Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/u5YSKaU8maemcNuKTl1SkKXQ_Qo.roa
File:                     u5YSKaU8maemcNuKTl1SkKXQ_Qo.roa (raw, json)
Hash identifier:          rVWAQcyK379YTm6O2AjZwhrJIi9zUDVCWTMFlQ+iDKg=
Subject key identifier:   BB:96:12:29:A5:3C:99:A7:A6:70:DB:8A:4E:5D:52:90:A5:D0:FD:0A
Certificate issuer:       /CN=7642fd3f336ce6ee99e61fa977049a6c6a923e4a
Certificate serial:       0185701ED2F2283D7D15B86A6A0E1B0299E3
Authority key identifier: 76:42:FD:3F:33:6C:E6:EE:99:E6:1F:A9:77:04:9A:6C:6A:92:3E:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dkL9PzNs5u6Z5h-pdwSabGqSPko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/u5YSKaU8maemcNuKTl1SkKXQ_Qo.roa
Signing time:             Mon 02 Jan 2023 01:35:46 +0000
ROA not before:           Mon 02 Jan 2023 01:35:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24881
IP address blocks:        46.162.0.0/20 maxlen: 20
                          46.162.0.0/19 maxlen: 19
                          46.162.4.0/24 maxlen: 24
                          46.162.0.0/18 maxlen: 18
                          46.162.16.0/20 maxlen: 20
                          193.111.156.0/22 maxlen: 22
                          46.162.32.0/19 maxlen: 19
                          46.162.32.0/20 maxlen: 20
                          46.162.48.0/20 maxlen: 20
                          193.43.252.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 06 Jan 2023 20:17:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:1e:d2:f2:28:3d:7d:15:b8:6a:6a:0e:1b:02:99:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7642fd3f336ce6ee99e61fa977049a6c6a923e4a
        Validity
            Not Before: Jan  2 01:35:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb961229a53c99a7a670db8a4e5d5290a5d0fd0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:48:77:6b:f3:68:9b:7e:2b:b5:bf:24:27:3b:
                    bf:52:26:5c:cd:5a:16:65:fd:fe:30:bf:e6:a1:d3:
                    04:30:7e:85:59:64:04:96:fb:4b:2d:b9:94:6b:7f:
                    84:9b:b7:e6:a9:cf:8d:7d:a2:c2:49:ae:f8:8d:89:
                    27:1a:01:a1:59:8f:e9:94:0e:4f:c4:42:d9:68:b0:
                    25:24:57:c3:9a:a0:7d:45:8a:c3:2e:cf:b3:ce:54:
                    58:60:94:d6:c1:19:68:fd:83:10:8f:48:e8:07:56:
                    f1:d2:0c:b1:8d:c2:2d:61:3f:f8:db:ff:3c:6d:5a:
                    4c:e9:e3:a7:97:9c:b3:3d:a7:7a:63:80:97:c7:b1:
                    86:38:66:43:9a:9b:f1:83:f1:0e:55:09:65:cb:c2:
                    33:a3:c1:06:51:3c:e8:83:d8:95:c0:f2:a4:7a:48:
                    24:b4:50:2d:a4:86:d0:d5:e6:15:c3:02:36:d9:09:
                    d4:87:d1:32:90:31:5b:4d:13:5e:54:c6:c9:ff:39:
                    6c:2f:0b:d8:aa:be:76:67:77:e7:25:96:de:47:3d:
                    96:2e:6f:86:e7:09:2a:23:17:6c:f6:79:1f:fc:51:
                    2b:6b:d7:9d:9f:c6:3c:10:80:a3:7e:69:d7:15:56:
                    d7:05:3d:ed:32:ea:bb:07:f2:38:4d:e2:d2:d8:15:
                    bb:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:96:12:29:A5:3C:99:A7:A6:70:DB:8A:4E:5D:52:90:A5:D0:FD:0A
            X509v3 Authority Key Identifier:
                keyid:76:42:FD:3F:33:6C:E6:EE:99:E6:1F:A9:77:04:9A:6C:6A:92:3E:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkL9PzNs5u6Z5h-pdwSabGqSPko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/u5YSKaU8maemcNuKTl1SkKXQ_Qo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/dkL9PzNs5u6Z5h-pdwSabGqSPko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.162.0.0/18
                  193.43.252.0/22
                  193.111.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5f:b9:f0:06:7b:8a:bd:9f:96:01:58:78:96:b4:53:c5:31:6b:
         07:ca:da:2d:d4:39:33:57:b5:3e:23:cf:65:d8:aa:6e:66:d9:
         94:d0:a2:b4:0e:88:77:e2:a6:66:a8:71:a0:b9:75:1d:d3:ec:
         ac:5b:e1:75:f3:02:c9:63:20:84:00:7c:fc:f1:fb:f8:51:fb:
         4e:34:a9:c1:15:87:37:63:45:d7:b8:72:18:5b:b7:93:9d:82:
         22:ea:24:94:0c:75:64:24:99:c7:df:85:c7:22:66:2a:d4:a6:
         86:08:a9:eb:1c:39:d2:c0:f1:cc:d4:bb:47:31:d1:da:fd:a1:
         03:30:b7:36:9b:31:61:31:39:aa:82:52:11:59:53:60:cc:b5:
         50:b7:72:a8:e3:9c:ed:94:51:1d:e1:dd:5f:7e:06:28:0f:5d:
         c2:42:8e:78:bb:c5:4f:81:32:80:5b:3e:db:69:ff:81:f8:1b:
         8e:8d:1b:50:d9:c7:4b:b1:74:fe:85:e6:f9:ee:bb:5d:b0:01:
         d5:4e:e5:b4:31:63:61:1e:76:24:e2:2a:a0:d8:b3:49:e7:19:
         2b:bf:49:8f:df:7d:8d:1f:4e:96:17:84:f8:ef:08:ba:ac:92:
         34:8a:42:bd:c1:67:f2:5e:45:1c:e8:b8:1b:e0:90:20:83:1f:
         b3:68:ce:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwHtLyKD19Fbhqag4bApnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NDJmZDNmMzM2Y2U2ZWU5OWU2MWZhOTc3MDQ5YTZjNmE5
MjNlNGEwHhcNMjMwMTAyMDEzNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjk2MTIyOWE1M2M5OWE3YTY3MGRiOGE0ZTVkNTI5MGE1ZDBmZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUh3a/Nom34rtb8kJzu/UiZczVoW
Zf3+ML/modMEMH6FWWQElvtLLbmUa3+Em7fmqc+NfaLCSa74jYknGgGhWY/plA5P
xELZaLAlJFfDmqB9RYrDLs+zzlRYYJTWwRlo/YMQj0joB1bx0gyxjcItYT/42/88
bVpM6eOnl5yzPad6Y4CXx7GGOGZDmpvxg/EOVQlly8Izo8EGUTzog9iVwPKkekgk
tFAtpIbQ1eYVwwI22QnUh9EykDFbTRNeVMbJ/zlsLwvYqr52Z3fnJZbeRz2WLm+G
5wkqIxds9nkf/FEra9edn8Y8EICjfmnXFVbXBT3tMuq7B/I4TeLS2BW7EQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLuWEimlPJmnpnDbik5dUpCl0P0KMB8GA1UdIwQY
MBaAFHZC/T8zbObumeYfqXcEmmxqkj5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGtMOVB6TnM1dTZaNWgtcGR3U2FiR3FTUGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85MjQ1NDYtZDljNy00YTBkLWFlMDAt
NjJjNDNhYzdjMDJmLzEvdTVZU0thVThtYWVtY051S1RsMVNrS1hRX1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85MjQ1NDYtZDljNy00YTBkLWFlMDAtNjJjNDNhYzdjMDJm
LzEvZGtMOVB6TnM1dTZaNWgtcGR3U2FiR3FTUGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGLqIAAwQC
wSv8AwQCwW+cMA0GCSqGSIb3DQEBCwUAA4IBAQBfufAGe4q9n5YBWHiWtFPFMWsH
ytot1DkzV7U+I89l2KpuZtmU0KK0Doh34qZmqHGguXUd0+ysW+F18wLJYyCEAHz8
8fv4UftONKnBFYc3Y0XXuHIYW7eTnYIi6iSUDHVkJJnH34XHImYq1KaGCKnrHDnS
wPHM1LtHMdHa/aEDMLc2mzFhMTmqglIRWVNgzLVQt3Ko45ztlFEd4d1ffgYoD13C
Qo54u8VPgTKAWz7baf+B+BuOjRtQ2cdLsXT+heb57rtdsAHVTuW0MWNhHnYk4iqg
2LNJ5xkrv0mP332NH06WF4T47wi6rJI0ikK9wWfyXkUc6Lgb4JAggx+zaM6n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:47 2024 by rpki-client on console-ams.rpki-client.org