Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/00d927-ed1b-4b19-ad6b-8429ba79319f/1/0ewI9P1o_RCImfUcjx5DauMJvwA.roa
File:                     0ewI9P1o_RCImfUcjx5DauMJvwA.roa (raw, json)
Hash identifier:          ffHAiA9kfArLgWtLIDH6uk/w9G1NMmmpktO9/whhc3Q=
Subject key identifier:   D1:EC:08:F4:FD:68:FD:10:88:99:F5:1C:8F:1E:43:6A:E3:09:BF:00
Certificate issuer:       /CN=770aed77999de7d67e9df33f55591dedeeb626a5
Certificate serial:       0188F6E44BBBE5AFE12643C546F64C3BC897
Authority key identifier: 77:0A:ED:77:99:9D:E7:D6:7E:9D:F3:3F:55:59:1D:ED:EE:B6:26:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dwrtd5md59Z-nfM_VVkd7e62JqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/00d927-ed1b-4b19-ad6b-8429ba79319f/1/0ewI9P1o_RCImfUcjx5DauMJvwA.roa
Signing time:             Mon 26 Jun 2023 08:48:56 +0000
ROA not before:           Mon 26 Jun 2023 08:48:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202123
IP address blocks:        185.51.68.0/22 maxlen: 22
                          193.135.172.0/24 maxlen: 24
                          193.246.125.0/24 maxlen: 24
                          193.246.124.0/24 maxlen: 24
                          193.246.124.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:f6:e4:4b:bb:e5:af:e1:26:43:c5:46:f6:4c:3b:c8:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=770aed77999de7d67e9df33f55591dedeeb626a5
        Validity
            Not Before: Jun 26 08:48:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1ec08f4fd68fd108899f51c8f1e436ae309bf00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:02:31:22:2f:2b:1b:ed:76:32:b9:41:af:4c:
                    62:e4:d9:9f:05:51:4c:a5:d4:c2:72:1b:02:b8:16:
                    c6:ff:e6:a7:68:18:c1:4d:2d:cf:14:d3:2f:31:e2:
                    c1:03:1d:0d:75:f8:f5:53:97:7c:fd:31:fa:15:ee:
                    7c:9b:2e:60:55:97:07:ae:78:9b:67:e1:77:ef:dd:
                    15:62:8d:c2:96:0f:14:91:b2:0f:3d:9d:29:bc:43:
                    fc:24:80:9a:cb:df:4a:29:3f:91:f3:80:fd:68:11:
                    d4:8a:00:a4:e1:71:9c:b6:8f:38:1b:ba:eb:0c:aa:
                    a5:1e:c8:8e:27:2d:b9:33:8d:73:5e:f6:2e:b4:90:
                    df:3b:d3:71:21:1e:97:ba:46:31:d0:4c:2a:cd:e3:
                    60:62:41:23:9f:11:91:63:e3:f4:5f:af:f0:19:4d:
                    42:c0:91:5d:d8:44:43:bb:9e:6c:12:36:ca:22:0f:
                    07:8c:70:50:ef:49:82:4c:ca:b5:ce:97:21:f5:40:
                    47:dd:44:5a:fa:21:78:22:bb:2a:aa:14:e5:29:6e:
                    b3:33:68:de:5f:f4:11:0e:f8:3c:54:63:95:1b:5c:
                    14:41:ce:5c:5c:5f:e2:07:b0:0e:4e:27:ee:eb:82:
                    c4:60:b3:5f:27:41:af:95:cb:24:b7:e0:f3:1b:e7:
                    13:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:EC:08:F4:FD:68:FD:10:88:99:F5:1C:8F:1E:43:6A:E3:09:BF:00
            X509v3 Authority Key Identifier:
                keyid:77:0A:ED:77:99:9D:E7:D6:7E:9D:F3:3F:55:59:1D:ED:EE:B6:26:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dwrtd5md59Z-nfM_VVkd7e62JqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/00d927-ed1b-4b19-ad6b-8429ba79319f/1/0ewI9P1o_RCImfUcjx5DauMJvwA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/00d927-ed1b-4b19-ad6b-8429ba79319f/1/dwrtd5md59Z-nfM_VVkd7e62JqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.51.68.0/22
                  193.135.172.0/24
                  193.246.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         44:d2:5f:6e:f9:44:c8:39:a4:a8:0c:e5:e6:c5:62:ac:65:09:
         11:77:30:f8:82:ae:c7:38:cd:cc:f1:6e:bd:61:1e:e5:48:ad:
         d7:4f:ae:31:20:0b:d9:e5:5e:54:45:ea:c4:f2:cc:f4:50:7a:
         16:c1:b3:c6:fb:68:24:2e:8a:c7:20:8f:03:8f:88:db:b0:d2:
         99:14:e0:99:81:61:f9:10:7c:5f:9e:a0:5e:e0:40:75:5b:80:
         95:40:32:ac:c0:dd:94:07:e4:40:c0:f0:7b:3a:e0:5b:d5:82:
         42:77:98:3f:bf:4a:f7:86:8f:6c:5a:f5:38:89:bc:0d:e5:40:
         4a:74:9e:70:f5:23:7a:cb:24:8f:67:26:e0:28:b8:63:26:de:
         40:df:6e:e2:5c:dc:81:0d:4d:76:5f:19:86:3b:28:22:10:04:
         1d:e5:d0:69:53:e7:8d:b3:04:d4:61:71:d7:5d:16:5d:2c:b2:
         0b:44:d0:49:07:bd:e1:d5:e9:1f:a1:fd:44:aa:db:c5:ef:98:
         24:c0:98:aa:3f:1c:4c:17:9b:27:7c:9c:7b:4d:4a:82:cc:aa:
         c2:5d:15:10:66:18:90:a9:68:f6:07:83:c3:1f:ce:75:48:11:
         0b:a0:a6:fc:32:56:0c:29:c0:3b:fc:05:56:ed:e9:a6:da:75:
         56:38:91:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYj25Eu75a/hJkPFRvZMO8iXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MGFlZDc3OTk5ZGU3ZDY3ZTlkZjMzZjU1NTkxZGVkZWVi
NjI2YTUwHhcNMjMwNjI2MDg0ODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWVjMDhmNGZkNjhmZDEwODg5OWY1MWM4ZjFlNDM2YWUzMDliZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgIxIi8rG+12MrlBr0xi5NmfBVFM
pdTCchsCuBbG/+anaBjBTS3PFNMvMeLBAx0Ndfj1U5d8/TH6Fe58my5gVZcHrnib
Z+F3790VYo3Clg8UkbIPPZ0pvEP8JICay99KKT+R84D9aBHUigCk4XGcto84G7rr
DKqlHsiOJy25M41zXvYutJDfO9NxIR6XukYx0EwqzeNgYkEjnxGRY+P0X6/wGU1C
wJFd2ERDu55sEjbKIg8HjHBQ70mCTMq1zpch9UBH3URa+iF4IrsqqhTlKW6zM2je
X/QRDvg8VGOVG1wUQc5cXF/iB7AOTifu64LEYLNfJ0Gvlcskt+DzG+cTpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNHsCPT9aP0QiJn1HI8eQ2rjCb8AMB8GA1UdIwQY
MBaAFHcK7XeZnefWfp3zP1VZHe3utialMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHdydGQ1bWQ1OVotbmZNX1ZWa2Q3ZTYySnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wMGQ5MjctZWQxYi00YjE5LWFkNmIt
ODQyOWJhNzkzMTlmLzEvMGV3STlQMW9fUkNJbWZVY2p4NURhdU1KdndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wMGQ5MjctZWQxYi00YjE5LWFkNmItODQyOWJhNzkzMTlm
LzEvZHdydGQ1bWQ1OVotbmZNX1ZWa2Q3ZTYySnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuTNEAwQA
wYesAwQBwfZ8MA0GCSqGSIb3DQEBCwUAA4IBAQBE0l9u+UTIOaSoDOXmxWKsZQkR
dzD4gq7HOM3M8W69YR7lSK3XT64xIAvZ5V5URerE8sz0UHoWwbPG+2gkLorHII8D
j4jbsNKZFOCZgWH5EHxfnqBe4EB1W4CVQDKswN2UB+RAwPB7OuBb1YJCd5g/v0r3
ho9sWvU4ibwN5UBKdJ5w9SN6yySPZybgKLhjJt5A327iXNyBDU12XxmGOygiEAQd
5dBpU+eNswTUYXHXXRZdLLILRNBJB73h1ekfof1EqtvF75gkwJiqPxxMF5snfJx7
TUqCzKrCXRUQZhiQqWj2B4PDH851SBELoKb8MlYMKcA7/AVW7emm2nVWOJG5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:33 2024 by rpki-client on console-fra.rpki-client.org