Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/vcv3Q-Vi8kJdiacd28Rstnpz_3A.roa
File:                     vcv3Q-Vi8kJdiacd28Rstnpz_3A.roa (raw, json)
Hash identifier:          /CkSnNM7ldpuLz7DMyE5XnGlAG/UwjYNIUGMtdw5qjw=
Subject key identifier:   BD:CB:F7:43:E5:62:F2:42:5D:89:A7:1D:DB:C4:6C:B6:7A:73:FF:70
Certificate issuer:       /CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Certificate serial:       018CC64B5CB726A6F137661FF7813C8D726F
Authority key identifier: 93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/vcv3Q-Vi8kJdiacd28Rstnpz_3A.roa
Signing time:             Mon 01 Jan 2024 18:31:16 +0000
ROA not before:           Mon 01 Jan 2024 18:31:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29650
IP address blocks:        79.140.128.0/20 maxlen: 24
                          212.84.40.0/21 maxlen: 24
                          84.51.224.0/19 maxlen: 24
                          212.78.224.0/19 maxlen: 24
                          45.139.240.0/22 maxlen: 24
                          82.195.128.0/19 maxlen: 24
                          2001:1bd8::/32 maxlen: 48

Validation:               Failed, certificate revoked on Fri 22 Mar 2024 10:15:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:5c:b7:26:a6:f1:37:66:1f:f7:81:3c:8d:72:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
        Validity
            Not Before: Jan  1 18:31:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bdcbf743e562f2425d89a71ddbc46cb67a73ff70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:3a:75:79:0e:b5:0e:9b:87:7e:b9:cd:d5:a8:
                    ee:05:64:3b:0c:7e:8a:9c:ef:e5:69:e6:84:b7:ef:
                    fa:b6:1e:c6:54:4b:a2:ec:9a:c8:03:43:f2:b7:40:
                    e1:69:15:f8:d3:3a:16:32:c4:86:f1:9e:c6:03:02:
                    84:7a:a7:29:c6:01:13:13:42:89:1f:63:f9:59:64:
                    a8:17:a9:32:26:49:c9:f6:2b:b4:4f:9d:7e:6f:ae:
                    a0:5c:c6:3b:c9:f8:0c:5d:9d:2e:10:f0:b2:a5:c7:
                    11:c6:bb:9c:f1:22:8c:4c:66:b4:96:8d:0e:42:3c:
                    ec:4b:ed:09:35:78:63:29:0c:2f:76:a0:0d:43:79:
                    84:63:d9:82:25:bc:3e:92:9a:62:a3:94:d6:8d:79:
                    7c:02:0c:af:f7:a7:d8:60:92:1c:16:f4:78:74:ff:
                    cb:ea:66:32:39:fc:d3:41:5f:b6:23:76:f5:19:cb:
                    73:54:2e:47:bc:0f:3e:7f:ff:83:5e:55:7f:65:1f:
                    ca:2e:64:6e:73:81:03:92:c6:f0:78:19:95:58:f8:
                    43:0f:90:40:b4:58:75:24:61:17:e6:f1:b0:12:94:
                    b8:6f:83:6d:49:76:80:97:78:81:3a:f6:ba:1b:96:
                    86:2b:c1:c8:be:99:73:bb:5a:9a:b5:89:a9:8d:aa:
                    19:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:CB:F7:43:E5:62:F2:42:5D:89:A7:1D:DB:C4:6C:B6:7A:73:FF:70
            X509v3 Authority Key Identifier:
                keyid:93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/vcv3Q-Vi8kJdiacd28Rstnpz_3A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.139.240.0/22
                  79.140.128.0/20
                  82.195.128.0/19
                  84.51.224.0/19
                  212.78.224.0/19
                  212.84.40.0/21
                IPv6:
                  2001:1bd8::/32

    Signature Algorithm: sha256WithRSAEncryption
         a9:8a:7f:b0:43:1b:74:32:d2:c8:66:76:c4:ad:ee:0f:c2:6f:
         e8:bd:66:bf:e0:fe:b6:4c:95:67:f5:cf:12:d7:53:82:a8:94:
         dd:b1:43:0a:3f:8d:b7:ef:53:48:62:35:17:9f:c4:16:8f:ea:
         8c:84:33:45:77:ea:58:ee:73:6f:48:30:ab:14:da:4b:d5:02:
         d7:89:01:5c:90:4d:b9:b5:82:b9:7c:ed:43:b3:e5:d0:9c:b4:
         68:fc:dc:a7:3f:c0:6b:33:b0:a4:21:57:d8:f0:9c:b2:69:50:
         e1:aa:47:8a:f6:c0:91:10:02:be:71:dd:82:bc:81:17:76:3f:
         3d:ea:39:c5:7a:19:4e:bd:0f:ca:1e:b8:63:f9:61:99:43:60:
         7c:fd:de:a3:9a:1d:02:69:89:8f:a2:4e:e5:db:c1:da:30:33:
         99:66:93:e4:9b:36:f5:b0:76:62:a5:af:3a:64:eb:41:d2:8b:
         53:bd:d7:c6:9a:84:1d:3f:29:36:92:2d:2a:ef:06:1c:bc:7f:
         f9:db:d9:cd:7e:76:80:c5:94:eb:29:e9:17:4a:69:a1:fd:06:
         b1:89:2c:7f:30:16:4b:d6:5c:1f:98:f0:a6:95:b6:2e:14:f0:
         83:af:5e:4a:3c:fe:73:28:26:3d:51:be:9e:60:f0:ee:0f:72:
         2e:b9:b0:7b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzGS1y3JqbxN2Yf94E8jXJvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzN2YxMmFiYWY2MTM5NzNmZWIzMDczZDhjZTYzN2YxYjAw
Y2JmYTkwHhcNMjQwMTAxMTgzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGNiZjc0M2U1NjJmMjQyNWQ4OWE3MWRkYmM0NmNiNjdhNzNmZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljp1eQ61DpuHfrnN1ajuBWQ7DH6K
nO/laeaEt+/6th7GVEui7JrIA0Pyt0DhaRX40zoWMsSG8Z7GAwKEeqcpxgETE0KJ
H2P5WWSoF6kyJknJ9iu0T51+b66gXMY7yfgMXZ0uEPCypccRxruc8SKMTGa0lo0O
QjzsS+0JNXhjKQwvdqANQ3mEY9mCJbw+kppio5TWjXl8Agyv96fYYJIcFvR4dP/L
6mYyOfzTQV+2I3b1GctzVC5HvA8+f/+DXlV/ZR/KLmRuc4EDksbweBmVWPhDD5BA
tFh1JGEX5vGwEpS4b4NtSXaAl3iBOva6G5aGK8HIvplzu1qatYmpjaoZ+QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFL3L90PlYvJCXYmnHdvEbLZ6c/9wMB8GA1UdIwQY
MBaAFJN/EquvYTlz/rMHPYzmN/GwDL+pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgt
YTFhZTU4OTJkNDIxLzEvdmN2M1EtVmk4a0pkaWFjZDI4UnN0bnB6XzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgtYTFhZTU4OTJkNDIx
LzEvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLYvwAwQE
T4yAAwQFUsOAAwQFVDPgAwQF1E7gAwQD1FQoMA0EAgACMAcDBQAgARvYMA0GCSqG
SIb3DQEBCwUAA4IBAQCpin+wQxt0MtLIZnbEre4Pwm/ovWa/4P62TJVn9c8S11OC
qJTdsUMKP42371NIYjUXn8QWj+qMhDNFd+pY7nNvSDCrFNpL1QLXiQFckE25tYK5
fO1Ds+XQnLRo/NynP8BrM7CkIVfY8JyyaVDhqkeK9sCREAK+cd2CvIEXdj896jnF
ehlOvQ/KHrhj+WGZQ2B8/d6jmh0CaYmPok7l28HaMDOZZpPkmzb1sHZipa86ZOtB
0otTvdfGmoQdPyk2ki0q7wYcvH/529nNfnaAxZTrKekXSmmh/QaxiSx/MBZL1lwf
mPCmlbYuFPCDr15KPP5zKCY9Ub6eYPDuD3IuubB7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:41 2024 by rpki-client on console-fra.rpki-client.org