Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/saOWjrpF-cVtw5V6VAPlgAqzVz8.roa
File:                     saOWjrpF-cVtw5V6VAPlgAqzVz8.roa (raw, json)
Hash identifier:          3dHk9rLNrXZkgLOG9UV/WjcINM52PF+V9BDGXIx62wE=
Subject key identifier:   B1:A3:96:8E:BA:45:F9:C5:6D:C3:95:7A:54:03:E5:80:0A:B3:57:3F
Certificate issuer:       /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial:       018B1F2A6C02F95D07069DCD5D3D943A2679
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/saOWjrpF-cVtw5V6VAPlgAqzVz8.roa
Signing time:             Wed 11 Oct 2023 14:35:55 +0000
ROA not before:           Wed 11 Oct 2023 14:35:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209854
IP address blocks:        89.37.93.0/24 maxlen: 24
                          89.37.94.0/24 maxlen: 24
                          86.106.116.0/24 maxlen: 24
                          86.104.213.0/24 maxlen: 24
                          86.104.212.0/24 maxlen: 24
                          188.208.221.0/24 maxlen: 24
                          188.208.220.0/24 maxlen: 24
                          188.208.223.0/24 maxlen: 24
                          188.209.125.0/24 maxlen: 24
                          188.209.124.0/24 maxlen: 24
                          193.30.255.0/24 maxlen: 24
                          89.41.27.0/24 maxlen: 24
                          93.119.125.0/24 maxlen: 24
                          46.102.178.0/24 maxlen: 24
                          46.102.177.0/24 maxlen: 24
                          46.102.179.0/24 maxlen: 24
                          86.104.2.0/24 maxlen: 24
                          86.104.1.0/24 maxlen: 24
                          86.104.0.0/24 maxlen: 24
                          176.223.160.0/24 maxlen: 24
                          77.81.91.0/24 maxlen: 24
                          77.81.90.0/24 maxlen: 24
                          89.42.154.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1f:2a:6c:02:f9:5d:07:06:9d:cd:5d:3d:94:3a:26:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
        Validity
            Not Before: Oct 11 14:35:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b1a3968eba45f9c56dc3957a5403e5800ab3573f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e7:19:17:f6:cf:c5:b2:02:87:37:de:f9:c5:
                    44:12:14:e4:a2:c4:6f:bc:e0:d5:03:f5:1f:96:45:
                    a1:63:fe:90:83:20:8b:f4:3f:19:a8:92:08:bc:3f:
                    78:88:7a:af:c3:e8:6d:80:99:d1:41:e7:4a:8b:4d:
                    42:a0:1c:31:19:88:ba:69:a4:f4:9d:71:7b:7a:8a:
                    bc:6b:f4:b7:16:73:35:18:e0:ee:c6:88:fb:9c:9e:
                    b6:f9:6d:e0:ee:03:94:49:bc:af:e8:21:e4:15:fa:
                    56:1d:7e:a2:c7:29:7d:7a:c5:62:a5:6c:56:5b:36:
                    3f:4a:fb:c1:fe:7c:28:ff:72:a4:0b:c5:19:05:d4:
                    00:b9:c4:a3:da:f6:5b:ad:e6:d1:6d:21:b5:84:16:
                    c1:1c:db:7e:a5:87:ae:1a:0a:4d:e1:f9:3e:5d:d7:
                    d2:d0:19:76:f8:7a:70:04:af:07:9b:65:0a:8a:44:
                    6d:4d:64:71:99:3e:c7:65:b6:57:ec:c4:fe:e6:96:
                    18:14:a6:45:21:21:65:ac:51:57:4c:53:0c:d3:48:
                    2b:fb:74:9b:14:23:7e:1c:92:1b:14:0b:e6:9a:cd:
                    73:17:c2:ae:d6:08:06:9d:e2:06:3c:31:fe:26:25:
