Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/sMOgC81jbbVcKptRi0Nb4ho_NY0.roa
File:                     sMOgC81jbbVcKptRi0Nb4ho_NY0.roa (raw, json)
Hash identifier:          1qGcbGEzn24pqmnb9XbnA1awWihBqHTas272mRPr3BU=
Subject key identifier:   B0:C3:A0:0B:CD:63:6D:B5:5C:2A:9B:51:8B:43:5B:E2:1A:3F:35:8D
Certificate issuer:       /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial:       018CC79583DD5B4AFA585E92DAE5355E81BE
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/sMOgC81jbbVcKptRi0Nb4ho_NY0.roa
Signing time:             Tue 02 Jan 2024 00:31:53 +0000
ROA not before:           Tue 02 Jan 2024 00:31:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1239
IP address blocks:        192.144.52.0/22 maxlen: 24
                          193.187.168.0/22 maxlen: 24
                          193.9.36.0/22 maxlen: 24
                          185.220.28.0/22 maxlen: 24
                          193.9.40.0/22 maxlen: 24
                          45.83.112.0/22 maxlen: 24
                          194.39.68.0/22 maxlen: 24
                          80.254.236.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Feb 2024 14:34:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:95:83:dd:5b:4a:fa:58:5e:92:da:e5:35:5e:81:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
        Validity
            Not Before: Jan  2 00:31:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b0c3a00bcd636db55c2a9b518b435be21a3f358d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:14:ff:bf:5d:15:8b:a6:2a:cb:72:0d:6f:da:
                    9d:82:0e:4c:fe:7d:74:03:7e:40:44:18:17:ea:de:
                    6a:c1:9a:90:f1:d6:a5:3e:97:b5:8f:0b:b7:29:ad:
                    d0:a9:37:76:e2:79:f5:1f:32:f6:00:6a:92:de:07:
                    53:ce:a0:51:14:98:cd:c0:3e:f9:3a:13:19:54:43:
                    9c:d7:d9:d2:31:cc:4d:c1:cd:72:68:6a:fa:ff:1e:
                    88:d3:6c:73:0b:9c:ca:bb:8a:42:8f:0d:ce:6d:ae:
                    3e:71:e1:72:dc:0f:77:cf:10:d7:2a:49:eb:e8:94:
                    1d:30:8e:24:2a:f5:41:27:31:9c:e7:ec:a0:6c:8f:
                    d3:a8:17:48:2a:09:77:53:58:37:16:d7:fb:06:ba:
                    e3:c1:2d:f5:ac:41:c7:e1:9b:1d:bd:20:4e:cb:fd:
                    a3:9a:6b:91:ea:67:28:c7:c7:73:b7:46:4f:74:e8:
                    b3:ac:ad:f9:b0:97:ae:0a:3f:65:39:cb:61:6f:bb:
                    36:5b:13:95:68:c8:ba:06:c2:3d:6d:a4:3f:3d:f2:
                    d4:16:6e:39:aa:ae:32:c0:d3:18:fa:26:5b:a9:c3:
                    41:45:9e:14:b0:86:25:c4:11:77:e4:46:e6:83:34:
                    aa:6b:f6:13:c0:67:03:6b:76:2b:fb:7d:3c:df:ad:
                    32:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:C3:A0:0B:CD:63:6D:B5:5C:2A:9B:51:8B:43:5B:E2:1A:3F:35:8D
            X509v3 Authority Key Identifier:
                keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/sMOgC81jbbVcKptRi0Nb4ho_NY0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.83.112.0/22
                  80.254.236.0/22
                  185.220.28.0/22
                  192.144.52.0/22
                  193.9.36.0-193.9.43.255
                  193.187.168.0/22
                  194.39.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         98:5f:ef:94:b2:95:f2:14:f0:05:7e:66:cc:d2:b9:28:41:47:
         e9:86:30:e5:0a:7d:65:6b:e5:5b:d6:c0:78:43:89:f0:53:53:
         b7:32:7c:f7:01:b2:63:9f:cb:83:e1:2e:67:e0:4f:59:8c:4c:
         ae:83:b2:53:ce:37:8b:31:fe:05:e1:41:d2:fa:cf:00:9a:c5:
         44:10:81:70:2c:89:8b:0f:f7:c9:1c:f7:16:c4:2c:d6:2e:0d:
         10:04:f3:48:67:ce:0d:97:b6:75:d5:6b:3f:61:1f:de:ab:fb:
         85:aa:f3:5b:4c:b5:29:42:f7:c9:68:7f:1e:a6:c2:9d:e1:07:
         b1:ca:d7:fb:4c:a4:98:ee:28:02:ce:ce:07:70:59:9c:e7:1a:
         ca:d3:11:b3:18:b9:8c:ce:b3:85:95:f4:81:4d:f8:27:98:11:
         92:d6:71:60:b2:cf:30:aa:cd:33:86:da:28:37:95:53:4e:f1:
         76:3d:af:29:c6:2e:22:a0:98:b5:16:ab:2c:bb:90:36:71:0c:
         c4:61:ef:ae:1c:b1:c0:09:55:f2:8c:48:8f:15:40:cf:33:4c:
         0c:1f:ab:e2:83:53:98:6e:63:18:d3:26:72:69:da:47:d4:fb:
         b3:be:42:af:cf:87:70:32:93:00:d0:ae:ea:5f:3b:06:78:b3:
         a2:9e:e0:ee
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzHlYPdW0r6WF6S2uU1XoG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjQwMTAyMDAzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGMzYTAwYmNkNjM2ZGI1NWMyYTliNTE4YjQzNWJlMjFhM2YzNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRT/v10Vi6Yqy3INb9qdgg5M/n10
A35ARBgX6t5qwZqQ8dalPpe1jwu3Ka3QqTd24nn1HzL2AGqS3gdTzqBRFJjNwD75
OhMZVEOc19nSMcxNwc1yaGr6/x6I02xzC5zKu4pCjw3Oba4+ceFy3A93zxDXKknr
6JQdMI4kKvVBJzGc5+ygbI/TqBdIKgl3U1g3Ftf7BrrjwS31rEHH4ZsdvSBOy/2j
mmuR6mcox8dzt0ZPdOizrK35sJeuCj9lOcthb7s2WxOVaMi6BsI9baQ/PfLUFm45
qq4ywNMY+iZbqcNBRZ4UsIYlxBF35EbmgzSqa/YTwGcDa3Yr+308360yYQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLDDoAvNY221XCqbUYtDW+IaPzWNMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvc01PZ0M4MWpiYlZjS3B0UmkwTmI0aG9fTlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCLVNwAwQC
UP7sAwQCudwcAwQCwJA0MAwDBALBCSQDBALBCSgDBALBu6gDBALCJ0QwDQYJKoZI
hvcNAQELBQADggEBAJhf75SylfIU8AV+ZszSuShBR+mGMOUKfWVr5VvWwHhDifBT
U7cyfPcBsmOfy4PhLmfgT1mMTK6DslPON4sx/gXhQdL6zwCaxUQQgXAsiYsP98kc
9xbELNYuDRAE80hnzg2XtnXVaz9hH96r+4Wq81tMtSlC98lofx6mwp3hB7HK1/tM
pJjuKALOzgdwWZznGsrTEbMYuYzOs4WV9IFN+CeYEZLWcWCyzzCqzTOG2ig3lVNO
8XY9rynGLiKgmLUWqyy7kDZxDMRh764cscAJVfKMSI8VQM8zTAwfq+KDU5huYxjT
JnJp2kfU+7O+Qq/Ph3AykwDQrupfOwZ4s6Ke4O4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:34 2024 by rpki-client on console-ams.rpki-client.org