Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kYytcuO8Pi1wB633SiOSLhC3W6Q.roa
File:                     kYytcuO8Pi1wB633SiOSLhC3W6Q.roa (raw, json)
Hash identifier:          oRgUyH5ROuf3+z90+xnBgQbo5KFZjlIeFU98HfF66nI=
Subject key identifier:   91:8C:AD:72:E3:BC:3E:2D:70:07:AD:F7:4A:23:92:2E:10:B7:5B:A4
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       0186CB9F23A8EA126835E4E29B0F896A10A8
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kYytcuO8Pi1wB633SiOSLhC3W6Q.roa
Signing time:             Fri 10 Mar 2023 13:04:09 +0000
ROA not before:           Fri 10 Mar 2023 13:04:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43357
IP address blocks:        92.60.40.0/24 maxlen: 24
                          45.130.20.0/22 maxlen: 24
                          45.147.51.0/24 maxlen: 32
                          45.147.50.0/24 maxlen: 32
                          194.36.25.0/24 maxlen: 24
                          185.248.85.0/24 maxlen: 24
                          185.254.75.0/24 maxlen: 24
                          185.194.52.0/22 maxlen: 24
                          2a07:fe00:1::/48 maxlen: 48
                          2a03:d9c0:3000::/48 maxlen: 48
                          2a09:7:2007::/48 maxlen: 48
                          2a0c:59c0:18::/48 maxlen: 48
                          2a0b:89c1:3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 01 Nov 2023 08:48:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:cb:9f:23:a8:ea:12:68:35:e4:e2:9b:0f:89:6a:10:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Mar 10 13:04:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=918cad72e3bc3e2d7007adf74a23922e10b75ba4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:be:13:65:ad:1f:4e:93:b1:5a:9b:e1:d0:99:
                    55:12:6e:bc:09:57:1f:60:c6:19:8e:64:d8:76:54:
                    2b:d6:d6:18:08:26:c9:02:98:41:9e:56:96:19:54:
                    6a:57:f3:50:79:f7:d4:7f:05:77:3a:4c:68:42:05:
                    0a:62:8f:e8:31:37:05:df:0d:a5:39:3b:4b:1b:6f:
                    69:4e:fe:79:9c:0c:40:47:d5:80:a2:0b:86:ff:82:
                    02:6f:01:37:33:8a:1d:b1:13:cb:b0:41:ac:82:39:
                    47:c6:7e:a8:16:88:fa:5b:b6:52:08:03:17:64:40:
                    99:2b:92:1b:bc:8f:c6:ed:83:f6:6d:6c:6e:9e:49:
                    d0:dc:1a:0a:04:b5:ac:cb:bd:e9:12:cd:f4:bb:d9:
                    e7:ec:b0:2d:76:dd:98:63:10:3e:67:a7:b2:d3:c9:
                    2a:5e:b6:36:05:f1:d5:bd:1e:d2:33:f1:85:c6:09:
                    70:b8:c5:b7:f2:c1:43:3e:0e:34:03:0b:6b:8c:99:
                    64:8b:a7:89:5f:fd:d4:a9:8b:a6:82:db:68:df:ef:
                    0c:ef:eb:69:09:26:58:86:b7:d2:88:37:78:dc:35:
                    af:35:1a:5c:f0:ef:60:83:3b:61:b8:b4:ff:d7:c2:
                    0b:00:7d:33:9a:a2:1b:36:90:5f:d2:66:22:78:10:
                    0d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:8C:AD:72:E3:BC:3E:2D:70:07:AD:F7:4A:23:92:2E:10:B7:5B:A4
