Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/vS1qT1PqPguAEmENub2o4vPIcJs.roa
File:                     vS1qT1PqPguAEmENub2o4vPIcJs.roa (raw, json)
Hash identifier:          wBzJRhTRSfd63bzIDVMCHXDxxOMHwP0h/nyF+UMKfCA=
Subject key identifier:   BD:2D:6A:4F:53:EA:3E:0B:80:12:61:0D:B9:BD:A8:E2:F3:C8:70:9B
Certificate issuer:       /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial:       0185737180FC6A19B79F20AD130519B43F78
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/vS1qT1PqPguAEmENub2o4vPIcJs.roa
Signing time:             Mon 02 Jan 2023 17:04:56 +0000
ROA not before:           Mon 02 Jan 2023 17:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        185.1.230.0/25 maxlen: 25
                          185.1.230.128/25 maxlen: 25
                          212.237.192.0/24 maxlen: 24
                          212.237.193.0/24 maxlen: 24
                          195.69.118.0/24 maxlen: 24
                          195.69.117.0/24 maxlen: 24
                          195.69.116.0/24 maxlen: 24
                          195.69.119.0/24 maxlen: 24
                          195.245.240.0/24 maxlen: 24
                          2001:7f8:122::/49 maxlen: 49
                          2001:7f8:122:8000::/49 maxlen: 49

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 13:27:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:71:80:fc:6a:19:b7:9f:20:ad:13:05:19:b4:3f:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
        Validity
            Not Before: Jan  2 17:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bd2d6a4f53ea3e0b8012610db9bda8e2f3c8709b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d0:03:2f:46:95:9f:a0:50:f2:b9:07:73:34:
                    13:6f:f8:cb:b7:99:18:13:6e:11:f4:25:9b:e2:53:
                    e4:84:11:cf:a2:7c:e1:bd:ac:c2:0e:60:b4:1a:12:
                    02:33:2e:7f:96:5f:3b:ce:1d:be:c0:f6:d1:e9:64:
                    84:4b:07:ad:52:0c:9c:a3:1b:48:a1:82:55:7f:98:
                    86:7d:cd:8c:09:d5:69:29:34:dd:fd:de:da:f1:0e:
                    fb:72:fa:ce:1d:66:dd:47:71:5d:bd:c3:9b:ca:ed:
                    77:74:b2:65:08:f9:8c:12:15:8f:a0:ce:dc:1d:cc:
                    f4:6a:be:df:1d:c2:7b:13:9a:e4:a5:76:8a:99:ba:
                    d4:53:90:20:ce:50:30:0d:18:e4:9b:15:ab:77:3b:
                    9c:ec:6e:6c:d7:6b:e2:cb:4f:0f:d1:8e:0f:49:b6:
                    bf:66:49:d0:26:47:4f:96:bd:3c:01:46:6d:12:1f:
                    39:25:40:fd:7a:91:33:15:79:e9:64:8f:b9:13:12:
                    15:a5:72:bb:02:32:0a:6e:58:29:88:77:dc:49:1e:
                    3e:43:4c:6e:bc:bf:ff:8d:02:b7:1d:e9:b8:1a:c9:
                    1d:5f:27:f4:41:17:89:52:2d:c0:9c:9e:a4:9c:09:
                    c3:ce:98:b5:cb:50:08:d2:eb:e2:c2:ba:7d:5b:91:
                    82:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:2D:6A:4F:53:EA:3E:0B:80:12:61:0D:B9:BD:A8:E2:F3:C8:70:9B
            X509v3 Authority Key Identifier:
                keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/vS1qT1PqPguAEmENub2o4vPIcJs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.1.230.0/24
                  195.69.116.0/22
                  195.245.240.0/24
                  212.237.192.0/23
                IPv6:
                  2001:7f8:122::/48

    Signature Algorithm: sha256WithRSAEncryption
         32:69:c0:73:b0:26:f3:32:56:45:38:c0:08:e4:a8:5a:08:b0:
         09:82:e4:c1:a6:6c:11:0d:c6:0b:7c:83:e7:97:a7:3d:43:99:
         50:bb:6a:4a:74:b6:6e:12:ab:22:c7:7f:8a:29:78:44:da:82:
         4b:a2:c6:65:14:ef:fb:06:09:95:71:1d:ae:94:62:fc:35:02:
         a6:1f:d7:69:c9:ee:d7:cb:80:97:0b:b6:f7:45:19:19:ab:de:
         69:b7:9c:a3:08:25:88:da:30:9c:eb:cf:1e:70:e6:45:34:b9:
         da:98:ab:cf:65:ca:04:03:f0:b9:34:e5:96:d8:b9:60:76:96:
         c9:73:78:c5:7c:3b:9d:6e:a7:39:94:86:61:33:6a:2f:d8:ae:
         0f:e6:7e:a2:06:d0:91:fd:38:3d:86:3f:54:05:ad:a1:51:8a:
         fa:9e:09:f9:dc:4e:4b:ca:dc:27:06:55:89:fe:24:c3:9d:6b:
         a9:34:53:27:9a:ee:be:b1:63:75:5b:c9:36:e3:e5:1f:9b:12:
         00:0b:eb:dc:4e:28:d7:00:61:40:a9:af:2c:70:4c:7f:54:58:
         05:3c:ed:35:5e:36:f2:c5:91:2f:7a:1a:d0:f1:7e:be:a1:89:
         0d:ab:c8:b3:d7:0e:69:be:7a:29:80:3c:ab:38:2f:31:1f:e6:
         0b:70:b1:0b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVzcYD8ahm3nyCtEwUZtD94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjMwMTAyMTcwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDJkNmE0ZjUzZWEzZTBiODAxMjYxMGRiOWJkYThlMmYzYzg3MDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdADL0aVn6BQ8rkHczQTb/jLt5kY
E24R9CWb4lPkhBHPonzhvazCDmC0GhICMy5/ll87zh2+wPbR6WSESwetUgycoxtI
oYJVf5iGfc2MCdVpKTTd/d7a8Q77cvrOHWbdR3FdvcObyu13dLJlCPmMEhWPoM7c
Hcz0ar7fHcJ7E5rkpXaKmbrUU5AgzlAwDRjkmxWrdzuc7G5s12viy08P0Y4PSba/
ZknQJkdPlr08AUZtEh85JUD9epEzFXnpZI+5ExIVpXK7AjIKblgpiHfcSR4+Q0xu
vL//jQK3Hem4GskdXyf0QReJUi3AnJ6knAnDzpi1y1AI0uviwrp9W5GCCwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFL0tak9T6j4LgBJhDbm9qOLzyHCbMB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvdlMxcVQxUHFQZ3VBRW1FTnViMm80dlBJY0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAuQHmAwQC
w0V0AwQAw/XwAwQB1O3AMA8EAgACMAkDBwAgAQf4ASIwDQYJKoZIhvcNAQELBQAD
ggEBADJpwHOwJvMyVkU4wAjkqFoIsAmC5MGmbBENxgt8g+eXpz1DmVC7akp0tm4S
qyLHf4opeETagkuixmUU7/sGCZVxHa6UYvw1AqYf12nJ7tfLgJcLtvdFGRmr3mm3
nKMIJYjaMJzrzx5w5kU0udqYq89lygQD8Lk05ZbYuWB2lslzeMV8O51upzmUhmEz
ai/Yrg/mfqIG0JH9OD2GP1QFraFRivqeCfncTkvK3CcGVYn+JMOda6k0Uyea7r6x
Y3VbyTbj5R+bEgAL69xOKNcAYUCpryxwTH9UWAU87TVeNvLFkS96GtDxfr6hiQ2r
yLPXDmm+eimAPKs4LzEf5gtwsQs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:35 2024 by rpki-client on console-ams.rpki-client.org