Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/1-l9nGY7b_AT2vgRn8mZIwttTtcM.roa
File:                     1-l9nGY7b_AT2vgRn8mZIwttTtcM.roa (raw, json)
Hash identifier:          I1eFRO3hA/ELl1GBAHyDLvicr3v27qd8C0vq1nPoWCs=
Subject key identifier:   FA:5F:67:19:8E:DB:FC:04:F6:BE:04:67:F2:66:48:C2:DB:53:B5:C3
Certificate issuer:       /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial:       0186B5E35835090529BE94A1FED6229ADDDA
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/1-l9nGY7b_AT2vgRn8mZIwttTtcM.roa
Signing time:             Mon 06 Mar 2023 07:47:00 +0000
ROA not before:           Mon 06 Mar 2023 07:47:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3262
IP address blocks:        185.226.229.0/24 maxlen: 24
                          185.220.166.0/24 maxlen: 24
                          185.220.165.0/24 maxlen: 24
                          185.220.164.0/24 maxlen: 24
                          185.220.167.0/24 maxlen: 24
                          185.232.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 30 Mar 2023 10:40:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b5:e3:58:35:09:05:29:be:94:a1:fe:d6:22:9a:dd:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
        Validity
            Not Before: Mar  6 07:47:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fa5f67198edbfc04f6be0467f26648c2db53b5c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:59:17:85:17:99:5b:c1:39:30:e1:c4:27:9d:
                    f5:35:04:dc:cd:34:f5:7c:27:c1:55:62:81:c7:79:
                    57:c7:ef:78:ae:2c:24:09:c5:57:16:7d:34:a1:4b:
                    a5:1e:bf:84:52:c3:f9:3a:1e:0f:01:f6:b7:66:6a:
                    c8:30:52:1f:20:b9:e1:aa:dd:d5:c9:84:c5:c0:0c:
                    aa:4c:41:46:40:dd:57:a4:07:b1:e3:77:5c:27:e4:
                    35:75:00:4f:01:2b:e5:94:ee:41:dd:4e:83:34:88:
                    28:7a:46:c8:46:e7:05:25:24:5d:82:dc:5c:1c:9d:
                    81:e6:e8:2a:5e:14:4a:56:09:91:27:b4:d0:30:70:
                    e7:57:60:51:d6:e0:86:d1:ce:6e:4f:ab:3e:c6:6f:
                    0c:18:3e:6e:a1:cb:56:c0:e0:d4:f4:62:8b:d9:cb:
                    f0:fd:4b:8a:eb:90:da:35:ad:15:61:d7:0d:0d:66:
                    c7:3f:46:fb:cb:f2:22:06:b8:7b:c0:0e:7a:03:91:
                    0a:bc:e3:05:b4:c4:8f:78:c6:1b:d9:57:6a:e9:48:
                    52:56:0e:1f:34:4f:9f:97:d8:7a:ac:29:4a:a9:3c:
                    e8:8c:d7:f6:3b:2c:73:6d:51:31:f7:a8:fd:28:55:
                    cb:69:22:c1:c9:3b:b0:20:3d:c7:23:4c:c5:5e:66:
                    22:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:5F:67:19:8E:DB:FC:04:F6:BE:04:67:F2:66:48:C2:DB:53:B5:C3
            X509v3 Authority Key Identifier:
                keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/1-l9nGY7b_AT2vgRn8mZIwttTtcM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.220.164.0/22
                  185.226.229.0/24
                  185.232.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:a0:39:b9:0b:4f:e0:2d:ca:65:a5:b8:8a:13:62:b2:77:3c:
         c3:dc:56:e8:ac:e2:bd:c2:92:f6:6a:ff:74:a7:63:97:a7:73:
         ec:65:05:a8:dd:59:11:85:f7:08:4d:d4:1a:42:94:cd:4d:2a:
         54:55:7c:2c:7f:da:42:dd:d0:c0:00:61:59:24:a3:c3:eb:e0:
         f0:90:d6:43:57:05:af:c1:b3:7a:38:52:cb:1c:51:9d:2d:60:
         8c:fd:64:35:bb:33:a0:ed:e6:ce:2f:a4:57:df:79:bd:4d:ea:
         6a:0e:58:e6:ad:cc:3f:97:1d:ff:90:4e:e9:e0:98:47:40:25:
         f8:54:21:ae:3e:fb:df:a2:fa:89:38:64:c7:16:a8:21:a2:e9:
         67:39:fd:f4:a9:fb:f9:13:64:98:a2:8f:61:39:0b:95:d1:0a:
         03:07:69:92:a6:a0:a1:d9:07:eb:7d:c6:6e:18:6b:64:07:37:
         b7:cf:71:63:16:02:b0:6f:1b:e7:d0:a3:de:ce:4d:3d:89:1d:
         ec:23:7c:bc:64:22:a6:e5:21:48:4f:3a:a8:57:d4:3e:db:c0:
         5c:3f:ef:88:cd:76:fc:44:bf:0e:a3:d1:f4:d5:fd:b7:88:7a:
         12:62:8c:79:60:a4:44:a7:99:85:8e:94:8e:1b:c9:e8:e3:80:
         65:9b:d9:bb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYa141g1CQUpvpSh/tYimt3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjMwMzA2MDc0NzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTVmNjcxOThlZGJmYzA0ZjZiZTA0NjdmMjY2NDhjMmRiNTNiNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFkXhReZW8E5MOHEJ531NQTczTT1
fCfBVWKBx3lXx+94riwkCcVXFn00oUulHr+EUsP5Oh4PAfa3ZmrIMFIfILnhqt3V
yYTFwAyqTEFGQN1XpAex43dcJ+Q1dQBPASvllO5B3U6DNIgoekbIRucFJSRdgtxc
HJ2B5ugqXhRKVgmRJ7TQMHDnV2BR1uCG0c5uT6s+xm8MGD5uoctWwODU9GKL2cvw
/UuK65DaNa0VYdcNDWbHP0b7y/IiBrh7wA56A5EKvOMFtMSPeMYb2Vdq6UhSVg4f
NE+fl9h6rClKqTzojNf2OyxzbVEx96j9KFXLaSLByTuwID3HI0zFXmYiUQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPpfZxmO2/wE9r4EZ/JmSMLbU7XDMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvMS1sOW5HWTdiX0FUMnZnUm44bVpJd3R0VHRjTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvNDViMjNmLTMwMmItNDFmMi05NDk2LTljY2JiMDg0Mjhm
YS8xL3FFa2dUS1R3NjA1VzRJNEpuLU40WE9Cdl9xby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArncpAME
ALni5QMEALnohDANBgkqhkiG9w0BAQsFAAOCAQEAIaA5uQtP4C3KZaW4ihNisnc8
w9xW6KzivcKS9mr/dKdjl6dz7GUFqN1ZEYX3CE3UGkKUzU0qVFV8LH/aQt3QwABh
WSSjw+vg8JDWQ1cFr8GzejhSyxxRnS1gjP1kNbszoO3mzi+kV995vU3qag5Y5q3M
P5cd/5BO6eCYR0Al+FQhrj7736L6iThkxxaoIaLpZzn99Kn7+RNkmKKPYTkLldEK
AwdpkqagodkH633GbhhrZAc3t89xYxYCsG8b59Cj3s5NPYkd7CN8vGQipuUhSE86
qFfUPtvAXD/viM12/ES/DqPR9NX9t4h6EmKMeWCkRKeZhY6UjhvJ6OOAZZvZuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:02 2024 by rpki-client on console-fra.rpki-client.org