Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/VtiBROakMyRCjQFGKrtmFN0HdjQ.roa
File:                     VtiBROakMyRCjQFGKrtmFN0HdjQ.roa (raw, json)
Hash identifier:          nnDRJogc+TF16r9wlRNuuRBH80BpUPeXM/7H3kKpLYI=
Subject key identifier:   56:D8:81:44:E6:A4:33:24:42:8D:01:46:2A:BB:66:14:DD:07:76:34
Certificate issuer:       /CN=80615315dc750c03e60fc36a750c5e3ff66eac94
Certificate serial:       018C90D96FEEEABD9759B230F73CF39D0F17
Authority key identifier: 80:61:53:15:DC:75:0C:03:E6:0F:C3:6A:75:0C:5E:3F:F6:6E:AC:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/VtiBROakMyRCjQFGKrtmFN0HdjQ.roa
Signing time:             Fri 22 Dec 2023 09:26:58 +0000
ROA not before:           Fri 22 Dec 2023 09:26:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199669
IP address blocks:        185.195.170.0/23 maxlen: 24
                          91.109.200.0/21 maxlen: 24
                          46.29.118.0/23 maxlen: 24
                          185.10.44.0/24 maxlen: 24
                          185.10.44.0/22 maxlen: 24
                          185.71.196.0/22 maxlen: 24
                          2a03:ec0::/48 maxlen: 64
                          2a03:ec0:1::/48 maxlen: 64

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:90:d9:6f:ee:ea:bd:97:59:b2:30:f7:3c:f3:9d:0f:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80615315dc750c03e60fc36a750c5e3ff66eac94
        Validity
            Not Before: Dec 22 09:26:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=56d88144e6a43324428d01462abb6614dd077634
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e9:81:be:42:70:15:90:9c:b5:eb:e5:98:76:
                    08:35:a9:06:f4:d1:c1:5e:76:b2:dd:ff:86:9a:ba:
                    ca:50:b5:78:65:3b:a0:ec:ab:0f:59:22:dd:52:13:
                    00:a2:75:99:33:f4:6d:57:cf:2c:1a:7a:a9:15:f1:
                    cc:de:ab:ab:d9:e1:a1:56:98:f7:a1:8b:c7:30:86:
                    74:94:9f:11:e9:d6:85:57:91:97:d1:77:24:03:90:
                    3a:5d:ff:a7:cf:71:92:fc:8a:76:e2:6d:04:25:f1:
                    42:0d:25:df:55:a6:79:b4:2d:80:96:94:0a:53:99:
                    66:a5:f3:fb:1e:a4:55:e4:39:87:43:05:88:85:ae:
                    b1:06:c9:e0:7c:68:b7:33:fa:83:7a:65:49:0d:e2:
                    79:11:aa:c7:f5:d2:ca:83:2a:00:ef:47:fd:44:82:
                    cc:2c:61:69:16:4a:06:69:9e:ab:af:81:eb:bd:33:
                    87:55:a3:93:e9:20:53:30:99:d5:8a:c3:3f:cf:34:
                    87:c1:98:18:81:fd:88:e8:0b:dd:76:8b:a4:32:b4:
                    7a:fe:45:91:fe:b5:21:3c:e8:74:1e:2f:6f:20:c1:
                    69:a6:b8:c8:7b:58:84:67:2d:de:a1:d4:ae:60:87:
                    ba:89:09:10:a2:dc:81:8e:fa:c7:97:33:9f:cd:10:
                    6d:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:D8:81:44:E6:A4:33:24:42:8D:01:46:2A:BB:66:14:DD:07:76:34
            X509v3 Authority Key Identifier:
                keyid:80:61:53:15:DC:75:0C:03:E6:0F:C3:6A:75:0C:5E:3F:F6:6E:AC:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/VtiBROakMyRCjQFGKrtmFN0HdjQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.29.118.0/23
