Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bt5aD8ZNyIERG7u4--L3bhUkgaE.roa
File:                     bt5aD8ZNyIERG7u4--L3bhUkgaE.roa (raw, json)
Hash identifier:          Dm7OvnaSpYslQi38ATwKYN6al7i/2Fhl2iKZ4KVJNcM=
Subject key identifier:   6E:DE:5A:0F:C6:4D:C8:81:11:1B:BB:B8:FB:E2:F7:6E:15:24:81:A1
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01898B69B29D3F69D9155B91374F807D02FF
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bt5aD8ZNyIERG7u4--L3bhUkgaE.roa
Signing time:             Tue 25 Jul 2023 04:58:27 +0000
ROA not before:           Tue 25 Jul 2023 04:58:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209854
IP address blocks:        91.206.168.0/24 maxlen: 24
                          45.149.3.0/24 maxlen: 24
                          45.95.242.0/24 maxlen: 24
                          93.185.162.0/24 maxlen: 24
                          45.130.139.0/24 maxlen: 24
                          45.130.137.0/24 maxlen: 24
                          45.139.253.0/24 maxlen: 24
                          45.139.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:8b:69:b2:9d:3f:69:d9:15:5b:91:37:4f:80:7d:02:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jul 25 04:58:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6ede5a0fc64dc881111bbbb8fbe2f76e152481a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:3b:93:53:75:cf:7c:cc:46:45:10:8f:76:d5:
                    5d:59:e8:1b:0a:b6:44:b8:0f:c9:10:70:de:c3:7e:
                    04:ee:18:4b:7b:39:68:d9:a1:15:9d:06:0a:fd:4a:
                    76:d1:48:7f:63:00:13:9f:5b:39:44:2e:ff:55:31:
                    8e:28:23:0b:e0:94:f8:f3:2f:46:17:18:0a:3f:0f:
                    47:66:5f:d3:0c:75:3e:09:46:1e:99:62:6f:15:bf:
                    81:2e:28:50:74:7e:c2:9d:9d:6c:25:49:14:a2:09:
                    04:61:98:5c:a4:ca:de:95:34:97:7d:83:19:3d:ca:
                    16:45:ce:89:22:d1:9c:4e:43:d4:df:ec:13:5f:4c:
                    4a:35:32:77:73:b1:b3:38:8a:ce:11:7b:61:86:cd:
                    84:3e:82:88:fe:a4:28:4a:63:21:51:04:97:ba:7f:
                    ce:28:6a:08:ad:c4:ec:a7:18:83:4c:03:da:1f:ea:
                    8e:96:3d:3f:a9:78:fb:4a:2e:7c:ca:0c:31:17:7f:
                    14:4b:c0:ae:e1:2b:51:e3:a0:14:8d:05:48:12:00:
                    2f:e1:ef:b1:3b:c8:5a:8f:13:44:27:93:02:0a:aa:
                    df:c1:1d:9e:19:73:1f:a4:8f:65:09:a1:50:69:bc:
                    6b:f1:14:0e:a0:99:50:a6:8a:06:60:c1:5c:36:a4:
                    2b:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:DE:5A:0F:C6:4D:C8:81:11:1B:BB:B8:FB:E2:F7:6E:15:24:81:A1
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bt5aD8ZNyIERG7u4--L3bhUkgaE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.242.0/24
                  45.130.137.0/24
                  45.130.139.0/24
                  45.139.252.0/23
                  45.149.3.0/24
                  91.206.168.0/24
                  93.185.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:2a:5b:09:f4:38:04:52:13:0c:f8:ae:51:02:77:d0:46:31:
         58:bd:14:17:ca:19:ff:ad:9b:85:e5:a5:96:f1:1d:1a:c8:55:
         ec:9f:45:1d:0e:a8:d5:99:47:e8:48:3b:0e:43:a6:9f:d4:52:
         9c:da:2b:30:93:9c:2e:70:b8:56:8d:f1:86:72:a7:2b:b6:c6:
         fd:ad:c6:ed:b3:f6:ef:56:8b:e9:41:f1:d7:37:13:62:2a:ad:
         29:d1:c2:f1:f8:85:2b:56:c6:97:a3:96:69:7d:7f:39:0c:d1:
         20:0b:0a:25:e4:60:5a:f8:b7:67:7b:e3:93:c8:c5:29:e0:a4:
         d0:a3:ac:d1:06:71:22:08:5f:94:82:35:4b:6b:df:d0:95:e1:
         77:39:96:05:68:30:03:73:94:a1:e9:5b:33:66:88:20:6e:22:
         75:63:cd:c1:70:e2:f4:c2:6a:fd:bb:83:9b:5a:46:62:ac:48:
         6d:93:d6:1c:a2:e9:ac:80:45:1b:04:99:a3:5f:af:ff:98:5c:
         cf:56:da:a1:c9:13:e6:64:d8:87:03:63:f7:9b:45:85:ef:ad:
         4c:ca:56:5c:b8:af:3a:05:77:d9:40:a7:2c:6f:2e:d6:38:68:
         9b:92:3c:fd:c8:35:d2:9c:ba:e3:cf:c9:9b:37:e4:6a:c0:80:
         4e:56:51:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmLabKdP2nZFVuRN0+AfQL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNzI1MDQ1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWRlNWEwZmM2NGRjODgxMTExYmJiYjhmYmUyZjc2ZTE1MjQ4MWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDuTU3XPfMxGRRCPdtVdWegbCrZE
uA/JEHDew34E7hhLezlo2aEVnQYK/Up20Uh/YwATn1s5RC7/VTGOKCML4JT48y9G
FxgKPw9HZl/TDHU+CUYemWJvFb+BLihQdH7CnZ1sJUkUogkEYZhcpMrelTSXfYMZ
PcoWRc6JItGcTkPU3+wTX0xKNTJ3c7GzOIrOEXthhs2EPoKI/qQoSmMhUQSXun/O
KGoIrcTspxiDTAPaH+qOlj0/qXj7Si58ygwxF38US8Cu4StR46AUjQVIEgAv4e+x
O8hajxNEJ5MCCqrfwR2eGXMfpI9lCaFQabxr8RQOoJlQpooGYMFcNqQrawIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFG7eWg/GTciBERu7uPvi924VJIGhMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvYnQ1YUQ4Wk55SUVSRzd1NC0tTDNiaFVrZ2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALV/yAwQA
LYKJAwQALYKLAwQBLYv8AwQALZUDAwQAW86oAwQAXbmiMA0GCSqGSIb3DQEBCwUA
A4IBAQAkKlsJ9DgEUhMM+K5RAnfQRjFYvRQXyhn/rZuF5aWW8R0ayFXsn0UdDqjV
mUfoSDsOQ6af1FKc2iswk5wucLhWjfGGcqcrtsb9rcbts/bvVovpQfHXNxNiKq0p
0cLx+IUrVsaXo5ZpfX85DNEgCwol5GBa+Ldne+OTyMUp4KTQo6zRBnEiCF+UgjVL
a9/QleF3OZYFaDADc5Sh6VszZoggbiJ1Y83BcOL0wmr9u4ObWkZirEhtk9Ycoums
gEUbBJmjX6//mFzPVtqhyRPmZNiHA2P3m0WF761MylZcuK86BXfZQKcsby7WOGib
kjz9yDXSnLrjz8mbN+RqwIBOVlFG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org