Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/gT74M3tgd1iLpx3gnGIOi6emYwQ.roa
File:                     gT74M3tgd1iLpx3gnGIOi6emYwQ.roa (raw, json)
Hash identifier:          TGS+cFIsKMb2Z4dCHa3y+y99TX1aR3TCitz5JnfbZmw=
Subject key identifier:   81:3E:F8:33:7B:60:77:58:8B:A7:1D:E0:9C:62:0E:8B:A7:A6:63:04
Certificate issuer:       /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial:       018C59893ED0B4FA52F0C87C3FBFC58479BC
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/gT74M3tgd1iLpx3gnGIOi6emYwQ.roa
Signing time:             Mon 11 Dec 2023 15:40:15 +0000
ROA not before:           Mon 11 Dec 2023 15:40:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203847
IP address blocks:        185.206.52.0/23 maxlen: 23
                          193.162.128.0/24 maxlen: 24
                          185.122.44.0/22 maxlen: 22
                          45.142.15.0/24 maxlen: 24
                          2a01:57e0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sat 16 Dec 2023 08:09:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:59:89:3e:d0:b4:fa:52:f0:c8:7c:3f:bf:c5:84:79:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
        Validity
            Not Before: Dec 11 15:40:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=813ef8337b6077588ba71de09c620e8ba7a66304
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:52:53:28:05:29:3a:f8:4f:f9:1f:b1:fb:2e:
                    db:ab:5d:cd:bf:4a:1f:24:6e:0b:2e:27:c7:bb:fc:
                    12:09:5e:8d:f0:4b:d6:cc:42:51:fd:c0:4f:06:85:
                    87:07:e0:e3:1a:89:81:5a:ed:6b:2b:bd:4d:35:b3:
                    01:f9:b7:08:2e:26:93:57:9c:99:c9:87:c5:b8:8d:
                    8e:30:f0:a8:1f:60:97:64:4a:76:52:29:a1:ca:9f:
                    21:7a:1d:4b:40:17:8f:c4:f0:84:72:26:dd:0e:f7:
                    cb:cf:b8:88:39:8e:ba:17:46:01:39:4b:85:35:6a:
                    03:51:84:91:55:7d:6a:91:76:74:6e:8a:be:b9:9f:
                    31:6d:09:74:7d:15:eb:d1:83:4c:aa:3e:25:3f:65:
                    2e:29:20:1a:d0:d7:ca:91:e5:a9:3d:44:5a:b1:10:
                    72:37:e3:65:97:2c:cf:81:05:f7:8b:88:2e:33:87:
                    d4:73:c8:c0:c0:68:e6:6b:f4:22:e7:db:67:54:27:
                    4f:36:04:f8:65:44:41:fe:cf:48:d9:2f:b5:7e:21:
                    79:56:d1:0c:9d:96:2d:8c:c8:45:a7:3b:2f:ba:46:
                    33:79:e9:bf:46:1a:fe:15:36:84:71:4f:d3:5b:7b:
                    f8:36:d3:e0:d7:cd:a4:eb:bb:f7:cb:e5:38:80:92:
                    e5:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:3E:F8:33:7B:60:77:58:8B:A7:1D:E0:9C:62:0E:8B:A7:A6:63:04
            X509v3 Authority Key Identifier:
                keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/gT74M3tgd1iLpx3gnGIOi6emYwQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.15.0/24
                  185.122.44.0/22
                  185.206.52.0/23
                  193.162.128.0/24
                IPv6:
                  2a01:57e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         9a:4f:19:39:4e:01:3e:b6:b7:25:b1:4d:85:32:ae:6e:ec:f7:
         41:64:09:54:39:61:46:07:ae:39:2d:d9:0f:af:c1:b3:d0:0b:
         17:c1:7c:95:32:71:1b:06:a7:95:63:c9:8d:0b:fa:b9:74:f6:
         f9:08:1c:a6:22:51:7e:fe:70:46:cc:0a:93:ce:5a:6d:8c:8c:
         8d:de:55:b8:b6:12:66:3b:30:75:a8:b2:9f:85:ea:73:63:71:
         ec:ca:4e:55:3b:f9:68:9c:89:39:33:09:fd:7f:29:52:24:26:
         af:21:e7:f9:4f:90:0d:b7:36:91:0b:69:18:ba:dc:e7:57:50:
         cb:d3:e0:60:a2:dd:08:fe:cb:32:3a:69:3d:dd:48:30:a6:a8:
         06:fd:6b:ca:be:af:d1:e2:fc:4d:f2:4a:60:ca:57:c0:2b:c3:
         52:e2:a1:91:c0:a4:a0:02:a9:ba:d7:04:3b:12:cf:9e:27:0b:
         f1:75:45:72:2f:78:24:d6:66:bb:5c:f9:db:8b:49:1b:a9:51:
         1c:cc:26:03:38:76:88:72:aa:9c:34:d4:82:74:5c:a3:25:d5:
         74:a1:c6:08:6f:82:ea:10:ae:ca:d4:7d:c6:2a:bf:03:39:84:
         91:38:2c:67:6a:80:15:5c:cf:6d:dc:42:5f:8c:57:43:ea:ee:
         08:74:0e:b8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYxZiT7QtPpS8Mh8P7/FhHm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjMxMjExMTU0MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTNlZjgzMzdiNjA3NzU4OGJhNzFkZTA5YzYyMGU4YmE3YTY2MzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFJTKAUpOvhP+R+x+y7bq13Nv0of
JG4LLifHu/wSCV6N8EvWzEJR/cBPBoWHB+DjGomBWu1rK71NNbMB+bcILiaTV5yZ
yYfFuI2OMPCoH2CXZEp2Uimhyp8heh1LQBePxPCEcibdDvfLz7iIOY66F0YBOUuF
NWoDUYSRVX1qkXZ0boq+uZ8xbQl0fRXr0YNMqj4lP2UuKSAa0NfKkeWpPURasRBy
N+NllyzPgQX3i4guM4fUc8jAwGjma/Qi59tnVCdPNgT4ZURB/s9I2S+1fiF5VtEM
nZYtjMhFpzsvukYzeem/Rhr+FTaEcU/TW3v4NtPg182k67v3y+U4gJLlDwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIE++DN7YHdYi6cd4JxiDounpmMEMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvZ1Q3NE0zdGdkMWlMcHgzZ25HSU9pNmVtWXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALY4PAwQC
uXosAwQBuc40AwQAwaKAMA0EAgACMAcDBQAqAVfgMA0GCSqGSIb3DQEBCwUAA4IB
AQCaTxk5TgE+trclsU2FMq5u7PdBZAlUOWFGB645LdkPr8Gz0AsXwXyVMnEbBqeV
Y8mNC/q5dPb5CBymIlF+/nBGzAqTzlptjIyN3lW4thJmOzB1qLKfhepzY3Hsyk5V
O/lonIk5Mwn9fylSJCavIef5T5ANtzaRC2kYutznV1DL0+Bgot0I/ssyOmk93Ugw
pqgG/WvKvq/R4vxN8kpgylfAK8NS4qGRwKSgAqm61wQ7Es+eJwvxdUVyL3gk1ma7
XPnbi0kbqVEczCYDOHaIcqqcNNSCdFyjJdV0ocYIb4LqEK7K1H3GKr8DOYSROCxn
aoAVXM9t3EJfjFdD6u4IdA64
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:19 2024 by rpki-client on console-ams.rpki-client.org