Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/VVuA_ua0Cx8AYkBkYcv50B9kuAQ.roa
File:                     VVuA_ua0Cx8AYkBkYcv50B9kuAQ.roa (raw, json)
Hash identifier:          8Gb5WQKOuADPB7mx+nEsEjP41njj3cwyeTel7j1ov9c=
Subject key identifier:   55:5B:80:FE:E6:B4:0B:1F:00:62:40:64:61:CB:F9:D0:1F:64:B8:04
Certificate issuer:       /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial:       01857094E9C463360A583F6AC9FEA3B5A04D
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/VVuA_ua0Cx8AYkBkYcv50B9kuAQ.roa
Signing time:             Mon 02 Jan 2023 03:44:45 +0000
ROA not before:           Mon 02 Jan 2023 03:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25255
IP address blocks:        46.220.0.0/16 maxlen: 16
                          91.141.0.0/20 maxlen: 20
                          91.141.0.0/17 maxlen: 17
                          194.24.128.0/19 maxlen: 19
                          178.112.0.0/14 maxlen: 14
                          178.115.128.0/20 maxlen: 20
                          94.245.192.0/18 maxlen: 18
                          77.116.0.0/14 maxlen: 14
                          77.119.128.0/20 maxlen: 20
                          213.94.64.0/21 maxlen: 21
                          109.126.64.0/18 maxlen: 18
                          213.94.64.0/18 maxlen: 18
                          213.94.78.0/24 maxlen: 24
                          213.94.77.0/24 maxlen: 24
                          91.141.32.0/19 maxlen: 19
                          91.141.64.0/20 maxlen: 20
                          81.3.192.0/18 maxlen: 18
                          213.94.79.0/24 maxlen: 24
                          213.94.80.0/22 maxlen: 22
                          77.119.160.0/20 maxlen: 20
                          213.94.96.0/21 maxlen: 21
                          213.94.95.0/24 maxlen: 24
                          77.119.192.0/19 maxlen: 19
                          178.165.192.0/20 maxlen: 20
                          178.115.64.0/20 maxlen: 20
                          178.165.128.0/17 maxlen: 17
                          178.165.128.0/20 maxlen: 20
                          178.165.160.0/19 maxlen: 19
                          178.115.32.0/19 maxlen: 19
                          2a02:2861::/32 maxlen: 32
                          2a02:2864::/30 maxlen: 30

Validation:               Failed, certificate revoked on Thu 17 Aug 2023 09:55:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:94:e9:c4:63:36:0a:58:3f:6a:c9:fe:a3:b5:a0:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
        Validity
            Not Before: Jan  2 03:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=555b80fee6b40b1f0062406461cbf9d01f64b804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:ac:6a:00:74:19:9b:22:77:18:17:93:4c:70:
                    e4:4a:a8:18:b5:d4:ee:77:97:11:2b:f5:68:c2:d6:
                    00:02:ef:a5:c3:35:a9:05:5d:05:85:9a:5b:a8:eb:
                    65:e6:01:37:81:cc:c0:cc:63:cb:b9:44:b2:43:bb:
                    49:96:3e:6a:e8:60:96:92:2c:b7:80:08:d9:e9:92:
                    2c:1e:ec:51:75:a2:d1:3d:36:78:cd:0f:97:89:c5:
                    52:d2:6e:7a:b6:97:2e:38:28:44:bc:c4:7b:80:94:
                    8f:bf:43:b1:15:a1:28:13:48:ee:79:cd:37:30:f7:
                    d8:e3:a6:ac:ca:af:16:3a:85:38:28:c6:8c:57:fb:
                    74:f9:32:89:77:73:2e:80:5b:a2:a3:18:80:f2:9e:
                    cd:de:77:3a:ca:fe:7d:ee:61:0a:ec:78:d9:6c:df:
                    75:2f:25:46:db:79:02:a5:b5:14:de:93:5f:8e:a0:
