Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/ac9s1jHN02ZQh0p1EjeZsMUKuaU.roa
File:                     ac9s1jHN02ZQh0p1EjeZsMUKuaU.roa (raw, json)
Hash identifier:          vW8LrlHI9PQHakuSvatulbhN9L3Eq5PAWpkdSS76BTo=
Subject key identifier:   69:CF:6C:D6:31:CD:D3:66:50:87:4A:75:12:37:99:B0:C5:0A:B9:A5
Certificate issuer:       /CN=9255218b69e551143c51fa1d919512e1a44c5c9d
Certificate serial:       018572C37FF97DFEDF52F22E2CF99E794255
Authority key identifier: 92:55:21:8B:69:E5:51:14:3C:51:FA:1D:91:95:12:E1:A4:4C:5C:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/ac9s1jHN02ZQh0p1EjeZsMUKuaU.roa
Signing time:             Mon 02 Jan 2023 13:54:52 +0000
ROA not before:           Mon 02 Jan 2023 13:54:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47196
IP address blocks:        91.203.192.0/24 maxlen: 24
                          91.203.194.0/24 maxlen: 24
                          91.203.195.0/24 maxlen: 24
                          91.203.193.0/24 maxlen: 24
                          46.173.212.0/24 maxlen: 24
                          46.173.212.0/23 maxlen: 23
                          46.173.213.0/24 maxlen: 24
                          46.173.211.0/24 maxlen: 24
                          46.173.209.0/24 maxlen: 24
                          46.173.210.0/24 maxlen: 24
                          46.173.217.0/24 maxlen: 24
                          46.173.214.0/23 maxlen: 23
                          46.173.214.0/24 maxlen: 24
                          46.173.215.0/24 maxlen: 24
                          46.173.218.0/23 maxlen: 23
                          46.173.218.0/24 maxlen: 24
                          45.143.137.0/24 maxlen: 24
                          46.173.219.0/24 maxlen: 24
                          46.173.216.0/24 maxlen: 24
                          46.173.216.0/23 maxlen: 23
                          45.143.136.0/24 maxlen: 24
                          45.143.138.0/24 maxlen: 24
                          45.143.139.0/24 maxlen: 24
                          45.143.136.0/22 maxlen: 22
                          46.173.223.0/24 maxlen: 24
                          195.128.120.0/22 maxlen: 22
                          195.128.121.0/24 maxlen: 24
                          195.128.120.0/24 maxlen: 24
                          195.128.124.0/24 maxlen: 24
                          195.128.124.0/22 maxlen: 22
                          195.128.125.0/24 maxlen: 24
                          195.128.122.0/24 maxlen: 24
                          195.128.123.0/24 maxlen: 24
                          195.128.127.0/24 maxlen: 24
                          195.128.126.0/24 maxlen: 24
                          2a0f:6f80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:c3:7f:f9:7d:fe:df:52:f2:2e:2c:f9:9e:79:42:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9255218b69e551143c51fa1d919512e1a44c5c9d
        Validity
            Not Before: Jan  2 13:54:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=69cf6cd631cdd36650874a75123799b0c50ab9a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:2d:e6:a3:34:c4:0c:11:9c:59:2b:8b:d2:03:
                    bf:b6:35:2f:34:e6:56:c6:23:48:cd:7b:d3:ac:6e:
                    59:cb:52:a6:15:36:4c:21:3c:57:6c:b7:54:49:88:
                    1f:2a:0f:36:79:29:16:3b:f8:fb:59:ab:56:ea:92:
                    ce:9c:5a:ce:de:b9:f0:33:98:bb:ab:6e:cd:7f:2b:
                    06:cf:f7:3b:ab:ae:5f:28:22:37:46:03:42:0a:95:
                    78:cc:6c:2d:e9:5c:13:8b:af:30:d1:2c:ae:fc:fb:
                    47:94:42:72:19:a4:be:96:ae:06:2e:df:ed:8d:91:
                    44:23:c9:43:97:61:ef:c5:db:57:d5:da:d0:35:10:
                    c0:92:0e:10:fa:69:5d:d8:ad:79:a4:5c:7e:f1:f1:
                    42:8e:1c:70:08:96:f9:5d:51:ec:d2:9a:00:d9:6e:
                    e3:00:19:ef:1c:43:cd:ac:bb:88:fd:16:27:ba:5d:
                    6d:01:a2:0d:65:81:b2:88:f0:ca:f9:50:4e:a5:cd:
                    a5:6f:f3:15:75:aa:40:1c:51:86:a1:b5:3b:ad:fa:
                    ae:51:17:ac:b4:e2:b7:63:4e:88:5a:13:37:5e:4e:
                    e3:e5:1e:a0:b8:9f:bd:00:04:48:e5:7a:16:e2:8b:
                    6c:cb:e1:e2:8a:9f:9c:88:73:8b:a8:58:48:b0:f4:
                    8c:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:CF:6C:D6:31:CD:D3:66:50:87:4A:75:12:37:99:B0:C5:0A:B9:A5
            X509v3 Authority Key Identifier:
                keyid:92:55:21:8B:69:E5:51:14:3C:51:FA:1D:91:95:12:E1:A4:4C:5C:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/ac9s1jHN02ZQh0p1EjeZsMUKuaU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/klUhi2nlURQ8UfodkZUS4aRMXJ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.136.0/22
                  46.173.209.0-46.173.219.255
                  46.173.223.0/24
                  91.203.192.0/22
                  195.128.120.0/21
                IPv6:
                  2a0f:6f80::/29

    Signature Algorithm: sha256WithRSAEncryption
         0e:1c:97:e7:5f:13:e5:3c:bd:0d:87:30:91:f0:bd:13:e2:fd:
         12:2b:82:06:aa:46:e0:a5:c2:a9:40:32:b1:42:64:39:ff:4a:
         ec:f3:2f:8b:dc:72:68:17:de:41:5f:5d:ad:9c:54:fd:49:9b:
         21:98:a7:1f:d7:f1:ff:91:6e:4b:6a:25:e1:63:9b:e6:ca:3c:
         62:1e:f8:89:3f:8e:82:8d:78:6b:6e:fd:e4:cb:84:e7:8f:67:
         df:82:7e:4a:1c:ce:78:e4:97:e3:e3:77:85:55:87:5f:22:dd:
         75:17:7c:97:f7:1d:de:a1:e4:dd:f4:f0:20:17:5e:83:bb:d2:
         48:bc:36:55:09:14:32:f2:8b:3b:bf:48:3c:ba:b4:75:2c:5a:
         93:0a:83:9d:76:e5:89:81:8c:55:a6:be:9e:51:82:2f:90:69:
         05:da:ff:dd:eb:3b:06:55:70:d5:d9:65:dc:f6:5c:ec:d6:6d:
         36:a6:fb:37:34:71:11:4b:18:af:f8:f5:63:a9:a8:b7:73:41:
         66:e6:c5:83:c5:1d:42:b4:58:ea:a8:62:fd:1e:b7:96:57:41:
         97:6d:e6:63:e7:52:cb:55:4a:f4:5d:ee:03:dd:c8:9c:c6:bf:
         a7:72:a3:32:13:9c:69:97:0a:b9:28:b4:fa:8e:c6:34:b5:a2:
         86:1b:78:80
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVyw3/5ff7fUvIuLPmeeUJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTUyMThiNjllNTUxMTQzYzUxZmExZDkxOTUxMmUxYTQ0
YzVjOWQwHhcNMjMwMTAyMTM1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNmNmNkNjMxY2RkMzY2NTA4NzRhNzUxMjM3OTliMGM1MGFiOWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtS3mozTEDBGcWSuL0gO/tjUvNOZW
xiNIzXvTrG5Zy1KmFTZMITxXbLdUSYgfKg82eSkWO/j7WatW6pLOnFrO3rnwM5i7
q27NfysGz/c7q65fKCI3RgNCCpV4zGwt6VwTi68w0Syu/PtHlEJyGaS+lq4GLt/t
jZFEI8lDl2HvxdtX1drQNRDAkg4Q+mld2K15pFx+8fFCjhxwCJb5XVHs0poA2W7j
ABnvHEPNrLuI/RYnul1tAaINZYGyiPDK+VBOpc2lb/MVdapAHFGGobU7rfquURes
tOK3Y06IWhM3Xk7j5R6guJ+9AARI5XoW4otsy+Hiip+ciHOLqFhIsPSMMwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFGnPbNYxzdNmUIdKdRI3mbDFCrmlMB8GA1UdIwQY
MBaAFJJVIYtp5VEUPFH6HZGVEuGkTFydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xVaGkybmxVUlE4VWZvZGtaVVM0YVJNWEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80ODI4OTYtODI2YS00YmVkLWIxNGYt
YWZmYmEyZGYzZDYyLzEvYWM5czFqSE4wMlpRaDBwMUVqZVpzTVVLdWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80ODI4OTYtODI2YS00YmVkLWIxNGYtYWZmYmEyZGYzZDYy
LzEva2xVaGkybmxVUlE4VWZvZGtaVVM0YVJNWEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCLY+IMAwD
BAAurdEDBAIurdgDBAAurd8DBAJby8ADBAPDgHgwDQQCAAIwBwMFAyoPb4AwDQYJ
KoZIhvcNAQELBQADggEBAA4cl+dfE+U8vQ2HMJHwvRPi/RIrggaqRuClwqlAMrFC
ZDn/SuzzL4vccmgX3kFfXa2cVP1JmyGYpx/X8f+RbktqJeFjm+bKPGIe+Ik/joKN
eGtu/eTLhOePZ9+Cfkocznjkl+Pjd4VVh18i3XUXfJf3Hd6h5N308CAXXoO70ki8
NlUJFDLyizu/SDy6tHUsWpMKg5125YmBjFWmvp5Rgi+QaQXa/93rOwZVcNXZZdz2
XOzWbTam+zc0cRFLGK/49WOpqLdzQWbmxYPFHUK0WOqoYv0et5ZXQZdt5mPnUstV
SvRd7gPdyJzGv6dyozITnGmXCrkotPqOxjS1ooYbeIA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:05 2024 by rpki-client on console-fra.rpki-client.org