Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/gDqbpdvS8H9RJdyeNLCKj7vcM5c.roa
File:                     gDqbpdvS8H9RJdyeNLCKj7vcM5c.roa (raw, json)
Hash identifier:          tF1ds8ZMACLyoT2o5ObgxYiRr7dByUX7b+BxpcAvR94=
Subject key identifier:   80:3A:9B:A5:DB:D2:F0:7F:51:25:DC:9E:34:B0:8A:8F:BB:DC:33:97
Certificate issuer:       /CN=33954330349f57502a76ae6e99987efc3e3b8109
Certificate serial:       01856C4A53B58A511A44B1016ADD6DAE52B6
Authority key identifier: 33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/gDqbpdvS8H9RJdyeNLCKj7vcM5c.roa
Signing time:             Sun 01 Jan 2023 07:44:48 +0000
ROA not before:           Sun 01 Jan 2023 07:44:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198330
IP address blocks:        185.55.96.0/22 maxlen: 24
                          185.104.172.0/22 maxlen: 24
                          185.128.64.0/22 maxlen: 24
                          45.12.224.0/22 maxlen: 24
                          134.90.136.0/21 maxlen: 24
                          45.10.180.0/22 maxlen: 24
                          2a03:c280::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 06:57:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:4a:53:b5:8a:51:1a:44:b1:01:6a:dd:6d:ae:52:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33954330349f57502a76ae6e99987efc3e3b8109
        Validity
            Not Before: Jan  1 07:44:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=803a9ba5dbd2f07f5125dc9e34b08a8fbbdc3397
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:9a:51:95:21:ed:c6:57:9c:37:fe:ab:b9:1c:
                    70:87:98:0d:d1:67:7e:de:45:a8:b2:03:fa:22:8f:
                    30:26:c4:1f:9e:c3:c6:87:17:7c:67:e9:dc:4c:93:
                    3d:98:07:43:a1:f8:ff:ef:27:71:2d:2a:d9:4b:1c:
                    bf:e6:26:ff:c6:7a:f9:0e:e8:46:43:68:d2:8b:a7:
                    13:32:e7:32:23:a0:47:98:3a:1a:d0:13:c6:a6:ab:
                    83:47:77:23:77:23:74:60:39:92:e6:b9:d5:86:60:
                    b0:38:ad:a5:62:cd:28:b1:a4:ed:d3:ef:8c:2c:32:
                    29:5a:1e:6d:8f:ad:d9:b8:2b:aa:a1:aa:9e:30:29:
                    e0:f4:77:d1:2f:a2:76:a6:b1:f3:70:d9:89:23:14:
                    be:2b:44:b6:41:25:f5:b4:e1:84:b9:d2:d9:16:7f:
                    e2:01:aa:52:3a:17:76:be:a8:c2:e7:a9:8c:10:4b:
                    48:1e:c7:e4:6d:8c:3a:cd:d1:9e:0b:60:d0:74:35:
                    cb:3f:b9:26:da:ba:21:9d:16:7b:90:5e:ff:47:e9:
                    bb:e0:8b:16:7b:ab:ba:18:29:88:ae:10:86:51:90:
                    01:b5:5e:b4:c6:bb:23:90:f7:da:4c:ed:94:24:64:
                    c9:d3:41:8d:64:f5:42:ca:34:a4:a7:77:72:a8:06:
                    9d:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:3A:9B:A5:DB:D2:F0:7F:51:25:DC:9E:34:B0:8A:8F:BB:DC:33:97
            X509v3 Authority Key Identifier:
                keyid:33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/gDqbpdvS8H9RJdyeNLCKj7vcM5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/M5VDMDSfV1Aqdq5umZh-_D47gQk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.180.0/22
