Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/KZ9VTGEdGQ9VDwviAE0ZNp2rHd0.roa
File:                     KZ9VTGEdGQ9VDwviAE0ZNp2rHd0.roa (raw, json)
Hash identifier:          /eeVgn/BUb9KtMUvU9vL5DyYijht7ctiijjzx23srWA=
Subject key identifier:   29:9F:55:4C:61:1D:19:0F:55:0F:0B:E2:00:4D:19:36:9D:AB:1D:DD
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       018AB6CEF0F84A5213E0686679F41A945112
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/KZ9VTGEdGQ9VDwviAE0ZNp2rHd0.roa
Signing time:             Thu 21 Sep 2023 08:15:29 +0000
ROA not before:           Thu 21 Sep 2023 08:15:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.149.94.0/24 maxlen: 24
                          80.246.224.0/24 maxlen: 24
                          80.246.225.0/24 maxlen: 24
                          80.246.232.0/24 maxlen: 24
                          80.246.233.0/24 maxlen: 24
                          80.246.228.0/24 maxlen: 24
                          80.246.236.0/24 maxlen: 24
                          80.246.236.0/22 maxlen: 24
                          80.246.237.0/24 maxlen: 24
                          80.246.238.0/24 maxlen: 24
                          80.246.239.0/24 maxlen: 24
                          80.246.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 23 Sep 2023 17:53:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b6:ce:f0:f8:4a:52:13:e0:68:66:79:f4:1a:94:51:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Sep 21 08:15:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=299f554c611d190f550f0be2004d19369dab1ddd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:bf:a7:9f:d0:57:7c:c1:88:dc:8f:76:0a:36:
                    6f:93:24:a2:1f:d7:51:ab:2a:54:a1:44:2e:6f:2d:
                    84:ef:e3:81:96:e8:96:b0:9a:a8:9d:b2:ce:18:c6:
                    a1:52:32:f9:a3:09:55:a8:7a:0e:ed:8b:cf:ad:06:
                    6b:ee:51:0f:8c:af:cd:ad:1a:e4:05:40:5b:d1:1d:
                    e8:bb:04:57:ff:42:58:9f:b9:0c:22:71:e6:af:2b:
                    1a:08:92:0f:6e:db:27:5a:b6:8e:b8:4b:9e:2e:f7:
                    ec:e6:75:43:64:3f:de:fa:ae:95:c9:86:32:55:f6:
                    c9:78:43:9d:26:a2:ae:7d:f5:5b:77:7e:1a:8b:33:
                    6e:dd:26:09:81:85:c4:09:33:a7:a2:af:6b:32:dd:
                    88:ef:52:35:c7:87:35:3f:82:c8:78:b0:63:de:3e:
                    7f:5b:f6:64:5c:a7:61:31:c3:13:c2:9f:03:c0:03:
                    26:7b:e3:77:94:82:cb:cf:67:ea:ca:67:70:41:cc:
                    2d:4a:4f:10:51:99:74:a9:ef:9b:10:ee:c0:7e:fa:
                    74:67:9b:c9:4b:11:e6:48:70:f6:18:c5:65:04:47:
                    89:42:9c:c1:00:be:7c:db:c0:f8:21:b9:06:8e:4f:
                    12:89:ea:ac:21:65:ee:ba:3e:39:3e:21:22:36:87:
                    23:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:9F:55:4C:61:1D:19:0F:55:0F:0B:E2:00:4D:19:36:9D:AB:1D:DD
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/KZ9VTGEdGQ9VDwviAE0ZNp2rHd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.94.0/24
                  80.246.224.0/23
                  80.246.228.0/24
                  80.246.232.0-80.246.234.255
                  80.246.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8b:d1:00:b7:f1:15:94:18:6e:a3:22:ff:da:22:dc:73:f2:a3:
         61:91:39:a0:03:41:be:fe:70:1e:ee:83:48:b3:4f:f2:f6:ff:
         aa:98:a2:3e:02:2e:d4:e1:be:28:1e:ad:47:44:4d:8e:bb:19:
         1a:fd:a4:23:2a:4d:e8:03:b0:5e:4e:fb:63:27:ef:98:eb:d5:
         78:a9:94:0f:59:6a:a2:77:b0:3a:51:6a:37:4a:a8:8d:5b:0a:
         df:ae:89:74:a1:0f:22:c8:a6:6d:1a:b0:a2:26:58:77:8b:27:
         a9:cf:82:17:ce:14:3e:92:4c:aa:3e:d4:99:56:b6:36:0d:08:
         ad:48:59:fd:e8:da:54:93:e0:1f:a3:82:34:b9:12:4b:67:08:
         b5:8f:03:dd:bf:18:c6:27:98:b5:13:ae:95:ab:15:6d:be:22:
         d9:59:af:5d:f5:76:cc:7d:8b:91:29:77:1f:38:f0:59:c2:de:
         3b:8a:12:09:eb:59:2a:64:41:17:8d:1b:8c:70:5b:a8:51:1e:
         0b:e8:5f:d0:ee:44:1f:bb:3c:b1:0a:53:1e:a0:40:1f:87:ef:
         43:7a:0f:05:f4:64:b5:48:c6:9e:70:08:b0:98:67:32:1a:66:
         c5:c5:be:3c:70:2c:cd:bc:e9:f9:a8:5c:af:92:21:7f:2f:34:
         a5:91:9e:a5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYq2zvD4SlIT4GhmefQalFESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwOTIxMDgxNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTlmNTU0YzYxMWQxOTBmNTUwZjBiZTIwMDRkMTkzNjlkYWIxZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7+nn9BXfMGI3I92CjZvkySiH9dR
qypUoUQuby2E7+OBluiWsJqonbLOGMahUjL5owlVqHoO7YvPrQZr7lEPjK/NrRrk
BUBb0R3ouwRX/0JYn7kMInHmrysaCJIPbtsnWraOuEueLvfs5nVDZD/e+q6VyYYy
VfbJeEOdJqKuffVbd34aizNu3SYJgYXECTOnoq9rMt2I71I1x4c1P4LIeLBj3j5/
W/ZkXKdhMcMTwp8DwAMme+N3lILLz2fqymdwQcwtSk8QUZl0qe+bEO7Afvp0Z5vJ
SxHmSHD2GMVlBEeJQpzBAL5828D4IbkGjk8SieqsIWXuuj45PiEiNocjsQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCmfVUxhHRkPVQ8L4gBNGTadqx3dMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvS1o5VlRHRWRHUTlWRHd2aUFFMFpOcDJySGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALZVeAwQB
UPbgAwQAUPbkMAwDBANQ9ugDBABQ9uoDBAJQ9uwwDQYJKoZIhvcNAQELBQADggEB
AIvRALfxFZQYbqMi/9oi3HPyo2GROaADQb7+cB7ug0izT/L2/6qYoj4CLtThvige
rUdETY67GRr9pCMqTegDsF5O+2Mn75jr1XiplA9ZaqJ3sDpRajdKqI1bCt+uiXSh
DyLIpm0asKImWHeLJ6nPghfOFD6STKo+1JlWtjYNCK1IWf3o2lST4B+jgjS5Ektn
CLWPA92/GMYnmLUTrpWrFW2+ItlZr131dsx9i5Epdx848FnC3juKEgnrWSpkQReN
G4xwW6hRHgvoX9DuRB+7PLEKUx6gQB+H70N6DwX0ZLVIxp5wCLCYZzIaZsXFvjxw
LM286fmoXK+SIX8vNKWRnqU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org