Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/RnIun4FIb1ENQoLQ-3mQFAbozuE.roa
File:                     RnIun4FIb1ENQoLQ-3mQFAbozuE.roa (raw, json)
Hash identifier:          1aoVqFAvh9+N2MKBWFk32ynUoYD6AGDRmSAB/9xlgg4=
Subject key identifier:   46:72:2E:9F:81:48:6F:51:0D:42:82:D0:FB:79:90:14:06:E8:CE:E1
Certificate issuer:       /CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Certificate serial:       01856F3929872AB3DCDF249E6CB1A44A4A4C
Authority key identifier: 02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/RnIun4FIb1ENQoLQ-3mQFAbozuE.roa
Signing time:             Sun 01 Jan 2023 21:24:55 +0000
ROA not before:           Sun 01 Jan 2023 21:24:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56402
IP address blocks:        185.120.168.0/24 maxlen: 24
                          185.120.168.0/23 maxlen: 23
                          185.120.169.0/24 maxlen: 24
                          77.77.64.0/18 maxlen: 18
                          77.77.76.0/23 maxlen: 23
                          77.77.76.0/24 maxlen: 24
                          77.77.77.0/24 maxlen: 24
                          46.225.128.0/19 maxlen: 19
                          46.225.128.0/20 maxlen: 20
                          46.225.144.0/20 maxlen: 20
                          77.77.96.0/19 maxlen: 19
                          77.77.64.0/19 maxlen: 19
                          46.225.233.0/24 maxlen: 24
                          46.224.0.0/19 maxlen: 19
                          46.224.0.0/24 maxlen: 24
                          46.224.1.0/24 maxlen: 24
                          46.224.2.0/24 maxlen: 24
                          46.224.2.0/23 maxlen: 23
                          46.224.3.0/24 maxlen: 24
                          46.224.6.0/24 maxlen: 24
                          46.224.7.0/24 maxlen: 24
                          46.224.8.0/24 maxlen: 24
                          46.224.10.0/24 maxlen: 24
                          46.224.16.0/20 maxlen: 20
                          46.224.0.0/15 maxlen: 15
                          46.224.15.0/24 maxlen: 24
                          46.225.224.0/19 maxlen: 19
                          46.224.128.0/19 maxlen: 19
                          2a02:16c0::/29 maxlen: 29
                          2a02:16c0::/30 maxlen: 30
                          2a02:16c4::/30 maxlen: 30

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:39:29:87:2a:b3:dc:df:24:9e:6c:b1:a4:4a:4a:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
        Validity
            Not Before: Jan  1 21:24:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=46722e9f81486f510d4282d0fb79901406e8cee1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:9d:d3:db:54:62:d8:ce:b4:97:4e:e2:e1:59:
                    d5:92:98:95:b4:70:e9:a2:dd:c7:df:b9:95:80:e1:
                    ef:1b:51:7a:cf:1f:f1:46:11:ff:30:9c:b3:de:17:
                    cb:d2:e5:78:13:4d:7b:d2:cd:f5:a5:32:41:04:cf:
                    3c:b7:78:bf:65:ef:a6:c2:cf:c4:c5:35:ff:7b:cb:
                    67:a0:19:cd:ec:eb:9c:2a:0e:ca:17:24:38:16:d0:
                    01:e3:b9:e4:e0:c5:e3:07:37:32:cb:54:39:16:77:
                    46:89:ec:08:b6:1b:55:8f:13:98:5f:ab:97:d3:df:
                    74:e8:12:25:19:91:5f:fd:a8:48:b4:25:8f:09:c7:
                    ad:95:d7:f8:f2:71:15:2f:22:27:1c:d9:0f:a0:6f:
                    e5:fb:d4:35:9f:3a:c7:b2:25:fc:87:9c:c6:9d:31:
                    0e:e3:42:7c:42:ee:f6:50:d0:ea:b1:3a:48:98:ee:
                    ce:51:5b:e0:f4:c6:50:2a:71:9a:00:e7:51:2b:3b:
                    b1:b5:db:85:7b:56:bb:a4:0b:a1:e6:5d:97:30:50:
                    81:39:1c:c7:50:74:eb:b8:81:35:73:37:ea:59:87:
                    92:ad:ac:51:85:51:1d:56:1a:96:c4:f0:89:c7:95:
                    c5:4a:bd:a1:1a:d7:cf:43:53:52:05:0c:1e:d0:f1:
                    55:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:72:2E:9F:81:48:6F:51:0D:42:82:D0:FB:79:90:14:06:E8:CE:E1
            X509v3 Authority Key Identifier:
                keyid:02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/RnIun4FIb1ENQoLQ-3mQFAbozuE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.224.0.0/15
                  77.77.64.0/18
                  185.120.168.0/23
                IPv6:
                  2a02:16c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         7b:da:31:4e:68:b3:a6:34:63:21:a3:54:68:07:9d:c5:e9:2f:
         e9:cd:d4:30:cd:ae:14:66:b1:e8:1e:59:db:98:3b:d9:dc:7a:
         fe:04:b2:e7:d8:a9:e2:e4:73:23:8c:f0:d1:cd:43:28:64:86:
         36:16:c9:7b:4b:6e:ce:d9:2f:ea:c5:60:61:42:b2:a4:a0:84:
         9a:dc:df:9f:40:63:90:60:3d:ca:04:b6:31:55:25:70:31:91:
         8e:38:72:aa:8d:87:37:6e:11:b4:76:ed:4e:c5:f1:e4:a7:04:
         87:fd:6a:ae:18:58:4c:df:26:85:1c:e8:1c:f1:36:7b:1d:c0:
         57:00:b6:00:49:e6:dc:b5:12:82:1e:b9:61:00:42:ea:d6:b3:
         9b:55:5c:05:f6:0b:cc:57:58:d4:0c:d3:59:fc:16:4a:f6:6f:
         42:60:13:dc:34:6e:72:ee:2c:94:e9:36:44:45:3f:6e:ef:b7:
         b5:eb:e7:8a:20:3d:7f:01:ad:fb:0a:d0:2e:3e:b5:d6:ae:91:
         29:e6:5e:e2:34:91:8c:0e:86:25:4a:fe:eb:bc:cb:70:e7:2a:
         cf:45:2d:4f:c9:ad:c3:8f:bb:50:91:a9:51:71:af:8e:88:0a:
         d9:ca:51:1f:ef:e8:4c:82:ef:be:f4:e7:98:59:b1:79:b7:34:
         0f:dc:38:a8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvOSmHKrPc3ySebLGkSkpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODNhOGM2OWEyNjMwY2Q4ZjZmYTcwYWYyYTUzZmUwMTlm
MmNjMDcwHhcNMjMwMTAxMjEyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjcyMmU5ZjgxNDg2ZjUxMGQ0MjgyZDBmYjc5OTAxNDA2ZThjZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk53T21Ri2M60l07i4VnVkpiVtHDp
ot3H37mVgOHvG1F6zx/xRhH/MJyz3hfL0uV4E0170s31pTJBBM88t3i/Ze+mws/E
xTX/e8tnoBnN7OucKg7KFyQ4FtAB47nk4MXjBzcyy1Q5FndGiewIthtVjxOYX6uX
09906BIlGZFf/ahItCWPCcetldf48nEVLyInHNkPoG/l+9Q1nzrHsiX8h5zGnTEO
40J8Qu72UNDqsTpImO7OUVvg9MZQKnGaAOdRKzuxtduFe1a7pAuh5l2XMFCBORzH
UHTruIE1czfqWYeSraxRhVEdVhqWxPCJx5XFSr2hGtfPQ1NSBQwe0PFV6QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEZyLp+BSG9RDUKC0Pt5kBQG6M7hMB8GA1UdIwQY
MBaAFAKDqMaaJjDNj2+nCvKlP+AZ8swHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9Pb3hwb21NTTJQYjZjSzhxVV80Qm55ekFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8xYzI0YWQtMjRiNC00Yzk4LWE2NTkt
NTkyYzBkY2RhZjc5LzEvUm5JdW40RkliMUVOUW9MUS0zbVFGQWJvenVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8xYzI0YWQtMjRiNC00Yzk4LWE2NTktNTkyYzBkY2RhZjc5
LzEvQW9Pb3hwb21NTTJQYjZjSzhxVV80Qm55ekFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMBLuADBAZN
TUADBAG5eKgwDQQCAAIwBwMFAyoCFsAwDQYJKoZIhvcNAQELBQADggEBAHvaMU5o
s6Y0YyGjVGgHncXpL+nN1DDNrhRmsegeWduYO9ncev4EsufYqeLkcyOM8NHNQyhk
hjYWyXtLbs7ZL+rFYGFCsqSghJrc359AY5BgPcoEtjFVJXAxkY44cqqNhzduEbR2
7U7F8eSnBIf9aq4YWEzfJoUc6BzxNnsdwFcAtgBJ5ty1EoIeuWEAQurWs5tVXAX2
C8xXWNQM01n8Fkr2b0JgE9w0bnLuLJTpNkRFP27vt7Xr54ogPX8BrfsK0C4+tdau
kSnmXuI0kYwOhiVK/uu8y3DnKs9FLU/JrcOPu1CRqVFxr46ICtnKUR/v6EyC7770
55hZsXm3NA/cOKg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org