Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Q7P9EFjI1rPoY_h1dQhMgiI4P9U.roa
File:                     Q7P9EFjI1rPoY_h1dQhMgiI4P9U.roa (raw, json)
Hash identifier:          SYx7rHVrHSVk1cdB89KAyRVbFCmr2T7UAU785sc1F/w=
Subject key identifier:   43:B3:FD:10:58:C8:D6:B3:E8:63:F8:75:75:08:4C:82:22:38:3F:D5
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       0190EF79563DF850E26BB1AD02EC8E913A6F
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Q7P9EFjI1rPoY_h1dQhMgiI4P9U.roa
Signing time:             Fri 26 Jul 2024 14:37:04 +0000
ROA not before:           Fri 26 Jul 2024 14:37:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8903
IP address blocks:        45.10.104.0/22 maxlen: 22
                          80.66.112.0/23 maxlen: 23
                          80.66.115.0/24 maxlen: 24
                          80.66.120.0/23 maxlen: 23
                          85.209.72.0/22 maxlen: 22
                          91.132.31.0/24 maxlen: 24
                          94.198.46.0/24 maxlen: 24
                          94.198.47.0/24 maxlen: 24
                          178.19.45.0/24 maxlen: 24
                          178.19.46.0/23 maxlen: 23
                          194.15.140.0/24 maxlen: 24
                          194.15.146.0/24 maxlen: 24
                          194.15.182.0/24 maxlen: 24
                          194.15.195.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 26 Jul 2024 14:39:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:ef:79:56:3d:f8:50:e2:6b:b1:ad:02:ec:8e:91:3a:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jul 26 14:37:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=43b3fd1058c8d6b3e863f87575084c8222383fd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d2:ef:8d:dd:1a:7d:8c:f9:01:9b:c3:48:43:
                    bb:87:10:0d:4f:d1:2e:3f:64:ef:30:3e:64:dc:b7:
                    c4:ad:24:46:3e:29:25:0b:84:bb:ee:8c:06:32:3a:
                    b2:5f:1a:a5:37:8e:2f:68:b4:35:1f:5a:67:31:6b:
                    1a:07:97:80:66:72:60:95:22:24:02:83:ed:7e:6f:
                    5c:5f:86:c4:79:45:0d:7d:1b:ca:f5:e2:9d:b5:29:
                    0a:4d:5c:6a:c8:4e:99:ef:51:d9:b4:da:bd:95:d4:
                    49:55:a8:f8:52:af:dd:52:3c:1a:01:82:a4:e7:73:
                    a8:be:60:96:c1:b3:54:0b:d0:66:53:45:c2:cd:50:
                    47:d5:d5:c5:dd:9a:9b:f9:47:a3:f2:75:f2:88:45:
                    15:b3:43:78:06:34:ba:0c:9e:e3:6b:2c:14:21:fd:
                    12:45:a2:83:13:9d:0f:5a:22:21:75:b0:38:17:c0:
                    16:59:62:fb:fa:31:d2:2d:ff:df:31:a8:cb:a2:e1:
                    9d:61:93:c1:b9:90:3a:df:0d:9e:bb:8e:58:49:01:
                    14:63:c4:18:7f:5c:9f:4e:ad:2d:b9:98:c8:1b:73:
                    20:f1:3f:34:62:3a:ac:d3:21:02:4e:36:c8:03:57:
                    6e:f4:eb:85:b6:35:72:6d:c3:96:32:f7:06:b6:8f:
