG4Mo9NvwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLyEnnM/zleafJ0i0Ll+aPjf5CHmMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvdklTZWN6X09WNXA4blNMUXVYNW8tTl9rSWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLULgAwQA
UEfoAwQAUR2VAwQAUR2XMA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IB
AQACZWBY19x5De+sW5wJb1JgnX9UCQAFUWdC+/xIpyWJPlrRNNUExmpajiPsV8KM
Az8rpymaV5QGFqxG+XriSkOn2s6eKe9YKE2Dr+gzVQF+WQ+LNk0dgjPTeAhNK7JU
VXdPbsJ09JC7xWOo5XpuWYgD1s1HdOZl0/mFXhIVRDNyG6fH1Yq/jLlxV4kQD6gA
/ry9Dwgubqc+bf2UZW3IC/KZHy9qj6GvZOQiskht7czLE1OoKJ0AIuRGkfo/sFVD
E+t12tLy4UMjBLk1i5V2uJLaVklfQqjDalTCga8cA9bRrK04keIidv/qb9p9LPFl
oISEeT5SoNanPHD6DgH2VpK5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org