Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/6iL9SuRrWjGwdVYHMd2xk9AaA9o.roa
File:                     6iL9SuRrWjGwdVYHMd2xk9AaA9o.roa (raw, json)
Hash identifier:          yzK3o1KKh/lr67jj29ixHoPEXMN8aGCKtuStzznlQfY=
Subject key identifier:   EA:22:FD:4A:E4:6B:5A:31:B0:75:56:07:31:DD:B1:93:D0:1A:03:DA
Certificate issuer:       /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial:       0190EE0B1FE246B70AFFFCE001E84ACC2FE4
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/6iL9SuRrWjGwdVYHMd2xk9AaA9o.roa
Signing time:             Fri 26 Jul 2024 07:57:04 +0000
ROA not before:           Fri 26 Jul 2024 07:57:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43700
IP address blocks:        31.172.224.0/22 maxlen: 22
                          31.172.224.0/23 maxlen: 23
                          31.172.226.0/23 maxlen: 23
                          45.84.244.0/22 maxlen: 22
                          45.84.244.0/23 maxlen: 23
                          78.158.0.0/19 maxlen: 19
                          78.158.0.0/20 maxlen: 20
                          78.158.16.0/20 maxlen: 20
                          95.215.140.0/22 maxlen: 22
                          95.215.140.0/23 maxlen: 23
                          95.215.142.0/23 maxlen: 23
                          185.246.240.0/22 maxlen: 22
                          185.246.240.0/23 maxlen: 23
                          185.246.242.0/23 maxlen: 23
                          185.252.108.0/22 maxlen: 22
                          185.252.108.0/23 maxlen: 23
                          185.252.110.0/23 maxlen: 23
                          185.252.204.0/22 maxlen: 22
                          185.252.204.0/23 maxlen: 23
                          185.252.206.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 06 Aug 2024 06:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:ee:0b:1f:e2:46:b7:0a:ff:fc:e0:01:e8:4a:cc:2f:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
        Validity
            Not Before: Jul 26 07:57:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ea22fd4ae46b5a31b075560731ddb193d01a03da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:4d:2e:7b:08:20:f1:96:a3:53:47:23:c7:ef:
                    e6:6b:bf:97:32:a2:89:71:92:39:15:13:13:f8:48:
                    9d:6c:4c:ed:05:d6:7b:ef:06:cb:0f:94:aa:56:7a:
                    6a:e7:7e:9c:47:be:eb:11:13:5c:41:07:73:04:a8:
                    cc:de:28:e6:1b:50:f8:18:bd:a5:3f:39:82:8b:a8:
                    81:5f:52:9d:7a:f6:f5:0c:4c:1d:9a:49:58:23:66:
                    85:38:5f:a9:44:23:c5:03:53:45:63:70:5f:04:5f:
                    bf:d9:34:18:bf:00:99:20:31:98:7f:25:09:a6:62:
                    bb:11:b5:7a:fd:9b:fe:9a:f4:33:bc:e9:24:f8:fa:
                    3a:f3:68:8c:22:13:7c:62:fd:52:d5:0b:ce:34:54:
                    49:af:ab:f3:7c:22:97:42:ce:62:63:ef:1d:21:69:
                    44:8d:61:14:b3:f8:2e:6c:dd:c2:a6:42:63:4e:cb:
                    fc:08:5c:05:54:07:3a:7a:47:a9:e1:1d:33:91:55:
                    eb:4d:55:99:05:da:ba:b7:d0:6c:e7:8f:23:04:53:
                    6a:7c:00:b7:9f:8a:81:cc:70:de:07:eb:a6:30:75:
                    72:72:f5:81:17:06:06:46:71:31:a8:32:5c:67:cc:
                    29:57:32:bf:b7:cf:be:f7:e3:13:7a:74:4c:e2:5c:
                    bf:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:22:FD:4A:E4:6B:5A:31:B0:75:56:07:31:DD:B1:93:D0:1A:03:DA
            X509v3 Authority Key Identifier:
                keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/6iL9SuRrWjGwdVYHMd2xk9AaA9o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.172.224.0/22
                  45.84.244.0/22
                  78.158.0.0/19
                  95.215.140.0/22
                  185.246.240.0/22
                  185.252.108.0/22
                  185.252.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:3c:6c:18:ea:9f:5a:62:10:58:9b:3e:ad:40:8b:de:88:62:
         26:ab:86:19:a5:ae:36:34:b3:b9:dc:71:78:73:1d:84:6a:f8:
         31:14:ef:27:9c:b5:67:9f:60:46:ae:28:7a:fd:52:e0:2f:36:
         de:77:48:d2:97:d4:f9:13:dd:92:f3:29:ca:be:48:ec:85:22:
         a9:3b:69:2b:64:51:53:a8:58:09:3a:57:a4:21:e5:d5:82:3a:
         5d:2f:ec:1d:13:43:08:c0:f4:18:a2:ad:56:04:ee:a1:87:6a:
         0f:79:a3:94:58:68:8a:61:5e:79:35:c0:ee:6f:fb:79:06:d4:
         d3:3b:7f:de:03:45:96:d5:b1:f7:74:bf:bc:22:49:d5:c3:67:
         c8:ba:cb:e9:03:59:aa:ed:78:c3:36:bf:fd:a3:44:c8:c0:f7:
         b9:18:30:f8:24:da:37:57:4e:5e:e5:85:87:22:29:cb:bf:1d:
         60:87:6b:14:df:0f:9a:2c:0e:bc:ac:d2:3e:f3:4a:a9:bf:83:
         a2:5f:a4:bb:fb:d4:4c:33:23:f1:30:e3:14:51:65:7a:b0:87:
         5d:c3:45:bf:f1:36:55:04:ce:ce:47:16:a1:b8:7a:c3:b4:4a:
         5c:c3:29:63:aa:ad:b8:f6:13:dd:b9:e4:aa:b8:16:2d:fc:7e:
         81:64:cc:06
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZDuCx/iRrcK//zgAehKzC/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjQwNzI2MDc1NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTIyZmQ0YWU0NmI1YTMxYjA3NTU2MDczMWRkYjE5M2QwMWEwM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk0uewgg8ZajU0cjx+/ma7+XMqKJ
cZI5FRMT+EidbEztBdZ77wbLD5SqVnpq536cR77rERNcQQdzBKjM3ijmG1D4GL2l
PzmCi6iBX1Kdevb1DEwdmklYI2aFOF+pRCPFA1NFY3BfBF+/2TQYvwCZIDGYfyUJ
pmK7EbV6/Zv+mvQzvOkk+Po682iMIhN8Yv1S1QvONFRJr6vzfCKXQs5iY+8dIWlE
jWEUs/gubN3CpkJjTsv8CFwFVAc6ekep4R0zkVXrTVWZBdq6t9Bs548jBFNqfAC3
n4qBzHDeB+umMHVycvWBFwYGRnExqDJcZ8wpVzK/t8++9+MTenRM4ly/GwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOoi/Urka1oxsHVWBzHdsZPQGgPaMB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvNmlMOVN1UnJXakd3ZFZZSE1kMnhrOUFhQTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCH6zgAwQC
LVT0AwQFTp4AAwQCX9eMAwQCufbwAwQCufxsAwQCufzMMA0GCSqGSIb3DQEBCwUA
A4IBAQBFPGwY6p9aYhBYmz6tQIveiGImq4YZpa42NLO53HF4cx2EavgxFO8nnLVn
n2BGrih6/VLgLzbed0jSl9T5E92S8ynKvkjshSKpO2krZFFTqFgJOlekIeXVgjpd
L+wdE0MIwPQYoq1WBO6hh2oPeaOUWGiKYV55NcDub/t5BtTTO3/eA0WW1bH3dL+8
IknVw2fIusvpA1mq7XjDNr/9o0TIwPe5GDD4JNo3V05e5YWHIinLvx1gh2sU3w+a
LA68rNI+80qpv4OiX6S7+9RMMyPxMOMUUWV6sIddw0W/8TZVBM7ORxahuHrDtEpc
wyljqq249hPdueSquBYt/H6BZMwG
-----END CERTIFICATE-----