Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/sBqO5otAfgUQA-_UNd9G3jqbhjo.roa
File:                     sBqO5otAfgUQA-_UNd9G3jqbhjo.roa (raw, json)
Hash identifier:          GC2UYD6sPTQmauZ5FYJQbgGamFEVfwYYK61LZF4q0xQ=
Subject key identifier:   B0:1A:8E:E6:8B:40:7E:05:10:03:EF:D4:35:DF:46:DE:3A:9B:86:3A
Certificate issuer:       /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial:       01856CCAD08685560D42A86E5C38895EF581
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/sBqO5otAfgUQA-_UNd9G3jqbhjo.roa
Signing time:             Sun 01 Jan 2023 10:05:08 +0000
ROA not before:           Sun 01 Jan 2023 10:05:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        80.238.32.0/19 maxlen: 19
                          84.38.32.0/20 maxlen: 20
                          89.200.128.0/21 maxlen: 21
                          194.50.165.0/24 maxlen: 24
                          85.188.192.0/18 maxlen: 18
                          195.189.158.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ca:d0:86:85:56:0d:42:a8:6e:5c:38:89:5e:f5:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
        Validity
            Not Before: Jan  1 10:05:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b01a8ee68b407e051003efd435df46de3a9b863a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:e4:42:e3:f8:ed:3f:56:e2:83:ef:82:d4:85:
                    43:d3:f4:0b:68:3b:4a:73:cc:af:24:16:93:e1:83:
                    e8:2a:8a:9e:9d:d2:4a:4d:05:1e:3e:85:97:71:35:
                    85:93:ae:b3:15:46:2d:5a:36:08:cd:28:5d:1b:7c:
                    bc:f4:1e:b4:39:e4:c8:3b:da:71:c2:ce:52:e0:58:
                    b7:24:f7:a4:cd:a2:fc:9f:8c:bb:24:df:0d:8b:70:
                    84:99:8f:34:80:0b:9a:ad:d1:78:88:d6:e3:3d:40:
                    0f:75:61:3f:99:f2:56:48:aa:e6:82:cd:c0:52:02:
                    2c:f5:25:63:47:9a:46:6a:db:a3:ca:e2:d6:0d:71:
                    05:1e:fb:5e:72:5c:91:4e:58:e6:71:35:fe:e0:35:
                    55:ff:06:67:c4:33:b8:c2:d2:ae:bc:97:bc:60:4d:
                    76:ad:13:08:e3:59:c2:b0:44:f6:30:38:fb:71:ca:
                    db:86:45:9a:9d:af:30:d7:d9:66:c6:1e:67:eb:15:
                    79:d8:fc:7f:46:a6:34:a5:d1:63:9c:26:04:98:29:
                    11:18:27:2a:81:99:29:f0:43:af:e8:5f:ae:f6:4b:
                    af:f3:e4:24:c9:df:4a:79:2f:99:5e:7a:07:d3:04:
                    50:c2:78:0d:bb:83:d1:2d:d2:80:ce:43:fe:da:ad:
                    5d:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:1A:8E:E6:8B:40:7E:05:10:03:EF:D4:35:DF:46:DE:3A:9B:86:3A
            X509v3 Authority Key Identifier:
                keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/sBqO5otAfgUQA-_UNd9G3jqbhjo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.238.32.0/19
                  84.38.32.0/20
                  85.188.192.0/18
                  89.200.128.0/21
                  194.50.165.0/24
                  195.189.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8a:12:29:d0:b1:0f:5d:6d:f8:c3:7b:dd:84:5d:e5:17:57:fb:
         87:99:c7:2d:47:da:f5:7a:19:f6:c3:c2:c7:46:0f:34:47:6e:
         96:a6:e1:fd:60:7f:ae:49:66:e1:01:f3:4f:1f:d3:85:00:36:
         c6:a6:e9:7f:b1:13:5d:be:2a:6d:e2:b8:a6:24:71:6a:7a:b4:
         49:4e:31:d0:17:28:ec:72:07:36:1f:09:b4:d7:3d:77:69:52:
         99:ab:6c:28:76:f5:e2:05:d5:e1:d5:23:4d:da:ab:9a:c4:3f:
         3a:7a:4c:71:3c:7c:a3:b7:ae:19:a3:ac:07:1e:40:7f:d3:b0:
         2e:29:02:3a:f8:1e:40:b0:50:5d:e2:7f:b7:09:27:5a:9b:2a:
         be:cb:40:b0:64:04:ff:3d:11:a0:59:1a:e0:e4:d5:92:41:53:
         7f:7e:ee:37:6d:84:b1:4b:ff:76:c6:21:1d:d4:d2:87:0c:3b:
         bd:97:17:15:c7:15:23:4e:08:27:18:44:c0:31:5d:97:b1:6a:
         0c:47:c8:41:32:3b:24:fe:fb:e8:b3:9f:71:32:01:dd:03:fd:
         8c:21:90:f2:df:81:43:74:b5:45:9b:1e:47:c6:59:23:84:9a:
         86:b3:9f:0a:02:1a:65:71:6f:87:1d:d0:64:ad:34:33:e5:09:
         91:10:94:63
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVsytCGhVYNQqhuXDiJXvWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjMwMTAxMTAwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDFhOGVlNjhiNDA3ZTA1MTAwM2VmZDQzNWRmNDZkZTNhOWI4NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+RC4/jtP1big++C1IVD0/QLaDtK
c8yvJBaT4YPoKoqendJKTQUePoWXcTWFk66zFUYtWjYIzShdG3y89B60OeTIO9px
ws5S4Fi3JPekzaL8n4y7JN8Ni3CEmY80gAuardF4iNbjPUAPdWE/mfJWSKrmgs3A
UgIs9SVjR5pGatujyuLWDXEFHvteclyRTljmcTX+4DVV/wZnxDO4wtKuvJe8YE12
rRMI41nCsET2MDj7ccrbhkWana8w19lmxh5n6xV52Px/RqY0pdFjnCYEmCkRGCcq
gZkp8EOv6F+u9kuv8+Qkyd9KeS+ZXnoH0wRQwngNu4PRLdKAzkP+2q1dMwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLAajuaLQH4FEAPv1DXfRt46m4Y6MB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvc0JxTzVvdEFmZ1VRQS1fVU5kOUczanFiaGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFUO4gAwQE
VCYgAwQGVbzAAwQDWciAAwQAwjKlAwQBw72eMA0GCSqGSIb3DQEBCwUAA4IBAQCK
EinQsQ9dbfjDe92EXeUXV/uHmcctR9r1ehn2w8LHRg80R26WpuH9YH+uSWbhAfNP
H9OFADbGpul/sRNdvipt4rimJHFqerRJTjHQFyjscgc2Hwm01z13aVKZq2wodvXi
BdXh1SNN2quaxD86ekxxPHyjt64Zo6wHHkB/07AuKQI6+B5AsFBd4n+3CSdamyq+
y0CwZAT/PRGgWRrg5NWSQVN/fu43bYSxS/92xiEd1NKHDDu9lxcVxxUjTggnGETA
MV2XsWoMR8hBMjsk/vvos59xMgHdA/2MIZDy34FDdLVFmx5HxlkjhJqGs58KAhpl
cW+HHdBkrTQz5QmREJRj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:06 2024 by rpki-client on console-ams.rpki-client.org