Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/IAIpypgAnJrQaSKITNEd9XjY_tA.roa
File:                     IAIpypgAnJrQaSKITNEd9XjY_tA.roa (raw, json)
Hash identifier:          x5uRaCjOIVts+6Sw1jKKuCPgctGPmAXiWBJaO202WOU=
Subject key identifier:   20:02:29:CA:98:00:9C:9A:D0:69:22:88:4C:D1:1D:F5:78:D8:FE:D0
Certificate issuer:       /CN=f57bc7f2eaf0cafa69bee5fabe67122b4363fe72
Certificate serial:       0185711E4988FB02396F442E7488185FE1BB
Authority key identifier: F5:7B:C7:F2:EA:F0:CA:FA:69:BE:E5:FA:BE:67:12:2B:43:63:FE:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9XvH8urwyvppvuX6vmcSK0Nj_nI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/IAIpypgAnJrQaSKITNEd9XjY_tA.roa
Signing time:             Mon 02 Jan 2023 06:14:48 +0000
ROA not before:           Mon 02 Jan 2023 06:14:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200567
IP address blocks:        46.16.216.0/22 maxlen: 22
                          46.16.216.0/23 maxlen: 23
                          46.16.218.0/23 maxlen: 23
                          46.16.222.0/23 maxlen: 23
                          46.16.220.0/23 maxlen: 23
                          46.16.220.0/22 maxlen: 22
                          185.39.176.0/23 maxlen: 24
                          185.39.178.0/23 maxlen: 23
                          185.70.144.0/23 maxlen: 23
                          185.70.146.0/23 maxlen: 23
                          185.109.32.0/23 maxlen: 23
                          185.109.34.0/23 maxlen: 23
                          2a05:2a80:1::/48 maxlen: 48
                          2a05:2a80::/29 maxlen: 29
                          2a05:2a80::/32 maxlen: 32
                          2a06:4e40::/29 maxlen: 29
                          2a02:4500::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 14 Feb 2023 13:20:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:49:88:fb:02:39:6f:44:2e:74:88:18:5f:e1:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f57bc7f2eaf0cafa69bee5fabe67122b4363fe72
        Validity
            Not Before: Jan  2 06:14:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=200229ca98009c9ad06922884cd11df578d8fed0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:47:37:d7:ee:8b:25:c3:9c:9b:4f:27:38:76:
                    18:f4:85:bf:c1:90:0b:ce:4f:a4:17:8b:00:0d:18:
                    b5:77:fb:26:53:a0:46:21:81:85:e8:c7:8c:11:1b:
                    e4:66:b0:4d:65:03:ae:96:1c:12:ed:91:76:34:35:
                    ec:39:a3:a5:be:39:a7:57:13:13:d7:f7:5e:74:95:
                    38:c7:ee:9d:57:96:36:4b:00:aa:53:26:f0:f6:fd:
                    0f:8b:4d:17:04:04:f3:a5:68:b4:ff:4d:d7:ca:01:
                    12:a6:2d:1f:67:63:be:92:25:95:a8:bb:5a:17:1d:
                    ea:13:43:43:15:2e:44:0c:2a:1d:db:6e:7d:25:74:
                    1b:6d:48:3e:4e:0b:20:db:37:0a:fd:10:ac:92:f5:
                    26:69:0f:b3:13:7a:12:6f:49:0b:7f:eb:cc:d8:a1:
                    ab:49:58:68:3a:ed:c8:c8:79:47:bb:29:4e:06:6b:
                    c6:1a:73:4a:c4:7e:ce:a7:50:9f:ee:bc:dd:78:a9:
                    fb:9a:c4:52:c2:64:34:86:a7:d5:10:6a:d6:ae:dd:
                    71:8f:a2:99:b5:99:d4:98:9b:ec:6c:56:36:09:02:
                    9c:5a:79:20:b7:56:40:09:19:7c:e2:04:d8:c5:15:
                    61:89:52:13:a9:a4:22:f7:86:31:e7:e8:e4:26:55:
                    eb:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:02:29:CA:98:00:9C:9A:D0:69:22:88:4C:D1:1D:F5:78:D8:FE:D0
