Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/c1BE3Tdddk18T-SFOicd98jTxvs.roa
File:                     c1BE3Tdddk18T-SFOicd98jTxvs.roa (raw, json)
Hash identifier:          W7uv/8g9fGU4BQ2cddiLR7P3K4f7Y4WjsyZ59eEdHhA=
Subject key identifier:   73:50:44:DD:37:5D:76:4D:7C:4F:E4:85:3A:27:1D:F7:C8:D3:C6:FB
Certificate issuer:       /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Certificate serial:       018570B0AB66B8DBA20AFA8D5AA7427CE99D
Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/c1BE3Tdddk18T-SFOicd98jTxvs.roa
Signing time:             Mon 02 Jan 2023 04:15:04 +0000
ROA not before:           Mon 02 Jan 2023 04:15:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1853
IP address blocks:        193.170.0.0/15 maxlen: 15
                          78.104.0.0/16 maxlen: 16
                          193.171.1.0/24 maxlen: 24
                          185.154.40.0/22 maxlen: 22
                          2001:628::/29 maxlen: 29
                          2001:67c:1864::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:b0:ab:66:b8:db:a2:0a:fa:8d:5a:a7:42:7c:e9:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
        Validity
            Not Before: Jan  2 04:15:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=735044dd375d764d7c4fe4853a271df7c8d3c6fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f5:49:e8:69:ee:fe:fe:8a:b3:d9:d1:39:4c:
                    a0:a4:81:b1:32:55:6c:09:77:44:3e:19:9e:3a:88:
                    ca:2b:e7:3d:72:60:12:e1:54:0c:91:e1:2f:b6:a0:
                    81:4a:3c:7d:bc:2d:94:12:75:93:88:e2:9c:e2:0e:
                    15:38:70:5f:5e:5b:98:7f:37:7b:c9:db:7b:29:f3:
                    6b:f6:41:95:fa:6f:07:4b:08:92:ad:f3:df:9d:a1:
                    cd:bd:3c:3f:94:fc:6b:a5:3b:d9:fa:4b:52:11:89:
                    f4:7e:d8:fc:f9:d4:9a:d9:c1:8c:38:c9:62:91:65:
                    d3:d9:ce:1d:93:11:2f:a2:3a:80:95:56:8c:48:9b:
                    2e:df:c5:c2:4d:98:04:16:3e:43:6b:e2:26:20:10:
                    e4:92:98:74:85:22:58:8a:5c:0e:17:cf:4a:86:aa:
                    92:5a:98:da:17:95:41:1d:c1:9f:78:6e:e1:98:f9:
                    f7:93:e5:da:93:48:ee:67:3f:b0:a4:c3:94:58:72:
                    aa:81:00:75:7e:ed:03:5c:0a:af:b6:1a:b3:b1:15:
                    f0:e6:35:99:ae:f1:13:a4:ff:4b:7d:44:af:85:b7:
                    43:46:32:8e:d4:1f:85:53:5b:a9:dc:34:de:88:8b:
                    54:c3:90:51:81:2e:c6:b7:e5:83:f8:d8:b1:b2:10:
                    b7:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:50:44:DD:37:5D:76:4D:7C:4F:E4:85:3A:27:1D:F7:C8:D3:C6:FB
            X509v3 Authority Key Identifier:
                keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/c1BE3Tdddk18T-SFOicd98jTxvs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.104.0.0/16
