Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/f_Yn9XaLO1gaZRjbVB4Rmu4DCi4.roa
File:                     f_Yn9XaLO1gaZRjbVB4Rmu4DCi4.roa (raw, json)
Hash identifier:          snnRGqhLIuQSdMYHZapgVTy4WOhJCb2N4LzAZ7+6Yv4=
Subject key identifier:   7F:F6:27:F5:76:8B:3B:58:1A:65:18:DB:54:1E:11:9A:EE:03:0A:2E
Certificate issuer:       /CN=17c203e3f365923a843d3220317a1c68cf74de0f
Certificate serial:       018572CCA1B14B7DF9A00743A77FE74581C4
Authority key identifier: 17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/f_Yn9XaLO1gaZRjbVB4Rmu4DCi4.roa
Signing time:             Mon 02 Jan 2023 14:04:51 +0000
ROA not before:           Mon 02 Jan 2023 14:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12993
IP address blocks:        185.34.24.0/22 maxlen: 22
                          185.34.24.0/23 maxlen: 23
                          178.16.16.0/20 maxlen: 20
                          193.108.185.0/24 maxlen: 24
                          37.203.32.0/21 maxlen: 21
                          37.203.32.0/23 maxlen: 23
                          185.219.156.0/22 maxlen: 22
                          89.111.0.0/18 maxlen: 18
                          193.108.144.0/22 maxlen: 24
                          193.108.144.0/23 maxlen: 23
                          89.111.38.0/24 maxlen: 24
                          194.9.175.0/24 maxlen: 24
                          185.34.26.0/23 maxlen: 23
                          81.94.224.0/20 maxlen: 20
                          81.94.229.0/24 maxlen: 24
                          2a00:17c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sat 04 Feb 2023 06:24:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:a1:b1:4b:7d:f9:a0:07:43:a7:7f:e7:45:81:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17c203e3f365923a843d3220317a1c68cf74de0f
        Validity
            Not Before: Jan  2 14:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7ff627f5768b3b581a6518db541e119aee030a2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:7b:23:28:00:7c:d4:f6:b9:9f:f8:d1:2e:07:
                    f3:83:01:79:8f:38:a2:43:2c:b4:a5:7d:c2:a3:b8:
                    ec:72:ce:e9:16:0d:97:88:b6:a2:17:32:a7:b0:0c:
                    b1:64:db:5f:37:d2:45:3b:2c:59:39:b5:85:26:27:
                    5e:64:26:98:da:8d:38:d4:b2:4a:23:fe:b0:04:b8:
                    ac:cf:b9:28:60:72:aa:26:6e:4f:42:c2:05:f6:6a:
                    09:43:3f:3b:23:bf:17:80:e0:d3:be:9d:b1:c1:e6:
                    80:ad:38:15:88:20:3a:0b:9b:ec:3c:0c:bd:20:3c:
                    d1:40:a5:22:80:61:74:91:d8:a0:5e:2b:23:d8:4d:
                    56:22:0c:6b:cb:d8:95:7e:d4:64:87:45:19:72:0f:
                    69:e3:17:ec:6c:e3:a7:cf:53:a7:c7:07:86:cf:ca:
                    e5:1d:35:95:65:35:7a:50:4d:69:46:7e:35:9f:6d:
                    6a:51:d4:ca:cb:cb:1a:dd:34:90:db:c9:e8:86:f1:
                    82:af:d0:b3:15:f4:d3:64:86:0a:16:5a:05:0f:86:
                    3f:51:77:54:e7:7e:71:f5:2b:da:23:cd:3e:59:50:
                    ad:d6:9e:7a:26:ca:21:e5:c8:16:e7:a9:9e:df:a6:
                    0d:ff:02:6c:f0:ca:29:6d:93:fc:71:a5:9e:8d:2f:
                    33:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:F6:27:F5:76:8B:3B:58:1A:65:18:DB:54:1E:11:9A:EE:03:0A:2E
