Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/hXVQ5nbyIFWLquYQCTNOwETVF0g.roa
File:                     hXVQ5nbyIFWLquYQCTNOwETVF0g.roa (raw, json)
Hash identifier:          YhtxGrdG7B7anBlJq7LQ6EPuvxduQGS+zcfg2WmIQi4=
Subject key identifier:   85:75:50:E6:76:F2:20:55:8B:AA:E6:10:09:33:4E:C0:44:D5:17:48
Certificate issuer:       /CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Certificate serial:       018570F0AEE8C42FAF643EC3D933F23D72E8
Authority key identifier: BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/hXVQ5nbyIFWLquYQCTNOwETVF0g.roa
Signing time:             Mon 02 Jan 2023 05:24:59 +0000
ROA not before:           Mon 02 Jan 2023 05:24:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49349
IP address blocks:        185.38.140.0/22 maxlen: 24
                          185.236.229.0/24 maxlen: 24
                          185.236.231.0/24 maxlen: 24
                          185.236.230.0/24 maxlen: 24
                          188.93.232.0/21 maxlen: 24
                          5.206.224.0/21 maxlen: 24
                          2a00:1c60::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:f0:ae:e8:c4:2f:af:64:3e:c3:d9:33:f2:3d:72:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
        Validity
            Not Before: Jan  2 05:24:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=857550e676f220558baae61009334ec044d51748
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e2:69:d4:25:0f:c2:0f:f1:e0:36:4a:bc:49:
                    cd:a2:9d:2b:45:fa:37:10:6a:79:9e:eb:b4:41:ab:
                    6c:21:40:35:b4:f2:7f:8b:8c:a2:3c:ab:88:60:8e:
                    01:b9:92:37:27:17:85:2d:52:25:a3:a2:a2:82:3c:
                    18:c4:49:74:72:6c:e7:5c:37:1b:3a:49:3f:fe:b6:
                    04:44:5a:9b:80:c0:0c:2f:22:de:96:2e:22:52:c9:
                    31:7b:bb:97:91:72:b9:b1:b8:74:2e:90:ea:d2:79:
                    93:c8:ec:39:a2:43:d7:57:7a:f2:28:8c:5d:b6:f8:
                    41:58:72:e3:c7:d4:8e:4e:1b:c1:51:da:e1:79:54:
                    6c:34:4f:27:25:00:03:3b:e5:a8:9e:57:00:30:be:
                    95:be:10:53:2c:b4:cd:f0:19:d3:a3:d7:c8:10:92:
                    f5:38:2d:f9:e3:89:c4:76:64:66:b7:7b:c4:b8:ae:
                    06:a9:16:d4:82:8a:9a:f3:6a:3b:b4:6d:90:8e:22:
                    f7:93:a3:4c:8d:36:e7:c8:b4:11:3d:24:5f:56:12:
                    9f:57:c5:1a:56:24:d9:4b:d8:06:43:32:85:68:89:
                    aa:78:a5:f1:48:de:96:dd:ce:c2:9e:b6:b0:42:6e:
                    0c:ad:24:42:4b:a6:c4:cb:7a:75:f6:32:7d:29:fd:
                    2b:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:75:50:E6:76:F2:20:55:8B:AA:E6:10:09:33:4E:C0:44:D5:17:48
            X509v3 Authority Key Identifier:
                keyid:BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/hXVQ5nbyIFWLquYQCTNOwETVF0g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.206.224.0/21
