Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/K6nIz_FtFIsXPCg4B1EAhBq4x8I.roa
File:                     K6nIz_FtFIsXPCg4B1EAhBq4x8I.roa (raw, json)
Hash identifier:          OzYS+QNwQISCusfLFt3NFMbJR89XA4V6XhG+1ty597Y=
Subject key identifier:   2B:A9:C8:CF:F1:6D:14:8B:17:3C:28:38:07:51:00:84:1A:B8:C7:C2
Certificate issuer:       /CN=de37812bd45273ea3b2a53d9e96f6dba215826f3
Certificate serial:       018571278C55DC895802A6479065A5BB59AD
Authority key identifier: DE:37:81:2B:D4:52:73:EA:3B:2A:53:D9:E9:6F:6D:BA:21:58:26:F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/K6nIz_FtFIsXPCg4B1EAhBq4x8I.roa
Signing time:             Mon 02 Jan 2023 06:24:55 +0000
ROA not before:           Mon 02 Jan 2023 06:24:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12748
IP address blocks:        185.225.140.0/22 maxlen: 22
                          45.137.56.0/22 maxlen: 22
                          193.104.216.0/24 maxlen: 24
                          194.31.198.0/24 maxlen: 24
                          2a0d:d400::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 03 Apr 2023 15:48:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:27:8c:55:dc:89:58:02:a6:47:90:65:a5:bb:59:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de37812bd45273ea3b2a53d9e96f6dba215826f3
        Validity
            Not Before: Jan  2 06:24:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2ba9c8cff16d148b173c2838075100841ab8c7c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:4b:7b:ca:4a:6b:61:33:d6:6b:a7:8e:cb:ea:
                    48:d0:25:14:d9:de:10:1b:a4:a7:77:75:17:df:0b:
                    38:3a:d4:a5:67:d9:c2:8a:c9:66:67:3d:d2:5a:12:
                    b0:b9:38:5d:c9:6f:c8:55:dc:5e:14:3b:e7:56:53:
                    4f:9f:24:61:f5:61:01:02:ee:d3:56:1e:ff:2d:44:
                    bb:76:43:9f:5e:11:e0:e1:56:70:3d:48:68:84:7d:
                    f4:5b:e2:55:1d:84:94:8b:06:62:00:e4:a7:14:05:
                    da:6b:d2:32:ad:fe:fd:70:8a:2e:d3:83:be:4f:f6:
                    c3:92:8c:f2:44:3d:e6:cf:5c:d2:d9:ba:18:30:25:
                    4d:8f:5c:c1:70:2f:db:68:95:f2:e3:8a:d1:7b:7c:
                    25:3a:38:ce:fa:9f:77:aa:ec:7d:4d:13:79:14:08:
                    be:78:1a:ec:9c:e0:54:95:fb:01:54:22:fb:93:56:
                    c4:94:f1:d5:44:9f:f4:d1:0b:1d:6f:50:b5:75:cf:
                    17:03:01:d5:59:f1:ef:b5:58:b6:e5:c2:ef:9f:27:
                    4d:45:63:18:20:3a:a7:08:ec:45:86:a3:ca:c5:48:
                    c6:ae:da:4b:23:da:4d:8b:d9:98:a2:f8:ab:bf:5b:
                    98:38:ce:3e:2a:51:6f:99:70:60:6d:90:08:d1:8e:
                    4a:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:A9:C8:CF:F1:6D:14:8B:17:3C:28:38:07:51:00:84:1A:B8:C7:C2
            X509v3 Authority Key Identifier:
                keyid:DE:37:81:2B:D4:52:73:EA:3B:2A:53:D9:E9:6F:6D:BA:21:58:26:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/K6nIz_FtFIsXPCg4B1EAhBq4x8I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.56.0/22
