Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/0U229wzVGTSpD86gIP-qHTy7OA4.roa
File:                     0U229wzVGTSpD86gIP-qHTy7OA4.roa (raw, json)
Hash identifier:          W87A95U5ZmMDbhRAPNSNsr3AlXwKLm8cy7QkJb9E42k=
Subject key identifier:   D1:4D:B6:F7:0C:D5:19:34:A9:0F:CE:A0:20:FF:AA:1D:3C:BB:38:0E
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01891A24F83E2E6903E03C4B040774D5B571
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/0U229wzVGTSpD86gIP-qHTy7OA4.roa
Signing time:             Mon 03 Jul 2023 05:06:17 +0000
ROA not before:           Mon 03 Jul 2023 05:06:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209854
IP address blocks:        91.206.168.0/24 maxlen: 24
                          45.149.3.0/24 maxlen: 24
                          45.95.242.0/24 maxlen: 24
                          93.185.162.0/24 maxlen: 24
                          45.130.139.0/24 maxlen: 24
                          45.130.137.0/24 maxlen: 24
                          45.139.253.0/24 maxlen: 24
                          45.139.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 22 Jul 2023 03:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1a:24:f8:3e:2e:69:03:e0:3c:4b:04:07:74:d5:b5:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jul  3 05:06:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d14db6f70cd51934a90fcea020ffaa1d3cbb380e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:ae:f5:a5:50:b4:85:61:c7:ea:d0:66:83:b4:
                    4a:d2:e8:fa:16:1d:eb:47:7c:60:ed:b5:db:f8:d7:
                    d2:69:de:ce:57:65:f4:4d:2c:44:40:f5:43:ab:fe:
                    1c:8e:27:f6:42:f0:14:5d:59:e9:f4:fd:da:af:a2:
                    2b:08:4f:55:72:18:fa:75:86:63:39:f7:94:06:52:
                    78:e7:6f:5f:a4:f3:15:e2:d6:49:a7:72:1f:ce:50:
                    7e:37:01:4c:04:91:25:ee:3f:17:1e:a2:64:e7:c6:
                    52:79:15:07:b9:25:47:7c:a1:09:8c:2a:83:d8:96:
                    f1:b8:12:83:fc:c5:a0:27:88:1f:00:3d:ce:58:a7:
                    af:5f:b8:7d:f6:28:f1:69:20:63:17:09:64:eb:55:
                    c4:8d:28:8a:34:51:ae:f7:6f:ae:f1:a7:ce:19:be:
                    58:c9:b1:e9:57:81:61:0c:d7:be:0d:02:10:65:c2:
                    3e:27:26:55:a2:30:61:1e:9e:1a:94:6d:92:10:c0:
                    fd:fd:63:ca:47:94:82:cf:68:2a:40:9f:22:a8:6e:
                    cf:8b:e9:01:ee:1d:c1:b3:c3:51:54:2c:90:30:fe:
                    6a:ec:70:74:3f:48:00:b6:65:47:39:92:3a:4d:0a:
                    8e:04:ed:6a:25:f4:91:37:e3:26:64:45:03:b7:0a:
                    32:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:4D:B6:F7:0C:D5:19:34:A9:0F:CE:A0:20:FF:AA:1D:3C:BB:38:0E
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/0U229wzVGTSpD86gIP-qHTy7OA4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.242.0/24
                  45.130.137.0/24
                  45.130.139.0/24
                  45.139.252.0/23
                  45.149.3.0/24
                  91.206.168.0/24
                  93.185.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:fe:7a:9f:7e:72:2f:12:e0:94:99:e8:86:a6:c6:26:c9:e4:
         be:0b:7c:48:71:1c:3a:54:67:b0:f3:29:4d:a5:26:36:73:48:
         18:8e:83:e0:6c:00:22:c0:17:d2:90:fb:56:3e:7d:de:ca:8f:
         83:02:3c:92:95:9d:18:3a:6e:da:10:ec:21:d3:5f:54:54:7f:
         c6:32:e9:91:a4:b2:ce:fb:98:24:f6:e6:99:b5:c4:f1:dd:1e:
         06:f2:a2:66:cd:fb:a4:9d:3f:d6:30:81:b0:fb:96:91:cf:17:
         96:1f:05:59:34:79:fa:98:ad:73:5c:84:56:77:35:65:74:b8:
         e1:b1:7f:95:90:85:88:f5:85:93:7d:48:b3:84:75:ff:8e:fc:
         34:f4:67:20:5f:ee:e6:bb:1f:1f:c6:37:ee:e4:6d:d9:2f:af:
         ac:fa:e4:af:bf:8f:56:2c:4d:1f:98:b2:08:c6:be:6a:04:5f:
         0d:8b:6c:e7:64:49:12:8b:10:66:57:64:6a:43:4a:27:7b:11:
         18:5a:a1:01:b1:b0:5b:03:2d:53:13:f4:8a:df:44:4e:b2:dc:
         9f:2e:2a:97:64:45:23:40:c0:6a:81:c6:69:ac:13:ba:9b:bc:
         84:c0:cb:11:af:3b:0e:10:2b:76:82:ca:6d:d0:ff:3f:90:48:
         f1:44:c8:04
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYkaJPg+LmkD4DxLBAd01bVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNzAzMDUwNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRkYjZmNzBjZDUxOTM0YTkwZmNlYTAyMGZmYWExZDNjYmIzODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1q71pVC0hWHH6tBmg7RK0uj6Fh3r
R3xg7bXb+NfSad7OV2X0TSxEQPVDq/4cjif2QvAUXVnp9P3ar6IrCE9Vchj6dYZj
OfeUBlJ4529fpPMV4tZJp3IfzlB+NwFMBJEl7j8XHqJk58ZSeRUHuSVHfKEJjCqD
2JbxuBKD/MWgJ4gfAD3OWKevX7h99ijxaSBjFwlk61XEjSiKNFGu92+u8afOGb5Y
ybHpV4FhDNe+DQIQZcI+JyZVojBhHp4alG2SEMD9/WPKR5SCz2gqQJ8iqG7Pi+kB
7h3Bs8NRVCyQMP5q7HB0P0gAtmVHOZI6TQqOBO1qJfSRN+MmZEUDtwoyOQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNFNtvcM1Rk0qQ/OoCD/qh08uzgOMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvMFUyMjl3elZHVFNwRDg2Z0lQLXFIVHk3T0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALV/yAwQA
LYKJAwQALYKLAwQBLYv8AwQALZUDAwQAW86oAwQAXbmiMA0GCSqGSIb3DQEBCwUA
A4IBAQAp/nqffnIvEuCUmeiGpsYmyeS+C3xIcRw6VGew8ylNpSY2c0gYjoPgbAAi
wBfSkPtWPn3eyo+DAjySlZ0YOm7aEOwh019UVH/GMumRpLLO+5gk9uaZtcTx3R4G
8qJmzfuknT/WMIGw+5aRzxeWHwVZNHn6mK1zXIRWdzVldLjhsX+VkIWI9YWTfUiz
hHX/jvw09GcgX+7mux8fxjfu5G3ZL6+s+uSvv49WLE0fmLIIxr5qBF8Ni2znZEkS
ixBmV2RqQ0onexEYWqEBsbBbAy1TE/SK30ROstyfLiqXZEUjQMBqgcZprBO6m7yE
wMsRrzsOECt2gspt0P8/kEjxRMgE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org