                    46:d2:e3:07:62:9b:9e:f9:ad:9f:51:f0:ad:2d:ac:
                    44:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:A3:96:8E:BA:45:F9:C5:6D:C3:95:7A:54:03:E5:80:0A:B3:57:3F
            X509v3 Authority Key Identifier:
                keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/saOWjrpF-cVtw5V6VAPlgAqzVz8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.102.177.0-46.102.179.255
                  77.81.90.0/23
                  86.104.0.0-86.104.2.255
                  86.104.212.0/23
                  86.106.116.0/24
                  89.37.93.0-89.37.94.255
                  89.41.27.0/24
                  89.42.154.0/24
                  93.119.125.0/24
                  176.223.160.0/24
                  188.208.220.0/23
                  188.208.223.0/24
                  188.209.124.0/23
                  193.30.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:33:5e:59:ad:6a:f2:7a:2f:21:91:e8:f5:5d:31:29:83:14:
         83:4c:b1:6e:ec:95:64:4a:a1:c0:32:94:fe:c0:73:8f:7f:e8:
         40:7c:dd:13:47:ba:11:26:5f:2a:21:20:22:71:1b:da:de:49:
         e8:ba:88:b2:49:a5:54:87:c7:a0:8d:43:fb:4b:c3:d8:05:c1:
         85:f6:33:57:7e:a2:8a:1c:03:28:63:51:f4:54:97:ff:7d:30:
         35:15:e0:65:f6:6d:e0:43:94:20:27:45:78:a0:2c:96:00:8f:
         e9:5a:8f:ea:2f:07:4b:23:13:f1:16:ee:55:d7:f8:a0:aa:78:
         e9:75:25:73:a3:93:9b:b5:45:82:e8:f5:59:88:c2:59:11:12:
         4a:66:59:5e:ff:6c:94:7e:46:06:af:2b:27:38:82:a7:04:cb:
         23:19:57:0e:0a:83:3b:73:02:88:d2:50:cd:ed:23:83:0a:96:
         e8:16:31:a9:7e:7a:35:93:3d:99:1c:fd:76:64:e6:6b:ee:c8:
         b7:c8:3e:16:11:f9:19:79:7b:a9:1f:76:fb:2b:c7:93:ef:fe:
         d0:8f:89:50:a4:39:17:79:cc:5f:d7:e1:3d:61:fc:e9:1d:f6:
         6f:82:15:6b:04:2e:96:1b:39:12:99:af:e7:13:20:c3:e9:25:
         c9:5c:be:b3
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYsfKmwC+V0HBp3NXT2UOiZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjMxMDExMTQzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWEzOTY4ZWJhNDVmOWM1NmRjMzk1N2E1NDAzZTU4MDBhYjM1NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOcZF/bPxbIChzfe+cVEEhTkosRv
vODVA/UflkWhY/6QgyCL9D8ZqJIIvD94iHqvw+htgJnRQedKi01CoBwxGYi6aaT0
nXF7eoq8a/S3FnM1GODuxoj7nJ62+W3g7gOUSbyv6CHkFfpWHX6ixyl9esVipWxW
WzY/SvvB/nwo/3KkC8UZBdQAucSj2vZbrebRbSG1hBbBHNt+pYeuGgpN4fk+XdfS
0Bl2+HpwBK8Hm2UKikRtTWRxmT7HZbZX7MT+5pYYFKZFISFlrFFXTFMM00gr+3Sb
FCN+HJIbFAvmms1zF8Ku1ggGneIGPDH+JiVG0uMHYpue+a2fUfCtLaxE/QIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFLGjlo66RfnFbcOVelQD5YAKs1c/MB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvc2FPV2pycEYtY1Z0dzVWNlZBUGxnQXF6Vno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwcQQCAAEwazAMAwQALmax
AwQCLmawAwQBTVFaMAsDAwNWaAMEAFZoAgMEAVZo1AMEAFZqdDAMAwQAWSVdAwQA
WSVeAwQAWSkbAwQAWSqaAwQAXXd9AwQAsN+gAwQBvNDcAwQAvNDfAwQBvNF8AwQA
wR7/MA0GCSqGSIb3DQEBCwUAA4IBAQCbM15ZrWryei8hkej1XTEpgxSDTLFu7JVk
SqHAMpT+wHOPf+hAfN0TR7oRJl8qISAicRva3knouoiySaVUh8egjUP7S8PYBcGF
9jNXfqKKHAMoY1H0VJf/fTA1FeBl9m3gQ5QgJ0V4oCyWAI/pWo/qLwdLIxPxFu5V
1/igqnjpdSVzo5ObtUWC6PVZiMJZERJKZlle/2yUfkYGrysnOIKnBMsjGVcOCoM7
cwKI0lDN7SODCpboFjGpfno1kz2ZHP12ZOZr7si3yD4WEfkZeXupH3b7K8eT7/7Q
j4lQpDkXecxf1+E9YfzpHfZvghVrBC6WGzkSma/nEyDD6SXJXL6z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:57 2024 by rpki-client on console-fra.rpki-client.org