                  91.109.200.0/21
                  185.10.44.0/22
                  185.71.196.0/22
                  185.195.170.0/23
                IPv6:
                  2a03:ec0::/47

    Signature Algorithm: sha256WithRSAEncryption
         54:5d:f1:08:12:dc:c9:4b:30:e9:6a:18:aa:e0:b4:48:ef:ac:
         f2:24:e1:e4:fb:25:eb:31:db:5a:e5:e1:e8:57:44:3f:41:e0:
         fb:c7:b0:d4:ed:40:bd:90:18:d3:08:ae:5e:83:1c:a3:97:6d:
         d2:48:71:12:f1:5c:c2:a6:bd:c7:95:06:56:ad:4c:95:23:09:
         61:d5:ca:ad:c2:7e:83:66:f5:82:e9:cd:07:e9:62:28:08:d9:
         45:a2:29:ec:aa:f1:72:cf:02:d1:43:a4:cc:ce:61:c7:97:09:
         a5:03:45:c3:78:ca:b1:7a:49:49:99:1c:69:e3:56:21:b9:f8:
         85:cb:1c:dc:8d:cb:9f:1b:96:c0:db:cd:89:19:4b:f8:42:5f:
         72:f8:7f:79:aa:55:7f:9f:40:90:30:76:10:09:85:e6:fe:50:
         d7:53:5d:35:7d:6c:1c:03:7b:b6:04:79:4d:3a:33:ff:e5:43:
         92:e7:be:0b:85:9c:ba:22:6f:28:cb:bf:51:bd:62:74:78:06:
         49:6b:89:4e:1a:50:62:68:43:09:b7:d2:ba:5e:0b:0b:1e:20:
         4b:69:39:c9:24:fd:35:72:74:a6:85:f3:e4:64:89:f4:bd:ad:
         61:95:4d:30:18:d4:7e:57:e2:c6:be:b2:df:7d:6a:49:8c:56:
         e7:15:56:81
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYyQ2W/u6r2XWbIw9zzznQ8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNjE1MzE1ZGM3NTBjMDNlNjBmYzM2YTc1MGM1ZTNmZjY2
ZWFjOTQwHhcNMjMxMjIyMDkyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmQ4ODE0NGU2YTQzMzI0NDI4ZDAxNDYyYWJiNjYxNGRkMDc3NjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqemBvkJwFZCctevlmHYINakG9NHB
Xnay3f+GmrrKULV4ZTug7KsPWSLdUhMAonWZM/RtV88sGnqpFfHM3qur2eGhVpj3
oYvHMIZ0lJ8R6daFV5GX0XckA5A6Xf+nz3GS/Ip24m0EJfFCDSXfVaZ5tC2AlpQK
U5lmpfP7HqRV5DmHQwWIha6xBsngfGi3M/qDemVJDeJ5EarH9dLKgyoA70f9RILM
LGFpFkoGaZ6rr4HrvTOHVaOT6SBTMJnVisM/zzSHwZgYgf2I6AvddoukMrR6/kWR
/rUhPOh0Hi9vIMFpprjIe1iEZy3eodSuYIe6iQkQotyBjvrHlzOfzRBtVQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFbYgUTmpDMkQo0BRiq7ZhTdB3Y0MB8GA1UdIwQY
MBaAFIBhUxXcdQwD5g/DanUMXj/2bqyUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0dGVEZkeDFEQVBtRDhOcWRReGVQX1p1ckpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kZTg0Y2UtZDcwNC00NzY2LWEzODgt
ZjhlNWIyZDg2ODBjLzEvVnRpQlJPYWtNeVJDalFGR0tydG1GTjBIZGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kZTg0Y2UtZDcwNC00NzY2LWEzODgtZjhlNWIyZDg2ODBj
LzEvZ0dGVEZkeDFEQVBtRDhOcWRReGVQX1p1ckpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBLh12AwQD
W23IAwQCuQosAwQCuUfEAwQBucOqMA8EAgACMAkDBwEqAw7AAAAwDQYJKoZIhvcN
AQELBQADggEBAFRd8QgS3MlLMOlqGKrgtEjvrPIk4eT7Jesx21rl4ehXRD9B4PvH
sNTtQL2QGNMIrl6DHKOXbdJIcRLxXMKmvceVBlatTJUjCWHVyq3CfoNm9YLpzQfp
YigI2UWiKeyq8XLPAtFDpMzOYceXCaUDRcN4yrF6SUmZHGnjViG5+IXLHNyNy58b
lsDbzYkZS/hCX3L4f3mqVX+fQJAwdhAJheb+UNdTXTV9bBwDe7YEeU06M//lQ5Ln
vguFnLoibyjLv1G9YnR4BklriU4aUGJoQwm30rpeCwseIEtpOckk/TVydKaF8+Rk
ifS9rWGVTTAY1H5X4sa+st99akmMVucVVoE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:59 2024 by rpki-client on console-ams.rpki-client.org