                    c5:d9:86:e1:a6:eb:0b:60:8e:3c:89:6b:3c:aa:60:
                    81:a6:30:3a:be:84:47:cb:c7:9d:6c:ef:dc:bb:0a:
                    f2:30:22:a5:67:32:9b:82:9f:4c:83:88:ac:5f:84:
                    71:ad:ff:14:d2:2e:16:b2:fa:08:7b:e8:e9:d3:82:
                    0f:a3:2c:6b:d5:fc:78:b6:a1:a4:f6:4b:0c:d6:54:
                    b1:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:5B:80:FE:E6:B4:0B:1F:00:62:40:64:61:CB:F9:D0:1F:64:B8:04
            X509v3 Authority Key Identifier:
                keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/VVuA_ua0Cx8AYkBkYcv50B9kuAQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.220.0.0/16
                  77.116.0.0/14
                  81.3.192.0/18
                  91.141.0.0/17
                  94.245.192.0/18
                  109.126.64.0/18
                  178.112.0.0/14
                  178.165.128.0/17
                  194.24.128.0/19
                  213.94.64.0/18
                IPv6:
                  2a02:2861::/32
                  2a02:2864::/30

    Signature Algorithm: sha256WithRSAEncryption
         6f:55:16:fe:44:65:98:1f:49:b2:91:84:c8:82:bc:c5:4a:9c:
         7e:ec:b4:95:f6:6e:1b:ca:de:6d:32:45:92:1f:8f:9e:83:30:
         52:d0:44:3c:e1:5a:f7:45:15:c7:66:77:50:26:bf:ac:fe:71:
         37:c5:b0:c2:92:db:95:9f:0a:8f:4a:e0:06:b9:f9:83:b7:7a:
         8e:d7:b4:44:02:4a:93:04:30:dc:40:41:92:8d:51:48:31:34:
         85:18:b9:e6:3c:79:e2:0d:d6:3e:dd:81:d1:3c:be:31:c4:5f:
         08:c2:2d:7c:3c:50:f1:03:60:ba:ba:88:72:11:51:d1:38:39:
         91:29:97:f8:72:31:bf:52:59:a6:f2:0a:e9:10:7e:ff:3f:8a:
         44:e8:e8:bf:54:94:b0:db:61:81:f6:2c:05:d5:cd:6c:53:eb:
         82:2b:db:ca:35:59:28:5d:18:ee:a8:b7:51:34:2f:e1:4d:c0:
         c5:c6:18:49:58:4a:ac:ec:74:8e:c6:d5:52:f6:8b:2f:fc:d4:
         28:95:e9:fc:e6:c7:66:1f:34:df:74:ac:5a:b4:cf:36:46:13:
         0f:af:fe:f0:19:16:3f:0c:da:eb:33:bb:0d:fd:40:54:bc:c5:
         9e:2e:c8:02:9d:3f:fb:7c:4e:93:18:2b:ca:b1:28:b9:3c:c8:
         24:bd:88:dd
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYVwlOnEYzYKWD9qyf6jtaBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjMwMTAyMDM0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTViODBmZWU2YjQwYjFmMDA2MjQwNjQ2MWNiZjlkMDFmNjRiODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6xqAHQZmyJ3GBeTTHDkSqgYtdTu
d5cRK/VowtYAAu+lwzWpBV0FhZpbqOtl5gE3gczAzGPLuUSyQ7tJlj5q6GCWkiy3
gAjZ6ZIsHuxRdaLRPTZ4zQ+XicVS0m56tpcuOChEvMR7gJSPv0OxFaEoE0juec03
MPfY46asyq8WOoU4KMaMV/t0+TKJd3MugFuioxiA8p7N3nc6yv597mEK7HjZbN91
LyVG23kCpbUU3pNfjqDF2YbhpusLYI48iWs8qmCBpjA6voRHy8edbO/cuwryMCKl
ZzKbgp9Mg4isX4Rxrf8U0i4WsvoIe+jp04IPoyxr1fx4tqGk9ksM1lSxNwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFFVbgP7mtAsfAGJAZGHL+dAfZLgEMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvVlZ1QV91YTBDeDhBWWtCa1ljdjUwQjlrdUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzA/BAIAATA5AwMALtwDAwJN
dAMEBlEDwAMEB1uNAAMEBl71wAMEBm1+QAMDArJwAwQHsqWAAwQFwhiAAwQG1V5A
MBQEAgACMA4DBQAqAihhAwUCKgIoZDANBgkqhkiG9w0BAQsFAAOCAQEAb1UW/kRl
mB9JspGEyIK8xUqcfuy0lfZuG8rebTJFkh+PnoMwUtBEPOFa90UVx2Z3UCa/rP5x
N8WwwpLblZ8Kj0rgBrn5g7d6jte0RAJKkwQw3EBBko1RSDE0hRi55jx54g3WPt2B
0Ty+McRfCMItfDxQ8QNgurqIchFR0Tg5kSmX+HIxv1JZpvIK6RB+/z+KROjov1SU
sNthgfYsBdXNbFPrgivbyjVZKF0Y7qi3UTQv4U3AxcYYSVhKrOx0jsbVUvaLL/zU
KJXp/ObHZh8033SsWrTPNkYTD6/+8BkWPwza6zO7Df1AVLzFni7IAp0/+3xOkxgr
yrEouTzIJL2I3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:17 2024 by rpki-client on console-fra.rpki-client.org