            X509v3 Authority Key Identifier:
                keyid:17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/f_Yn9XaLO1gaZRjbVB4Rmu4DCi4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.203.32.0/21
                  81.94.224.0/20
                  89.111.0.0/18
                  178.16.16.0/20
                  185.34.24.0/22
                  185.219.156.0/22
                  193.108.144.0/22
                  193.108.185.0/24
                  194.9.175.0/24
                IPv6:
                  2a00:17c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         09:60:4b:80:af:11:d2:df:d8:a5:12:e9:4e:30:be:17:b0:f0:
         19:79:a2:e5:79:7d:8c:c6:f5:f5:23:7d:ba:08:bf:29:52:96:
         ef:b3:88:9f:8a:2f:68:e6:80:72:fd:7b:3c:6a:ae:d0:ef:ec:
         ce:78:65:7e:d7:76:b2:77:40:3f:09:64:1e:e0:60:3d:1c:01:
         de:36:4b:ad:a6:0c:3c:e4:96:ae:9b:6d:1b:df:46:93:fa:8d:
         62:a0:34:b3:ac:06:4f:1c:3c:93:99:9d:6d:98:17:d2:ca:e0:
         75:a4:44:7e:34:e7:a8:80:8f:47:53:3a:f1:f6:12:f6:77:93:
         05:6f:40:58:1c:3d:1a:22:6a:92:ca:ed:90:b6:df:bf:60:03:
         b9:2e:09:2e:4b:33:dd:f9:95:ef:07:22:9d:a5:b4:82:68:ee:
         77:2c:02:9b:49:15:92:4c:0a:9e:60:dd:78:02:9b:9c:33:a2:
         00:26:51:c5:fb:17:c2:cf:50:6e:77:8d:2a:d8:b4:1e:0e:7e:
         95:d0:dd:dc:78:09:69:17:dd:24:2d:b3:9b:f9:1b:50:16:98:
         cf:41:dc:31:1f:55:fd:2b:64:86:1f:b4:17:74:d1:d1:8d:03:
         9a:65:53:41:37:62:12:ac:fa:c0:c8:b3:cb:2f:14:36:c7:2a:
         c4:6c:2c:d8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVyzKGxS335oAdDp3/nRYHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YzIwM2UzZjM2NTkyM2E4NDNkMzIyMDMxN2ExYzY4Y2Y3
NGRlMGYwHhcNMjMwMTAyMTQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmY2MjdmNTc2OGIzYjU4MWE2NTE4ZGI1NDFlMTE5YWVlMDMwYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnsjKAB81Pa5n/jRLgfzgwF5jzii
Qyy0pX3Co7jscs7pFg2XiLaiFzKnsAyxZNtfN9JFOyxZObWFJideZCaY2o041LJK
I/6wBLisz7koYHKqJm5PQsIF9moJQz87I78XgODTvp2xweaArTgViCA6C5vsPAy9
IDzRQKUigGF0kdigXisj2E1WIgxry9iVftRkh0UZcg9p4xfsbOOnz1OnxweGz8rl
HTWVZTV6UE1pRn41n21qUdTKy8sa3TSQ28nohvGCr9CzFfTTZIYKFloFD4Y/UXdU
535x9SvaI80+WVCt1p56Jsoh5cgW56me36YN/wJs8MopbZP8caWejS8z5wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFH/2J/V2iztYGmUY21QeEZruAwouMB8GA1UdIwQY
MBaAFBfCA+PzZZI6hD0yIDF6HGjPdN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMt
YWM2N2EzNmU0YWFiLzEvZl9ZbjlYYUxPMWdhWlJqYlZCNFJtdTREQ2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMtYWM2N2EzNmU0YWFi
LzEvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDJcsgAwQE
UV7gAwQGWW8AAwQEshAQAwQCuSIYAwQCuducAwQCwWyQAwQAwWy5AwQAwgmvMA0E
AgACMAcDBQAqABfAMA0GCSqGSIb3DQEBCwUAA4IBAQAJYEuArxHS39ilEulOML4X
sPAZeaLleX2MxvX1I326CL8pUpbvs4ifii9o5oBy/Xs8aq7Q7+zOeGV+13ayd0A/
CWQe4GA9HAHeNkutpgw85Jaum20b30aT+o1ioDSzrAZPHDyTmZ1tmBfSyuB1pER+
NOeogI9HUzrx9hL2d5MFb0BYHD0aImqSyu2Qtt+/YAO5LgkuSzPd+ZXvByKdpbSC
aO53LAKbSRWSTAqeYN14ApucM6IAJlHF+xfCz1Bud40q2LQeDn6V0N3ceAlpF90k
LbOb+RtQFpjPQdwxH1X9K2SGH7QXdNHRjQOaZVNBN2ISrPrAyLPLLxQ2xyrEbCzY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:05 2024 by rpki-client on console-ams.rpki-client.org