Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f7189f-9d3b-4fa9-b2c1-5217df3691ab/1/SxkGv0aJbGk6968DpHpMJ4D9Fjo.roa
File:                     SxkGv0aJbGk6968DpHpMJ4D9Fjo.roa (raw, json)
Hash identifier:          4lJwE0lOmq2gh7KfsK6fWfk9jstfZ0/Rf9wW+DAXtSo=
Subject key identifier:   4B:19:06:BF:46:89:6C:69:3A:F7:AF:03:A4:7A:4C:27:80:FD:16:3A
Certificate issuer:       /CN=c76a0db0830338d2d2961e4c8ffb0ab5a03ffe5f
Certificate serial:       01856B80F1B3D61589CFB59342C2AECB869B
Authority key identifier: C7:6A:0D:B0:83:03:38:D2:D2:96:1E:4C:8F:FB:0A:B5:A0:3F:FE:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x2oNsIMDONLSlh5Mj_sKtaA__l8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/f7189f-9d3b-4fa9-b2c1-5217df3691ab/1/SxkGv0aJbGk6968DpHpMJ4D9Fjo.roa
Signing time:             Sun 01 Jan 2023 04:04:50 +0000
ROA not before:           Sun 01 Jan 2023 04:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42970
IP address blocks:        193.200.182.0/24 maxlen: 24
                          91.213.25.0/24 maxlen: 24
                          185.140.196.0/22 maxlen: 22
                          2a07:1fc0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:80:f1:b3:d6:15:89:cf:b5:93:42:c2:ae:cb:86:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c76a0db0830338d2d2961e4c8ffb0ab5a03ffe5f
        Validity
            Not Before: Jan  1 04:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b1906bf46896c693af7af03a47a4c2780fd163a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:44:a7:8f:45:6f:66:3d:62:d8:73:75:dc:83:
                    d7:d4:ab:7b:77:4c:76:07:74:74:13:18:15:ab:be:
                    c5:66:5c:0b:3d:40:d1:7d:5f:f0:a7:88:1e:10:2c:
                    db:17:13:4c:a2:72:1a:c2:59:88:d4:ea:5d:e9:21:
                    45:21:f8:f0:21:a5:99:93:4e:e6:ad:f9:84:b7:a0:
                    15:46:9f:14:3f:39:5a:bc:02:01:0d:de:ab:f9:ff:
                    00:bd:c2:70:8e:5c:e2:37:19:29:04:51:72:1d:84:
                    ee:69:9c:43:be:ec:a5:9f:57:e5:4d:c4:d2:30:13:
                    62:9f:cb:77:01:75:53:53:aa:dd:c1:a4:56:d1:30:
                    df:b6:ab:6b:6d:01:ec:1d:9d:60:d4:cb:94:5c:41:
                    b0:ed:c5:44:f5:5a:f1:b3:e0:da:5b:15:f3:b4:09:
                    a1:41:d6:44:5d:a3:87:27:54:fa:64:18:1a:b7:49:
                    e0:a1:35:7b:d3:40:b8:f6:d7:cb:00:08:02:cc:8a:
                    5e:a8:01:3e:78:ee:9b:b0:11:fd:79:2b:01:1b:5c:
                    ef:6b:6c:25:63:4f:4e:56:0d:f8:eb:68:09:b3:6a:
                    f0:a0:47:32:61:bc:14:6e:76:b2:34:f1:0d:15:5e:
                    cc:ee:7c:3e:a4:8d:5b:41:0a:be:67:a0:cf:e9:28:
                    7e:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:19:06:BF:46:89:6C:69:3A:F7:AF:03:A4:7A:4C:27:80:FD:16:3A
            X509v3 Authority Key Identifier:
                keyid:C7:6A:0D:B0:83:03:38:D2:D2:96:1E:4C:8F:FB:0A:B5:A0:3F:FE:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x2oNsIMDONLSlh5Mj_sKtaA__l8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f7189f-9d3b-4fa9-b2c1-5217df3691ab/1/SxkGv0aJbGk6968DpHpMJ4D9Fjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f7189f-9d3b-4fa9-b2c1-5217df3691ab/1/x2oNsIMDONLSlh5Mj_sKtaA__l8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.213.25.0/24
