Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pyImr-B03fjhZ2WhjJwsW2uDUNo.roa
File:                     pyImr-B03fjhZ2WhjJwsW2uDUNo.roa (raw, json)
Hash identifier:          FQP9uTVOzwpMUFnxOSz5OZbhF3q0rtSoCf1GRW1cp5k=
Subject key identifier:   A7:22:26:AF:E0:74:DD:F8:E1:67:65:A1:8C:9C:2C:5B:6B:83:50:DA
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       018C4E87A24D191EC4DDC2AC293338671FB0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pyImr-B03fjhZ2WhjJwsW2uDUNo.roa
Signing time:             Sat 09 Dec 2023 12:22:40 +0000
ROA not before:           Sat 09 Dec 2023 12:22:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.227.146.0/23 maxlen: 24
                          185.222.30.0/23 maxlen: 24
                          185.220.249.0/24 maxlen: 24
                          185.220.250.0/23 maxlen: 24
                          193.58.146.0/23 maxlen: 24
                          45.8.21.0/24 maxlen: 24
                          185.251.229.0/24 maxlen: 24
                          185.251.231.0/24 maxlen: 24
                          185.108.204.0/23 maxlen: 24
                          185.225.0.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 13 Dec 2023 09:21:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:4e:87:a2:4d:19:1e:c4:dd:c2:ac:29:33:38:67:1f:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Dec  9 12:22:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a72226afe074ddf8e16765a18c9c2c5b6b8350da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:fa:3c:2c:a1:cd:03:31:f6:a8:3f:a3:32:ed:
                    01:da:a5:dc:f8:af:0f:e9:c9:c9:40:2a:df:bd:81:
                    2e:db:91:7f:14:b6:60:22:37:3c:5e:52:59:c2:5b:
                    d0:56:14:8f:78:03:bd:24:f1:17:ee:da:cd:0c:c3:
                    45:11:41:ba:b6:36:8f:19:cb:fc:59:00:02:42:2d:
                    11:ac:69:02:d2:f4:1c:69:ff:d4:42:f4:94:c9:20:
                    58:4b:20:c8:f0:7f:25:80:9c:e3:5d:79:61:8d:be:
                    9b:31:8a:3c:87:94:94:b1:95:68:cc:51:fe:60:e3:
                    73:5d:f0:85:0e:79:75:06:66:28:7c:e7:7d:cd:69:
                    0a:77:c1:04:54:83:01:c0:64:cd:5a:06:78:b2:03:
                    79:d6:56:66:ae:fc:fe:4a:0b:71:05:d4:2c:ca:85:
                    4f:19:0e:31:1c:88:75:08:37:ba:7d:1b:35:54:0e:
                    8b:44:36:31:3f:d8:ad:77:1a:cf:54:16:98:5d:38:
                    7d:3a:9b:b5:7f:c3:66:39:28:de:e9:f7:d1:1b:5b:
                    c1:6e:16:57:02:ae:c7:a0:d5:01:63:98:be:ef:c8:
                    c3:88:81:8b:ec:65:b9:91:69:75:94:ea:7e:77:b2:
                    a8:70:e2:b7:4d:31:de:b4:4c:b9:95:1b:a7:fc:d5:
                    9b:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:22:26:AF:E0:74:DD:F8:E1:67:65:A1:8C:9C:2C:5B:6B:83:50:DA
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pyImr-B03fjhZ2WhjJwsW2uDUNo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.21.0/24
                  185.108.204.0/23
                  185.220.249.0-185.220.251.255
                  185.222.30.0/23
                  185.225.0.0/23
                  185.227.146.0/23
                  185.251.229.0/24
                  185.251.231.0/24
                  193.58.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         62:2a:41:44:37:e6:b1:ae:7f:ff:bb:52:e2:81:be:58:0b:47:
         33:31:fa:07:9b:e6:7a:cb:ce:db:87:e3:19:27:f1:6b:9e:50:
         c4:60:e5:b9:86:00:8e:56:ab:92:ac:9e:32:4e:6f:f3:67:88:
         8b:ad:34:fb:af:ea:ad:40:89:10:65:9f:c5:cd:98:22:b5:85:
         c7:e8:5e:33:ca:23:46:09:9a:0b:d3:8d:96:c7:5b:ce:6a:66:
         1f:f1:9e:b5:81:4d:3d:db:98:54:0a:1b:f6:c0:7a:53:ee:23:
         19:fe:64:52:f0:ff:93:12:d3:4e:5c:42:88:b4:08:55:05:fc:
         cf:24:31:ab:fe:00:46:f5:cd:93:c8:ba:ba:90:e6:3a:55:9e:
         c0:ba:14:be:8e:27:fa:70:93:d9:b8:b3:7f:a4:cf:5f:d1:48:
         b5:f2:2b:8b:0a:e8:1b:53:70:75:bb:0a:65:cc:de:52:0b:82:
         58:ea:a1:a4:ec:77:39:05:33:85:a2:b0:21:41:57:1b:f5:9f:
         98:4c:d2:61:45:32:36:eb:e0:2c:db:a4:e3:95:ed:da:c2:47:
         23:9f:bf:d9:ce:c5:66:2d:5e:53:44:d2:c2:91:4c:8e:04:93:
         77:ff:85:f6:48:e2:47:2b:47:7c:4c:d8:86:47:7d:c2:6b:61:
         42:24:16:3e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYxOh6JNGR7E3cKsKTM4Zx+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjA5MTIyMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzIyMjZhZmUwNzRkZGY4ZTE2NzY1YTE4YzljMmM1YjZiODM1MGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovo8LKHNAzH2qD+jMu0B2qXc+K8P
6cnJQCrfvYEu25F/FLZgIjc8XlJZwlvQVhSPeAO9JPEX7trNDMNFEUG6tjaPGcv8
WQACQi0RrGkC0vQcaf/UQvSUySBYSyDI8H8lgJzjXXlhjb6bMYo8h5SUsZVozFH+
YONzXfCFDnl1BmYofOd9zWkKd8EEVIMBwGTNWgZ4sgN51lZmrvz+SgtxBdQsyoVP
GQ4xHIh1CDe6fRs1VA6LRDYxP9itdxrPVBaYXTh9Opu1f8NmOSje6ffRG1vBbhZX
Aq7HoNUBY5i+78jDiIGL7GW5kWl1lOp+d7KocOK3TTHetEy5lRun/NWb2QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFKciJq/gdN344WdloYycLFtrg1DaMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcHlJbXItQjAzZmpoWjJXaGpKd3NXMnVEVU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALQgVAwQB
uWzMMAwDBAC53PkDBAK53PgDBAG53h4DBAG54QADBAG545IDBAC5++UDBAC5++cD
BAHBOpIwDQYJKoZIhvcNAQELBQADggEBAGIqQUQ35rGuf/+7UuKBvlgLRzMx+geb
5nrLztuH4xkn8WueUMRg5bmGAI5Wq5KsnjJOb/NniIutNPuv6q1AiRBln8XNmCK1
hcfoXjPKI0YJmgvTjZbHW85qZh/xnrWBTT3bmFQKG/bAelPuIxn+ZFLw/5MS005c
Qoi0CFUF/M8kMav+AEb1zZPIurqQ5jpVnsC6FL6OJ/pwk9m4s3+kz1/RSLXyK4sK
6BtTcHW7CmXM3lILgljqoaTsdzkFM4WisCFBVxv1n5hM0mFFMjbr4CzbpOOV7drC
RyOfv9nOxWYtXlNE0sKRTI4Ek3f/hfZI4kcrR3xM2IZHfcJrYUIkFj4=
-----END CERTIFICATE-----