                  45.12.224.0/22
                  134.90.136.0/21
                  185.55.96.0/22
                  185.104.172.0/22
                  185.128.64.0/22
                IPv6:
                  2a03:c280::/32

    Signature Algorithm: sha256WithRSAEncryption
         80:4c:3f:cd:a0:fd:5f:3c:a0:e7:42:25:73:11:60:d7:23:e7:
         d5:66:01:ee:b4:a7:6a:27:f1:9f:44:31:66:0f:fd:d6:7f:fa:
         e7:b9:cf:66:c7:f8:a5:d2:c7:5a:a1:1c:0e:c0:2d:db:44:53:
         b7:b8:dc:1f:29:4f:1c:3e:9f:e2:94:5a:90:f1:f2:a5:13:80:
         59:d8:d5:2e:f7:d2:0c:1d:91:79:74:37:43:8c:3a:e1:76:43:
         53:a9:24:87:59:95:ee:22:90:2b:e9:44:3e:ab:d4:c8:4c:e5:
         3e:cc:a8:11:42:65:27:2c:3c:88:35:3f:f9:a7:a7:c5:e8:6f:
         d0:cf:64:a2:48:25:9c:c7:ff:91:c2:e8:ae:bc:ca:f7:97:48:
         df:74:2c:21:d9:f5:13:a1:53:70:8b:e8:76:23:c8:b2:3e:c7:
         98:86:24:d9:18:df:3f:54:34:c0:37:5d:28:ed:30:4a:ff:8a:
         1c:13:16:1a:67:83:86:52:26:66:c6:92:0e:8a:01:6a:5d:10:
         bb:de:a5:b7:0b:cb:0a:3b:5e:96:75:33:d5:eb:93:3b:5d:0b:
         ff:68:0e:dc:85:13:af:65:ef:46:69:01:c9:4d:1d:9f:49:0a:
         19:1d:39:96:3b:b6:1f:55:47:65:59:36:5b:15:d1:2b:27:fd:
         4b:f7:7e:c4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVsSlO1ilEaRLEBat1trlK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOTU0MzMwMzQ5ZjU3NTAyYTc2YWU2ZTk5OTg3ZWZjM2Uz
YjgxMDkwHhcNMjMwMTAxMDc0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDNhOWJhNWRiZDJmMDdmNTEyNWRjOWUzNGIwOGE4ZmJiZGMzMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5pRlSHtxlecN/6ruRxwh5gN0Wd+
3kWosgP6Io8wJsQfnsPGhxd8Z+ncTJM9mAdDofj/7ydxLSrZSxy/5ib/xnr5DuhG
Q2jSi6cTMucyI6BHmDoa0BPGpquDR3cjdyN0YDmS5rnVhmCwOK2lYs0osaTt0++M
LDIpWh5tj63ZuCuqoaqeMCng9HfRL6J2prHzcNmJIxS+K0S2QSX1tOGEudLZFn/i
AapSOhd2vqjC56mMEEtIHsfkbYw6zdGeC2DQdDXLP7km2rohnRZ7kF7/R+m74IsW
e6u6GCmIrhCGUZABtV60xrsjkPfaTO2UJGTJ00GNZPVCyjSkp3dyqAadxwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIA6m6Xb0vB/USXcnjSwio+73DOXMB8GA1UdIwQY
MBaAFDOVQzA0n1dQKnaubpmYfvw+O4EJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTVWRE1EU2ZWMUFxZHE1dW1aaC1fRDQ3Z1FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wZjE5ZTktMWIyYi00ODEyLWFiNWEt
ZmRmODRmODNhMjc0LzEvZ0RxYnBkdlM4SDlSSmR5ZU5MQ0tqN3ZjTTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wZjE5ZTktMWIyYi00ODEyLWFiNWEtZmRmODRmODNhMjc0
LzEvTTVWRE1EU2ZWMUFxZHE1dW1aaC1fRDQ3Z1FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLQq0AwQC
LQzgAwQDhlqIAwQCuTdgAwQCuWisAwQCuYBAMA0EAgACMAcDBQAqA8KAMA0GCSqG
SIb3DQEBCwUAA4IBAQCATD/NoP1fPKDnQiVzEWDXI+fVZgHutKdqJ/GfRDFmD/3W
f/rnuc9mx/il0sdaoRwOwC3bRFO3uNwfKU8cPp/ilFqQ8fKlE4BZ2NUu99IMHZF5
dDdDjDrhdkNTqSSHWZXuIpAr6UQ+q9TITOU+zKgRQmUnLDyINT/5p6fF6G/Qz2Si
SCWcx/+RwuiuvMr3l0jfdCwh2fUToVNwi+h2I8iyPseYhiTZGN8/VDTAN10o7TBK
/4ocExYaZ4OGUiZmxpIOigFqXRC73qW3C8sKO16WdTPV65M7XQv/aA7chROvZe9G
aQHJTR2fSQoZHTmWO7YfVUdlWTZbFdErJ/1L937E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:25 2024 by rpki-client on console-fra.rpki-client.org