Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ROR9l89S6fvbwMUWH_Kz6hvjCxU.roa
File:                     ROR9l89S6fvbwMUWH_Kz6hvjCxU.roa (raw, json)
Hash identifier:          +owQQcVB6qjdeAPCIVz2KgZodudTr+xsJ9fBaUrGGYQ=
Subject key identifier:   44:E4:7D:97:CF:52:E9:FB:DB:C0:C5:16:1F:F2:B3:EA:1B:E3:0B:15
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       019039C4FCF856BFE89F3ABE280F000377E8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ROR9l89S6fvbwMUWH_Kz6hvjCxU.roa
Signing time:             Fri 21 Jun 2024 07:48:49 +0000
ROA not before:           Fri 21 Jun 2024 07:48:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5511
IP address blocks:        45.83.29.0/24 maxlen: 24
                          45.88.20.0/24 maxlen: 24
                          45.88.22.0/24 maxlen: 24
                          45.89.36.0/24 maxlen: 24
                          45.89.38.0/24 maxlen: 24
                          45.92.2.0/24 maxlen: 24
                          45.134.138.0/24 maxlen: 24
                          45.143.54.0/24 maxlen: 24
                          45.145.46.0/24 maxlen: 24
                          45.146.187.0/24 maxlen: 24
                          87.247.148.0/22 maxlen: 24
                          91.190.96.0/24 maxlen: 24
                          91.190.99.0/24 maxlen: 24
                          91.190.104.0/24 maxlen: 24
                          91.217.250.0/24 maxlen: 24
                          185.184.135.0/24 maxlen: 24
                          185.205.189.0/24 maxlen: 24
                          185.239.241.0/24 maxlen: 24
                          185.244.137.0/24 maxlen: 24
                          185.245.5.0/24 maxlen: 24
                          185.245.7.0/24 maxlen: 24
                          188.240.75.0/24 maxlen: 24
                          193.84.132.0/24 maxlen: 24
                          193.218.32.0/24 maxlen: 24
                          217.74.16.0/24 maxlen: 24
                          2a0b:64c1::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 24 Jun 2024 18:02:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:39:c4:fc:f8:56:bf:e8:9f:3a:be:28:0f:00:03:77:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jun 21 07:48:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=44e47d97cf52e9fbdbc0c5161ff2b3ea1be30b15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:30:a3:46:38:9b:8f:f3:e8:81:37:1e:e5:2d:
                    6f:d3:d1:2d:68:5c:b5:1b:ad:e7:45:f1:2a:6b:42:
                    be:f5:e4:98:27:2a:79:2c:15:15:44:29:eb:be:da:
                    70:1b:49:d3:3a:76:b1:fb:b1:5c:a4:8c:c7:42:56:
                    c1:2d:95:f6:25:ac:2c:c2:69:55:3b:f3:46:0d:cd:
                    96:85:fc:ca:4d:1a:09:ac:46:f5:55:b4:35:50:27:
                    6b:9d:d7:8a:f9:b2:1e:f0:8f:e1:47:80:2f:c6:29:
                    f0:bd:e8:fd:2c:5a:c3:0b:76:12:f4:46:34:f3:81:
                    d4:a2:6a:2a:e9:86:97:ca:29:fd:84:50:e2:55:13:
                    0a:bf:88:e3:bc:69:d6:f1:ce:da:a9:90:4c:e1:01:
                    8f:1a:aa:50:a5:be:38:9f:b3:90:34:ac:3e:35:ef:
                    aa:bd:cf:ed:df:03:fa:04:a7:fa:1a:91:21:07:5b:
                    87:4f:12:70:b3:0e:47:87:da:5f:f1:73:49:81:ab:
                    a6:53:79:35:f0:c3:cc:98:96:8e:70:03:16:f8:7e:
                    40:c4:19:f9:6f:53:e2:96:5a:09:a9:1b:67:88:88:
                    e0:6e:1b:5d:1e:c9:be:73:db:22:0f:7b:24:c2:6c:
                    5f:11:03:9f:c0:0d:b5:72:4e:aa:8a:17:3e:0a:7e:
                    71:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:E4:7D:97:CF:52:E9:FB:DB:C0:C5:16:1F:F2:B3:EA:1B:E3:0B:15