                    a1:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:B3:FD:10:58:C8:D6:B3:E8:63:F8:75:75:08:4C:82:22:38:3F:D5
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Q7P9EFjI1rPoY_h1dQhMgiI4P9U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.104.0/22
                  80.66.112.0/23
                  80.66.115.0/24
                  80.66.120.0/23
                  85.209.72.0/22
                  91.132.31.0/24
                  94.198.46.0/23
                  178.19.45.0-178.19.47.255
                  194.15.140.0/24
                  194.15.146.0/24
                  194.15.182.0/24
                  194.15.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:e3:d2:ab:ff:73:87:f8:85:75:94:37:ff:62:ea:a8:1c:85:
         23:b1:52:56:7b:3b:9c:14:a6:da:1b:0a:1b:29:fa:bd:25:73:
         22:12:3c:f6:f4:9c:29:27:2c:4b:2a:87:91:2c:71:3f:20:bc:
         1e:04:57:1f:5a:00:e0:d3:38:e2:d9:1c:b0:2c:48:06:b0:90:
         2d:b4:f5:29:9f:f1:a0:fe:f3:6b:54:ed:02:d5:d9:83:4d:18:
         f9:b5:1d:70:8b:54:48:84:89:af:fc:04:bf:4b:9f:c0:52:23:
         bd:8c:30:03:52:72:48:d3:e3:a9:fc:b2:dc:db:74:6d:63:f3:
         78:c5:db:35:f9:90:df:f9:57:fd:90:0a:2f:a2:02:6c:d4:7a:
         2b:cb:d1:90:58:12:90:9c:dd:19:72:9a:b7:de:b7:8b:9e:ec:
         a9:3b:6a:be:7c:82:7c:0d:b4:1b:42:79:c6:09:9f:26:02:df:
         96:0f:8d:44:10:6b:3a:22:41:cf:53:77:76:70:06:f3:4a:9c:
         79:fd:77:27:f7:05:d6:31:79:02:62:55:2b:b6:47:3e:bf:88:
         fe:5f:87:a1:c6:86:f2:13:00:74:c7:dd:cd:aa:7b:fb:7e:34:
         37:b9:b7:99:6f:b0:f3:aa:bc:9f:32:d6:fd:01:f6:02:27:aa:
         2b:6b:bf:bd
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZDveVY9+FDia7GtAuyOkTpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNzI2MTQzNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2IzZmQxMDU4YzhkNmIzZTg2M2Y4NzU3NTA4NGM4MjIyMzgzZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydLvjd0afYz5AZvDSEO7hxANT9Eu
P2TvMD5k3LfErSRGPiklC4S77owGMjqyXxqlN44vaLQ1H1pnMWsaB5eAZnJglSIk
AoPtfm9cX4bEeUUNfRvK9eKdtSkKTVxqyE6Z71HZtNq9ldRJVaj4Uq/dUjwaAYKk
53OovmCWwbNUC9BmU0XCzVBH1dXF3Zqb+Uej8nXyiEUVs0N4BjS6DJ7jaywUIf0S
RaKDE50PWiIhdbA4F8AWWWL7+jHSLf/fMajLouGdYZPBuZA63w2eu45YSQEUY8QY
f1yfTq0tuZjIG3Mg8T80Yjqs0yECTjbIA1du9OuFtjVybcOWMvcGto+hiwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFEOz/RBYyNaz6GP4dXUITIIiOD/VMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvUTdQOUVGakkxclBvWV9oMWRRaE1naUk0UDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQCLQpoAwQB
UEJwAwQAUEJzAwQBUEJ4AwQCVdFIAwQAW4QfAwQBXsYuMAwDBACyEy0DBASyEyAD
BADCD4wDBADCD5IDBADCD7YDBADCD8MwDQYJKoZIhvcNAQELBQADggEBAGDj0qv/
c4f4hXWUN/9i6qgchSOxUlZ7O5wUptobChsp+r0lcyISPPb0nCknLEsqh5EscT8g
vB4EVx9aAODTOOLZHLAsSAawkC209Smf8aD+82tU7QLV2YNNGPm1HXCLVEiEia/8
BL9Ln8BSI72MMANSckjT46n8stzbdG1j83jF2zX5kN/5V/2QCi+iAmzUeivL0ZBY
EpCc3Rlymrfet4ue7Kk7ar58gnwNtBtCecYJnyYC35YPjUQQazoiQc9Td3ZwBvNK
nHn9dyf3BdYxeQJiVSu2Rz6/iP5fh6HGhvITAHTH3c2qe/t+NDe5t5lvsPOqvJ8y
1v0B9gInqitrv70=
-----END CERTIFICATE-----