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kYytcuO8Pi1wB633SiOSLhC3W6Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.130.20.0/22
                  45.147.50.0/23
                  92.60.40.0/24
                  185.194.52.0/22
                  185.248.85.0/24
                  185.254.75.0/24
                  194.36.25.0/24
                IPv6:
                  2a03:d9c0:3000::/48
                  2a07:fe00:1::/48
                  2a09:7:2007::/48
                  2a0b:89c1:3::/48
                  2a0c:59c0:18::/48

    Signature Algorithm: sha256WithRSAEncryption
         82:f8:7b:70:c1:45:73:b4:e4:7a:78:d0:cf:01:46:d6:c3:a0:
         77:6e:ef:f6:7a:62:38:b1:0b:01:ea:ae:ac:36:ac:1e:5d:cf:
         ab:00:00:29:4f:ef:e8:35:06:c0:b4:f1:7a:b0:62:31:ae:ab:
         63:04:9c:0d:d0:90:21:c9:1e:2b:38:26:e1:96:9d:ae:8c:d0:
         f1:71:8d:38:e7:58:b7:22:86:35:15:49:02:86:33:9c:bf:9e:
         3f:88:04:e8:eb:4c:14:6f:0f:a5:71:6b:b7:5b:6d:79:9d:67:
         98:fc:53:37:85:9d:55:b8:0e:1f:88:ed:7f:ae:17:a5:a9:fb:
         45:ff:cd:41:71:68:fd:68:3b:36:59:be:fc:59:83:4e:4a:ea:
         16:a2:a9:cf:aa:d8:14:64:d7:d8:72:87:83:b5:18:6c:48:fd:
         fe:38:48:b4:fe:63:f0:77:06:71:9d:b2:ba:d6:34:95:71:37:
         fc:25:0b:09:a0:97:c9:cb:ba:2d:0c:03:5d:5f:66:38:1d:57:
         1e:ae:91:e6:fd:db:43:4e:a7:8d:4d:75:65:6c:1c:eb:f6:a5:
         c4:7d:31:1c:83:50:76:f8:db:9e:e2:d9:ba:aa:ae:0b:79:92:
         d1:09:22:98:a6:4b:3e:96:95:5d:14:09:d3:a0:d9:6e:b5:b0:
         7c:4d:df:fd
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYbLnyOo6hJoNeTimw+JahCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMzEwMTMwNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MThjYWQ3MmUzYmMzZTJkNzAwN2FkZjc0YTIzOTIyZTEwYjc1YmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r4TZa0fTpOxWpvh0JlVEm68CVcf
YMYZjmTYdlQr1tYYCCbJAphBnlaWGVRqV/NQeffUfwV3OkxoQgUKYo/oMTcF3w2l
OTtLG29pTv55nAxAR9WAoguG/4ICbwE3M4odsRPLsEGsgjlHxn6oFoj6W7ZSCAMX
ZECZK5IbvI/G7YP2bWxunknQ3BoKBLWsy73pEs30u9nn7LAtdt2YYxA+Z6ey08kq
XrY2BfHVvR7SM/GFxglwuMW38sFDPg40AwtrjJlki6eJX/3UqYumgtto3+8M7+tp
CSZYhrfSiDd43DWvNRpc8O9ggzthuLT/18ILAH0zmqIbNpBf0mYieBANmQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFJGMrXLjvD4tcAet90ojki4Qt1ukMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEva1l5dGN1TzhQaTF3QjYzM1NpT1NMaEMzVzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzAwBAIAATAqAwQCLYIUAwQB
LZMyAwQAXDwoAwQCucI0AwQAufhVAwQAuf5LAwQAwiQZMDMEAgACMC0DBwAqA9nA
MAADBwAqB/4AAAEDBwAqCQAHIAcDBwAqC4nBAAMDBwAqDFnAABgwDQYJKoZIhvcN
AQELBQADggEBAIL4e3DBRXO05Hp40M8BRtbDoHdu7/Z6YjixCwHqrqw2rB5dz6sA
AClP7+g1BsC08XqwYjGuq2MEnA3QkCHJHis4JuGWna6M0PFxjTjnWLcihjUVSQKG
M5y/nj+IBOjrTBRvD6Vxa7dbbXmdZ5j8UzeFnVW4Dh+I7X+uF6Wp+0X/zUFxaP1o
OzZZvvxZg05K6haiqc+q2BRk19hyh4O1GGxI/f44SLT+Y/B3BnGdsrrWNJVxN/wl
Cwmgl8nLui0MA11fZjgdVx6ukeb920NOp41NdWVsHOv2pcR9MRyDUHb4257i2bqq
rgt5ktEJIpimSz6WlV0UCdOg2W61sHxN3/0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org