Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/cjuQvgX5FiomcywrqiW0vhA9o7w.roa
File:                     cjuQvgX5FiomcywrqiW0vhA9o7w.roa (raw, json)
Hash identifier:          byp3Fg/P8pBZpE3p+g4qNiU1AT795nTxzn2VVhm4Gsw=
Subject key identifier:   72:3B:90:BE:05:F9:16:2A:26:73:2C:2B:AA:25:B4:BE:10:3D:A3:BC
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018F1E5BD9C229E0A27A5B8806E9B6DF91AF
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/cjuQvgX5FiomcywrqiW0vhA9o7w.roa
Signing time:             Sat 27 Apr 2024 07:01:26 +0000
ROA not before:           Sat 27 Apr 2024 07:01:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        5.181.84.0/24 maxlen: 24
                          5.181.85.0/24 maxlen: 24
                          5.181.87.0/24 maxlen: 24
                          45.94.170.0/24 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          91.223.110.0/24 maxlen: 24
                          193.30.241.0/24 maxlen: 24
                          195.177.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 May 2024 09:21:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:1e:5b:d9:c2:29:e0:a2:7a:5b:88:06:e9:b6:df:91:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Apr 27 07:01:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=723b90be05f9162a26732c2baa25b4be103da3bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:19:68:52:54:39:c1:84:ac:c7:cc:a4:10:cf:
                    41:77:9e:8c:d6:00:b2:90:e0:bf:d1:9c:95:76:b2:
                    05:25:1a:a5:67:3c:0e:f3:2c:53:fc:1e:e5:19:ce:
                    9f:e7:f8:a1:3d:a6:9a:cd:c0:6a:91:b9:1e:9e:01:
                    0e:88:b4:0c:44:07:80:9c:82:c1:2b:af:c7:49:49:
                    39:ca:77:65:0e:c5:f0:9e:00:31:5e:e2:49:7c:a5:
                    97:94:47:79:59:bb:f4:cb:0f:92:0c:0c:6b:99:43:
                    9d:4d:68:26:3c:d4:00:fc:f8:54:35:b0:db:21:e5:
                    d3:8b:a8:22:f7:f5:97:a5:09:d3:79:af:09:ec:a3:
                    4c:73:da:1c:de:98:f1:20:cf:04:3f:d1:07:22:16:
                    55:79:7a:01:7a:b9:77:a9:5a:b8:b2:f6:33:b5:0a:
                    1f:94:ed:db:1c:1f:0e:47:f5:3e:09:a6:2e:e7:9c:
                    dc:d5:06:e4:09:a7:02:02:d6:98:6c:e2:38:b2:d4:
                    d9:b9:40:c4:27:d1:b8:31:05:14:7b:b6:87:70:30:
                    21:05:ac:e3:54:64:bc:6b:c4:f7:f2:91:b7:e7:9e:
                    39:c2:fb:cf:93:4b:db:91:27:09:d1:cf:1f:4d:cc:
                    34:d6:46:b8:bc:8f:2a:9d:8d:51:57:1d:3e:d4:c8:
                    bc:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:3B:90:BE:05:F9:16:2A:26:73:2C:2B:AA:25:B4:BE:10:3D:A3:BC
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/cjuQvgX5FiomcywrqiW0vhA9o7w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.84.0/23
                  5.181.87.0/24
                  45.94.170.0/24
                  85.209.120.0/23
                  91.223.110.0/24
                  193.30.241.0/24
                  195.177.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:19:0f:94:bb:5e:96:1b:52:b6:99:a6:c3:57:0a:16:45:fb:
         5f:0e:84:a6:a3:32:c6:c1:5e:8c:62:fe:6e:05:dd:4d:ea:42:
         82:d4:65:75:20:8b:c6:a5:3d:4b:2a:c2:df:76:0d:fd:1d:31:
         8d:06:0e:69:f8:ec:bd:80:71:10:98:9a:42:65:c9:86:83:cc:
         25:ed:39:69:69:8b:b8:3d:cf:c9:62:a9:bb:e8:64:3a:31:68:
         f9:16:f4:13:79:91:ef:64:82:5e:22:e6:cb:77:bc:fa:7b:fa:
         8e:66:a7:78:ab:68:bd:2e:68:fa:0c:03:b9:d4:ee:14:5e:e7:
         43:7e:84:30:76:2c:58:02:dc:a6:cc:6f:96:18:eb:91:e9:8d:
         88:eb:4e:c8:22:9c:2b:28:50:79:24:b2:a2:bc:a5:40:c3:db:
         17:9d:c4:a8:8f:26:0f:06:0c:96:4c:75:c7:de:e2:46:54:7c:
         50:fe:7f:c5:32:ff:63:a2:6f:52:87:ce:f0:c5:42:55:78:6c:
         11:33:71:d0:1d:99:32:b3:e9:ab:1b:36:70:32:2a:84:9a:60:
         de:0a:6d:db:f4:17:81:05:79:59:52:e3:97:bf:fa:20:84:9b:
         df:8b:ea:b2:a4:f4:a6:1d:9a:f2:75:f1:eb:18:19:08:20:1f:
         d6:f9:d6:a5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY8eW9nCKeCieluIBum235GvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNDI3MDcwMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjNiOTBiZTA1ZjkxNjJhMjY3MzJjMmJhYTI1YjRiZTEwM2RhM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhloUlQ5wYSsx8ykEM9Bd56M1gCy
kOC/0ZyVdrIFJRqlZzwO8yxT/B7lGc6f5/ihPaaazcBqkbkengEOiLQMRAeAnILB
K6/HSUk5yndlDsXwngAxXuJJfKWXlEd5Wbv0yw+SDAxrmUOdTWgmPNQA/PhUNbDb
IeXTi6gi9/WXpQnTea8J7KNMc9oc3pjxIM8EP9EHIhZVeXoBerl3qVq4svYztQof
lO3bHB8OR/U+CaYu55zc1QbkCacCAtaYbOI4stTZuUDEJ9G4MQUUe7aHcDAhBazj
VGS8a8T38pG35545wvvPk0vbkScJ0c8fTcw01ka4vI8qnY1RVx0+1Mi8wwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHI7kL4F+RYqJnMsK6oltL4QPaO8MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvY2p1UXZnWDVGaW9tY3l3cnFpVzB2aEE5bzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBBbVUAwQA
BbVXAwQALV6qAwQBVdF4AwQAW99uAwQAwR7xAwQAw7FfMA0GCSqGSIb3DQEBCwUA
A4IBAQAfGQ+Uu16WG1K2mabDVwoWRftfDoSmozLGwV6MYv5uBd1N6kKC1GV1IIvG
pT1LKsLfdg39HTGNBg5p+Oy9gHEQmJpCZcmGg8wl7TlpaYu4Pc/JYqm76GQ6MWj5
FvQTeZHvZIJeIubLd7z6e/qOZqd4q2i9Lmj6DAO51O4UXudDfoQwdixYAtymzG+W
GOuR6Y2I607IIpwrKFB5JLKivKVAw9sXncSojyYPBgyWTHXH3uJGVHxQ/n/FMv9j
om9Sh87wxUJVeGwRM3HQHZkys+mrGzZwMiqEmmDeCm3b9BeBBXlZUuOXv/oghJvf
i+qypPSmHZrydfHrGBkIIB/W+dal
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org