Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0QwGGheSjrs7FxEdXVdDoLxlOEU.roa
File:                     0QwGGheSjrs7FxEdXVdDoLxlOEU.roa (raw, json)
Hash identifier:          APLFQVT3KTWZFkt2FRL/HkB8yBAEORGWpSbirV12mAg=
Subject key identifier:   D1:0C:06:1A:17:92:8E:BB:3B:17:11:1D:5D:57:43:A0:BC:65:38:45
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       01856F1DC801F66DD828C9A3BD0ECD711E89
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0QwGGheSjrs7FxEdXVdDoLxlOEU.roa
Signing time:             Sun 01 Jan 2023 20:55:00 +0000
ROA not before:           Sun 01 Jan 2023 20:55:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8100
IP address blocks:        80.66.199.0/24 maxlen: 24
                          194.104.144.0/24 maxlen: 24
                          45.87.92.0/24 maxlen: 24
                          45.87.93.0/24 maxlen: 24
                          95.214.166.0/24 maxlen: 24
                          95.214.167.0/24 maxlen: 24
                          45.139.192.0/24 maxlen: 24
                          45.139.194.0/24 maxlen: 24
                          45.139.195.0/24 maxlen: 24
                          45.141.44.0/24 maxlen: 24
                          45.141.46.0/24 maxlen: 24
                          45.141.45.0/24 maxlen: 24
                          45.141.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 Mar 2023 00:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:c8:01:f6:6d:d8:28:c9:a3:bd:0e:cd:71:1e:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  1 20:55:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d10c061a17928ebb3b17111d5d5743a0bc653845
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e3:2c:81:90:73:a8:fd:d4:07:a1:ac:e7:32:
                    df:52:99:13:3f:18:a7:53:ed:f2:47:d8:89:59:a6:
                    dd:01:a3:29:3d:84:33:7c:df:36:bc:0b:60:08:63:
                    89:6d:9c:af:f8:36:84:7d:79:b2:df:31:b0:2e:d8:
                    0a:ec:6a:72:49:e3:e4:3b:4b:9d:ea:1f:24:0b:20:
                    93:d6:a4:09:28:5d:70:ca:7c:e6:10:55:aa:b6:85:
                    06:9a:29:28:d5:f2:11:cc:d3:6c:6b:ca:8b:37:98:
                    ab:12:86:30:f0:51:2a:35:86:fe:50:53:c1:5c:2c:
                    47:fe:81:45:71:6f:6c:cb:83:bc:a6:76:0b:0c:66:
                    96:78:84:2a:9a:7a:41:10:ff:93:c8:99:f1:26:e9:
                    e9:f4:40:93:e2:d5:83:68:17:6c:d9:2f:b7:29:8e:
                    4d:9b:51:00:16:95:5a:da:ee:6a:74:51:86:25:a5:
                    78:8e:eb:99:ca:42:cc:74:d6:ed:81:7a:d6:1f:20:
                    6d:6e:87:ce:d7:14:9d:5a:2c:a4:47:6a:b6:c3:81:
                    80:67:79:d3:db:b1:33:e6:c9:e9:a9:d3:43:9c:be:
                    bf:d8:04:c3:48:db:04:b8:75:71:1a:cd:48:62:3b:
                    e0:09:ac:76:4a:4d:c8:b3:bb:0b:f1:ff:dc:5b:18:
                    25:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:0C:06:1A:17:92:8E:BB:3B:17:11:1D:5D:57:43:A0:BC:65:38:45
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0QwGGheSjrs7FxEdXVdDoLxlOEU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.87.92.0/23
                  45.139.192.0/24
                  45.139.194.0/23
                  45.141.44.0/22
                  80.66.199.0/24
                  95.214.166.0/23
                  194.104.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:ca:e0:d8:f2:39:5b:b1:36:ea:fe:96:0b:39:04:87:49:be:
         1c:80:15:df:aa:93:d2:84:2c:d8:e1:75:ec:b4:50:c7:6c:6f:
         d3:e1:f4:13:35:31:11:5b:88:31:21:ef:ac:eb:ad:9b:37:b0:
         ff:3d:0a:ce:22:35:28:4c:00:db:03:49:58:fd:3a:1a:33:18:
         30:ce:f5:92:6e:bf:ef:b9:1c:11:2d:30:2a:9d:25:d2:44:1c:
         47:8d:78:c9:f1:ed:d1:27:f5:71:af:e8:7f:d9:f9:3a:56:e8:
         eb:8d:50:2d:69:42:f7:aa:61:f6:19:06:c8:d0:b4:74:76:cb:
         7d:6e:ce:2e:76:2f:f0:29:54:a0:b5:56:5f:16:0a:24:35:64:
         6d:65:d9:04:f5:7d:8e:13:1f:42:80:b7:49:c5:d6:9e:67:22:
         10:1a:19:52:18:bb:53:e5:94:8f:4c:b7:a7:40:cc:ee:25:da:
         4f:5f:71:1d:c0:fc:16:3c:67:5d:15:ec:ea:a6:ba:9b:45:2f:
         31:f1:a4:b5:00:54:2a:eb:b6:a7:7e:d2:9d:86:6b:5f:5b:26:
         c7:ff:98:02:09:27:39:d6:ce:50:7c:9d:1a:68:3f:bb:3b:04:
         b6:12:e5:2f:0f:f8:ef:a6:f8:e0:d0:1d:be:02:f0:f3:ae:33:
         59:ab:b4:0f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVvHcgB9m3YKMmjvQ7NcR6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTBjMDYxYTE3OTI4ZWJiM2IxNzExMWQ1ZDU3NDNhMGJjNjUzODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueMsgZBzqP3UB6Gs5zLfUpkTPxin
U+3yR9iJWabdAaMpPYQzfN82vAtgCGOJbZyv+DaEfXmy3zGwLtgK7GpySePkO0ud
6h8kCyCT1qQJKF1wynzmEFWqtoUGmiko1fIRzNNsa8qLN5irEoYw8FEqNYb+UFPB
XCxH/oFFcW9sy4O8pnYLDGaWeIQqmnpBEP+TyJnxJunp9ECT4tWDaBds2S+3KY5N
m1EAFpVa2u5qdFGGJaV4juuZykLMdNbtgXrWHyBtbofO1xSdWiykR2q2w4GAZ3nT
27Ez5snpqdNDnL6/2ATDSNsEuHVxGs1IYjvgCax2Sk3Is7sL8f/cWxgl5QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNEMBhoXko67OxcRHV1XQ6C8ZThFMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvMFF3R0doZVNqcnM3RnhFZFhWZERvTHhsT0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLVdcAwQA
LYvAAwQBLYvCAwQCLY0sAwQAUELHAwQBX9amAwQAwmiQMA0GCSqGSIb3DQEBCwUA
A4IBAQAXyuDY8jlbsTbq/pYLOQSHSb4cgBXfqpPShCzY4XXstFDHbG/T4fQTNTER
W4gxIe+s662bN7D/PQrOIjUoTADbA0lY/ToaMxgwzvWSbr/vuRwRLTAqnSXSRBxH
jXjJ8e3RJ/Vxr+h/2fk6VujrjVAtaUL3qmH2GQbI0LR0dst9bs4udi/wKVSgtVZf
FgokNWRtZdkE9X2OEx9CgLdJxdaeZyIQGhlSGLtT5ZSPTLenQMzuJdpPX3EdwPwW
PGddFezqprqbRS8x8aS1AFQq67anftKdhmtfWybH/5gCCSc51s5QfJ0aaD+7OwS2
EuUvD/jvpvjg0B2+AvDzrjNZq7QP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:46 2024 by rpki-client on console-ams.rpki-client.org