Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/74rMHXdp4fHqoycOH78Vq1tnRZ0.roa
File:                     74rMHXdp4fHqoycOH78Vq1tnRZ0.roa (raw, json)
Hash identifier:          7DvKgToEXnEsoG8P4q+lXk4X8ewLZ5glYZE8GZ+rIck=
Subject key identifier:   EF:8A:CC:1D:77:69:E1:F1:EA:A3:27:0E:1F:BF:15:AB:5B:67:45:9D
Certificate issuer:       /CN=c1233861207a230564ef36f11e0157344731e3f9
Certificate serial:       01857079AA3D68D254871955B0415F50BC05
Authority key identifier: C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/74rMHXdp4fHqoycOH78Vq1tnRZ0.roa
Signing time:             Mon 02 Jan 2023 03:14:59 +0000
ROA not before:           Mon 02 Jan 2023 03:14:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16273
IP address blocks:        46.228.130.0/23 maxlen: 23
                          46.228.128.0/23 maxlen: 24
                          46.228.128.0/24 maxlen: 24
                          46.228.129.0/24 maxlen: 24
                          46.228.132.0/23 maxlen: 23
                          46.228.134.0/23 maxlen: 24
                          46.228.141.0/24 maxlen: 24
                          46.228.143.0/24 maxlen: 24
                          193.110.108.0/23 maxlen: 23
                          193.110.108.0/24 maxlen: 24
                          2a03:7800:a00::/40 maxlen: 40

Validation:               Failed, certificate revoked on Tue 06 Jun 2023 17:08:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:aa:3d:68:d2:54:87:19:55:b0:41:5f:50:bc:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1233861207a230564ef36f11e0157344731e3f9
        Validity
            Not Before: Jan  2 03:14:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef8acc1d7769e1f1eaa3270e1fbf15ab5b67459d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:ec:1c:8a:c3:53:7b:ab:92:6f:ab:83:c7:ba:
                    61:4d:0b:c9:08:f4:8b:24:79:3e:94:93:38:15:7f:
                    aa:0f:a7:34:53:89:75:7f:67:64:0e:f1:80:6a:93:
                    20:8a:86:84:5b:91:87:e9:81:3d:26:4d:e5:60:f3:
                    5d:b2:3f:ae:dd:2d:a9:67:4f:37:a7:9a:b7:9a:a5:
                    f9:90:b9:33:91:93:ae:f1:45:55:6c:45:2b:cf:90:
                    80:a4:9d:ee:4a:57:80:b9:dd:13:7b:8f:88:d9:78:
                    4b:38:93:32:de:d6:e3:aa:f3:3e:fb:f1:86:c1:9a:
                    ae:75:ee:ff:7f:cb:60:66:70:36:99:be:19:d9:e2:
                    19:10:45:e6:d6:86:54:ac:78:8b:24:b5:90:6c:7d:
                    30:9c:4a:0c:b6:2b:57:43:41:b5:79:d9:0c:2f:ca:
                    7f:de:22:4b:8d:58:2f:28:04:0e:f3:02:91:a7:bf:
                    7b:92:40:7d:8d:6b:c0:70:45:60:a6:8b:e6:bb:73:
                    62:bd:20:2f:b1:fd:1e:74:72:e8:dc:93:2e:f1:fc:
                    0f:b3:f1:fc:8c:d0:98:f4:8a:c2:63:3c:38:89:dc:
                    12:47:8a:6c:e2:4e:14:e9:61:0b:8d:05:f5:7b:6c:
                    2a:9b:7d:ef:a3:59:95:82:56:15:c2:b0:56:83:25:
                    84:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:8A:CC:1D:77:69:E1:F1:EA:A3:27:0E:1F:BF:15:AB:5B:67:45:9D
            X509v3 Authority Key Identifier:
                keyid:C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/74rMHXdp4fHqoycOH78Vq1tnRZ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/wSM4YSB6IwVk7zbxHgFXNEcx4_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.228.128.0/21
                  46.228.141.0/24
                  46.228.143.0/24
                  193.110.108.0/23
                IPv6:
                  2a03:7800:a00::/40

    Signature Algorithm: sha256WithRSAEncryption
         29:32:12:09:f0:33:18:84:bf:3f:4d:5a:9c:32:f8:9b:ab:5d:
         a1:c4:38:34:84:dc:1d:52:65:60:50:1e:8b:0a:6e:e2:ee:8c:
         35:f2:9e:f5:0b:30:21:6f:ba:5f:c6:7a:68:ca:00:ba:b0:79:
         83:16:e7:66:09:2c:46:58:ca:4a:f4:3f:34:a7:49:38:80:e5:
         95:d0:7e:b7:59:45:8f:d7:a9:7f:cb:ec:06:c6:8e:00:2f:9c:
         39:65:fc:09:e1:c7:7e:e0:0a:1c:f6:ca:bc:a4:43:38:79:9b:
         62:ae:10:51:ed:96:3d:e8:92:7d:1f:d3:59:3d:f4:cd:a1:44:
         8a:b9:a8:87:5f:4c:a7:da:60:1c:c1:6b:d1:b3:5e:c9:d2:58:
         5f:6c:0f:89:f9:b4:76:46:e5:94:93:aa:7f:11:a2:4a:7a:8d:
         59:e2:c0:f1:6a:44:21:ad:2d:3c:0e:7e:ce:b7:e6:df:b9:25:
         dd:96:75:96:91:47:15:54:e0:92:9d:cf:10:bb:97:7e:80:2b:
         53:d3:2e:b2:86:34:ae:00:be:23:72:da:07:c5:7a:94:7a:83:
         6d:a7:8b:39:85:d3:67:fd:de:7d:46:2e:1b:d5:ce:ad:3b:71:
         88:71:8e:79:7a:66:21:69:7d:a7:db:d4:1e:b2:0e:14:8c:0d:
         6d:8b:9b:fb
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVweao9aNJUhxlVsEFfULwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMjMzODYxMjA3YTIzMDU2NGVmMzZmMTFlMDE1NzM0NDcz
MWUzZjkwHhcNMjMwMTAyMDMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjhhY2MxZDc3NjllMWYxZWFhMzI3MGUxZmJmMTVhYjViNjc0NTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+wcisNTe6uSb6uDx7phTQvJCPSL
JHk+lJM4FX+qD6c0U4l1f2dkDvGAapMgioaEW5GH6YE9Jk3lYPNdsj+u3S2pZ083
p5q3mqX5kLkzkZOu8UVVbEUrz5CApJ3uSleAud0Te4+I2XhLOJMy3tbjqvM++/GG
wZqude7/f8tgZnA2mb4Z2eIZEEXm1oZUrHiLJLWQbH0wnEoMtitXQ0G1edkML8p/
3iJLjVgvKAQO8wKRp797kkB9jWvAcEVgpovmu3NivSAvsf0edHLo3JMu8fwPs/H8
jNCY9IrCYzw4idwSR4ps4k4U6WELjQX1e2wqm33vo1mVglYVwrBWgyWErwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFO+KzB13aeHx6qMnDh+/FatbZ0WdMB8GA1UdIwQY
MBaAFMEjOGEgeiMFZO828R4BVzRHMeP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NNNFlTQjZJd1ZrN3pieEhnRlhORWN4NF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYzkzMjAtMzhkOS00NjA0LWFkOTIt
MWM3YjJiOTFkMzA4LzEvNzRyTUhYZHA0Zkhxb3ljT0g3OFZxMXRuUlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yYzkzMjAtMzhkOS00NjA0LWFkOTItMWM3YjJiOTFkMzA4
LzEvd1NNNFlTQjZJd1ZrN3pieEhnRlhORWN4NF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQDLuSAAwQA
LuSNAwQALuSPAwQBwW5sMA4EAgACMAgDBgAqA3gACjANBgkqhkiG9w0BAQsFAAOC
AQEAKTISCfAzGIS/P01anDL4m6tdocQ4NITcHVJlYFAeiwpu4u6MNfKe9QswIW+6
X8Z6aMoAurB5gxbnZgksRljKSvQ/NKdJOIDlldB+t1lFj9epf8vsBsaOAC+cOWX8
CeHHfuAKHPbKvKRDOHmbYq4QUe2WPeiSfR/TWT30zaFEirmoh19Mp9pgHMFr0bNe
ydJYX2wPifm0dkbllJOqfxGiSnqNWeLA8WpEIa0tPA5+zrfm37kl3ZZ1lpFHFVTg
kp3PELuXfoArU9MusoY0rgC+I3LaB8V6lHqDbaeLOYXTZ/3efUYuG9XOrTtxiHGO
eXpmIWl9p9vUHrIOFIwNbYub+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:08 2024 by rpki-client on console-fra.rpki-client.org