Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/6pbl-I8Tzfr8Wno2EJSxkDsEIzI.roa
File:                     6pbl-I8Tzfr8Wno2EJSxkDsEIzI.roa (raw, json)
Hash identifier:          7u2V/K1VVEThlzYsBc63k8+HF+Gg7KJFeeLovLlhPic=
Subject key identifier:   EA:96:E5:F8:8F:13:CD:FA:FC:5A:7A:36:10:94:B1:90:3B:04:23:32
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       01896553B6B764B121B7051B786404530758
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/6pbl-I8Tzfr8Wno2EJSxkDsEIzI.roa
Signing time:             Mon 17 Jul 2023 19:28:52 +0000
ROA not before:           Mon 17 Jul 2023 19:28:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202656
IP address blocks:        193.8.164.0/24 maxlen: 24
                          194.156.1.0/24 maxlen: 24
                          193.8.167.0/24 maxlen: 24
                          193.8.175.0/24 maxlen: 24
                          45.143.143.0/24 maxlen: 24
                          45.143.141.0/24 maxlen: 24
                          45.135.176.0/24 maxlen: 24
                          45.135.179.0/24 maxlen: 24
                          45.135.178.0/24 maxlen: 24
                          45.91.161.0/24 maxlen: 24
                          45.156.149.0/24 maxlen: 24
                          45.156.150.0/24 maxlen: 24
                          45.140.61.0/24 maxlen: 24
                          45.147.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:65:53:b6:b7:64:b1:21:b7:05:1b:78:64:04:53:07:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Jul 17 19:28:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea96e5f88f13cdfafc5a7a361094b1903b042332
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:9c:6d:0d:1f:98:45:86:25:48:42:0d:90:31:
                    a8:1c:7c:7f:07:8f:b4:86:f1:27:29:76:3e:36:bd:
                    85:eb:e0:d9:f9:98:9f:3c:a3:e4:2d:12:5c:d8:0e:
                    31:7c:fc:08:76:d8:f3:ca:37:f3:de:07:17:05:10:
                    1d:fb:71:3f:f5:ef:fa:b3:ce:16:46:c0:46:47:cd:
                    4b:29:42:26:ef:e6:31:12:a0:5b:76:93:3f:4c:75:
                    a7:f2:fd:b1:95:da:be:57:0e:9c:c0:3e:51:20:dd:
                    4c:70:27:d2:13:39:07:60:70:71:f7:52:f4:0e:69:
                    f3:ff:c0:fd:b5:ec:95:66:df:5f:30:42:7d:b7:a8:
                    87:c8:41:95:3a:cd:50:6b:1c:fd:3d:91:6b:0f:0d:
                    7a:06:cb:51:5c:5e:f2:c1:29:97:21:8a:b8:d7:3d:
                    3c:3a:6e:bf:da:0e:0c:34:eb:17:66:f9:1a:c7:a9:
                    34:b0:3b:83:54:c4:0c:60:7b:84:f1:56:69:e2:40:
                    f3:97:bc:8b:ae:f9:20:8d:c0:77:35:6b:84:b7:7f:
                    4b:ec:6c:8f:d4:d5:6a:ad:20:9b:89:6f:6b:b2:21:
                    bb:b5:9a:45:59:d4:cd:90:99:df:ca:fb:d5:bf:ef:
                    82:f4:dd:71:dc:41:d3:18:8e:52:48:50:78:03:28:
                    ce:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:96:E5:F8:8F:13:CD:FA:FC:5A:7A:36:10:94:B1:90:3B:04:23:32