                  185.225.140.0/22
                  193.104.216.0/24
                  194.31.198.0/24
                IPv6:
                  2a0d:d400::/29

    Signature Algorithm: sha256WithRSAEncryption
         3f:34:ad:ed:fb:8e:e8:9c:bf:1d:43:51:33:2c:98:ae:dc:85:
         3c:55:ce:8e:f4:87:90:64:c1:05:64:bb:9e:75:71:9c:88:8f:
         02:e2:10:e9:c2:ca:dd:6a:9d:c3:75:6c:3f:31:46:0d:3a:d5:
         1e:48:2d:8a:83:82:ea:6a:89:4f:be:e8:2d:60:f1:80:cd:7b:
         d8:2d:e4:e2:b4:2c:5a:c4:95:31:d9:5c:fd:a9:96:36:e1:9e:
         e6:59:04:f9:ad:6c:0d:42:22:d2:e5:78:50:76:c7:ed:84:1d:
         4a:16:6d:cf:31:a4:c9:1d:4f:d9:33:b5:bf:59:5b:ab:22:3c:
         50:67:14:a1:55:9d:60:cc:0b:ef:d9:8e:3e:0c:91:31:17:4d:
         ca:29:cb:88:5d:e5:9a:37:cf:da:7d:c0:e6:11:c1:51:58:2c:
         72:97:04:0a:a6:fe:91:be:4e:ec:90:e8:5a:a1:ab:30:ea:ec:
         e8:7a:43:a5:47:ff:dd:f3:6b:b0:ad:01:03:33:15:f7:01:c7:
         0e:92:cb:4b:07:a8:5e:a7:4f:97:06:d0:37:e0:4a:4c:8d:f6:
         a6:ca:cf:98:e0:33:a7:0a:f1:13:1d:89:86:e9:3e:51:33:44:
         b6:35:fd:37:d5:90:48:66:87:20:70:ca:86:45:7e:cc:33:a6:
         09:ed:a5:dd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxJ4xV3IlYAqZHkGWlu1mtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMzc4MTJiZDQ1MjczZWEzYjJhNTNkOWU5NmY2ZGJhMjE1
ODI2ZjMwHhcNMjMwMTAyMDYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmE5YzhjZmYxNmQxNDhiMTczYzI4MzgwNzUxMDA4NDFhYjhjN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUt7ykprYTPWa6eOy+pI0CUU2d4Q
G6Snd3UX3ws4OtSlZ9nCislmZz3SWhKwuThdyW/IVdxeFDvnVlNPnyRh9WEBAu7T
Vh7/LUS7dkOfXhHg4VZwPUhohH30W+JVHYSUiwZiAOSnFAXaa9Iyrf79cIou04O+
T/bDkozyRD3mz1zS2boYMCVNj1zBcC/baJXy44rRe3wlOjjO+p93qux9TRN5FAi+
eBrsnOBUlfsBVCL7k1bElPHVRJ/00Qsdb1C1dc8XAwHVWfHvtVi25cLvnydNRWMY
IDqnCOxFhqPKxUjGrtpLI9pNi9mYovirv1uYOM4+KlFvmXBgbZAI0Y5KZQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCupyM/xbRSLFzwoOAdRAIQauMfCMB8GA1UdIwQY
MBaAFN43gSvUUnPqOypT2elvbbohWCbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2plQks5UlNjLW83S2xQWjZXOXR1aUZZSnZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iMjZjNDQtOWQxNi00YzNkLTlmMWQt
YWY2NDZjOGY0YWY2LzEvSzZuSXpfRnRGSXNYUENnNEIxRUFoQnE0eDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iMjZjNDQtOWQxNi00YzNkLTlmMWQtYWY2NDZjOGY0YWY2
LzEvM2plQks5UlNjLW83S2xQWjZXOXR1aUZZSnZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLYk4AwQC
ueGMAwQAwWjYAwQAwh/GMA0EAgACMAcDBQMqDdQAMA0GCSqGSIb3DQEBCwUAA4IB
AQA/NK3t+47onL8dQ1EzLJiu3IU8Vc6O9IeQZMEFZLuedXGciI8C4hDpwsrdap3D
dWw/MUYNOtUeSC2Kg4LqaolPvugtYPGAzXvYLeTitCxaxJUx2Vz9qZY24Z7mWQT5
rWwNQiLS5XhQdsfthB1KFm3PMaTJHU/ZM7W/WVurIjxQZxShVZ1gzAvv2Y4+DJEx
F03KKcuIXeWaN8/afcDmEcFRWCxylwQKpv6Rvk7skOhaoasw6uzoekOlR//d82uw
rQEDMxX3AccOkstLB6hep0+XBtA34EpMjfamys+Y4DOnCvETHYmG6T5RM0S2Nf03
1ZBIZocgcMqGRX7MM6YJ7aXd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:10 2024 by rpki-client on console-fra.rpki-client.org