Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/vis_y8wijdpfkMqiP9s06qpWCPE.roa
File:                     vis_y8wijdpfkMqiP9s06qpWCPE.roa (raw, json)
Hash identifier:          02ElSstC0YIwF16kMd+/qqteoE9iTAdsDuD4Rs5/44c=
Subject key identifier:   BE:2B:3F:CB:CC:22:8D:DA:5F:90:CA:A2:3F:DB:34:EA:AA:56:08:F1
Certificate issuer:       /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial:       018CC6B933192C3D692C602D01014C4AB362
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/vis_y8wijdpfkMqiP9s06qpWCPE.roa
Signing time:             Mon 01 Jan 2024 20:31:15 +0000
ROA not before:           Mon 01 Jan 2024 20:31:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201106
IP address blocks:        194.124.218.0/23 maxlen: 32
                          178.22.30.0/24 maxlen: 32
                          194.124.224.0/23 maxlen: 32
                          45.142.156.0/24 maxlen: 32
                          45.142.157.0/24 maxlen: 32
                          45.142.158.0/23 maxlen: 32
                          94.154.114.0/24 maxlen: 32
                          194.147.98.0/23 maxlen: 32
                          194.147.100.0/23 maxlen: 32
                          188.93.139.0/24 maxlen: 32
                          45.150.226.0/23 maxlen: 32
                          193.218.200.0/23 maxlen: 32
                          45.154.212.0/22 maxlen: 32
                          45.150.164.0/22 maxlen: 32
                          193.221.94.0/23 maxlen: 32
                          45.151.132.0/22 maxlen: 32
                          45.145.74.0/23 maxlen: 32
                          45.145.72.0/23 maxlen: 32
                          2a0e:da40:4000::/34 maxlen: 128

Validation:               Failed, certificate revoked on Mon 29 Jan 2024 04:39:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b9:33:19:2c:3d:69:2c:60:2d:01:01:4c:4a:b3:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
        Validity
            Not Before: Jan  1 20:31:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=be2b3fcbcc228dda5f90caa23fdb34eaaa5608f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b6:48:10:61:c9:99:9b:91:d3:1e:c2:68:7c:
                    55:c6:24:99:2b:f2:1a:82:c7:80:64:3f:10:94:88:
                    34:75:14:95:cf:01:0f:a0:02:30:e3:95:70:28:77:
                    38:8a:ee:06:31:ab:f9:b6:db:d9:24:0b:22:8a:0c:
                    5a:d2:67:d8:3c:e5:62:d3:43:3a:43:c0:58:0d:df:
                    f1:75:1c:e0:ce:78:bf:74:9a:f6:e1:a8:e2:2d:a1:
                    a6:84:f5:4c:70:16:93:0f:8d:fa:dd:fe:67:4a:25:
                    b1:f3:15:06:3d:38:08:30:ac:fc:e9:4b:83:fb:2e:
                    57:4d:07:5c:ac:d6:86:67:ee:16:78:6f:4d:89:12:
                    a8:5c:e9:f3:8f:33:86:8c:98:38:dd:eb:6f:31:2a:
                    36:9f:73:ea:71:33:bc:0b:fe:59:8b:0d:dd:e2:8b:
                    59:a6:53:6a:fe:50:90:15:b5:fb:40:a8:c4:02:e3:
                    b9:10:69:47:e3:bc:39:94:03:19:bf:2a:6a:bd:37:
                    45:f5:84:40:1e:05:93:15:b5:69:63:52:95:14:c0:
                    68:5c:85:9e:bb:4a:e9:90:17:6d:08:61:2f:c8:08:
                    b0:23:2a:44:1a:1e:43:b3:8c:2f:33:f2:f3:7e:fe:
                    f7:51:06:11:89:09:52:7d:b1:e3:64:10:9e:1e:8c:
                    85:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:2B:3F:CB:CC:22:8D:DA:5F:90:CA:A2:3F:DB:34:EA:AA:56:08:F1
            X509v3 Authority Key Identifier:
                keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/vis_y8wijdpfkMqiP9s06qpWCPE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.156.0/22
                  45.145.72.0/22
                  45.150.164.0/22
                  45.150.226.0/23
                  45.151.132.0/22
                  45.154.212.0/22
                  94.154.114.0/24
                  178.22.30.0/24
                  188.93.139.0/24
                  193.218.200.0/23
                  193.221.94.0/23
                  194.124.218.0/23
                  194.124.224.0/23
                  194.147.98.0-194.147.101.255
                IPv6:
                  2a0e:da40:4000::/34

    Signature Algorithm: sha256WithRSAEncryption
         45:d0:26:66:85:80:a0:5f:a3:c2:7d:b8:f6:d6:1a:0f:b6:67:
         51:16:74:91:07:a3:69:b9:c6:4b:b1:e4:d5:67:f9:f3:49:3f:
         41:6a:61:8a:e4:59:e1:ae:b6:e7:01:3f:c8:e9:51:a9:65:fa:
         52:d4:ae:1a:7b:22:2e:21:c1:c8:be:13:b9:d6:88:db:cc:ea:
         23:cf:8c:7d:31:d0:6b:4c:8f:02:1a:f0:29:d7:ca:a9:75:13:
         a3:aa:60:27:bb:52:5d:b3:55:88:ec:23:d2:69:e5:55:d2:29:
         2a:61:8a:44:f8:e8:65:dd:0e:23:ce:e1:c3:37:8e:f5:56:5d:
         9c:b5:68:fb:a2:ba:b0:9a:4e:ea:60:8f:fc:40:66:e0:e3:bd:
         70:5a:b5:0c:26:fc:3a:9b:32:a3:37:a7:d5:1b:6b:88:1c:54:
         c4:20:6d:f4:49:8c:a6:b6:33:cf:b0:9f:5f:2f:87:da:96:c3:
         04:bc:96:60:7d:a8:db:ad:b0:a0:cb:39:d4:43:9d:57:cb:bc:
         30:2f:ef:53:ee:8e:dc:ff:c5:a9:3d:c2:11:ba:b0:8c:c6:8c:
         f4:aa:51:eb:56:b5:39:78:86:e0:e5:21:4f:f2:fe:95:e3:64:
         a0:ed:f9:92:76:24:08:1d:cd:9f:f1:82:6d:40:fc:03:a7:9c:
         12:55:d1:10
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYzGuTMZLD1pLGAtAQFMSrNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMTAxMjAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTJiM2ZjYmNjMjI4ZGRhNWY5MGNhYTIzZmRiMzRlYWFhNTYwOGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprZIEGHJmZuR0x7CaHxVxiSZK/Ia
gseAZD8QlIg0dRSVzwEPoAIw45VwKHc4iu4GMav5ttvZJAsiigxa0mfYPOVi00M6
Q8BYDd/xdRzgzni/dJr24ajiLaGmhPVMcBaTD4363f5nSiWx8xUGPTgIMKz86UuD
+y5XTQdcrNaGZ+4WeG9NiRKoXOnzjzOGjJg43etvMSo2n3PqcTO8C/5Ziw3d4otZ
plNq/lCQFbX7QKjEAuO5EGlH47w5lAMZvypqvTdF9YRAHgWTFbVpY1KVFMBoXIWe
u0rpkBdtCGEvyAiwIypEGh5Ds4wvM/Lzfv73UQYRiQlSfbHjZBCeHoyFEQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFL4rP8vMIo3aX5DKoj/bNOqqVgjxMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvdmlzX3k4d2lqZHBma01xaVA5czA2cXBXQ1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwYgQCAAEwXAMEAi2OnAME
Ai2RSAMEAi2WpAMEAS2W4gMEAi2XhAMEAi2a1AMEAF6acgMEALIWHgMEALxdiwME
AcHayAMEAcHdXgMEAcJ82gMEAcJ84DAMAwQBwpNiAwQBwpNkMA4EAgACMAgDBgYq
DtpAQDANBgkqhkiG9w0BAQsFAAOCAQEARdAmZoWAoF+jwn249tYaD7ZnURZ0kQej
abnGS7Hk1Wf580k/QWphiuRZ4a625wE/yOlRqWX6UtSuGnsiLiHByL4TudaI28zq
I8+MfTHQa0yPAhrwKdfKqXUTo6pgJ7tSXbNViOwj0mnlVdIpKmGKRPjoZd0OI87h
wzeO9VZdnLVo+6K6sJpO6mCP/EBm4OO9cFq1DCb8Opsyozen1RtriBxUxCBt9EmM
prYzz7CfXy+H2pbDBLyWYH2o262woMs51EOdV8u8MC/vU+6O3P/FqT3CEbqwjMaM
9KpR61a1OXiG4OUhT/L+leNkoO35knYkCB3Nn/GCbUD8A6ecElXREA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:57 2024 by rpki-client on console-fra.rpki-client.org