Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/OmGwoNkBo_IW_fOgETXkcjNQ_mY.roa
File:                     OmGwoNkBo_IW_fOgETXkcjNQ_mY.roa (raw, json)
Hash identifier:          rR9x4KNIaRXxOmrhrTWUtEnqGAYYdfo2qofwF2XmWf4=
Subject key identifier:   3A:61:B0:A0:D9:01:A3:F2:16:FD:F3:A0:11:35:E4:72:33:50:FE:66
Certificate issuer:       /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial:       018992309FB79014D7A1871D4B03631D50D5
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/OmGwoNkBo_IW_fOgETXkcjNQ_mY.roa
Signing time:             Wed 26 Jul 2023 12:33:27 +0000
ROA not before:           Wed 26 Jul 2023 12:33:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198710
IP address blocks:        81.209.132.0/24 maxlen: 24
                          81.209.151.0/24 maxlen: 24
                          81.209.159.0/24 maxlen: 24
                          81.209.154.0/23 maxlen: 24
                          83.125.106.0/23 maxlen: 23
                          80.86.180.0/24 maxlen: 24
                          80.86.186.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 19 Oct 2023 09:46:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:92:30:9f:b7:90:14:d7:a1:87:1d:4b:03:63:1d:50:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
        Validity
            Not Before: Jul 26 12:33:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a61b0a0d901a3f216fdf3a01135e4723350fe66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:69:a4:e4:61:5b:e1:64:86:f3:b4:34:18:8e:
                    1b:ea:46:ba:82:13:07:74:e7:f0:bb:a1:4f:9a:a4:
                    a1:1f:60:cc:6d:71:b8:9a:9c:2a:73:1c:9a:62:74:
                    6b:fc:cd:7e:a5:db:f7:d0:76:de:ce:38:b5:76:93:
                    59:3e:1e:bf:99:27:4d:9e:b7:35:d8:48:ab:25:bc:
                    fd:41:96:2d:b9:50:65:28:62:55:7e:b0:d1:b0:b3:
                    45:53:8c:8d:4a:48:7f:82:55:fb:7d:32:f2:83:eb:
                    3a:02:10:b3:82:df:3e:27:e2:b2:82:13:62:a0:47:
                    e7:67:b4:cd:49:00:ff:55:63:22:20:14:e6:b4:11:
                    59:c2:57:31:21:1c:53:de:2f:07:c3:b7:df:7d:bc:
                    01:67:4b:df:cd:65:f8:9a:d6:3c:fa:28:a1:90:71:
                    c6:ba:39:c0:f8:88:eb:95:bd:da:92:5b:f9:7b:e4:
                    b4:da:73:04:e4:1b:a7:79:ed:2b:ca:12:f2:d5:9e:
                    3e:b2:dd:c9:b6:6d:db:aa:d1:c0:c3:82:33:88:ca:
                    66:26:c2:c6:e4:43:08:10:6c:cb:db:bf:f4:20:b3:
                    d7:dc:ca:ea:63:25:93:a6:cd:20:7b:d6:96:90:27:
                    8d:60:a6:ed:73:3b:c5:7d:b3:90:06:1a:f9:4c:0e:
                    fc:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:61:B0:A0:D9:01:A3:F2:16:FD:F3:A0:11:35:E4:72:33:50:FE:66
            X509v3 Authority Key Identifier:
                keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/OmGwoNkBo_IW_fOgETXkcjNQ_mY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.86.180.0/24
                  80.86.186.0/24
                  81.209.132.0/24
                  81.209.151.0/24
                  81.209.154.0/23
                  81.209.159.0/24
                  83.125.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         45:e8:9b:3e:ee:8f:de:51:d6:b0:d5:28:3f:ab:59:60:10:f0:
         0b:62:29:a5:27:1f:29:00:37:29:c6:ec:7d:3c:8c:da:c1:c8:
         9d:56:ac:e2:80:e9:5b:0a:ec:03:f7:4d:9b:89:7a:5c:3b:5d:
         00:0b:2e:b4:bc:45:44:43:93:c8:0c:70:4c:de:68:c9:b3:09:
         0b:76:00:43:7d:66:61:0a:33:b7:1c:c2:71:4e:9f:15:4d:b6:
         99:bf:9d:27:c3:1f:43:83:87:22:53:b1:a6:7c:20:dc:62:49:
         c7:92:82:1d:b7:23:74:16:4a:dd:be:9e:e9:36:1d:44:10:25:
         9a:a5:3f:7a:73:90:1d:4b:fd:0e:db:14:38:e0:d1:fe:83:c7:
         5f:5c:99:40:8b:b7:5f:e7:83:f9:ca:3f:03:a5:36:0c:6f:18:
         77:09:36:4a:d8:0a:76:b4:41:45:8f:9d:1a:50:bc:67:12:6b:
         c4:07:26:63:30:30:ee:78:42:a9:85:c4:2f:1d:50:93:99:e6:
         dc:36:6b:5a:f6:90:9e:e3:91:39:a8:14:44:05:3d:c2:d9:51:
         11:bd:6a:c4:04:4c:fc:46:06:11:cd:ac:17:94:1a:94:ac:1c:
         40:da:53:58:7d:54:3a:5c:c0:ef:a0:1d:26:50:ad:73:29:a3:
         0d:d2:19:fc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmSMJ+3kBTXoYcdSwNjHVDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwNzI2MTIzMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTYxYjBhMGQ5MDFhM2YyMTZmZGYzYTAxMTM1ZTQ3MjMzNTBmZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2mk5GFb4WSG87Q0GI4b6ka6ghMH
dOfwu6FPmqShH2DMbXG4mpwqcxyaYnRr/M1+pdv30Hbezji1dpNZPh6/mSdNnrc1
2EirJbz9QZYtuVBlKGJVfrDRsLNFU4yNSkh/glX7fTLyg+s6AhCzgt8+J+KyghNi
oEfnZ7TNSQD/VWMiIBTmtBFZwlcxIRxT3i8Hw7fffbwBZ0vfzWX4mtY8+iihkHHG
ujnA+Ijrlb3aklv5e+S02nME5Bunee0ryhLy1Z4+st3Jtm3bqtHAw4IziMpmJsLG
5EMIEGzL27/0ILPX3MrqYyWTps0ge9aWkCeNYKbtczvFfbOQBhr5TA78eQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDphsKDZAaPyFv3zoBE15HIzUP5mMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvT21Hd29Oa0JvX0lXX2ZPZ0VUWGtjak5RX21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUFa0AwQA
UFa6AwQAUdGEAwQAUdGXAwQBUdGaAwQAUdGfAwQBU31qMA0GCSqGSIb3DQEBCwUA
A4IBAQBF6Js+7o/eUdaw1Sg/q1lgEPALYimlJx8pADcpxux9PIzawcidVqzigOlb
CuwD902biXpcO10ACy60vEVEQ5PIDHBM3mjJswkLdgBDfWZhCjO3HMJxTp8VTbaZ
v50nwx9Dg4ciU7GmfCDcYknHkoIdtyN0Fkrdvp7pNh1EECWapT96c5AdS/0O2xQ4
4NH+g8dfXJlAi7df54P5yj8DpTYMbxh3CTZK2Ap2tEFFj50aULxnEmvEByZjMDDu
eEKphcQvHVCTmebcNmta9pCe45E5qBREBT3C2VERvWrEBEz8RgYRzawXlBqUrBxA
2lNYfVQ6XMDvoB0mUK1zKaMN0hn8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:10 2024 by rpki-client on console-ams.rpki-client.org