Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/lyDEVhK5vy_0-Kknf3NMbf7JOHw.roa
File:                     lyDEVhK5vy_0-Kknf3NMbf7JOHw.roa (raw, json)
Hash identifier:          d8bJ523Lgzt/QRgb770FrmM9hxIdrdXjd3BMBTO0/Vk=
Subject key identifier:   97:20:C4:56:12:B9:BF:2F:F4:F8:A9:27:7F:73:4C:6D:FE:C9:38:7C
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01865B4251046BA09E12058D83552B097553
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/lyDEVhK5vy_0-Kknf3NMbf7JOHw.roa
Signing time:             Thu 16 Feb 2023 17:25:18 +0000
ROA not before:           Thu 16 Feb 2023 17:25:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44486
IP address blocks:        45.145.227.0/24 maxlen: 24
                          212.87.214.0/23 maxlen: 23
                          185.132.55.0/24 maxlen: 24
                          185.132.54.0/24 maxlen: 24
                          45.137.71.0/24 maxlen: 24
                          45.137.69.0/24 maxlen: 24
                          45.131.109.0/24 maxlen: 24
                          45.145.224.0/23 maxlen: 23
                          45.91.251.0/24 maxlen: 24
                          5.180.252.0/23 maxlen: 23
                          5.180.254.0/23 maxlen: 23
                          5.253.244.0/24 maxlen: 24
                          45.134.108.0/23 maxlen: 23
                          45.84.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Feb 2023 14:15:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:5b:42:51:04:6b:a0:9e:12:05:8d:83:55:2b:09:75:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Feb 16 17:25:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9720c45612b9bf2ff4f8a9277f734c6dfec9387c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c6:52:5c:a0:eb:7d:7d:9e:d3:a8:6e:f0:8a:
                    9f:85:6b:91:3e:ec:e8:13:e7:26:d5:b9:fc:2e:cf:
                    29:f9:b9:19:a9:d9:80:d1:88:2a:bd:69:5d:2a:63:
                    62:b1:0a:c6:cf:1d:80:52:ee:4a:0d:ce:48:08:3f:
                    f7:ad:bc:c2:75:de:94:5f:0d:d9:6d:5e:d8:e5:50:
                    79:08:13:61:61:2a:75:be:da:e8:35:eb:5a:29:f6:
                    3e:88:84:20:f9:28:ed:66:d2:7b:69:78:e0:fb:a4:
                    98:1b:71:df:e6:d3:ca:7b:e3:a7:d1:5f:55:69:7e:
                    67:72:bb:4f:3c:5b:6a:d8:c7:fd:c0:6a:7d:dc:6a:
                    20:30:32:4c:94:87:14:3c:14:ef:b1:e8:17:5c:49:
                    15:c7:63:86:fe:02:02:3e:35:ab:bd:81:36:1a:ff:
                    a6:73:19:54:2f:02:f5:f7:4a:68:69:8d:42:1b:5d:
                    25:95:ef:c0:e0:a1:e7:63:91:c0:f6:c0:78:e8:21:
                    60:2c:79:52:51:e3:86:73:e7:53:83:31:31:ca:10:
                    38:fe:c4:21:8f:4e:4f:0d:39:d5:d0:38:b0:49:07:
                    ff:29:3a:e7:d7:f8:76:7a:47:b9:09:89:a0:74:ab:
                    c7:9b:74:26:86:90:1b:15:b2:80:aa:60:91:fe:1f:
                    3c:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:20:C4:56:12:B9:BF:2F:F4:F8:A9:27:7F:73:4C:6D:FE:C9:38:7C
