Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1s3GZtk0DjGOVCSBs0jmRW7kHIA.roa
File:                     1s3GZtk0DjGOVCSBs0jmRW7kHIA.roa (raw, json)
Hash identifier:          odid6G9WerImU6a7+pv+4cV7jfvYSt2MoK0EwrHap7I=
Subject key identifier:   D6:CD:C6:66:D9:34:0E:31:8E:54:24:81:B3:48:E6:45:6E:E4:1C:80
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       0187055287DDBAA6077F65D6052FFB05DAB5
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1s3GZtk0DjGOVCSBs0jmRW7kHIA.roa
Signing time:             Tue 21 Mar 2023 17:58:27 +0000
ROA not before:           Tue 21 Mar 2023 17:58:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        91.186.204.0/22 maxlen: 24
                          91.186.216.0/22 maxlen: 24
                          94.241.164.0/23 maxlen: 24
                          94.241.160.0/22 maxlen: 24
                          178.253.44.0/23 maxlen: 24
                          83.147.232.0/22 maxlen: 24
                          83.147.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Nov 2023 06:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:05:52:87:dd:ba:a6:07:7f:65:d6:05:2f:fb:05:da:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Mar 21 17:58:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d6cdc666d9340e318e542481b348e6456ee41c80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:bf:8a:92:05:7b:1b:3c:f7:d6:ab:79:4b:11:
                    cc:eb:0d:04:dc:c5:f4:a2:dd:13:87:f3:51:e6:dc:
                    56:b9:33:96:a2:bd:27:8a:78:bc:73:8c:e7:1f:b4:
                    90:ac:2f:58:a7:0c:46:38:62:f8:80:95:c2:63:9a:
                    a1:15:58:a3:3b:a8:4f:d3:2f:d2:a1:c1:57:78:1b:
                    70:29:30:e8:fd:b9:2f:4a:ad:d6:dd:30:fa:db:af:
                    ad:6a:dc:28:60:50:18:16:69:2d:e9:df:5d:85:50:
                    31:8c:79:e5:dc:3e:08:d4:ab:88:4c:72:12:8a:83:
                    c8:79:20:66:fa:4f:37:3a:fa:5c:7f:66:95:0f:7e:
                    78:64:00:57:62:51:90:10:1e:55:70:83:81:45:ce:
                    33:c9:d5:45:a9:53:39:f7:c5:55:05:35:63:e5:0d:
                    bc:23:5b:14:30:6f:6b:85:61:83:2a:21:c7:8a:84:
                    09:53:63:1b:dc:24:6d:ac:d9:47:88:ae:cd:9f:32:
                    da:f0:73:ff:89:90:40:a4:0a:f8:fa:07:4b:63:22:
                    8d:4f:1f:e4:32:6d:61:a6:95:0c:7f:48:77:96:42:
                    01:2a:e5:a0:a4:78:b9:a7:90:8a:ff:76:01:73:d2:
                    2f:5d:5e:f9:0b:05:2d:36:0d:1c:12:ee:92:e2:87:
                    dc:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:CD:C6:66:D9:34:0E:31:8E:54:24:81:B3:48:E6:45:6E:E4:1C:80
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1s3GZtk0DjGOVCSBs0jmRW7kHIA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.232.0/22
                  83.147.252.0/22
                  91.186.204.0/22
                  91.186.216.0/22
                  94.241.160.0-94.241.165.255
                  178.253.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         48:ed:0d:47:53:3d:41:ea:e0:a0:d8:a7:65:21:cc:52:f3:8b:
         92:28:3b:a2:02:ce:ac:fe:df:4e:83:ab:d4:0a:6d:9c:8c:4e:
         28:77:3b:61:9c:f2:c7:2d:06:bd:d2:c7:c7:f2:7f:45:d6:00:
         d6:12:31:42:98:3c:84:67:b1:69:49:e3:d6:18:66:e0:6e:1a:
         8b:30:a3:69:16:c0:6d:d8:d8:90:d8:4f:16:dc:6a:95:61:0d:
         7b:10:45:8b:cd:90:c8:3f:7e:c8:0a:5a:78:dc:de:25:1b:7c:
         59:cb:73:79:05:c5:53:3c:7d:32:6e:5e:ad:eb:e9:a7:e8:72:
         6d:84:82:0c:04:38:28:d3:a3:12:41:e6:06:30:58:42:f7:21:
         da:4b:20:88:93:4d:86:ab:10:b6:ef:12:f8:d8:62:67:45:48:
         f2:63:69:0e:9e:c1:1f:56:e5:f7:ab:0c:18:c9:e0:c9:c9:4f:
         68:c0:19:6f:f1:af:7b:ac:87:58:45:68:ea:ee:8d:f7:09:0b:
         c9:64:e1:a6:cb:7c:dc:32:2e:21:b2:4d:f2:e1:43:44:0b:23:
         ac:23:2b:f9:60:a7:de:4b:eb:fd:91:a0:c6:11:af:c2:ee:c8:
         d5:f2:ec:d7:30:ed:f9:c4:1b:8b:39:21:8d:e1:db:6c:86:fc:
         ae:e4:e4:de
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYcFUofduqYHf2XWBS/7Bdq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMzIxMTc1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmNkYzY2NmQ5MzQwZTMxOGU1NDI0ODFiMzQ4ZTY0NTZlZTQxYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnr+KkgV7Gzz31qt5SxHM6w0E3MX0
ot0Th/NR5txWuTOWor0nini8c4znH7SQrC9YpwxGOGL4gJXCY5qhFVijO6hP0y/S
ocFXeBtwKTDo/bkvSq3W3TD626+tatwoYFAYFmkt6d9dhVAxjHnl3D4I1KuITHIS
ioPIeSBm+k83Ovpcf2aVD354ZABXYlGQEB5VcIOBRc4zydVFqVM598VVBTVj5Q28
I1sUMG9rhWGDKiHHioQJU2Mb3CRtrNlHiK7NnzLa8HP/iZBApAr4+gdLYyKNTx/k
Mm1hppUMf0h3lkIBKuWgpHi5p5CK/3YBc9IvXV75CwUtNg0cEu6S4ofctwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNbNxmbZNA4xjlQkgbNI5kVu5ByAMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMXMzR1p0azBEakdPVkNTQnMwam1SVzdrSElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCU5PoAwQC
U5P8AwQCW7rMAwQCW7rYMAwDBAVe8aADBAFe8aQDBAGy/SwwDQYJKoZIhvcNAQEL
BQADggEBAEjtDUdTPUHq4KDYp2UhzFLzi5IoO6ICzqz+306Dq9QKbZyMTih3O2Gc
8sctBr3Sx8fyf0XWANYSMUKYPIRnsWlJ49YYZuBuGoswo2kWwG3Y2JDYTxbcapVh
DXsQRYvNkMg/fsgKWnjc3iUbfFnLc3kFxVM8fTJuXq3r6afocm2EggwEOCjToxJB
5gYwWEL3IdpLIIiTTYarELbvEvjYYmdFSPJjaQ6ewR9W5ferDBjJ4MnJT2jAGW/x
r3ush1hFaOrujfcJC8lk4abLfNwyLiGyTfLhQ0QLI6wjK/lgp95L6/2RoMYRr8Lu
yNXy7Ncw7fnEG4s5IY3h22yG/K7k5N4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org