Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/fGl2c4l59nweI52DShMgT4TAJ54.roa
File:                     fGl2c4l59nweI52DShMgT4TAJ54.roa (raw, json)
Hash identifier:          nVPgYzvWVDOfIqn84d93IEx8E/FOnplWCPKvyyGWoMU=
Subject key identifier:   7C:69:76:73:89:79:F6:7C:1E:23:9D:83:4A:13:20:4F:84:C0:27:9E
Certificate issuer:       /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial:       0187B8289A4DF1CB1A099C4263028353DE86
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/fGl2c4l59nweI52DShMgT4TAJ54.roa
Signing time:             Tue 25 Apr 2023 11:24:41 +0000
ROA not before:           Tue 25 Apr 2023 11:24:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2914
IP address blocks:        62.73.160.0/19 maxlen: 19
                          62.73.162.0/23 maxlen: 23
                          62.73.161.0/24 maxlen: 24
                          62.73.160.0/24 maxlen: 29
                          5.158.208.0/21 maxlen: 21
                          5.158.212.0/24 maxlen: 24
                          5.158.210.0/24 maxlen: 24
                          5.158.211.0/24 maxlen: 24
                          5.158.208.0/23 maxlen: 24
                          5.158.214.0/24 maxlen: 24
                          5.158.215.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 25 Apr 2023 11:55:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b8:28:9a:4d:f1:cb:1a:09:9c:42:63:02:83:53:de:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
        Validity
            Not Before: Apr 25 11:24:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c6976738979f67c1e239d834a13204f84c0279e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:1c:cd:60:ee:92:a6:6e:60:64:d3:0f:0a:0c:
                    ce:91:2f:01:4d:d9:6e:04:9c:33:37:13:db:e2:e1:
                    8e:26:a4:fc:78:10:39:bb:78:49:ad:11:3b:0e:0c:
                    4a:99:bd:f1:6f:d0:f3:f6:7d:6a:5f:d1:d3:7e:27:
                    8e:da:e3:d8:8f:db:6a:70:7f:6f:50:1e:2d:87:2b:
                    f1:ca:6b:ca:1d:da:f9:1a:40:ca:4d:d5:7b:ee:e9:
                    6f:25:0d:1a:32:bc:78:fa:e4:f4:db:2c:ff:59:72:
                    20:70:ad:6a:35:fd:38:7e:d6:cb:18:37:16:bc:64:
                    86:5f:4d:88:f5:15:8c:f8:4d:bf:e4:de:81:19:b3:
                    d0:0a:5e:9a:e4:d8:b3:1c:92:29:bc:ef:6a:11:4e:
                    c2:63:43:bc:28:68:08:5a:23:01:2c:e3:52:c4:54:
                    a5:55:b8:17:98:d8:f0:fa:3d:1b:7c:4e:ed:40:85:
                    9b:c8:1e:94:d8:9f:d3:fb:4c:18:7a:2c:fc:ee:1a:
                    bb:82:b3:5d:fb:e1:d9:bd:f0:f2:8a:9d:67:78:ad:
                    a9:f5:fb:d5:3b:4a:d5:74:e3:82:c8:23:9f:c0:0e:
                    90:5e:4a:b7:25:a5:bd:78:b6:0f:ff:75:97:e0:fa:
                    c6:b3:94:c9:1a:61:2e:30:a8:2a:f6:18:30:59:48:
                    2b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:69:76:73:89:79:F6:7C:1E:23:9D:83:4A:13:20:4F:84:C0:27:9E
            X509v3 Authority Key Identifier:
                keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/fGl2c4l59nweI52DShMgT4TAJ54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.158.208.0/21
                  62.73.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         7a:97:ac:57:3d:1c:ff:2e:bc:db:0f:a2:be:6c:28:27:f8:5e:
         34:73:1e:96:b8:6f:bd:b7:5e:32:50:83:2d:74:dc:a4:8c:64:
         a8:b1:ae:c9:fb:30:f1:1e:80:29:0b:d7:48:55:b7:c8:80:7a:
         e6:d0:7d:fc:af:2d:c7:bb:17:17:3d:d7:09:67:2c:ea:0d:57:
         f2:aa:12:7f:8e:2d:d8:1a:a7:a1:da:e0:7b:64:16:d8:c0:0b:
         ba:22:9c:d5:25:12:c2:2f:b3:09:f5:b9:24:9a:24:15:82:02:
         50:04:de:8b:b4:2b:74:d0:56:3b:87:cc:ad:2e:e4:48:97:6e:
         0e:f8:0c:43:93:92:c8:fd:c0:02:98:3d:1b:eb:e3:6f:63:97:
         69:31:59:85:3d:aa:f2:58:90:fa:8d:d2:87:0b:e5:45:d5:cb:
         95:bf:89:c7:3b:80:5e:17:c2:b4:05:21:64:de:24:47:30:9f:
         6b:4a:5d:c1:b9:dd:61:2b:f2:a7:17:b5:f6:2f:63:ec:5b:ed:
         7a:73:e6:1b:c3:9e:db:44:78:d8:15:86:3f:f2:3c:00:1a:45:
         69:e6:69:7c:cd:d5:e2:b4:98:b5:d2:2b:5d:93:d6:f7:de:2f:
         c7:90:f8:f4:90:35:5f:ca:7e:9a:44:c5:d0:23:9a:13:bd:26:
         7f:09:9e:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYe4KJpN8csaCZxCYwKDU96GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjMwNDI1MTEyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzY5NzY3Mzg5NzlmNjdjMWUyMzlkODM0YTEzMjA0Zjg0YzAyNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRzNYO6Spm5gZNMPCgzOkS8BTdlu
BJwzNxPb4uGOJqT8eBA5u3hJrRE7DgxKmb3xb9Dz9n1qX9HTfieO2uPYj9tqcH9v
UB4thyvxymvKHdr5GkDKTdV77ulvJQ0aMrx4+uT02yz/WXIgcK1qNf04ftbLGDcW
vGSGX02I9RWM+E2/5N6BGbPQCl6a5NizHJIpvO9qEU7CY0O8KGgIWiMBLONSxFSl
VbgXmNjw+j0bfE7tQIWbyB6U2J/T+0wYeiz87hq7grNd++HZvfDyip1neK2p9fvV
O0rVdOOCyCOfwA6QXkq3JaW9eLYP/3WX4PrGs5TJGmEuMKgq9hgwWUgrqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHxpdnOJefZ8HiOdg0oTIE+EwCeeMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvZkdsMmM0bDU5bndlSTUyRFNoTWdUNFRBSjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBZ7QAwQF
PkmgMA0GCSqGSIb3DQEBCwUAA4IBAQB6l6xXPRz/LrzbD6K+bCgn+F40cx6WuG+9
t14yUIMtdNykjGSosa7J+zDxHoApC9dIVbfIgHrm0H38ry3HuxcXPdcJZyzqDVfy
qhJ/ji3YGqeh2uB7ZBbYwAu6IpzVJRLCL7MJ9bkkmiQVggJQBN6LtCt00FY7h8yt
LuRIl24O+AxDk5LI/cACmD0b6+NvY5dpMVmFParyWJD6jdKHC+VF1cuVv4nHO4Be
F8K0BSFk3iRHMJ9rSl3Bud1hK/KnF7X2L2PsW+16c+Ybw57bRHjYFYY/8jwAGkVp
5ml8zdXitJi10itdk9b33i/HkPj0kDVfyn6aRMXQI5oTvSZ/CZ4U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:40 2024 by rpki-client on console-fra.rpki-client.org