Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/9ryfSr8iQfZFCosLfn2ha5Cst5Q.roa
File:                     9ryfSr8iQfZFCosLfn2ha5Cst5Q.roa (raw, json)
Hash identifier:          2gSETWnwHrW3ARClijSEeGjdI6CDg/acuQsmOcKdXT4=
Subject key identifier:   F6:BC:9F:4A:BF:22:41:F6:45:0A:8B:0B:7E:7D:A1:6B:90:AC:B7:94
Certificate issuer:       /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial:       018872451C8E307878855F3E0E80AB0B9A6C
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/9ryfSr8iQfZFCosLfn2ha5Cst5Q.roa
Signing time:             Wed 31 May 2023 14:45:11 +0000
ROA not before:           Wed 31 May 2023 14:45:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49121
IP address blocks:        37.221.71.0/24 maxlen: 24
                          37.221.68.0/24 maxlen: 24
                          37.221.69.0/24 maxlen: 24
                          37.221.70.0/24 maxlen: 24
                          45.87.118.0/24 maxlen: 24
                          45.87.117.0/24 maxlen: 24
                          45.87.119.0/24 maxlen: 24
                          185.186.0.0/24 maxlen: 24
                          2a09:e200:e200::/48 maxlen: 48
                          2a09:e200::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 14 Aug 2023 06:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:72:45:1c:8e:30:78:78:85:5f:3e:0e:80:ab:0b:9a:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
        Validity
            Not Before: May 31 14:45:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f6bc9f4abf2241f6450a8b0b7e7da16b90acb794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:89:1e:7e:b6:f8:c0:d8:a5:60:62:6d:27:45:
                    b7:5b:b7:2c:fe:d9:95:94:15:fd:ae:cd:e8:0f:b6:
                    77:39:f5:a3:99:92:f6:7e:83:77:f3:07:b0:51:71:
                    5b:98:a4:14:8c:b4:94:95:7e:c7:81:19:b2:02:da:
                    93:e3:0c:c1:fa:b8:84:c1:81:09:2e:36:df:77:ca:
                    43:0d:88:50:b1:54:54:8b:64:3c:13:a6:e7:d6:fd:
                    53:30:db:14:a7:fa:99:97:86:5f:07:05:64:ad:c7:
                    96:4c:a8:f6:bd:12:df:3f:44:9c:74:69:f0:93:f1:
                    32:85:26:e7:94:f0:4d:8d:62:69:79:d5:90:3f:d6:
                    a9:64:d1:c3:dc:ad:b6:da:70:f3:c2:c2:a4:26:60:
                    ac:e6:ec:95:49:ed:33:0c:93:d9:5e:2d:24:c6:4f:
                    94:71:6c:b3:d2:b2:96:8a:3f:c2:15:10:5b:df:83:
                    e5:b0:e1:7d:82:99:ba:f1:ee:fc:8a:9c:86:99:6d:
                    0c:e3:27:06:e4:18:fc:1b:a9:b9:d1:b3:d4:c7:65:
                    93:85:79:44:96:1e:57:12:47:5d:06:8f:bd:e1:78:
                    48:a5:ef:7f:46:84:a3:bf:f6:d5:23:61:36:42:63:
                    ab:b1:82:f0:94:09:fe:98:3a:cc:94:e1:17:30:e3:
                    48:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:BC:9F:4A:BF:22:41:F6:45:0A:8B:0B:7E:7D:A1:6B:90:AC:B7:94
            X509v3 Authority Key Identifier:
                keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/9ryfSr8iQfZFCosLfn2ha5Cst5Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.68.0/22
                  45.87.117.0-45.87.119.255
                  185.186.0.0/24
                IPv6:
                  2a09:e200::/48
                  2a09:e200:e200::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:82:76:51:93:c9:24:46:a9:eb:a5:c7:08:23:40:33:cc:f1:
         5c:18:a9:0f:e7:c3:81:ce:ea:17:7d:97:42:e5:5a:4e:8a:86:
         cc:12:2c:8e:d0:2b:05:11:8d:60:1e:d5:71:86:e5:7f:88:bf:
         cc:bc:aa:5b:fd:58:ab:61:86:3a:72:a2:c9:5b:b3:c7:0a:97:
         96:32:42:15:13:4c:85:c1:23:bf:43:52:60:aa:29:d4:15:4f:
         53:be:ea:7b:b8:29:6b:e8:12:f5:50:2c:b5:a1:61:9b:ab:b6:
         04:91:db:20:9e:fd:d2:c5:a0:1d:bb:f9:46:40:92:61:9c:81:
         70:c4:3d:ec:59:8f:44:77:5b:8f:77:78:a9:dd:15:ed:10:aa:
         d8:12:b4:95:8b:a0:89:41:66:04:42:32:69:a3:7c:72:0e:bf:
         13:27:ab:1d:3e:10:b4:29:89:98:ee:6f:cf:8a:7c:e7:dc:69:
         8a:16:d5:43:34:74:9a:a5:af:30:66:29:eb:8d:79:2e:e7:d6:
         d0:3c:84:22:11:e7:11:d2:cc:de:d7:70:d3:0b:82:52:8d:8b:
         5d:37:38:ba:6d:bf:c9:29:81:b8:32:15:03:0d:4b:89:7d:31:
         31:d3:8a:58:76:33:cd:c6:be:b8:e3:11:6f:3a:eb:9d:d3:63:
         5e:36:6a:dc
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYhyRRyOMHh4hV8+DoCrC5psMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWFkZTlmZWFlZGM0MDZkZjVlMTFiY2VmMDM5M2NkNWU5
ZmQwZGQwHhcNMjMwNTMxMTQ0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmJjOWY0YWJmMjI0MWY2NDUwYThiMGI3ZTdkYTE2YjkwYWNiNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIkefrb4wNilYGJtJ0W3W7cs/tmV
lBX9rs3oD7Z3OfWjmZL2foN38wewUXFbmKQUjLSUlX7HgRmyAtqT4wzB+riEwYEJ
Ljbfd8pDDYhQsVRUi2Q8E6bn1v1TMNsUp/qZl4ZfBwVkrceWTKj2vRLfP0ScdGnw
k/EyhSbnlPBNjWJpedWQP9apZNHD3K222nDzwsKkJmCs5uyVSe0zDJPZXi0kxk+U
cWyz0rKWij/CFRBb34PlsOF9gpm68e78ipyGmW0M4ycG5Bj8G6m50bPUx2WThXlE
lh5XEkddBo+94XhIpe9/RoSjv/bVI2E2QmOrsYLwlAn+mDrMlOEXMONIBQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPa8n0q/IkH2RQqLC359oWuQrLeUMB8GA1UdIwQY
MBaAFFea3p/q7cQG314RvO8Dk81en9DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmIt
MjA4ZWYzMmMwMjAyLzEvOXJ5ZlNyOGlRZlpGQ29zTGZuMmhhNUNzdDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmItMjA4ZWYzMmMwMjAy
LzEvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAgBAIAATAaAwQCJd1EMAwD
BAAtV3UDBAMtV3ADBAC5ugAwGAQCAAIwEgMHACoJ4gAAAAMHACoJ4gDiADANBgkq
hkiG9w0BAQsFAAOCAQEAeYJ2UZPJJEap66XHCCNAM8zxXBipD+fDgc7qF32XQuVa
ToqGzBIsjtArBRGNYB7VcYblf4i/zLyqW/1Yq2GGOnKiyVuzxwqXljJCFRNMhcEj
v0NSYKop1BVPU77qe7gpa+gS9VAstaFhm6u2BJHbIJ790sWgHbv5RkCSYZyBcMQ9
7FmPRHdbj3d4qd0V7RCq2BK0lYugiUFmBEIyaaN8cg6/EyerHT4QtCmJmO5vz4p8
59xpihbVQzR0mqWvMGYp6415LufW0DyEIhHnEdLM3tdw0wuCUo2LXTc4um2/ySmB
uDIVAw1LiX0xMdOKWHYzzca+uOMRbzrrndNjXjZq3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:13 2024 by rpki-client on console-ams.rpki-client.org