Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/rhtsmcQP9sDjAufGN0jYfYXGUTY.roa
File:                     rhtsmcQP9sDjAufGN0jYfYXGUTY.roa (raw, json)
Hash identifier:          UoEkojhXxdx+dOfXMXNPuRm1DIDxoLidiT5luLm34KI=
Subject key identifier:   AE:1B:6C:99:C4:0F:F6:C0:E3:02:E7:C6:37:48:D8:7D:85:C6:51:36
Certificate issuer:       /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial:       018AFA901B80F13E06B12DBF033967795420
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/rhtsmcQP9sDjAufGN0jYfYXGUTY.roa
Signing time:             Wed 04 Oct 2023 12:01:02 +0000
ROA not before:           Wed 04 Oct 2023 12:01:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.66.94.0/23 maxlen: 23
                          37.44.228.0/22 maxlen: 24
                          192.145.52.0/22 maxlen: 24
                          192.145.53.0/24 maxlen: 24
                          192.145.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 13 Oct 2023 15:56:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fa:90:1b:80:f1:3e:06:b1:2d:bf:03:39:67:79:54:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
        Validity
            Not Before: Oct  4 12:01:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ae1b6c99c40ff6c0e302e7c63748d87d85c65136
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:42:04:c1:42:7d:0e:ce:a0:c5:c9:c9:22:a4:
                    af:0e:60:a1:ab:ba:70:78:cc:ec:4d:4c:43:fd:b0:
                    2d:41:92:75:c3:f2:68:d3:53:eb:28:56:8a:66:eb:
                    89:8c:0e:d5:f4:26:16:19:c9:e0:59:40:a6:53:c5:
                    f9:32:34:8a:1a:eb:15:61:fa:59:8b:5b:17:5d:43:
                    37:e5:8e:07:c5:c6:b5:26:e6:11:6b:f1:28:23:6a:
                    44:9b:92:66:67:69:34:bf:cb:14:5e:2a:87:c1:98:
                    d1:43:ca:a1:80:82:2b:25:7f:8f:2d:66:17:a8:d7:
                    aa:37:7b:f2:d4:e4:29:b5:5a:18:bc:b1:e0:f7:3e:
                    fd:7f:46:bd:63:c8:97:fa:d8:80:55:b2:6b:8f:64:
                    15:bd:f5:24:fd:40:07:c7:03:a6:87:38:82:71:ed:
                    19:65:6f:5c:ef:da:d3:c4:98:bf:9e:29:aa:92:b5:
                    42:5d:64:f5:b8:1a:60:9e:7c:2e:f8:f8:f1:e7:d5:
                    11:8e:9d:7b:64:a6:d9:80:27:4f:66:9c:b6:84:a1:
                    5e:82:7a:d6:41:be:c5:5b:85:25:ad:20:61:90:67:
                    31:51:51:9d:61:f7:bd:f3:d2:54:4a:6f:50:ba:a6:
                    89:9a:0d:ad:7b:1e:49:e5:83:74:eb:66:4f:8a:3f:
                    07:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:1B:6C:99:C4:0F:F6:C0:E3:02:E7:C6:37:48:D8:7D:85:C6:51:36
            X509v3 Authority Key Identifier:
                keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/rhtsmcQP9sDjAufGN0jYfYXGUTY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.44.228.0/22
                  45.66.94.0/23
                  192.145.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:73:e0:cd:e7:4a:84:95:17:a5:0a:3e:9e:45:52:3b:9d:19:
         a9:fe:af:a4:56:51:0b:1a:4b:a8:00:a5:40:65:30:88:f9:27:
         b3:7e:07:da:65:b6:6f:79:0d:f3:e8:27:7f:aa:f3:1e:f9:a9:
         83:23:be:0d:e4:69:44:a8:28:f4:75:99:43:65:3b:2b:f4:5d:
         08:f7:1e:03:0d:0f:ab:48:1b:91:5d:49:5d:27:85:2e:7a:9c:
         d9:11:7c:c3:ed:8d:31:dc:d7:a9:d1:23:dd:67:fa:c6:29:ca:
         44:34:a7:89:44:d9:6d:1c:b1:85:c6:47:2a:f1:0f:4d:51:d5:
         19:10:8a:ea:a8:3b:26:3f:17:52:03:b5:5d:e5:d6:aa:26:66:
         2c:ef:e1:5e:89:5b:6b:6e:1b:16:bb:6d:cf:b6:9b:b5:39:5c:
         9a:0f:e7:88:6f:74:a4:df:c8:ab:a9:08:41:33:74:7a:4c:93:
         0f:87:64:3c:ae:cc:b5:0d:dd:78:d4:30:ae:c7:4f:f1:f3:96:
         e7:d7:54:d0:33:70:e3:7b:ca:52:fb:1c:d3:96:f9:75:4b:b2:
         9b:4e:35:69:85:e1:fd:b8:42:57:26:fb:00:a0:bd:28:91:b4:
         6f:ec:77:1d:d4:78:15:2f:95:f0:66:e5:d7:07:39:da:da:e8:
         ad:2c:0e:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr6kBuA8T4GsS2/AzlneVQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMxMDA0MTIwMTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFiNmM5OWM0MGZmNmMwZTMwMmU3YzYzNzQ4ZDg3ZDg1YzY1MTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kIEwUJ9Ds6gxcnJIqSvDmChq7pw
eMzsTUxD/bAtQZJ1w/Jo01PrKFaKZuuJjA7V9CYWGcngWUCmU8X5MjSKGusVYfpZ
i1sXXUM35Y4Hxca1JuYRa/EoI2pEm5JmZ2k0v8sUXiqHwZjRQ8qhgIIrJX+PLWYX
qNeqN3vy1OQptVoYvLHg9z79f0a9Y8iX+tiAVbJrj2QVvfUk/UAHxwOmhziCce0Z
ZW9c79rTxJi/nimqkrVCXWT1uBpgnnwu+Pjx59URjp17ZKbZgCdPZpy2hKFegnrW
Qb7FW4UlrSBhkGcxUVGdYfe989JUSm9QuqaJmg2tex5J5YN062ZPij8H9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK4bbJnED/bA4wLnxjdI2H2FxlE2MB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvcmh0c21jUVA5c0RqQXVmR04wallmWVhHVVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJSzkAwQB
LUJeAwQCwJE0MA0GCSqGSIb3DQEBCwUAA4IBAQB5c+DN50qElRelCj6eRVI7nRmp
/q+kVlELGkuoAKVAZTCI+SezfgfaZbZveQ3z6Cd/qvMe+amDI74N5GlEqCj0dZlD
ZTsr9F0I9x4DDQ+rSBuRXUldJ4UuepzZEXzD7Y0x3Nep0SPdZ/rGKcpENKeJRNlt
HLGFxkcq8Q9NUdUZEIrqqDsmPxdSA7Vd5daqJmYs7+FeiVtrbhsWu23Ptpu1OVya
D+eIb3Sk38irqQhBM3R6TJMPh2Q8rsy1Dd141DCux0/x85bn11TQM3Dje8pS+xzT
lvl1S7KbTjVpheH9uEJXJvsAoL0okbRv7Hcd1HgVL5XwZuXXBzna2uitLA4o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org