Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/kKp95s5xGWiDwshI81USL3nJ8fU.roa
File:                     kKp95s5xGWiDwshI81USL3nJ8fU.roa (raw, json)
Hash identifier:          tehat4PzqNWL6ZUo/bI7MIA7U376hwQzrE3nEINnpbg=
Subject key identifier:   90:AA:7D:E6:CE:71:19:68:83:C2:C8:48:F3:55:12:2F:79:C9:F1:F5
Certificate issuer:       /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial:       0185C40DD9FC02ED4F24875739C8536A7CE2
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/kKp95s5xGWiDwshI81USL3nJ8fU.roa
Signing time:             Wed 18 Jan 2023 08:45:20 +0000
ROA not before:           Wed 18 Jan 2023 08:45:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1820
IP address blocks:        185.170.192.0/22 maxlen: 32
                          195.66.93.0/24 maxlen: 32
                          91.226.1.0/24 maxlen: 32
                          185.45.244.0/22 maxlen: 32
                          193.16.47.0/24 maxlen: 32
                          2a13:8800::/29 maxlen: 64

Validation:               Failed, certificate revoked on Fri 08 Dec 2023 10:41:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:c4:0d:d9:fc:02:ed:4f:24:87:57:39:c8:53:6a:7c:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
        Validity
            Not Before: Jan 18 08:45:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=90aa7de6ce71196883c2c848f355122f79c9f1f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:9f:78:75:6f:74:2a:b3:89:d3:73:1d:d2:b8:
                    6f:3d:be:53:65:ea:a6:37:8e:55:cf:d7:d2:b5:b0:
                    e7:94:82:4a:bc:cc:71:cb:3d:98:5b:6f:91:7c:78:
                    06:77:fd:ea:dd:f3:ec:e8:4e:55:a6:ca:b8:4b:ba:
                    1c:05:e7:15:de:53:fe:f5:6b:e4:e2:6e:f3:0d:0d:
                    92:fc:55:5b:b4:19:1c:a8:ac:80:20:0c:b2:60:fd:
                    34:72:d0:21:87:76:0a:cb:42:0a:e6:67:8a:f1:38:
                    d2:2a:bf:46:3d:fd:38:0f:38:a2:eb:a5:9d:99:f0:
                    9c:f8:43:bb:10:2e:04:a1:18:2e:c9:51:59:74:4f:
                    a7:20:85:cb:9e:16:db:51:37:0e:49:e9:a8:8c:bf:
                    56:6f:5a:f3:53:e1:f2:cc:05:19:1f:ce:98:3d:5e:
                    29:54:81:9f:74:88:7f:bf:0b:ee:8d:ee:31:70:ff:
                    bb:d5:b8:96:4d:b2:a8:ea:6b:0f:ed:1b:c6:a2:8e:
                    4e:24:f0:0b:32:6f:3b:5d:fc:ce:c5:25:ba:75:e8:
                    ad:f7:87:a1:79:60:d3:fe:17:d4:02:dc:6e:c4:09:
                    c3:bf:87:b1:4e:3d:a5:24:59:b6:67:3c:1c:c9:b2:
                    f5:36:39:7d:40:1b:ad:d4:05:3b:52:12:b3:5e:65:
                    1e:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:AA:7D:E6:CE:71:19:68:83:C2:C8:48:F3:55:12:2F:79:C9:F1:F5
            X509v3 Authority Key Identifier:
                keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/kKp95s5xGWiDwshI81USL3nJ8fU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.226.1.0/24
                  185.45.244.0/22
                  185.170.192.0/22
                  193.16.47.0/24
                  195.66.93.0/24
                IPv6:
                  2a13:8800::/29

    Signature Algorithm: sha256WithRSAEncryption
         23:02:b3:0c:4d:cb:70:df:56:e7:f0:37:55:34:e1:24:d2:f3:
         2d:41:e4:13:f7:30:1e:89:16:0b:05:be:66:cb:df:55:57:56:
         f9:83:43:5e:e5:6b:69:34:7d:3a:b9:f6:c5:a7:d3:a6:b4:12:
         24:11:21:62:5b:11:15:a6:9b:1e:28:ac:4a:d4:87:41:a4:4f:
         1f:62:ef:0f:6d:65:8d:fa:fa:c9:9a:87:29:bb:77:5a:db:a0:
         6e:d7:ad:d6:b1:95:c7:f4:c6:40:09:4a:2e:86:db:2b:1c:0f:
         eb:ca:14:5c:d6:31:8d:19:ed:d0:9d:24:49:70:41:0c:b8:eb:
         67:03:b9:96:36:95:10:15:ad:f3:20:60:23:2a:11:3e:ac:8c:
         3a:3e:28:f0:8b:3f:55:9d:8e:ae:9d:14:dd:0c:05:6e:12:5f:
         b9:1e:be:1f:ee:16:26:dc:fc:fe:11:3e:d5:f5:43:d2:5f:91:
         4a:88:7a:63:58:52:7c:25:0d:0a:9e:c2:56:a9:d0:d1:13:62:
         5a:ea:6d:4e:36:d5:c5:c8:9c:0c:f2:eb:0f:82:40:8f:73:42:
         14:d6:ee:91:98:f6:9e:79:42:54:bf:ef:86:89:0a:f9:2c:f0:
         13:22:f4:53:a6:23:d7:4b:05:55:1b:d5:f7:24:7c:5d:30:11:
         fa:9d:19:c9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYXEDdn8Au1PJIdXOchTanziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjMwMTE4MDg0NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGFhN2RlNmNlNzExOTY4ODNjMmM4NDhmMzU1MTIyZjc5YzlmMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ94dW90KrOJ03Md0rhvPb5TZeqm
N45Vz9fStbDnlIJKvMxxyz2YW2+RfHgGd/3q3fPs6E5Vpsq4S7ocBecV3lP+9Wvk
4m7zDQ2S/FVbtBkcqKyAIAyyYP00ctAhh3YKy0IK5meK8TjSKr9GPf04Dzii66Wd
mfCc+EO7EC4EoRguyVFZdE+nIIXLnhbbUTcOSemojL9Wb1rzU+HyzAUZH86YPV4p
VIGfdIh/vwvuje4xcP+71biWTbKo6msP7RvGoo5OJPALMm87XfzOxSW6deit94eh
eWDT/hfUAtxuxAnDv4exTj2lJFm2ZzwcybL1Njl9QBut1AU7UhKzXmUeTwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJCqfebOcRlog8LISPNVEi95yfH1MB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEva0twOTVzNXhHV2lEd3NoSTgxVVNMM25KOGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW+IBAwQC
uS30AwQCuarAAwQAwRAvAwQAw0JdMA0EAgACMAcDBQMqE4gAMA0GCSqGSIb3DQEB
CwUAA4IBAQAjArMMTctw31bn8DdVNOEk0vMtQeQT9zAeiRYLBb5my99VV1b5g0Ne
5WtpNH06ufbFp9OmtBIkESFiWxEVppseKKxK1IdBpE8fYu8PbWWN+vrJmocpu3da
26Bu163WsZXH9MZACUouhtsrHA/ryhRc1jGNGe3QnSRJcEEMuOtnA7mWNpUQFa3z
IGAjKhE+rIw6Pijwiz9VnY6unRTdDAVuEl+5Hr4f7hYm3Pz+ET7V9UPSX5FKiHpj
WFJ8JQ0KnsJWqdDRE2Ja6m1ONtXFyJwM8usPgkCPc0IU1u6RmPaeeUJUv++GiQr5
LPATIvRTpiPXSwVVG9X3JHxdMBH6nRnJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:46 2024 by rpki-client on console-fra.rpki-client.org