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/lyDEVhK5vy_0-Kknf3NMbf7JOHw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.252.0/22
                  5.253.244.0/24
                  45.84.199.0/24
                  45.91.251.0/24
                  45.131.109.0/24
                  45.134.108.0/23
                  45.137.69.0/24
                  45.137.71.0/24
                  45.145.224.0/23
                  45.145.227.0/24
                  185.132.54.0/23
                  212.87.214.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a5:56:1f:61:2f:a3:53:d5:41:49:33:39:57:09:b0:94:a0:7f:
         36:d8:82:5c:5f:d0:9a:f3:6a:41:6b:5f:5b:39:4b:e7:c5:c7:
         05:b6:e9:d3:fa:dc:e7:1c:e6:be:b8:dd:68:fe:48:f7:31:f3:
         fe:2a:6e:43:c8:c6:4b:19:f3:8a:10:14:d6:ab:37:80:0c:f5:
         fc:77:d8:59:6b:c5:ce:05:d7:ce:36:4b:8c:56:39:2d:7e:f8:
         ec:f5:9a:27:97:31:ac:d3:3b:8b:c0:db:99:94:5d:14:62:36:
         84:31:fa:ce:f6:80:9f:8d:d7:f7:ae:97:53:67:aa:5b:96:bb:
         cc:af:b0:52:0f:ab:e8:f1:91:8d:b2:f3:4f:e3:e8:51:d1:38:
         8c:bb:f2:ac:92:7b:18:46:86:a0:da:8a:39:63:82:47:1a:d2:
         16:8d:0f:08:f8:67:14:56:84:7d:b1:22:f7:ef:8d:8d:b2:99:
         6f:39:40:9e:88:f3:2b:a1:f6:e4:6b:30:71:7a:61:b0:ba:86:
         ab:ec:3d:59:50:e1:63:a2:a4:b0:62:c9:f7:5a:df:ec:12:93:
         7c:c1:5a:33:86:ae:75:40:1b:5c:f0:b5:54:04:ec:03:2d:10:
         28:a9:3a:5a:0a:6e:62:9f:ca:9f:b2:2e:ad:cd:b3:59:b8:3b:
         93:09:97:0a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYZbQlEEa6CeEgWNg1UrCXVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMjE2MTcyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzIwYzQ1NjEyYjliZjJmZjRmOGE5Mjc3ZjczNGM2ZGZlYzkzODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcZSXKDrfX2e06hu8IqfhWuRPuzo
E+cm1bn8Ls8p+bkZqdmA0YgqvWldKmNisQrGzx2AUu5KDc5ICD/3rbzCdd6UXw3Z
bV7Y5VB5CBNhYSp1vtroNetaKfY+iIQg+SjtZtJ7aXjg+6SYG3Hf5tPKe+On0V9V
aX5ncrtPPFtq2Mf9wGp93GogMDJMlIcUPBTvsegXXEkVx2OG/gICPjWrvYE2Gv+m
cxlULwL190poaY1CG10lle/A4KHnY5HA9sB46CFgLHlSUeOGc+dTgzExyhA4/sQh
j05PDTnV0DiwSQf/KTrn1/h2eke5CYmgdKvHm3QmhpAbFbKAqmCR/h88vQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJcgxFYSub8v9PipJ39zTG3+yTh8MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvbHlERVZoSzV2eV8wLUtrbmYzTk1iZjdKT0h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCBbT8AwQA
Bf30AwQALVTHAwQALVv7AwQALYNtAwQBLYZsAwQALYlFAwQALYlHAwQBLZHgAwQA
LZHjAwQBuYQ2AwQB1FfWMA0GCSqGSIb3DQEBCwUAA4IBAQClVh9hL6NT1UFJMzlX
CbCUoH822IJcX9Ca82pBa19bOUvnxccFtunT+tznHOa+uN1o/kj3MfP+Km5DyMZL
GfOKEBTWqzeADPX8d9hZa8XOBdfONkuMVjktfvjs9ZonlzGs0zuLwNuZlF0UYjaE
MfrO9oCfjdf3rpdTZ6pblrvMr7BSD6vo8ZGNsvNP4+hR0TiMu/KsknsYRoag2oo5
Y4JHGtIWjQ8I+GcUVoR9sSL3742NsplvOUCeiPMrofbkazBxemGwuoar7D1ZUOFj
oqSwYsn3Wt/sEpN8wVozhq51QBtc8LVUBOwDLRAoqTpaCm5in8qfsi6tzbNZuDuT
CZcK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org