Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/DduBlR6YAm6_cMifhWgGhcF0Utw.roa
File:                     DduBlR6YAm6_cMifhWgGhcF0Utw.roa (raw, json)
Hash identifier:          7+Ivf4K9DOCbqqK33BCbW7zcq7y83zPyxdHuBXp6r94=
Subject key identifier:   0D:DB:81:95:1E:98:02:6E:BF:70:C8:9F:85:68:06:85:C1:74:52:DC
Certificate issuer:       /CN=a68ff9229efd8d12b4273f346f8c6454ea587ecc
Certificate serial:       018BD8365DDE4AE5B31C859A778CD3256EF6
Authority key identifier: A6:8F:F9:22:9E:FD:8D:12:B4:27:3F:34:6F:8C:64:54:EA:58:7E:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/po_5Ip79jRK0Jz80b4xkVOpYfsw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/DduBlR6YAm6_cMifhWgGhcF0Utw.roa
Signing time:             Thu 16 Nov 2023 12:58:43 +0000
ROA not before:           Thu 16 Nov 2023 12:58:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43584
IP address blocks:        46.16.160.0/23 maxlen: 23
                          46.16.164.0/24 maxlen: 24
                          46.16.166.0/24 maxlen: 24
                          91.197.142.0/23 maxlen: 23
                          91.197.141.0/24 maxlen: 24
                          91.197.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d8:36:5d:de:4a:e5:b3:1c:85:9a:77:8c:d3:25:6e:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a68ff9229efd8d12b4273f346f8c6454ea587ecc
        Validity
            Not Before: Nov 16 12:58:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0ddb81951e98026ebf70c89f85680685c17452dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:40:f9:92:55:d4:82:63:d3:2b:fb:9a:75:53:
                    a3:73:4c:93:f6:6f:a3:ce:15:7c:81:52:81:75:ae:
                    60:a9:b0:5b:80:5e:91:2c:06:c3:f8:54:ba:68:70:
                    9c:fa:f5:09:9c:e1:a2:22:23:9f:23:cc:fc:bd:d8:
                    fd:af:fb:6b:31:66:c9:eb:fa:a4:dd:39:af:df:46:
                    3e:da:7c:f3:b2:e2:6a:59:95:1f:d5:89:c6:dd:a9:
                    4f:57:1c:e9:5f:7a:a1:db:20:22:04:19:08:32:2d:
                    b8:8e:93:3b:b9:9b:29:e5:35:df:03:82:22:9f:42:
                    1f:8a:b7:bd:85:e9:2d:53:80:3f:ac:f4:dc:0e:8a:
                    03:e7:70:fc:2b:72:38:6c:ae:7f:03:b8:a6:7a:4b:
                    4f:9e:2d:bf:3f:3c:ff:fe:aa:a8:69:c2:f4:55:82:
                    9e:d9:3e:6f:37:eb:ab:77:16:41:5f:52:37:3e:af:
                    58:7d:8e:5c:45:d2:b6:27:89:a3:a3:00:76:c3:30:
                    c2:14:0f:65:af:aa:ce:bb:1a:84:22:d9:78:1b:ed:
                    92:83:62:46:04:65:a6:cc:68:90:af:37:7f:70:f9:
                    fa:64:dd:ee:bd:57:9a:26:b5:a6:0f:0c:48:81:a6:
                    82:68:00:03:e3:10:b4:53:3c:4a:af:9e:72:29:4c:
                    bc:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:DB:81:95:1E:98:02:6E:BF:70:C8:9F:85:68:06:85:C1:74:52:DC
            X509v3 Authority Key Identifier:
                keyid:A6:8F:F9:22:9E:FD:8D:12:B4:27:3F:34:6F:8C:64:54:EA:58:7E:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/po_5Ip79jRK0Jz80b4xkVOpYfsw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/DduBlR6YAm6_cMifhWgGhcF0Utw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/2ff98e-6ff9-4233-b9f1-227e21e691e7/1/po_5Ip79jRK0Jz80b4xkVOpYfsw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.16.160.0/23
                  46.16.164.0/24
                  46.16.166.0/24
                  91.197.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0c:54:43:a5:9f:ed:75:ff:8d:83:6c:9d:f4:be:5f:45:b1:fd:
         d0:3d:2a:74:e1:c6:29:32:63:96:52:21:c2:a3:2c:7d:d2:ae:
         80:5d:54:59:4f:a5:94:b5:fb:06:9d:b5:58:3a:af:ed:04:a5:
         71:6d:25:a5:7f:4f:d9:25:fc:83:46:ac:36:4b:cb:54:10:06:
         54:49:a7:ae:a6:12:e0:5d:61:02:0f:0e:5d:25:da:1a:5c:5a:
         e4:0c:50:b6:e6:5c:a0:47:37:d1:26:c1:22:a3:00:ac:c2:48:
         ba:e5:f1:45:11:fd:96:66:36:0e:15:41:72:f8:bb:2a:7d:db:
         18:3d:67:7e:28:ae:74:d6:01:f2:c3:95:cc:2c:db:bb:f5:b9:
         f6:12:11:48:e7:56:20:9c:4c:a0:7a:cb:4b:c6:a1:4e:d3:fc:
         d0:fc:89:c3:28:bc:e2:70:c8:18:72:f1:35:2e:eb:a6:c9:8d:
         28:58:03:ff:db:0a:b4:30:7d:97:1f:f0:18:02:6a:8f:3e:0e:
         95:84:76:16:e8:01:26:e3:21:c6:62:a5:b9:21:76:c6:ed:1e:
         39:86:51:7e:4a:62:19:3b:f9:ed:69:5f:86:95:3b:b4:35:66:
         e4:c7:cd:51:6e:f6:2a:8e:e6:cf:a9:63:3a:74:8a:64:de:86:
         d3:8a:b9:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvYNl3eSuWzHIWad4zTJW72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OGZmOTIyOWVmZDhkMTJiNDI3M2YzNDZmOGM2NDU0ZWE1
ODdlY2MwHhcNMjMxMTE2MTI1ODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGRiODE5NTFlOTgwMjZlYmY3MGM4OWY4NTY4MDY4NWMxNzQ1MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkD5klXUgmPTK/uadVOjc0yT9m+j
zhV8gVKBda5gqbBbgF6RLAbD+FS6aHCc+vUJnOGiIiOfI8z8vdj9r/trMWbJ6/qk
3Tmv30Y+2nzzsuJqWZUf1YnG3alPVxzpX3qh2yAiBBkIMi24jpM7uZsp5TXfA4Ii
n0Ifire9hektU4A/rPTcDooD53D8K3I4bK5/A7imektPni2/Pzz//qqoacL0VYKe
2T5vN+urdxZBX1I3Pq9YfY5cRdK2J4mjowB2wzDCFA9lr6rOuxqEItl4G+2Sg2JG
BGWmzGiQrzd/cPn6ZN3uvVeaJrWmDwxIgaaCaAAD4xC0UzxKr55yKUy8yQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA3bgZUemAJuv3DIn4VoBoXBdFLcMB8GA1UdIwQY
MBaAFKaP+SKe/Y0StCc/NG+MZFTqWH7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG9fNUlwNzlqUkswSno4MGI0eGtWT3BZZnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yZmY5OGUtNmZmOS00MjMzLWI5ZjEt
MjI3ZTIxZTY5MWU3LzEvRGR1QmxSNllBbTZfY01pZmhXZ0doY0YwVXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yZmY5OGUtNmZmOS00MjMzLWI5ZjEtMjI3ZTIxZTY5MWU3
LzEvcG9fNUlwNzlqUkswSno4MGI0eGtWT3BZZnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLhCgAwQA
LhCkAwQALhCmAwQCW8WMMA0GCSqGSIb3DQEBCwUAA4IBAQAMVEOln+11/42DbJ30
vl9Fsf3QPSp04cYpMmOWUiHCoyx90q6AXVRZT6WUtfsGnbVYOq/tBKVxbSWlf0/Z
JfyDRqw2S8tUEAZUSaeuphLgXWECDw5dJdoaXFrkDFC25lygRzfRJsEiowCswki6
5fFFEf2WZjYOFUFy+LsqfdsYPWd+KK501gHyw5XMLNu79bn2EhFI51YgnEygestL
xqFO0/zQ/InDKLzicMgYcvE1LuumyY0oWAP/2wq0MH2XH/AYAmqPPg6VhHYW6AEm
4yHGYqW5IXbG7R45hlF+SmIZO/ntaV+GlTu0NWbkx81RbvYqjubPqWM6dIpk3obT
irnx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:03 2024 by rpki-client on console-fra.rpki-client.org