Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/x5ZRxzn4ypFUk9H4fn_6aZpbU-w.roa
File:                     x5ZRxzn4ypFUk9H4fn_6aZpbU-w.roa (raw, json)
Hash identifier:          8EYWet3/LKgGY+jKV4tiJzO7jMl5xLAauWs1IswpTKU=
Subject key identifier:   C7:96:51:C7:39:F8:CA:91:54:93:D1:F8:7E:7F:FA:69:9A:5B:53:EC
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018A167908EB130D7FF7D057580E78BEF88A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/x5ZRxzn4ypFUk9H4fn_6aZpbU-w.roa
Signing time:             Mon 21 Aug 2023 05:02:25 +0000
ROA not before:           Mon 21 Aug 2023 05:02:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60808
IP address blocks:        188.253.96.0/19 maxlen: 24
                          185.215.246.0/24 maxlen: 24
                          188.253.12.0/22 maxlen: 22
                          2a05:ec80::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 05:04:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:16:79:08:eb:13:0d:7f:f7:d0:57:58:0e:78:be:f8:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Aug 21 05:02:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c79651c739f8ca915493d1f87e7ffa699a5b53ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:be:29:19:42:a6:20:be:36:19:32:6c:a9:62:
                    e4:d1:c4:a0:1b:d8:f0:04:f3:42:e7:a8:64:09:17:
                    be:6e:6d:5c:8b:55:87:50:b1:24:5c:2e:d8:37:7f:
                    fa:77:f1:cb:18:29:04:36:e9:78:a1:8c:85:bd:5d:
                    62:e4:d0:67:65:55:2a:5f:00:40:d3:a5:90:98:bb:
                    f0:7f:94:9e:c9:8a:1c:20:77:b9:9c:8f:94:a6:c8:
                    fe:e5:40:95:5d:f9:5a:aa:7d:a2:5d:81:79:44:e7:
                    89:ec:b5:cf:d9:9b:2b:c7:bb:7f:13:ed:36:bf:aa:
                    39:01:dc:3b:56:c3:9e:5e:5c:91:27:1b:62:2b:61:
                    20:0c:59:96:01:f8:84:8f:6f:c1:ab:5f:78:ea:5e:
                    0a:07:d5:2a:07:fb:c5:0f:cc:20:f7:9d:52:b5:ac:
                    21:69:fb:eb:19:79:30:07:bb:1e:7e:80:10:f2:1b:
                    d1:1a:c3:ba:9d:60:ab:4d:ac:b8:11:85:ef:b1:55:
                    74:7e:b3:16:fb:14:51:bd:42:57:e0:e3:1d:e6:51:
                    19:c1:23:db:a1:d6:ae:39:e7:97:80:45:18:5e:45:
                    17:f9:99:67:e3:10:c6:7c:fa:3d:39:54:3c:f8:c6:
                    4a:83:b8:b5:8b:a3:f2:3f:9a:da:82:05:b9:49:a6:
                    e0:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:96:51:C7:39:F8:CA:91:54:93:D1:F8:7E:7F:FA:69:9A:5B:53:EC
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/x5ZRxzn4ypFUk9H4fn_6aZpbU-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.215.246.0/24
                  188.253.12.0/22
                  188.253.96.0/19
                IPv6:
                  2a05:ec80::/29

    Signature Algorithm: sha256WithRSAEncryption
         2a:76:23:c5:ce:cb:ba:ab:a3:20:04:52:6a:a9:d0:3a:b7:2a:
         c1:2b:fd:79:11:a4:e2:35:ec:e7:01:84:6c:8e:6a:13:fe:1c:
         f0:98:63:ba:cd:06:66:b5:90:ab:6f:45:b2:4b:63:dc:16:9c:
         75:9d:9e:4d:5c:e4:6b:b7:28:8e:ca:9c:3f:ec:fc:00:91:5b:
         21:f2:6e:b8:f2:59:c0:65:ee:50:96:76:31:d4:52:04:8a:d0:
         7e:ab:2e:44:10:f4:f4:96:12:3e:eb:22:bd:03:97:ba:ca:9f:
         84:dd:80:f0:9f:ae:65:e9:b5:8a:75:78:99:25:ff:cc:64:18:
         02:37:7c:62:8f:f2:47:25:9c:8e:62:bc:e6:3d:7e:4b:fd:d5:
         3a:40:d3:4e:c0:b5:cf:44:bb:d0:9f:58:63:91:bb:fc:f1:8f:
         e9:34:2d:c6:50:98:14:f2:89:ca:1d:a6:6f:c1:b5:95:00:ba:
         dd:f0:aa:2c:a8:cd:2d:30:34:74:9e:b0:7c:a8:b8:1d:57:e4:
         1a:87:77:78:b1:d9:bb:1d:68:5a:d2:a4:75:c5:60:f5:b8:72:
         89:33:fb:55:a0:45:b3:d7:92:72:bf:85:62:87:7f:15:d6:63:
         4f:af:b9:34:93:a0:d5:bf:bc:15:87:ad:cf:6a:ba:58:17:15:
         5e:2c:96:c1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYoWeQjrEw1/99BXWA54vviKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwODIxMDUwMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzk2NTFjNzM5ZjhjYTkxNTQ5M2QxZjg3ZTdmZmE2OTlhNWI1M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7L4pGUKmIL42GTJsqWLk0cSgG9jw
BPNC56hkCRe+bm1ci1WHULEkXC7YN3/6d/HLGCkENul4oYyFvV1i5NBnZVUqXwBA
06WQmLvwf5SeyYocIHe5nI+Upsj+5UCVXflaqn2iXYF5ROeJ7LXP2Zsrx7t/E+02
v6o5Adw7VsOeXlyRJxtiK2EgDFmWAfiEj2/Bq1946l4KB9UqB/vFD8wg951Stawh
afvrGXkwB7sefoAQ8hvRGsO6nWCrTay4EYXvsVV0frMW+xRRvUJX4OMd5lEZwSPb
odauOeeXgEUYXkUX+Zln4xDGfPo9OVQ8+MZKg7i1i6PyP5raggW5SabgdQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMeWUcc5+MqRVJPR+H5/+mmaW1PsMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEveDVaUnh6bjR5cEZVazlINGZuXzZhWnBiVS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAudf2AwQC
vP0MAwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IBAQAqdiPF
zsu6q6MgBFJqqdA6tyrBK/15EaTiNeznAYRsjmoT/hzwmGO6zQZmtZCrb0WyS2Pc
Fpx1nZ5NXORrtyiOypw/7PwAkVsh8m648lnAZe5QlnYx1FIEitB+qy5EEPT0lhI+
6yK9A5e6yp+E3YDwn65l6bWKdXiZJf/MZBgCN3xij/JHJZyOYrzmPX5L/dU6QNNO
wLXPRLvQn1hjkbv88Y/pNC3GUJgU8onKHaZvwbWVALrd8KosqM0tMDR0nrB8qLgd
V+Qah3d4sdm7HWha0qR1xWD1uHKJM/tVoEWz15Jyv4Vih38V1mNPr7k0k6DVv7wV
h63ParpYFxVeLJbB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org