Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/U1D7u2odX330D9SO4_MkebSsrGo.roa
File:                     U1D7u2odX330D9SO4_MkebSsrGo.roa (raw, json)
Hash identifier:          P3f6HwZXONkL+9W5LC++Gx9s9OHFXQ9zJE73ZBfe9O4=
Subject key identifier:   53:50:FB:BB:6A:1D:5F:7D:F4:0F:D4:8E:E3:F3:24:79:B4:AC:AC:6A
Certificate issuer:       /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial:       018963F7CED7B7DC206BE53B4474A00060B3
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/U1D7u2odX330D9SO4_MkebSsrGo.roa
Signing time:             Mon 17 Jul 2023 13:08:51 +0000
ROA not before:           Mon 17 Jul 2023 13:08:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48716
IP address blocks:        90.156.230.0/24 maxlen: 24
                          188.225.31.0/24 maxlen: 24
                          217.151.230.0/24 maxlen: 24
                          185.247.17.0/24 maxlen: 24
                          2a03:6f06::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 10 Oct 2023 09:22:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:63:f7:ce:d7:b7:dc:20:6b:e5:3b:44:74:a0:00:60:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
        Validity
            Not Before: Jul 17 13:08:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5350fbbb6a1d5f7df40fd48ee3f32479b4acac6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:63:ca:54:62:7f:12:c4:c1:39:4d:65:4a:89:
                    70:1f:8e:9c:61:32:0e:94:59:d3:84:ea:c2:81:e6:
                    50:73:74:ab:6d:2d:29:1e:27:f9:21:5b:4f:f6:f6:
                    05:52:2b:b4:95:d9:88:9c:4c:58:bb:a3:51:5f:88:
                    9c:41:81:cb:e0:4b:f5:52:8d:62:45:51:d4:4d:7c:
                    46:69:ce:7d:b7:dd:57:77:56:ff:cc:0d:a9:fa:a5:
                    f5:74:0c:75:e3:fd:b9:3f:fc:51:fe:5c:ba:f3:39:
                    a1:a8:84:e6:d5:ad:a6:a6:73:9f:d7:b7:46:03:ef:
                    ae:70:c0:eb:ed:5b:8d:00:ae:1d:32:65:58:5b:5b:
                    81:e9:ca:47:4f:41:27:0d:8e:5a:da:69:16:ab:ee:
                    b3:14:bf:97:54:bd:b7:b0:23:b7:ba:8a:3d:b1:2a:
                    39:96:a0:5a:f8:ba:b5:e2:0f:ad:0a:ea:ff:8b:96:
                    99:98:e7:d8:9b:2b:33:f6:5d:ec:94:50:70:44:65:
                    56:3f:9c:0d:d8:0b:7f:bb:3c:df:76:a7:21:c1:3a:
                    6a:0b:24:15:4e:d4:71:75:99:1b:c3:c0:b9:ad:6a:
                    72:f4:7d:3c:0d:39:98:06:1c:cd:40:d4:9d:0d:03:
                    ba:de:4f:da:5e:80:0e:95:42:fe:c3:4e:cc:f4:bb:
                    ca:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:50:FB:BB:6A:1D:5F:7D:F4:0F:D4:8E:E3:F3:24:79:B4:AC:AC:6A
            X509v3 Authority Key Identifier:
                keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/U1D7u2odX330D9SO4_MkebSsrGo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  90.156.230.0/24
                  185.247.17.0/24
                  188.225.31.0/24
                  217.151.230.0/24
                IPv6:
                  2a03:6f06::/32

    Signature Algorithm: sha256WithRSAEncryption
         95:27:ba:bc:09:b7:d7:cc:e7:75:88:6b:ce:b5:81:c5:36:49:
         d4:9a:17:53:98:56:9d:a1:cd:86:e0:c1:96:22:2a:57:25:97:
         dd:01:ad:f3:65:ea:f1:25:c3:bd:92:7f:db:d3:bd:11:28:23:
         33:65:6e:f9:33:28:6b:26:a2:a4:6d:7d:d6:5f:3e:10:10:58:
         4f:2c:4d:69:2b:9c:14:9f:79:32:fc:b6:38:5e:e5:be:fc:54:
         43:3a:38:f5:07:00:5e:b7:21:b5:d8:d1:d0:dc:44:0d:4d:f9:
         46:49:44:5c:19:a5:92:cf:5d:df:d7:88:fb:29:d7:dd:35:e0:
         1d:af:c3:18:ae:a1:dc:73:f0:8c:66:52:6a:16:7d:37:36:91:
         98:d5:ad:65:c6:b7:cf:cf:4c:bc:b8:03:03:db:0b:49:8c:a6:
         0b:57:78:d8:ae:a9:a0:85:9c:61:af:1a:5a:48:d1:1b:89:51:
         23:e2:b6:2b:0a:65:0d:c3:c4:34:f7:5b:5c:5a:c5:77:1b:4a:
         fb:91:59:80:4b:da:d0:5a:a9:0f:fd:ad:7b:66:e0:e7:49:5a:
         39:62:11:ba:5f:a9:ca:3a:55:b5:98:f6:7b:1f:d4:24:66:b3:
         e9:1d:43:24:a2:33:ea:bf:7d:ff:8d:6e:89:d0:f8:fe:14:b2:
         ba:ab:b9:50
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYlj987Xt9wga+U7RHSgAGCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjMwNzE3MTMwODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzUwZmJiYjZhMWQ1ZjdkZjQwZmQ0OGVlM2YzMjQ3OWI0YWNhYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWPKVGJ/EsTBOU1lSolwH46cYTIO
lFnThOrCgeZQc3SrbS0pHif5IVtP9vYFUiu0ldmInExYu6NRX4icQYHL4Ev1Uo1i
RVHUTXxGac59t91Xd1b/zA2p+qX1dAx14/25P/xR/ly68zmhqITm1a2mpnOf17dG
A++ucMDr7VuNAK4dMmVYW1uB6cpHT0EnDY5a2mkWq+6zFL+XVL23sCO3uoo9sSo5
lqBa+Lq14g+tCur/i5aZmOfYmysz9l3slFBwRGVWP5wN2At/uzzfdqchwTpqCyQV
TtRxdZkbw8C5rWpy9H08DTmYBhzNQNSdDQO63k/aXoAOlUL+w07M9LvK8QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFNQ+7tqHV999A/UjuPzJHm0rKxqMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvVTFEN3Uyb2RYMzMwRDlTTzRfTWtlYlNzckdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAWpzmAwQA
ufcRAwQAvOEfAwQA2ZfmMA0EAgACMAcDBQAqA28GMA0GCSqGSIb3DQEBCwUAA4IB
AQCVJ7q8CbfXzOd1iGvOtYHFNknUmhdTmFadoc2G4MGWIipXJZfdAa3zZerxJcO9
kn/b070RKCMzZW75MyhrJqKkbX3WXz4QEFhPLE1pK5wUn3ky/LY4XuW+/FRDOjj1
BwBetyG12NHQ3EQNTflGSURcGaWSz13f14j7KdfdNeAdr8MYrqHcc/CMZlJqFn03
NpGY1a1lxrfPz0y8uAMD2wtJjKYLV3jYrqmghZxhrxpaSNEbiVEj4rYrCmUNw8Q0
91tcWsV3G0r7kVmAS9rQWqkP/a17ZuDnSVo5YhG6X6nKOlW1mPZ7H9QkZrPpHUMk
ojPqv33/jW6J0Pj+FLK6q7lQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:40 2024 by rpki-client on console-fra.rpki-client.org