Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sOkkbYaBRQSe-Q7Y09aYwQhLMTk.roa
File:                     sOkkbYaBRQSe-Q7Y09aYwQhLMTk.roa (raw, json)
Hash identifier:          MilryOC2ag7HkVGVfN1P1zqLQ4glFmm80Pa5ORwc+DA=
Subject key identifier:   B0:E9:24:6D:86:81:45:04:9E:F9:0E:D8:D3:D6:98:C1:08:4B:31:39
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       01856F7974473F485FD4B2E1002853A5390A
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sOkkbYaBRQSe-Q7Y09aYwQhLMTk.roa
Signing time:             Sun 01 Jan 2023 22:35:08 +0000
ROA not before:           Sun 01 Jan 2023 22:35:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        45.92.228.0/24 maxlen: 24
                          193.176.210.0/24 maxlen: 24
                          45.85.124.0/22 maxlen: 24
                          45.130.136.0/24 maxlen: 24
                          45.91.20.0/24 maxlen: 24
                          45.91.21.0/24 maxlen: 24
                          45.91.22.0/24 maxlen: 24
                          45.132.193.0/24 maxlen: 24
                          2a07:e341::/32 maxlen: 32
                          2a07:e340::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 06 Jul 2023 07:52:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:74:47:3f:48:5f:d4:b2:e1:00:28:53:a5:39:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Jan  1 22:35:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0e9246d868145049ef90ed8d3d698c1084b3139
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:89:34:40:d3:ca:24:52:d8:ed:ae:f3:03:ef:
                    08:f1:c5:2f:1b:62:13:f2:47:00:02:14:b6:0a:e6:
                    b5:ce:81:a1:64:11:33:d3:05:1e:bb:79:c3:33:aa:
                    73:64:de:8d:d8:6e:09:b3:48:73:25:39:72:8c:83:
                    da:56:e8:33:a3:25:7a:53:ea:37:c3:2f:e5:63:58:
                    54:9f:3a:54:98:2e:b0:ce:57:eb:73:f5:1e:c4:7f:
                    5d:94:69:58:64:d7:1b:50:93:84:b5:22:32:6d:23:
                    30:3d:62:9a:93:23:7a:0a:75:be:f0:46:5f:a9:0d:
                    d7:d3:6f:c4:0a:f5:99:7b:e5:11:47:26:d3:fb:1d:
                    52:45:11:68:1c:9b:bd:09:f5:66:4b:57:71:3d:a1:
                    52:c8:17:bd:4f:4b:06:54:61:20:61:4f:f1:68:ef:
                    0a:7b:22:98:36:d2:e2:8c:20:db:21:19:6f:65:d1:
                    86:c7:bd:0d:ed:58:90:71:3e:05:f5:e2:ee:82:27:
                    eb:67:25:16:88:0a:a5:84:80:d8:16:28:e4:77:da:
                    ae:c5:c3:29:66:e2:6e:20:fd:b0:af:e6:3f:ba:05:
                    b4:db:dc:b3:60:e9:74:81:67:11:9d:9e:00:e1:b5:
                    63:f4:1e:27:ea:7f:cb:c5:9a:c6:d0:71:07:16:3e:
                    a4:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:E9:24:6D:86:81:45:04:9E:F9:0E:D8:D3:D6:98:C1:08:4B:31:39
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sOkkbYaBRQSe-Q7Y09aYwQhLMTk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.124.0/22
                  45.91.20.0-45.91.22.255
                  45.92.228.0/24
                  45.130.136.0/24
                  45.132.193.0/24
                  193.176.210.0/24
                IPv6:
                  2a07:e340::/31

    Signature Algorithm: sha256WithRSAEncryption
         84:55:85:c8:dc:e2:27:9c:a8:b3:df:f5:37:52:50:10:4d:d8:
         60:65:7e:ca:65:4e:ad:7e:08:49:e0:a5:a6:a2:bf:61:be:79:
         b2:01:89:39:a3:12:61:bd:43:65:8f:c6:42:f7:b8:30:74:f8:
         67:42:71:86:49:1a:9e:a7:04:d6:52:64:ea:bf:80:35:98:68:
         37:50:68:24:19:8a:0a:d3:28:ed:8f:b1:60:65:2c:e0:e0:cf:
         6a:98:84:7d:f2:01:a6:0d:76:47:cd:a6:50:d4:09:77:82:57:
         bb:96:13:f0:10:bd:98:80:80:00:92:66:e3:05:98:f2:dc:04:
         f2:68:6c:1b:fe:45:64:d0:05:3f:d2:d4:8e:53:58:08:dc:0d:
         c8:45:b9:7c:b9:fb:09:13:78:90:12:0b:15:97:56:37:f5:e3:
         27:f7:9a:29:75:54:30:c2:8c:4d:76:3d:c5:2b:93:9c:ba:25:
         78:33:87:c6:59:b4:6c:6d:f9:78:3a:5a:63:8d:e9:95:6d:f3:
         30:03:67:3a:e2:60:94:d0:09:82:6b:d3:db:f7:2d:f6:3c:4f:
         fa:ed:db:b8:31:10:82:8e:e7:26:90:fb:43:2a:20:c5:7a:ea:
         ce:36:81:9b:57:6b:91:09:1c:af:de:75:b0:16:82:f8:77:ad:
         1a:ed:b9:0d
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVveXRHP0hf1LLhAChTpTkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGU5MjQ2ZDg2ODE0NTA0OWVmOTBlZDhkM2Q2OThjMTA4NGIzMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxok0QNPKJFLY7a7zA+8I8cUvG2IT
8kcAAhS2Cua1zoGhZBEz0wUeu3nDM6pzZN6N2G4Js0hzJTlyjIPaVugzoyV6U+o3
wy/lY1hUnzpUmC6wzlfrc/UexH9dlGlYZNcbUJOEtSIybSMwPWKakyN6CnW+8EZf
qQ3X02/ECvWZe+URRybT+x1SRRFoHJu9CfVmS1dxPaFSyBe9T0sGVGEgYU/xaO8K
eyKYNtLijCDbIRlvZdGGx70N7ViQcT4F9eLugifrZyUWiAqlhIDYFijkd9quxcMp
ZuJuIP2wr+Y/ugW029yzYOl0gWcRnZ4A4bVj9B4n6n/LxZrG0HEHFj6kWwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFLDpJG2GgUUEnvkO2NPWmMEISzE5MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvc09ra2JZYUJSUVNlLVE3WTA5YVl3UWhMTVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCLVV8MAwD
BAItWxQDBAAtWxYDBAAtXOQDBAAtgogDBAAthMEDBADBsNIwDQQCAAIwBwMFASoH
40AwDQYJKoZIhvcNAQELBQADggEBAIRVhcjc4iecqLPf9TdSUBBN2GBlfsplTq1+
CEngpaaiv2G+ebIBiTmjEmG9Q2WPxkL3uDB0+GdCcYZJGp6nBNZSZOq/gDWYaDdQ
aCQZigrTKO2PsWBlLODgz2qYhH3yAaYNdkfNplDUCXeCV7uWE/AQvZiAgACSZuMF
mPLcBPJobBv+RWTQBT/S1I5TWAjcDchFuXy5+wkTeJASCxWXVjf14yf3mil1VDDC
jE12PcUrk5y6JXgzh8ZZtGxt+Xg6WmON6ZVt8zADZzriYJTQCYJr09v3LfY8T/rt
27gxEIKO5yaQ+0MqIMV66s42gZtXa5EJHK/edbAWgvh3rRrtuQ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org