Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/_Vfghb6wRC__EVOvtm6du9jW5z8.roa
File:                     _Vfghb6wRC__EVOvtm6du9jW5z8.roa (raw, json)
Hash identifier:          wDgGKbbrDd6wsgpKo1WUTfZZTiCIdSZJofSpfOPuiqw=
Subject key identifier:   FD:57:E0:85:BE:B0:44:2F:FF:11:53:AF:B6:6E:9D:BB:D8:D6:E7:3F
Certificate issuer:       /CN=15f889fed0085fc21b08fcbbb252c3106df99aa8
Certificate serial:       018CC7946F843138F2ECBF41B7C278063E22
Authority key identifier: 15:F8:89:FE:D0:08:5F:C2:1B:08:FC:BB:B2:52:C3:10:6D:F9:9A:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FfiJ_tAIX8IbCPy7slLDEG35mqg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/_Vfghb6wRC__EVOvtm6du9jW5z8.roa
Signing time:             Tue 02 Jan 2024 00:30:43 +0000
ROA not before:           Tue 02 Jan 2024 00:30:43 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     13101
IP address blocks:        45.145.236.0/22 maxlen: 22
                          185.234.200.0/22 maxlen: 22
                          192.166.40.0/22 maxlen: 22
                          46.22.152.0/21 maxlen: 21
                          202.71.144.0/21 maxlen: 21
                          109.94.212.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 15 Jan 2024 11:07:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:6f:84:31:38:f2:ec:bf:41:b7:c2:78:06:3e:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15f889fed0085fc21b08fcbbb252c3106df99aa8
        Validity
            Not Before: Jan  2 00:30:43 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fd57e085beb0442fff1153afb66e9dbbd8d6e73f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:7a:a1:56:c8:8f:1e:a1:8d:68:6c:01:b9:61:
                    b8:83:40:27:ce:8e:1c:a2:89:f7:39:5a:35:7c:21:
                    a8:0f:9e:93:bf:db:60:ca:df:31:99:72:cb:35:87:
                    34:12:da:e9:ea:e8:07:cc:d7:01:2e:a6:49:f2:cf:
                    ea:b3:9b:83:08:d1:49:10:d4:54:78:7c:20:4a:aa:
                    51:0e:59:e0:f3:55:3c:e8:7f:31:c5:8a:08:46:6f:
                    38:4a:bb:68:b4:1f:bf:18:7b:ee:98:cf:fe:3a:2d:
                    8a:f3:44:3f:6a:a8:c9:f0:86:39:2b:de:fc:7b:8e:
                    48:2a:b2:fd:65:22:aa:5d:2f:d9:61:06:f5:85:2e:
                    8d:67:66:e1:f4:99:1f:d6:dc:38:cf:55:69:54:52:
                    19:d5:60:4d:79:88:9a:3d:f1:55:73:e1:24:e1:0a:
                    71:57:36:2c:35:ff:d6:14:29:d8:a5:38:7c:6d:1b:
                    9b:65:65:4b:bd:9e:4f:8c:1e:be:b3:7a:81:d9:78:
                    ad:1c:8a:6f:e5:b4:11:a5:99:cd:16:82:4e:a8:c0:
                    ac:46:0d:f6:b3:3e:29:59:d1:f2:9f:93:2e:45:ce:
                    ff:c9:1b:0c:8f:fb:89:c1:6d:84:83:8a:8f:b5:f1:
                    ed:7c:d1:c2:dd:bc:f5:c6:2f:f0:bb:96:d3:fc:07:
                    ea:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:57:E0:85:BE:B0:44:2F:FF:11:53:AF:B6:6E:9D:BB:D8:D6:E7:3F
            X509v3 Authority Key Identifier:
                keyid:15:F8:89:FE:D0:08:5F:C2:1B:08:FC:BB:B2:52:C3:10:6D:F9:9A:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfiJ_tAIX8IbCPy7slLDEG35mqg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/_Vfghb6wRC__EVOvtm6du9jW5z8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/FfiJ_tAIX8IbCPy7slLDEG35mqg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.145.236.0/22
                  46.22.152.0/21
                  109.94.212.0/22
                  185.234.200.0/22
                  192.166.40.0/22
                  202.71.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         03:c7:2e:11:fe:fe:d0:29:d5:68:b8:86:4d:e5:27:18:25:13:
         8b:e6:2a:ae:5e:0b:56:a4:7a:3d:5f:72:e7:fb:22:9f:0d:ca:
         6f:64:04:55:7c:bf:b3:54:de:af:a0:21:4a:f7:88:3f:f5:12:
         66:7c:51:93:cf:cd:2c:f9:79:a8:9e:2a:c1:b9:bc:28:74:3b:
         24:aa:b3:15:68:a5:54:08:38:0a:a9:2e:42:dd:81:54:a1:03:
         e6:eb:13:b2:ff:20:38:b2:07:1e:43:38:9f:d8:2c:55:38:0e:
         36:46:99:3a:01:dc:b1:4a:da:48:36:03:8a:11:3c:68:eb:6f:
         1e:50:22:15:c7:13:c2:dd:ae:d7:69:8d:da:7c:46:6e:cc:6d:
         8a:f6:ef:fc:b7:5e:3c:27:09:01:7a:a3:47:da:57:0f:15:b8:
         91:e3:ff:68:f6:a4:57:de:6f:82:91:1d:91:b9:43:c7:e3:c4:
         f2:9a:4b:2b:34:c4:b4:a0:bf:64:4e:65:fe:73:bc:e7:7e:24:
         9c:bc:2f:a6:fd:16:cf:c0:47:57:35:5b:97:93:2f:af:02:43:
         d1:ca:5a:e2:9e:af:91:cb:35:de:64:45:0e:27:d5:55:22:c9:
         e4:48:b2:cb:1b:aa:0c:7c:6f:ba:7c:48:26:b7:1a:e6:9e:ae:
         d3:99:6c:4a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHlG+EMTjy7L9Bt8J4Bj4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Zjg4OWZlZDAwODVmYzIxYjA4ZmNiYmIyNTJjMzEwNmRm
OTlhYTgwHhcNMjQwMTAyMDAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDU3ZTA4NWJlYjA0NDJmZmYxMTUzYWZiNjZlOWRiYmQ4ZDZlNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3qhVsiPHqGNaGwBuWG4g0Anzo4c
oon3OVo1fCGoD56Tv9tgyt8xmXLLNYc0Etrp6ugHzNcBLqZJ8s/qs5uDCNFJENRU
eHwgSqpRDlng81U86H8xxYoIRm84SrtotB+/GHvumM/+Oi2K80Q/aqjJ8IY5K978
e45IKrL9ZSKqXS/ZYQb1hS6NZ2bh9Jkf1tw4z1VpVFIZ1WBNeYiaPfFVc+Ek4Qpx
VzYsNf/WFCnYpTh8bRubZWVLvZ5PjB6+s3qB2XitHIpv5bQRpZnNFoJOqMCsRg32
sz4pWdHyn5MuRc7/yRsMj/uJwW2Eg4qPtfHtfNHC3bz1xi/wu5bT/AfqKwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP1X4IW+sEQv/xFTr7ZunbvY1uc/MB8GA1UdIwQY
MBaAFBX4if7QCF/CGwj8u7JSwxBt+ZqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZpSl90QUlYOEliQ1B5N3NsTERFRzM1bXFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9mOTUyZmItOTMxOC00OWI2LWI5NDYt
MWUzYTE5NTQ3OGUwLzEvX1ZmZ2hiNndSQ19fRVZPdnRtNmR1OWpXNXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9mOTUyZmItOTMxOC00OWI2LWI5NDYtMWUzYTE5NTQ3OGUw
LzEvRmZpSl90QUlYOEliQ1B5N3NsTERFRzM1bXFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLZHsAwQD
LhaYAwQCbV7UAwQCuerIAwQCwKYoAwQDykeQMA0GCSqGSIb3DQEBCwUAA4IBAQAD
xy4R/v7QKdVouIZN5ScYJROL5iquXgtWpHo9X3Ln+yKfDcpvZARVfL+zVN6voCFK
94g/9RJmfFGTz80s+XmonirBubwodDskqrMVaKVUCDgKqS5C3YFUoQPm6xOy/yA4
sgceQzif2CxVOA42Rpk6AdyxStpINgOKETxo628eUCIVxxPC3a7XaY3afEZuzG2K
9u/8t148JwkBeqNH2lcPFbiR4/9o9qRX3m+CkR2RuUPH48TymksrNMS0oL9kTmX+
c7znfiScvC+m/RbPwEdXNVuXky+vAkPRylrinq+RyzXeZEUOJ9VVIsnkSLLLG6oM
fG+6fEgmtxrmnq7TmWxK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:22 2024 by rpki-client on console-fra.rpki-client.org