Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/7JiOsyc6MlfbwAsaX36_5rO1eOw.roa
File:                     7JiOsyc6MlfbwAsaX36_5rO1eOw.roa (raw, json)
Hash identifier:          gcMj+sE1kSHxC9zEIV05rSEIRpDqeJOHnr+duJpHUeU=
Subject key identifier:   EC:98:8E:B3:27:3A:32:57:DB:C0:0B:1A:5F:7E:BF:E6:B3:B5:78:EC
Certificate issuer:       /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial:       01857169CA844DDFC2686D5A858935B03C9F
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/7JiOsyc6MlfbwAsaX36_5rO1eOw.roa
Signing time:             Mon 02 Jan 2023 07:37:16 +0000
ROA not before:           Mon 02 Jan 2023 07:37:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1299
IP address blocks:        86.107.255.0/24 maxlen: 24
                          79.132.145.0/24 maxlen: 24
                          46.247.245.0/24 maxlen: 24
                          79.132.153.0/24 maxlen: 24
                          79.132.154.0/24 maxlen: 24
                          85.112.211.0/24 maxlen: 24
                          185.223.148.0/24 maxlen: 24
                          185.183.63.0/24 maxlen: 24
                          86.107.248.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Jan 2023 16:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:69:ca:84:4d:df:c2:68:6d:5a:85:89:35:b0:3c:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
        Validity
            Not Before: Jan  2 07:37:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ec988eb3273a3257dbc00b1a5f7ebfe6b3b578ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c7:2c:13:24:c6:d1:7b:e1:25:f0:55:ab:a1:
                    03:27:0b:9f:88:5a:60:c1:ea:18:74:56:78:d9:ba:
                    f4:00:d5:81:73:d3:5b:df:89:a7:e6:5c:67:f1:c0:
                    79:b1:91:b6:f7:b2:6b:54:66:a7:bd:f2:b7:04:a6:
                    02:fb:1e:b5:e4:95:c2:54:87:a1:b6:03:06:22:9c:
                    fd:5b:a6:60:8e:fe:29:50:fe:50:a3:ff:6b:99:3f:
                    47:66:a1:b0:80:ca:66:25:11:d2:43:d1:84:8f:13:
                    17:53:6e:4a:25:80:96:1e:58:0a:0f:cb:1e:0b:06:
                    89:1b:97:5d:eb:56:4c:75:aa:a7:cf:63:8c:50:3a:
                    01:ef:9a:c9:1a:63:ce:93:65:4d:f5:a3:e0:4c:5f:
                    39:a7:0c:8d:eb:68:ad:2b:3b:1c:7c:a4:3e:38:96:
                    bb:fd:f8:65:57:4b:e7:16:8b:3a:6c:e6:e6:43:8a:
                    44:15:76:22:97:97:bd:73:d0:04:2e:96:cc:b8:df:
                    b6:f8:51:c3:47:f6:43:8f:52:25:75:1f:29:f0:0d:
                    66:79:7c:1c:25:86:c6:7e:a7:76:90:91:b4:5a:d9:
                    52:8c:8c:30:71:56:46:25:dc:83:75:62:b0:68:f2:
                    86:ae:0f:25:8a:57:db:8e:91:4d:ad:76:ee:a4:e7:
                    09:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:98:8E:B3:27:3A:32:57:DB:C0:0B:1A:5F:7E:BF:E6:B3:B5:78:EC
            X509v3 Authority Key Identifier:
                keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/7JiOsyc6MlfbwAsaX36_5rO1eOw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.247.245.0/24
                  79.132.145.0/24
                  79.132.153.0-79.132.154.255
                  85.112.211.0/24
                  86.107.248.0/21
                  185.183.63.0/24
                  185.223.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:02:7d:e8:56:54:fa:84:49:f7:ed:29:bf:b5:98:f6:a2:10:
         33:65:d4:bc:f2:b9:73:db:20:07:3f:76:91:08:a3:ac:ac:5a:
         ac:e4:08:87:ef:93:9d:9e:93:3b:9c:1c:91:e9:a5:14:16:d0:
         3f:b0:25:bc:84:5a:f2:2b:52:18:94:1c:31:35:f3:89:c2:75:
         ab:4c:a4:5f:aa:05:94:21:8f:15:89:d6:cc:f3:8c:1f:1f:6c:
         88:0f:fb:45:c7:4b:07:30:9d:07:30:64:c9:97:78:55:c5:d9:
         15:ef:77:92:26:73:a8:bf:99:9b:25:41:ad:d3:ca:ed:10:24:
         ab:af:14:4c:d4:23:57:8c:9b:e1:04:55:31:e0:52:71:45:88:
         e6:bc:f4:24:70:0c:7b:bc:fb:65:bd:07:15:26:61:99:0f:63:
         d4:2c:5f:04:c4:ac:b8:8e:05:b2:03:e2:95:5c:c1:b2:ad:1c:
         cf:9c:f0:ba:d8:51:78:69:c7:23:13:3d:59:af:9e:b4:09:eb:
         c9:8c:34:99:87:cf:db:40:5c:72:be:85:7e:4f:29:71:fb:0d:
         6f:be:c9:e6:95:b1:4e:d0:05:b6:d0:86:1b:eb:6b:bd:27:fb:
         63:74:0e:63:43:b1:74:80:05:e6:c1:0f:a3:e1:8f:5a:ac:9a:
         25:fc:4c:51
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVxacqETd/CaG1ahYk1sDyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjMwMTAyMDczNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzk4OGViMzI3M2EzMjU3ZGJjMDBiMWE1ZjdlYmZlNmIzYjU3OGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsscsEyTG0XvhJfBVq6EDJwufiFpg
weoYdFZ42br0ANWBc9Nb34mn5lxn8cB5sZG297JrVGanvfK3BKYC+x615JXCVIeh
tgMGIpz9W6Zgjv4pUP5Qo/9rmT9HZqGwgMpmJRHSQ9GEjxMXU25KJYCWHlgKD8se
CwaJG5dd61ZMdaqnz2OMUDoB75rJGmPOk2VN9aPgTF85pwyN62itKzscfKQ+OJa7
/fhlV0vnFos6bObmQ4pEFXYil5e9c9AELpbMuN+2+FHDR/ZDj1IldR8p8A1meXwc
JYbGfqd2kJG0WtlSjIwwcVZGJdyDdWKwaPKGrg8lilfbjpFNrXbupOcJOQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOyYjrMnOjJX28ALGl9+v+aztXjsMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvN0ppT3N5YzZNbGZid0FzYVgzNl81ck8xZU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALvf1AwQA
T4SRMAwDBABPhJkDBABPhJoDBABVcNMDBANWa/gDBAC5tz8DBAC535QwDQYJKoZI
hvcNAQELBQADggEBAJUCfehWVPqESfftKb+1mPaiEDNl1LzyuXPbIAc/dpEIo6ys
WqzkCIfvk52ekzucHJHppRQW0D+wJbyEWvIrUhiUHDE184nCdatMpF+qBZQhjxWJ
1szzjB8fbIgP+0XHSwcwnQcwZMmXeFXF2RXvd5Imc6i/mZslQa3Tyu0QJKuvFEzU
I1eMm+EEVTHgUnFFiOa89CRwDHu8+2W9BxUmYZkPY9QsXwTErLiOBbID4pVcwbKt
HM+c8LrYUXhpxyMTPVmvnrQJ68mMNJmHz9tAXHK+hX5PKXH7DW++yeaVsU7QBbbQ
hhvra70n+2N0DmNDsXSABebBD6Phj1qsmiX8TFE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:46 2024 by rpki-client on console-ams.rpki-client.org