Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/PykUiJsM_moAgHvqVQprb-xQS44.roa
File:                     PykUiJsM_moAgHvqVQprb-xQS44.roa (raw, json)
Hash identifier:          1et6ngkw4ygaEVwzvXBl/b9Pzn71gz1/ZTp2w1WTzrg=
Subject key identifier:   3F:29:14:88:9B:0C:FE:6A:00:80:7B:EA:55:0A:6B:6F:EC:50:4B:8E
Certificate issuer:       /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial:       01856E7902B415C23EB938CBA9CB5E64582A
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/PykUiJsM_moAgHvqVQprb-xQS44.roa
Signing time:             Sun 01 Jan 2023 17:55:02 +0000
ROA not before:           Sun 01 Jan 2023 17:55:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3170
IP address blocks:        193.8.173.0/24 maxlen: 24
                          147.189.141.0/24 maxlen: 24
                          45.14.112.0/24 maxlen: 24
                          2a0e:c80:1::/48 maxlen: 48
                          2a0e:c80:2::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:79:02:b4:15:c2:3e:b9:38:cb:a9:cb:5e:64:58:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
        Validity
            Not Before: Jan  1 17:55:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3f2914889b0cfe6a00807bea550a6b6fec504b8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:99:1c:2d:e5:3a:e7:7c:85:37:b2:28:09:37:
                    04:b6:a1:66:d8:e8:b1:6a:70:7e:13:0b:df:4a:ae:
                    57:3e:41:1a:7e:41:a7:21:11:d8:d5:13:b2:24:21:
                    45:c8:79:2b:a2:e5:18:e4:a2:66:c0:97:d8:42:a3:
                    dc:3a:6d:1f:10:c6:bd:0c:10:3c:d8:f4:fe:8d:17:
                    a0:70:de:52:ef:a3:f1:25:1d:88:03:a3:f4:87:c8:
                    07:8a:7d:b0:fd:48:e1:fc:db:fc:aa:5a:2c:a7:d4:
                    71:44:aa:dd:19:96:e1:06:5c:80:4b:10:2e:f1:e1:
                    8e:f0:a0:68:b9:7e:60:f4:54:e9:a3:0b:0e:56:94:
                    36:d8:8c:f0:3a:15:54:cc:a4:37:59:30:51:e8:ca:
                    ea:8b:99:22:94:fe:7a:58:a2:83:8e:0f:af:8f:18:
                    e0:2f:45:13:9a:c1:5e:e0:18:3f:8e:af:1c:9c:a2:
                    82:0d:b3:41:92:29:74:13:0e:59:d4:d5:a6:24:1a:
                    2a:e9:00:84:c5:fe:98:37:d6:39:1a:0e:99:4a:f3:
                    d6:bc:49:a3:0e:8f:2d:4e:8e:6e:f7:82:1e:06:12:
                    a1:ac:9b:8b:0c:08:d5:4b:60:3d:ed:00:96:99:90:
                    4e:68:bd:06:81:1e:cd:db:90:9d:53:aa:34:0c:12:
                    0b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:29:14:88:9B:0C:FE:6A:00:80:7B:EA:55:0A:6B:6F:EC:50:4B:8E
            X509v3 Authority Key Identifier:
                keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/PykUiJsM_moAgHvqVQprb-xQS44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.14.112.0/24
                  147.189.141.0/24
                  193.8.173.0/24
                IPv6:
                  2a0e:c80:1::-2a0e:c80:2:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         8e:1f:c0:94:86:51:df:f9:cf:2a:7b:89:e1:e0:4c:9f:2c:59:
         40:90:ac:68:24:fd:6b:42:fe:d3:ea:d1:23:98:0c:55:3f:dc:
         37:b2:7d:3e:3f:6e:07:b7:c5:d8:7f:07:85:85:f4:37:77:9e:
         f4:1a:8a:4e:56:7a:70:37:5e:52:f0:a8:a9:af:6f:a5:5a:75:
         df:b3:26:0a:57:0d:a4:9d:3c:11:3a:ae:28:86:ec:28:a6:e9:
         38:dc:4c:49:92:87:65:27:23:e5:ee:d5:09:c8:34:3b:aa:f6:
         dc:ce:7d:8e:f4:24:f1:20:fb:4f:4f:e4:88:90:d1:b9:d2:89:
         41:0e:88:57:77:de:41:05:55:b1:e0:ff:65:3f:b1:4b:80:ae:
         4a:2a:a6:c1:8c:06:27:82:d6:06:14:5b:ee:7f:57:ac:dc:80:
         70:ad:a5:76:77:19:3e:bd:ee:88:8a:d3:05:95:b2:66:81:2f:
         12:c4:d2:72:da:3d:ec:7a:47:7c:e8:1d:21:cd:94:ba:ea:ee:
         c8:05:5c:69:22:ad:f2:ff:de:88:3b:f1:2d:7c:d7:39:48:9e:
         c0:b6:b2:1e:83:0e:3c:3d:be:0c:32:c6:86:90:e8:d7:2c:83:
         b4:a6:a6:98:dc:17:e4:b0:82:88:49:41:ba:27:68:9f:fe:58:
         eb:7a:2f:ce
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVueQK0FcI+uTjLqcteZFgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjMwMTAxMTc1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjI5MTQ4ODliMGNmZTZhMDA4MDdiZWE1NTBhNmI2ZmVjNTA0YjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppkcLeU653yFN7IoCTcEtqFm2Oix
anB+EwvfSq5XPkEafkGnIRHY1ROyJCFFyHkrouUY5KJmwJfYQqPcOm0fEMa9DBA8
2PT+jRegcN5S76PxJR2IA6P0h8gHin2w/Ujh/Nv8qlosp9RxRKrdGZbhBlyASxAu
8eGO8KBouX5g9FTpowsOVpQ22IzwOhVUzKQ3WTBR6Mrqi5kilP56WKKDjg+vjxjg
L0UTmsFe4Bg/jq8cnKKCDbNBkil0Ew5Z1NWmJBoq6QCExf6YN9Y5Gg6ZSvPWvEmj
Do8tTo5u94IeBhKhrJuLDAjVS2A97QCWmZBOaL0GgR7N25CdU6o0DBILmwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFD8pFIibDP5qAIB76lUKa2/sUEuOMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL1B5a1VpSnNNX21vQWdIdnFWUXByYi14UVM0NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRwYIKwYBBQUHAQcBAf8EODA2MBgEAgABMBIDBAAtDnAD
BACTvY0DBADBCK0wGgQCAAIwFDASAwcAKg4MgAABAwcAKg4MgAACMA0GCSqGSIb3
DQEBCwUAA4IBAQCOH8CUhlHf+c8qe4nh4EyfLFlAkKxoJP1rQv7T6tEjmAxVP9w3
sn0+P24Ht8XYfweFhfQ3d570GopOVnpwN15S8Kipr2+lWnXfsyYKVw2knTwROq4o
huwopuk43ExJkodlJyPl7tUJyDQ7qvbczn2O9CTxIPtPT+SIkNG50olBDohXd95B
BVWx4P9lP7FLgK5KKqbBjAYngtYGFFvuf1es3IBwraV2dxk+ve6IitMFlbJmgS8S
xNJy2j3sekd86B0hzZS66u7IBVxpIq3y/96IO/EtfNc5SJ7AtrIegw48Pb4MMsaG
kOjXLIO0pqaY3BfksIKISUG6J2if/ljrei/O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:12 2024 by rpki-client on console-fra.rpki-client.org