Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/6065db-93b2-41ec-b19a-688ce013671e/1/9fkMfIzCnumkBb2NUxf_X0M6Xag.roa
File:                     9fkMfIzCnumkBb2NUxf_X0M6Xag.roa (raw, json)
Hash identifier:          pQPJFW01HK7be3XWNpCefNdpNQDyVcZJygvY3du+iUw=
Subject key identifier:   F5:F9:0C:7C:8C:C2:9E:E9:A4:05:BD:8D:53:17:FF:5F:43:3A:5D:A8
Certificate issuer:       /CN=5d783be8b5f7add008d712b437bd9f997c084fdf
Certificate serial:       01856C9CA56816A3280FE98C0753987B0C22
Authority key identifier: 5D:78:3B:E8:B5:F7:AD:D0:08:D7:12:B4:37:BD:9F:99:7C:08:4F:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XXg76LX3rdAI1xK0N72fmXwIT98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/6065db-93b2-41ec-b19a-688ce013671e/1/9fkMfIzCnumkBb2NUxf_X0M6Xag.roa
Signing time:             Sun 01 Jan 2023 09:14:43 +0000
ROA not before:           Sun 01 Jan 2023 09:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207176
IP address blocks:        185.177.136.0/22 maxlen: 24
                          171.22.64.0/22 maxlen: 22
                          185.40.96.0/22 maxlen: 24
                          88.202.160.0/21 maxlen: 24
                          45.93.48.0/22 maxlen: 22
                          2a04:8400::/29 maxlen: 64

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:9c:a5:68:16:a3:28:0f:e9:8c:07:53:98:7b:0c:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d783be8b5f7add008d712b437bd9f997c084fdf
        Validity
            Not Before: Jan  1 09:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f5f90c7c8cc29ee9a405bd8d5317ff5f433a5da8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:cf:b4:ef:31:21:45:93:c6:11:20:6c:26:89:
                    bb:33:5e:d3:bd:5e:58:b7:97:11:df:0f:f6:cc:c9:
                    da:d1:8f:28:16:ec:8c:f7:74:a5:94:42:af:b4:5f:
                    18:4c:a0:f6:b5:57:58:92:f8:f7:c7:af:8b:18:53:
                    de:f1:d8:c7:1f:ae:f2:3e:ee:a1:21:98:a9:e7:f2:
                    18:99:d4:04:b6:11:6c:d2:a3:11:6b:e3:e3:79:13:
                    f1:7b:7b:37:c0:c5:d4:ee:22:7f:10:33:c1:5f:ce:
                    a8:79:68:d8:3c:eb:4e:2c:5b:c3:f9:81:b5:4a:d1:
                    f8:4e:58:3b:0e:c6:5d:b1:ee:6b:93:f3:e2:1d:ec:
                    7a:4e:be:ee:5d:00:78:44:a8:71:09:a3:e6:6b:4d:
                    d7:4e:b8:36:a5:8d:c0:40:9b:2e:7b:37:be:65:ca:
                    0f:00:0c:4b:af:7a:5a:be:e6:54:c0:27:f6:bc:dc:
                    7a:ea:05:3b:d3:96:b5:f5:c8:dd:7b:a6:5e:53:c0:
                    e7:25:95:c1:90:41:16:45:4e:37:9c:db:e1:88:ff:
                    26:f9:7c:6f:ed:ae:50:e5:a7:96:9c:f0:35:33:24:
                    8a:43:82:fd:e7:37:7c:81:bf:27:93:a7:9a:fe:2a:
                    e0:f5:f5:03:36:9d:53:8b:ea:c1:3f:9d:ac:fa:38:
                    49:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:F9:0C:7C:8C:C2:9E:E9:A4:05:BD:8D:53:17:FF:5F:43:3A:5D:A8
            X509v3 Authority Key Identifier:
                keyid:5D:78:3B:E8:B5:F7:AD:D0:08:D7:12:B4:37:BD:9F:99:7C:08:4F:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXg76LX3rdAI1xK0N72fmXwIT98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6065db-93b2-41ec-b19a-688ce013671e/1/9fkMfIzCnumkBb2NUxf_X0M6Xag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6065db-93b2-41ec-b19a-688ce013671e/1/XXg76LX3rdAI1xK0N72fmXwIT98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.93.48.0/22