                  185.38.140.0/22
                  185.236.229.0-185.236.231.255
                  188.93.232.0/21
                IPv6:
                  2a00:1c60::/32

    Signature Algorithm: sha256WithRSAEncryption
         d5:4e:45:33:78:d9:82:ff:bb:af:7f:2c:98:4a:7d:6f:ae:2e:
         0d:df:19:76:4e:6b:88:8b:3c:af:c2:16:0e:93:45:14:14:27:
         1c:51:7d:8b:6c:e1:1d:7a:17:b1:0e:df:10:39:46:73:b2:91:
         51:c4:47:9a:e0:9b:03:a8:6a:de:f1:e7:5c:41:93:e0:7b:52:
         d5:c2:b5:55:10:a2:11:19:90:e5:ba:52:d8:cc:ea:e5:dc:a7:
         ee:eb:c5:cc:0c:db:0f:b0:92:6e:f1:ad:00:46:69:71:df:df:
         c4:52:5c:3d:e3:4f:28:b8:a6:2e:65:6c:07:ed:80:e4:8b:ba:
         5e:88:e9:10:c6:13:91:14:5d:30:e2:e7:78:ff:f0:45:00:b7:
         1f:b6:63:9b:77:0b:cc:67:91:c2:3f:41:e4:4e:f2:39:70:2c:
         71:f4:c5:59:91:f6:fe:b1:08:f3:76:58:69:e2:70:cf:09:b0:
         0e:ca:a4:d7:ae:99:d5:ed:a5:26:a1:55:ba:b3:ef:25:67:da:
         b9:11:31:66:27:2f:7b:12:c9:39:c1:2f:c6:16:0e:de:d1:82:
         4f:21:5a:8a:70:fd:03:53:ab:58:44:34:89:92:76:75:94:15:
         7b:d4:0d:1b:03:c9:e4:d2:c7:ed:dc:00:fc:cf:40:59:0a:a6:
         50:c2:ba:d9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVw8K7oxC+vZD7D2TPyPXLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWYwYjlhYzFkNTY1MmYzZGNhMWVmMTYyM2JmOTlhYjI5
NjQ3ZGYwHhcNMjMwMTAyMDUyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTc1NTBlNjc2ZjIyMDU1OGJhYWU2MTAwOTMzNGVjMDQ0ZDUxNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuJp1CUPwg/x4DZKvEnNop0rRfo3
EGp5nuu0QatsIUA1tPJ/i4yiPKuIYI4BuZI3JxeFLVIlo6KigjwYxEl0cmznXDcb
Okk//rYERFqbgMAMLyLeli4iUskxe7uXkXK5sbh0LpDq0nmTyOw5okPXV3ryKIxd
tvhBWHLjx9SOThvBUdrheVRsNE8nJQADO+WonlcAML6VvhBTLLTN8BnTo9fIEJL1
OC3544nEdmRmt3vEuK4GqRbUgoqa82o7tG2QjiL3k6NMjTbnyLQRPSRfVhKfV8Ua
ViTZS9gGQzKFaImqeKXxSN6W3c7CnrawQm4MrSRCS6bEy3p19jJ9Kf0roQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIV1UOZ28iBVi6rmEAkzTsBE1RdIMB8GA1UdIwQY
MBaAFLyfC5rB1WUvPcoe8WI7+ZqylkffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2Ut
OTVjODk0MmRmNzI0LzEvaFhWUTVuYnlJRldMcXVZUUNUTk93RVRWRjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2UtOTVjODk0MmRmNzI0
LzEvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDBc7gAwQC
uSaMMAwDBAC57OUDBAO57OADBAO8XegwDQQCAAIwBwMFACoAHGAwDQYJKoZIhvcN
AQELBQADggEBANVORTN42YL/u69/LJhKfW+uLg3fGXZOa4iLPK/CFg6TRRQUJxxR
fYts4R16F7EO3xA5RnOykVHER5rgmwOoat7x51xBk+B7UtXCtVUQohEZkOW6UtjM
6uXcp+7rxcwM2w+wkm7xrQBGaXHf38RSXD3jTyi4pi5lbAftgOSLul6I6RDGE5EU
XTDi53j/8EUAtx+2Y5t3C8xnkcI/QeRO8jlwLHH0xVmR9v6xCPN2WGnicM8JsA7K
pNeumdXtpSahVbqz7yVn2rkRMWYnL3sSyTnBL8YWDt7Rgk8hWopw/QNTq1hENImS
dnWUFXvUDRsDyeTSx+3cAPzPQFkKplDCutk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:09 2024 by rpki-client on console-ams.rpki-client.org