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/6pbl-I8Tzfr8Wno2EJSxkDsEIzI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.161.0/24
                  45.135.176.0/24
                  45.135.178.0/23
                  45.140.61.0/24
                  45.143.141.0/24
                  45.143.143.0/24
                  45.147.246.0/24
                  45.156.149.0-45.156.150.255
                  193.8.164.0/24
                  193.8.167.0/24
                  193.8.175.0/24
                  194.156.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:9f:52:e6:55:31:6a:e4:32:bb:e2:32:ad:c3:6f:d3:d3:eb:
         89:35:5d:41:8e:8c:53:08:49:b8:ba:34:42:8e:66:6a:53:82:
         a5:14:c0:af:34:04:b3:96:fe:f0:f1:61:02:43:f9:7a:58:61:
         69:78:4e:c1:79:77:db:61:98:7a:ff:4e:96:d9:b3:10:f6:38:
         b5:60:d6:3e:c4:35:5e:a4:87:4f:55:c6:c1:5b:36:95:85:63:
         73:d1:49:34:94:08:b1:e1:41:6b:ee:a0:1b:06:3b:53:f3:fc:
         48:a9:9b:40:6a:e7:92:56:6f:40:7c:b4:17:2b:29:64:ae:4f:
         d7:aa:ed:4f:83:87:07:bf:7e:67:9b:fa:f5:c2:4a:2a:b8:54:
         f5:ea:20:ae:f6:ac:51:62:6e:bb:45:2b:70:5e:5a:2e:e0:89:
         37:e9:4a:64:d6:63:17:31:8b:71:15:a4:93:6f:37:af:1c:db:
         42:cf:91:9e:d9:34:73:cb:b1:30:8e:8f:36:5d:3d:3e:fa:a4:
         94:65:af:9d:b4:82:fc:27:b5:48:84:31:06:b1:3a:51:04:43:
         3b:dc:ca:9a:46:96:16:39:17:8a:3c:1a:81:54:73:d9:8a:d4:
         c2:1c:28:44:03:bf:2e:10:b0:30:44:8c:1a:5e:b9:db:c0:f4:
         4e:2f:a7:0f
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYllU7a3ZLEhtwUbeGQEUwdYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjMwNzE3MTkyODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTk2ZTVmODhmMTNjZGZhZmM1YTdhMzYxMDk0YjE5MDNiMDQyMzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpxtDR+YRYYlSEINkDGoHHx/B4+0
hvEnKXY+Nr2F6+DZ+ZifPKPkLRJc2A4xfPwIdtjzyjfz3gcXBRAd+3E/9e/6s84W
RsBGR81LKUIm7+YxEqBbdpM/THWn8v2xldq+Vw6cwD5RIN1McCfSEzkHYHBx91L0
Dmnz/8D9teyVZt9fMEJ9t6iHyEGVOs1Qaxz9PZFrDw16BstRXF7ywSmXIYq41z08
Om6/2g4MNOsXZvkax6k0sDuDVMQMYHuE8VZp4kDzl7yLrvkgjcB3NWuEt39L7GyP
1NVqrSCbiW9rsiG7tZpFWdTNkJnfyvvVv++C9N1x3EHTGI5SSFB4AyjOkwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFOqW5fiPE836/Fp6NhCUsZA7BCMyMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvNnBibC1JOFR6ZnI4V25vMkVKU3hrRHNFSXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALVuhAwQA
LYewAwQBLYeyAwQALYw9AwQALY+NAwQALY+PAwQALZP2MAwDBAAtnJUDBAAtnJYD
BADBCKQDBADBCKcDBADBCK8DBADCnAEwDQYJKoZIhvcNAQELBQADggEBAJ2fUuZV
MWrkMrviMq3Db9PT64k1XUGOjFMISbi6NEKOZmpTgqUUwK80BLOW/vDxYQJD+XpY
YWl4TsF5d9thmHr/TpbZsxD2OLVg1j7ENV6kh09VxsFbNpWFY3PRSTSUCLHhQWvu
oBsGO1Pz/Eipm0Bq55JWb0B8tBcrKWSuT9eq7U+Dhwe/fmeb+vXCSiq4VPXqIK72
rFFibrtFK3BeWi7giTfpSmTWYxcxi3EVpJNvN68c20LPkZ7ZNHPLsTCOjzZdPT76
pJRlr520gvwntUiEMQaxOlEEQzvcyppGlhY5F4o8GoFUc9mK1MIcKEQDvy4QsDBE
jBpeudvA9E4vpw8=
-----END CERTIFICATE-----