Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/C1R25BfL7GT7-OvroIQ9h2E_HZA.roa
File:                     C1R25BfL7GT7-OvroIQ9h2E_HZA.roa (raw, json)
Hash identifier:          yXvlvfIt7JZQVymUiCELSV1ZpyDTs2xqrncCEAxxxe8=
Subject key identifier:   0B:54:76:E4:17:CB:EC:64:FB:F8:EB:EB:A0:84:3D:87:61:3F:1D:90
Certificate issuer:       /CN=c6a6e22f4e23965f6c4a025c6c92efc0b662e793
Certificate serial:       0186FFC94AF1CDC22EE08C40CD7EC70B3B98
Authority key identifier: C6:A6:E2:2F:4E:23:96:5F:6C:4A:02:5C:6C:92:EF:C0:B6:62:E7:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/C1R25BfL7GT7-OvroIQ9h2E_HZA.roa
Signing time:             Mon 20 Mar 2023 16:10:27 +0000
ROA not before:           Mon 20 Mar 2023 16:10:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44942
IP address blocks:        92.63.224.0/20 maxlen: 22
                          185.114.116.0/22 maxlen: 22
                          185.157.216.0/22 maxlen: 22
                          92.246.104.0/22 maxlen: 22
                          92.246.108.0/22 maxlen: 22
                          92.246.111.0/24 maxlen: 24
                          92.246.108.0/24 maxlen: 24
                          92.246.110.0/24 maxlen: 24
                          92.246.109.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ff:c9:4a:f1:cd:c2:2e:e0:8c:40:cd:7e:c7:0b:3b:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6a6e22f4e23965f6c4a025c6c92efc0b662e793
        Validity
            Not Before: Mar 20 16:10:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0b5476e417cbec64fbf8ebeba0843d87613f1d90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:24:f4:22:18:7a:d5:ce:7c:21:e5:3e:da:20:
                    50:c9:c4:2a:2f:7e:fc:99:35:b6:f5:1b:25:db:e9:
                    51:32:05:72:8c:9f:31:7a:77:46:4f:d2:a0:a6:d3:
                    ed:5b:2e:58:70:1e:86:e8:61:2e:18:3c:58:c1:1c:
                    28:e6:ed:9a:6e:46:d4:bd:2b:7d:fb:64:cf:63:11:
                    dc:bf:85:fc:6a:51:30:51:e0:36:4a:24:b8:bb:11:
                    a9:39:00:64:83:d3:2a:c6:03:44:8f:0e:e6:04:21:
                    4b:ed:cc:1b:41:0e:55:b5:23:7a:e9:49:80:c9:c1:
                    74:79:77:69:e0:a8:a3:32:b7:b1:8f:ca:06:5d:c0:
                    e1:5a:f5:a8:92:3a:90:d5:13:f1:d1:d8:ed:09:6a:
                    26:ab:c7:54:64:63:49:ea:f3:ff:ab:90:96:84:e5:
                    6d:d5:c4:42:34:d7:6a:20:fd:c7:61:fe:31:b2:45:
                    88:a4:a6:10:e5:b3:9f:5a:b4:55:7d:12:e3:06:65:
                    4a:16:51:25:50:63:14:89:a4:0e:ad:dc:84:bc:61:
                    02:e6:fb:c5:5f:02:11:1b:b4:03:7e:de:b2:6d:a4:
                    f6:84:b6:68:79:a4:d9:f4:dd:cf:3e:03:a8:70:3d:
                    0c:be:74:82:24:4f:14:f3:9c:de:89:0f:94:69:e9:
                    4a:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:54:76:E4:17:CB:EC:64:FB:F8:EB:EB:A0:84:3D:87:61:3F:1D:90
            X509v3 Authority Key Identifier:
                keyid:C6:A6:E2:2F:4E:23:96:5F:6C:4A:02:5C:6C:92:EF:C0:B6:62:E7:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/C1R25BfL7GT7-OvroIQ9h2E_HZA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/xqbiL04jll9sSgJcbJLvwLZi55M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.63.224.0/20
                  92.246.104.0/21
                  185.114.116.0/22
                  185.157.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         13:a2:c0:45:8e:bc:b1:36:97:54:25:8f:d7:bb:af:45:cb:e3:
         d5:c1:c7:9c:21:81:32:21:16:90:8d:17:d3:aa:28:cd:9a:c0:
         7c:03:77:41:41:fb:69:72:20:f4:1a:f4:34:52:c1:5c:43:aa:
         8a:c1:3f:c6:62:98:7f:ab:3c:f9:73:89:45:72:71:1c:a6:c0:
         79:34:a8:d7:2b:45:23:24:08:07:c8:b9:60:3b:82:20:64:55:
         20:40:9e:74:8a:7f:cc:aa:17:9e:8c:9d:f1:ea:10:7b:a9:25:
         01:69:00:c8:b3:97:d9:3a:27:14:87:97:65:ac:c0:b0:ef:0d:
         b0:9f:2f:03:4a:24:c7:37:a2:14:dd:72:3c:3c:b3:30:25:74:
         26:f6:e2:0a:53:b9:7c:7b:ef:0b:76:36:fd:d4:de:10:1b:45:
         34:88:87:62:c4:16:8c:5d:5b:5e:98:a5:6c:2e:64:2f:53:8c:
         a1:b1:db:b9:c1:77:69:73:bd:c0:eb:88:2f:eb:c2:4f:d9:0a:
         ba:27:35:33:31:32:2c:c2:55:22:e3:24:6d:e3:a0:4e:b6:79:
         99:e4:2e:5a:26:fa:90:3d:bd:54:d1:e8:c2:e0:e7:29:4e:a1:
         f9:32:34:5a:0c:cb:3d:06:dd:88:39:d3:cd:ac:8f:27:91:23:
         8e:ca:50:b1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYb/yUrxzcIu4IxAzX7HCzuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTZlMjJmNGUyMzk2NWY2YzRhMDI1YzZjOTJlZmMwYjY2
MmU3OTMwHhcNMjMwMzIwMTYxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjU0NzZlNDE3Y2JlYzY0ZmJmOGViZWJhMDg0M2Q4NzYxM2YxZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlST0Ihh61c58IeU+2iBQycQqL378
mTW29Rsl2+lRMgVyjJ8xendGT9KgptPtWy5YcB6G6GEuGDxYwRwo5u2abkbUvSt9
+2TPYxHcv4X8alEwUeA2SiS4uxGpOQBkg9MqxgNEjw7mBCFL7cwbQQ5VtSN66UmA
ycF0eXdp4KijMrexj8oGXcDhWvWokjqQ1RPx0djtCWomq8dUZGNJ6vP/q5CWhOVt
1cRCNNdqIP3HYf4xskWIpKYQ5bOfWrRVfRLjBmVKFlElUGMUiaQOrdyEvGEC5vvF
XwIRG7QDft6ybaT2hLZoeaTZ9N3PPgOocD0MvnSCJE8U85zeiQ+UaelKCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAtUduQXy+xk+/jr66CEPYdhPx2QMB8GA1UdIwQY
MBaAFMam4i9OI5ZfbEoCXGyS78C2YueTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFiaUwwNGpsbDlzU2dKY2JKTHZ3TFppNTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kMzM0ZWQtMzZiZC00MTcwLWI0ZDYt
MDZhZjZkYmEzNGY3LzEvQzFSMjVCZkw3R1Q3LU92cm9JUTloMkVfSFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kMzM0ZWQtMzZiZC00MTcwLWI0ZDYtMDZhZjZkYmEzNGY3
LzEveHFiaUwwNGpsbDlzU2dKY2JKTHZ3TFppNTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEXD/gAwQD
XPZoAwQCuXJ0AwQCuZ3YMA0GCSqGSIb3DQEBCwUAA4IBAQATosBFjryxNpdUJY/X
u69Fy+PVwcecIYEyIRaQjRfTqijNmsB8A3dBQftpciD0GvQ0UsFcQ6qKwT/GYph/
qzz5c4lFcnEcpsB5NKjXK0UjJAgHyLlgO4IgZFUgQJ50in/MqheejJ3x6hB7qSUB
aQDIs5fZOicUh5dlrMCw7w2wny8DSiTHN6IU3XI8PLMwJXQm9uIKU7l8e+8Ldjb9
1N4QG0U0iIdixBaMXVtemKVsLmQvU4yhsdu5wXdpc73A64gv68JP2Qq6JzUzMTIs
wlUi4yRt46BOtnmZ5C5aJvqQPb1U0ejC4OcpTqH5MjRaDMs9Bt2IOdPNrI8nkSOO
ylCx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:01 2024 by rpki-client on console-fra.rpki-client.org