                  88.202.160.0/21
                  171.22.64.0/22
                  185.40.96.0/22
                  185.177.136.0/22
                IPv6:
                  2a04:8400::/29

    Signature Algorithm: sha256WithRSAEncryption
         14:df:41:3f:76:10:de:81:28:fc:75:08:20:72:86:38:d0:6e:
         39:ac:3f:bd:b2:66:e5:5a:7b:80:c2:b8:c2:55:e2:d7:fd:29:
         73:09:06:5c:97:f1:5c:5f:c2:05:55:3e:02:92:8d:0c:c5:04:
         b7:23:e6:b3:a1:c3:11:ed:97:0b:82:16:65:b9:b2:72:6b:51:
         2e:2e:f7:9a:da:9a:62:49:10:e9:b6:34:21:ef:8c:92:ea:39:
         ea:ce:68:36:63:d0:f6:45:92:c0:8d:e1:cd:67:8d:b1:ee:3d:
         10:59:91:5c:a6:5c:51:af:e1:32:8b:28:87:ec:0f:39:c7:ed:
         cf:2a:36:f7:c3:60:81:72:f3:5a:dc:de:0e:9d:83:75:08:0c:
         e5:fa:3e:47:b5:7e:86:f3:29:60:bd:08:df:ff:f6:4b:05:cf:
         bf:13:be:5f:7c:09:19:a2:27:75:c9:8c:2f:15:a5:a9:ff:34:
         a4:cf:0f:07:9e:27:d2:10:07:22:18:4e:bf:fc:f1:b8:0b:7f:
         3e:b6:e6:eb:92:93:fa:fa:67:ee:58:22:5e:f9:8e:b7:98:b4:
         a4:b7:82:9b:9f:8a:05:ee:3c:a5:09:95:0f:a8:b1:68:1f:08:
         f1:4d:68:21:4c:7f:b1:3c:e6:e8:de:4e:f6:de:a2:fa:fa:bc:
         ff:a3:e4:fd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsnKVoFqMoD+mMB1OYewwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNzgzYmU4YjVmN2FkZDAwOGQ3MTJiNDM3YmQ5Zjk5N2Mw
ODRmZGYwHhcNMjMwMTAxMDkxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWY5MGM3YzhjYzI5ZWU5YTQwNWJkOGQ1MzE3ZmY1ZjQzM2E1ZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtM+07zEhRZPGESBsJom7M17TvV5Y
t5cR3w/2zMna0Y8oFuyM93SllEKvtF8YTKD2tVdYkvj3x6+LGFPe8djHH67yPu6h
IZip5/IYmdQEthFs0qMRa+PjeRPxe3s3wMXU7iJ/EDPBX86oeWjYPOtOLFvD+YG1
StH4Tlg7DsZdse5rk/PiHex6Tr7uXQB4RKhxCaPma03XTrg2pY3AQJsueze+ZcoP
AAxLr3pavuZUwCf2vNx66gU705a19cjde6ZeU8DnJZXBkEEWRU43nNvhiP8m+Xxv
7a5Q5aeWnPA1MySKQ4L95zd8gb8nk6ea/irg9fUDNp1Ti+rBP52s+jhJpQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPX5DHyMwp7ppAW9jVMX/19DOl2oMB8GA1UdIwQY
MBaAFF14O+i1963QCNcStDe9n5l8CE/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFhnNzZMWDNyZEFJMXhLME43MmZtWHdJVDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82MDY1ZGItOTNiMi00MWVjLWIxOWEt
Njg4Y2UwMTM2NzFlLzEvOWZrTWZJekNudW1rQmIyTlV4Zl9YME02WGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82MDY1ZGItOTNiMi00MWVjLWIxOWEtNjg4Y2UwMTM2NzFl
LzEvWFhnNzZMWDNyZEFJMXhLME43MmZtWHdJVDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLV0wAwQD
WMqgAwQCqxZAAwQCuShgAwQCubGIMA0EAgACMAcDBQMqBIQAMA0GCSqGSIb3DQEB
CwUAA4IBAQAU30E/dhDegSj8dQggcoY40G45rD+9smblWnuAwrjCVeLX/SlzCQZc
l/FcX8IFVT4Cko0MxQS3I+azocMR7ZcLghZlubJya1EuLvea2ppiSRDptjQh74yS
6jnqzmg2Y9D2RZLAjeHNZ42x7j0QWZFcplxRr+EyiyiH7A85x+3PKjb3w2CBcvNa
3N4OnYN1CAzl+j5HtX6G8ylgvQjf//ZLBc+/E75ffAkZoid1yYwvFaWp/zSkzw8H
nifSEAciGE6//PG4C38+tubrkpP6+mfuWCJe+Y63mLSkt4Kbn4oF7jylCZUPqLFo
HwjxTWghTH+xPObo3k723qL6+rz/o+T9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:16 2024 by rpki-client on console-ams.rpki-client.org