                  185.154.40.0/22
                  193.170.0.0/15
                IPv6:
                  2001:628::/29
                  2001:67c:1864::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:25:37:af:af:f0:f6:d1:b8:0f:0f:c2:29:ad:9f:40:d9:e5:
         64:87:ec:2b:8d:43:a4:88:a1:71:4f:9e:06:cd:a2:a7:03:de:
         d8:a0:70:61:d6:6c:2c:be:51:35:53:4f:37:06:39:2e:6c:84:
         20:37:be:6d:b9:47:52:ea:9b:13:08:b3:88:17:52:eb:e1:27:
         c5:7c:96:a4:bb:99:52:d0:83:0b:4a:b7:41:19:6f:d7:be:a6:
         9f:52:43:33:57:de:a4:32:01:af:df:f7:f8:8f:33:f9:27:66:
         1d:b0:a5:db:ab:92:98:86:b6:56:b6:db:c9:d4:c5:e9:d8:f9:
         f3:44:d0:6f:61:bb:e0:d3:fb:a5:84:65:d3:5a:f7:e6:e4:01:
         f0:3f:c2:24:29:54:df:cf:f2:41:78:08:3c:92:33:0a:92:b2:
         80:3c:1c:e9:39:ee:87:54:1f:8d:d5:d2:ee:f5:f1:fd:e0:66:
         0a:2c:9a:e8:f0:4a:30:8f:aa:2e:c8:2c:a3:13:5b:c2:af:b4:
         f7:06:73:05:57:dc:b9:f3:89:c0:90:28:82:67:5a:f1:3b:a8:
         44:17:73:be:11:91:d2:a5:84:35:b2:16:2f:b7:51:66:71:40:
         f2:61:d2:e5:f6:11:bc:f9:ea:ce:47:4c:47:fa:e3:62:b3:18:
         a9:e2:5e:29
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVwsKtmuNuiCvqNWqdCfOmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDg0NDhjNWNiOTAzOThlNGMyODVjZWM5YzBmNDc2NmFj
OTMxZGYwHhcNMjMwMTAyMDQxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzUwNDRkZDM3NWQ3NjRkN2M0ZmU0ODUzYTI3MWRmN2M4ZDNjNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPVJ6Gnu/v6Ks9nROUygpIGxMlVs
CXdEPhmeOojKK+c9cmAS4VQMkeEvtqCBSjx9vC2UEnWTiOKc4g4VOHBfXluYfzd7
ydt7KfNr9kGV+m8HSwiSrfPfnaHNvTw/lPxrpTvZ+ktSEYn0ftj8+dSa2cGMOMli
kWXT2c4dkxEvojqAlVaMSJsu38XCTZgEFj5Da+ImIBDkkph0hSJYilwOF89KhqqS
WpjaF5VBHcGfeG7hmPn3k+Xak0juZz+wpMOUWHKqgQB1fu0DXAqvthqzsRXw5jWZ
rvETpP9LfUSvhbdDRjKO1B+FU1up3DTeiItUw5BRgS7Gt+WD+NixshC3/wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHNQRN03XXZNfE/khTonHffI08b7MB8GA1UdIwQY
MBaAFCPYRIxcuQOY5MKFzsnA9HZqyTHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUt
Zjc3MmEwMTM5MDE2LzEvYzFCRTNUZGRkazE4VC1TRk9pY2Q5OGpUeHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUtZjc3MmEwMTM5MDE2
LzEvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAWBAIAATAQAwMATmgDBAK5
migDAwHBqjAWBAIAAjAQAwUDIAEGKAMHACABBnwYZDANBgkqhkiG9w0BAQsFAAOC
AQEAQCU3r6/w9tG4Dw/CKa2fQNnlZIfsK41DpIihcU+eBs2ipwPe2KBwYdZsLL5R
NVNPNwY5LmyEIDe+bblHUuqbEwiziBdS6+EnxXyWpLuZUtCDC0q3QRlv176mn1JD
M1fepDIBr9/3+I8z+SdmHbCl26uSmIa2VrbbydTF6dj580TQb2G74NP7pYRl01r3
5uQB8D/CJClU38/yQXgIPJIzCpKygDwc6Tnuh1QfjdXS7vXx/eBmCiya6PBKMI+q
LsgsoxNbwq+09wZzBVfcufOJwJAogmda8TuoRBdzvhGR0qWENbIWL7dRZnFA8mHS
5fYRvPnqzkdMR/rjYrMYqeJeKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:25 2024 by rpki-client on console-fra.rpki-client.org