Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/ss0sqZeC3ha-rvoxzHauYH_0xIM.roa
File:                     ss0sqZeC3ha-rvoxzHauYH_0xIM.roa (raw, json)
Hash identifier:          bXGYTjrj+0BOp53WuwuHSblb7Ient9vDqtd4gNdkFeQ=
Subject key identifier:   B2:CD:2C:A9:97:82:DE:16:BE:AE:FA:31:CC:76:AE:60:7F:F4:C4:83
Certificate issuer:       /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial:       01856FCB888904F995AF80EA66BCE47E54EA
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/ss0sqZeC3ha-rvoxzHauYH_0xIM.roa
Signing time:             Mon 02 Jan 2023 00:04:47 +0000
ROA not before:           Mon 02 Jan 2023 00:04:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44247
IP address blocks:        95.158.160.0/22 maxlen: 24
                          46.35.176.0/22 maxlen: 24
                          95.158.176.0/21 maxlen: 24
                          212.21.128.0/24 maxlen: 24
                          212.21.136.0/23 maxlen: 24
                          212.21.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:88:89:04:f9:95:af:80:ea:66:bc:e4:7e:54:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
        Validity
            Not Before: Jan  2 00:04:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b2cd2ca99782de16beaefa31cc76ae607ff4c483
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:a8:48:65:16:b5:55:90:ef:93:7a:74:27:29:
                    a7:81:69:3c:41:41:72:c5:dc:be:87:73:08:19:4d:
                    68:51:62:31:7c:47:b7:31:af:b2:10:c9:a3:5e:16:
                    c7:72:43:ff:30:30:c2:70:56:85:40:35:e8:d3:7c:
                    0a:d3:3d:35:d4:15:df:3f:b3:a5:7d:bf:53:d6:3f:
                    20:6b:de:22:a8:47:7a:fc:fc:6b:79:5d:34:b9:a5:
                    d1:ac:2b:28:ef:30:40:f4:91:c4:4f:90:c5:56:2b:
                    dd:fd:ab:6c:8c:eb:b6:16:fd:1e:b2:c0:98:d5:aa:
                    c7:77:c1:d7:5b:c4:05:48:45:99:81:9e:23:b0:1f:
                    20:4c:98:fa:74:6d:cb:b4:79:52:8b:b0:8e:4e:11:
                    35:e5:e4:37:72:2f:4b:e9:05:95:72:96:3a:9d:88:
                    13:a1:67:2c:19:94:a1:d3:11:f3:4a:3d:24:af:68:
                    a1:aa:a2:5f:03:07:bb:69:8a:5b:3c:b9:6c:7f:3f:
                    06:47:30:a4:a6:82:53:34:99:8f:d5:65:5c:44:16:
                    d6:2d:f6:b0:01:52:a6:68:bc:45:0a:8a:bc:a5:15:
                    3e:88:1d:47:9d:e8:89:e9:98:6f:a2:b3:37:3c:b0:
                    6c:ce:c5:00:36:ad:e7:23:13:8a:d4:2e:1c:7f:2e:
                    21:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:CD:2C:A9:97:82:DE:16:BE:AE:FA:31:CC:76:AE:60:7F:F4:C4:83
            X509v3 Authority Key Identifier:
                keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/ss0sqZeC3ha-rvoxzHauYH_0xIM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.35.176.0/22
                  95.158.160.0/22
                  95.158.176.0/21
                  212.21.128.0/24
                  212.21.136.0-212.21.138.255

    Signature Algorithm: sha256WithRSAEncryption
         2e:78:69:d7:c4:31:e8:88:5f:af:a9:1c:e9:ec:62:fa:f4:94:
         43:52:27:3f:6c:f6:13:f3:47:95:dc:06:7b:64:07:12:50:d7:
         4c:71:62:53:d8:30:e8:72:20:87:64:96:5e:20:7c:0e:6d:61:
         56:39:b4:47:7a:e7:03:f4:df:c4:ab:c9:76:17:6a:a8:40:03:
         c8:12:86:e3:ed:44:a2:7e:52:c7:3a:3a:e1:d6:bd:c2:3c:a1:
         93:02:ea:c2:49:3f:9d:07:84:a1:39:9e:39:d0:87:a7:ca:24:
         98:23:a3:e3:ab:f1:63:43:50:38:8f:1a:88:4a:a8:27:b0:30:
         bd:c1:86:d2:37:a2:00:c3:cb:e0:ae:40:23:3c:22:34:e4:e3:
         d3:a2:c1:80:e3:3d:7a:0c:4b:77:2f:cb:c1:38:a3:b7:11:79:
         e0:52:59:08:3b:71:dc:15:ae:7b:06:f4:83:aa:a8:94:16:83:
         aa:35:d0:d7:c4:9d:5f:dc:6d:12:81:a6:1b:94:b9:fb:67:4c:
         62:cd:f4:26:4c:ac:b8:a6:0b:94:d0:10:c3:44:1c:c7:e0:87:
         a2:d1:e8:6d:20:69:88:2c:4c:06:7c:82:f6:fc:34:20:35:c5:
         65:5f:92:ed:67:78:a9:0a:40:13:9f:7a:4d:33:90:89:cf:23:
         67:49:12:77
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvy4iJBPmVr4DqZrzkflTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmNkMmNhOTk3ODJkZTE2YmVhZWZhMzFjYzc2YWU2MDdmZjRjNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KhIZRa1VZDvk3p0JymngWk8QUFy
xdy+h3MIGU1oUWIxfEe3Ma+yEMmjXhbHckP/MDDCcFaFQDXo03wK0z011BXfP7Ol
fb9T1j8ga94iqEd6/PxreV00uaXRrCso7zBA9JHET5DFVivd/atsjOu2Fv0essCY
1arHd8HXW8QFSEWZgZ4jsB8gTJj6dG3LtHlSi7COThE15eQ3ci9L6QWVcpY6nYgT
oWcsGZSh0xHzSj0kr2ihqqJfAwe7aYpbPLlsfz8GRzCkpoJTNJmP1WVcRBbWLfaw
AVKmaLxFCoq8pRU+iB1HneiJ6ZhvorM3PLBszsUANq3nIxOK1C4cfy4hhQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLLNLKmXgt4Wvq76Mcx2rmB/9MSDMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvc3Mwc3FaZUMzaGEtcnZveHpIYXVZSF8weElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCLiOwAwQC
X56gAwQDX56wAwQA1BWAMAwDBAPUFYgDBADUFYowDQYJKoZIhvcNAQELBQADggEB
AC54adfEMeiIX6+pHOnsYvr0lENSJz9s9hPzR5XcBntkBxJQ10xxYlPYMOhyIIdk
ll4gfA5tYVY5tEd65wP038SryXYXaqhAA8gShuPtRKJ+Usc6OuHWvcI8oZMC6sJJ
P50HhKE5njnQh6fKJJgjo+Or8WNDUDiPGohKqCewML3BhtI3ogDDy+CuQCM8IjTk
49OiwYDjPXoMS3cvy8E4o7cReeBSWQg7cdwVrnsG9IOqqJQWg6o10NfEnV/cbRKB
phuUuftnTGLN9CZMrLimC5TQEMNEHMfgh6LR6G0gaYgsTAZ8gvb8NCA1xWVfku1n
eKkKQBOfek0zkInPI2dJEnc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:24 2024 by rpki-client on console-fra.rpki-client.org