            X509v3 Authority Key Identifier:
                keyid:F5:7B:C7:F2:EA:F0:CA:FA:69:BE:E5:FA:BE:67:12:2B:43:63:FE:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XvH8urwyvppvuX6vmcSK0Nj_nI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/IAIpypgAnJrQaSKITNEd9XjY_tA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/9XvH8urwyvppvuX6vmcSK0Nj_nI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.16.216.0/21
                  185.39.176.0/22
                  185.70.144.0/22
                  185.109.32.0/22
                IPv6:
                  2a02:4500::/32
                  2a05:2a80::/29
                  2a06:4e40::/29

    Signature Algorithm: sha256WithRSAEncryption
         8e:64:e5:47:ff:e5:19:06:70:57:e0:e2:ee:68:dc:91:22:be:
         89:f0:58:49:a2:70:9a:33:4c:9f:0f:60:c6:c8:f8:f6:fb:97:
         2d:43:ce:57:a0:5b:f7:9f:76:69:d7:5e:35:67:c5:cd:33:8d:
         f5:bf:d2:3f:b1:57:0a:66:c7:b4:3a:4f:82:b5:b0:1e:62:07:
         aa:ef:7b:7f:ab:ef:1e:bd:cd:8e:04:63:88:b6:49:13:e9:ba:
         f2:31:07:24:e5:ae:e3:12:8b:3c:19:50:68:48:9f:51:57:0e:
         37:8e:8c:48:94:ec:fb:fd:ce:69:9a:4d:ad:3b:1d:e9:97:d6:
         df:be:14:20:18:25:f2:a3:16:c1:1f:85:e3:97:51:ad:e6:e3:
         c6:5e:9e:a2:70:d5:67:50:36:ff:84:b2:98:77:07:07:9e:51:
         fe:73:23:4e:ab:cd:e9:1a:06:d5:45:d9:31:b3:60:c5:82:28:
         b5:88:ee:5b:0f:4c:e5:bd:aa:dc:87:1a:e6:91:06:e3:ab:ed:
         a7:99:90:1e:81:72:0b:0b:cb:f7:28:19:45:42:ca:e7:fd:60:
         d8:fa:10:ce:73:bb:44:5e:2a:41:8f:47:34:94:3b:51:88:90:
         67:8a:9e:1f:70:51:b3:39:8f:34:08:03:36:83:18:83:c8:9d:
         04:8f:f4:03
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVxHkmI+wI5b0QudIgYX+G7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1N2JjN2YyZWFmMGNhZmE2OWJlZTVmYWJlNjcxMjJiNDM2
M2ZlNzIwHhcNMjMwMTAyMDYxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDAyMjljYTk4MDA5YzlhZDA2OTIyODg0Y2QxMWRmNTc4ZDhmZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0c31+6LJcOcm08nOHYY9IW/wZAL
zk+kF4sADRi1d/smU6BGIYGF6MeMERvkZrBNZQOulhwS7ZF2NDXsOaOlvjmnVxMT
1/dedJU4x+6dV5Y2SwCqUybw9v0Pi00XBATzpWi0/03XygESpi0fZ2O+kiWVqLta
Fx3qE0NDFS5EDCod2259JXQbbUg+Tgsg2zcK/RCskvUmaQ+zE3oSb0kLf+vM2KGr
SVhoOu3IyHlHuylOBmvGGnNKxH7Op1Cf7rzdeKn7msRSwmQ0hqfVEGrWrt1xj6KZ
tZnUmJvsbFY2CQKcWnkgt1ZACRl84gTYxRVhiVITqaQi94Yx5+jkJlXruQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCACKcqYAJya0GkiiEzRHfV42P7QMB8GA1UdIwQY
MBaAFPV7x/Lq8Mr6ab7l+r5nEitDY/5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVh2SDh1cnd5dnBwdnVYNnZtY1NLME5qX25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80NDQxYjQtZjk4MS00YzI2LTliOTkt
MTAxMDQ3M2Y0ZmU4LzEvSUFJcHlwZ0FuSnJRYVNLSVRORWQ5WGpZX3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80NDQxYjQtZjk4MS00YzI2LTliOTktMTAxMDQ3M2Y0ZmU4
LzEvOVh2SDh1cnd5dnBwdnVYNnZtY1NLME5qX25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQDLhDYAwQC
uSewAwQCuUaQAwQCuW0gMBsEAgACMBUDBQAqAkUAAwUDKgUqgAMFAyoGTkAwDQYJ
KoZIhvcNAQELBQADggEBAI5k5Uf/5RkGcFfg4u5o3JEivonwWEmicJozTJ8PYMbI
+Pb7ly1DzlegW/efdmnXXjVnxc0zjfW/0j+xVwpmx7Q6T4K1sB5iB6rve3+r7x69
zY4EY4i2SRPpuvIxByTlruMSizwZUGhIn1FXDjeOjEiU7Pv9zmmaTa07HemX1t++
FCAYJfKjFsEfheOXUa3m48ZenqJw1WdQNv+Esph3BweeUf5zI06rzekaBtVF2TGz
YMWCKLWI7lsPTOW9qtyHGuaRBuOr7aeZkB6BcgsLy/coGUVCyuf9YNj6EM5zu0Re
KkGPRzSUO1GIkGeKnh9wUbM5jzQIAzaDGIPInQSP9AM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:15 2024 by rpki-client on console-ams.rpki-client.org