                  185.140.196.0/22
                  193.200.182.0/24
                IPv6:
                  2a07:1fc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         47:04:32:09:4a:79:b4:f5:3b:40:72:2f:ca:b2:63:b1:7e:d4:
         fb:64:81:bb:c7:58:3e:c3:10:25:05:0d:ae:d0:0b:ad:1a:1b:
         09:57:8d:6c:77:65:28:ce:0f:9c:d2:3d:60:0f:6d:de:ce:07:
         3d:64:db:78:c8:02:fb:ac:43:33:6c:88:ee:dc:63:6a:90:f2:
         cd:41:97:f1:43:7e:c8:52:74:3b:f7:bd:e1:4a:5b:9e:70:e7:
         9c:bf:f9:f6:82:5c:ba:7a:9c:fb:0e:6d:b3:c6:c1:c5:1e:dd:
         a3:af:e1:4b:ca:57:ba:37:4f:66:27:e0:9c:33:35:bb:44:52:
         73:c2:8d:27:20:c7:61:38:f8:f5:b9:bf:33:a2:fe:58:22:47:
         03:06:a6:79:16:5b:d5:7c:41:c7:35:43:f5:ca:f4:da:e8:75:
         16:91:5b:e4:42:d7:0e:56:ae:60:22:3b:ec:ff:7a:5e:99:5b:
         1c:92:54:e6:a4:d4:ca:72:28:89:75:1e:d2:39:8e:4e:d4:f7:
         6f:ab:d0:b4:ce:e7:a7:cd:d2:13:5e:d8:a6:c8:08:d8:57:d5:
         de:dd:10:32:a7:b5:77:14:2a:9a:d6:5a:e4:fa:9d:76:92:f6:
         10:cf:7f:5b:da:5b:1c:f7:6f:b4:e2:f8:0f:1e:b5:76:d9:6d:
         bb:34:81:06
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVrgPGz1hWJz7WTQsKuy4abMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NmEwZGIwODMwMzM4ZDJkMjk2MWU0YzhmZmIwYWI1YTAz
ZmZlNWYwHhcNMjMwMTAxMDQwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjE5MDZiZjQ2ODk2YzY5M2FmN2FmMDNhNDdhNGMyNzgwZmQxNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kSnj0VvZj1i2HN13IPX1Kt7d0x2
B3R0ExgVq77FZlwLPUDRfV/wp4geECzbFxNMonIawlmI1Opd6SFFIfjwIaWZk07m
rfmEt6AVRp8UPzlavAIBDd6r+f8AvcJwjlziNxkpBFFyHYTuaZxDvuyln1flTcTS
MBNin8t3AXVTU6rdwaRW0TDftqtrbQHsHZ1g1MuUXEGw7cVE9Vrxs+DaWxXztAmh
QdZEXaOHJ1T6ZBgat0ngoTV700C49tfLAAgCzIpeqAE+eO6bsBH9eSsBG1zva2wl
Y09OVg3462gJs2rwoEcyYbwUbnayNPENFV7M7nw+pI1bQQq+Z6DP6Sh+VQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEsZBr9GiWxpOvevA6R6TCeA/RY6MB8GA1UdIwQY
MBaAFMdqDbCDAzjS0pYeTI/7CrWgP/5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDJvTnNJTURPTkxTbGg1TWpfc0t0YUFfX2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mNzE4OWYtOWQzYi00ZmE5LWIyYzEt
NTIxN2RmMzY5MWFiLzEvU3hrR3YwYUpiR2s2OTY4RHBIcE1KNEQ5RmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mNzE4OWYtOWQzYi00ZmE5LWIyYzEtNTIxN2RmMzY5MWFi
LzEveDJvTnNJTURPTkxTbGg1TWpfc0t0YUFfX2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9UZAwQC
uYzEAwQAwci2MA0EAgACMAcDBQMqBx/AMA0GCSqGSIb3DQEBCwUAA4IBAQBHBDIJ
Snm09TtAci/KsmOxftT7ZIG7x1g+wxAlBQ2u0AutGhsJV41sd2Uozg+c0j1gD23e
zgc9ZNt4yAL7rEMzbIju3GNqkPLNQZfxQ37IUnQ7973hSluecOecv/n2gly6epz7
Dm2zxsHFHt2jr+FLyle6N09mJ+CcMzW7RFJzwo0nIMdhOPj1ub8zov5YIkcDBqZ5
FlvVfEHHNUP1yvTa6HUWkVvkQtcOVq5gIjvs/3pemVscklTmpNTKciiJdR7SOY5O
1Pdvq9C0zuenzdITXtimyAjYV9Xe3RAyp7V3FCqa1lrk+p12kvYQz39b2lsc92+0
4vgPHrV22W27NIEG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:38 2024 by rpki-client on console-fra.rpki-client.org