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ROR9l89S6fvbwMUWH_Kz6hvjCxU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.83.29.0/24
                  45.88.20.0/24
                  45.88.22.0/24
                  45.89.36.0/24
                  45.89.38.0/24
                  45.92.2.0/24
                  45.134.138.0/24
                  45.143.54.0/24
                  45.145.46.0/24
                  45.146.187.0/24
                  87.247.148.0/22
                  91.190.96.0/24
                  91.190.99.0/24
                  91.190.104.0/24
                  91.217.250.0/24
                  185.184.135.0/24
                  185.205.189.0/24
                  185.239.241.0/24
                  185.244.137.0/24
                  185.245.5.0/24
                  185.245.7.0/24
                  188.240.75.0/24
                  193.84.132.0/24
                  193.218.32.0/24
                  217.74.16.0/24
                IPv6:
                  2a0b:64c1::/32

    Signature Algorithm: sha256WithRSAEncryption
         78:47:d0:9a:d6:ee:46:b1:e7:56:ac:05:9b:aa:1d:01:df:3f:
         c7:81:c0:8d:d6:3a:c4:a0:f8:e9:2a:a3:b7:45:6c:74:8f:52:
         07:ad:26:15:0f:63:87:dc:d0:73:69:2e:a9:09:85:6b:2c:ef:
         f9:ef:89:6c:68:13:8a:d6:6a:81:9f:27:2e:3d:a9:3d:16:bb:
         c5:d9:d2:90:87:bc:fc:2e:ac:8e:cf:18:60:6d:18:c5:ad:d6:
         5b:db:f3:3e:38:59:98:cc:78:23:7d:86:3b:00:b0:78:19:28:
         6a:0c:a4:72:90:b5:6f:bd:19:b6:b2:46:3f:40:d2:5d:b8:e5:
         30:5e:1d:91:52:15:43:3f:d7:dc:8a:26:78:90:be:ff:20:7e:
         b8:f0:70:0c:77:e9:1b:86:d9:a1:60:51:a9:31:78:76:ba:eb:
         8a:66:a7:91:cd:c8:64:23:c6:93:d0:ba:47:7b:8d:ca:70:b8:
         05:cd:1c:90:fd:40:2c:25:7e:28:35:ca:0c:43:32:cc:cf:58:
         3a:e2:01:4c:56:9e:81:2d:43:0d:86:63:c6:7c:4b:2c:e7:50:
         62:b6:e8:7f:26:40:b4:19:15:17:3d:f3:8d:2e:a4:56:64:07:
         2a:dd:96:90:44:e4:01:da:8d:04:62:73:47:a5:af:30:b1:76:
         b5:af:ff:f8
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAZA5xPz4Vr/onzq+KA8AA3foMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNjIxMDc0ODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGU0N2Q5N2NmNTJlOWZiZGJjMGM1MTYxZmYyYjNlYTFiZTMwYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjCjRjibj/PogTce5S1v09EtaFy1
G63nRfEqa0K+9eSYJyp5LBUVRCnrvtpwG0nTOnax+7FcpIzHQlbBLZX2JawswmlV
O/NGDc2WhfzKTRoJrEb1VbQ1UCdrndeK+bIe8I/hR4Avxinwvej9LFrDC3YS9EY0
84HUomoq6YaXyin9hFDiVRMKv4jjvGnW8c7aqZBM4QGPGqpQpb44n7OQNKw+Ne+q
vc/t3wP6BKf6GpEhB1uHTxJwsw5Hh9pf8XNJgaumU3k18MPMmJaOcAMW+H5AxBn5
b1PilloJqRtniIjgbhtdHsm+c9siD3skwmxfEQOfwA21ck6qihc+Cn5xlwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFETkfZfPUun728DFFh/ys+ob4wsVMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUk9SOWw4OVM2ZnZid01VV0hfS3o2aHZqQ3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAAt
Ux0DBAAtWBQDBAAtWBYDBAAtWSQDBAAtWSYDBAAtXAIDBAAthooDBAAtjzYDBAAt
kS4DBAAtkrsDBAJX95QDBABbvmADBABbvmMDBABbvmgDBABb2foDBAC5uIcDBAC5
zb0DBAC57/EDBAC59IkDBAC59QUDBAC59QcDBAC88EsDBADBVIQDBADB2iADBADZ
ShAwDQQCAAIwBwMFACoLZMEwDQYJKoZIhvcNAQELBQADggEBAHhH0JrW7kax51as
BZuqHQHfP8eBwI3WOsSg+Okqo7dFbHSPUgetJhUPY4fc0HNpLqkJhWss7/nviWxo
E4rWaoGfJy49qT0Wu8XZ0pCHvPwurI7PGGBtGMWt1lvb8z44WZjMeCN9hjsAsHgZ
KGoMpHKQtW+9GbayRj9A0l245TBeHZFSFUM/19yKJniQvv8gfrjwcAx36RuG2aFg
UakxeHa664pmp5HNyGQjxpPQukd7jcpwuAXNHJD9QCwlfig1ygxDMszPWDriAUxW
noEtQw2GY8Z8SyznUGK26H8mQLQZFRc9840upFZkByrdlpBE5AHajQRic0elrzCx
drWv//g=
Generated at Mon Jun 24 20:01:22 2024 by rpki-client on console-fra.rpki-client.org