Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/8C-PB5PViTimrdnJyLG3BUFYJ1k.roa
File:                     8C-PB5PViTimrdnJyLG3BUFYJ1k.roa (raw, json)
Hash identifier:          c+qDM+AtiWfLbQbY3ivBGdVtc+0RRJiMaPyJ2bf6HkQ=
Subject key identifier:   F0:2F:8F:07:93:D5:89:38:A6:AD:D9:C9:C8:B1:B7:05:41:58:27:59
Certificate issuer:       /CN=145ceb292089e0df75719db3e96c509754f94837
Certificate serial:       018812CAF2E38AFF5C07175BA45EACFE4625
Authority key identifier: 14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/8C-PB5PViTimrdnJyLG3BUFYJ1k.roa
Signing time:             Sat 13 May 2023 01:47:50 +0000
ROA not before:           Sat 13 May 2023 01:47:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49028
IP address blocks:        193.203.52.0/22 maxlen: 22
                          185.252.236.0/22 maxlen: 22
                          185.252.236.0/24 maxlen: 24
                          45.151.8.0/22 maxlen: 22
                          185.252.237.0/24 maxlen: 24
                          185.252.238.0/24 maxlen: 24
                          185.252.239.0/24 maxlen: 24
                          2.59.188.0/22 maxlen: 22
                          2a0c:2dc0::/29 maxlen: 29
                          2a09:f7c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:12:ca:f2:e3:8a:ff:5c:07:17:5b:a4:5e:ac:fe:46:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=145ceb292089e0df75719db3e96c509754f94837
        Validity
            Not Before: May 13 01:47:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f02f8f0793d58938a6add9c9c8b1b70541582759
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:fb:9c:72:72:e3:c1:7e:36:75:f4:d0:b9:83:
                    fe:56:46:ba:68:7c:c1:73:5e:7d:07:c7:d2:89:f3:
                    fd:56:77:3a:3a:ff:ad:38:b7:e6:20:4b:90:cc:39:
                    6e:20:52:61:b8:d4:a8:30:e5:3c:d7:8f:61:f7:f3:
                    22:7d:3f:1c:49:7d:aa:3a:82:3a:98:53:a9:95:a4:
                    01:2f:ef:38:b7:d2:22:77:ee:76:d4:1c:8f:f7:bf:
                    71:96:b9:8b:e2:6d:01:d5:ae:7f:aa:94:e5:e2:e4:
                    21:c4:66:be:c3:f3:30:35:c2:bb:b1:42:60:df:99:
                    ab:c0:27:26:82:f3:ef:25:b2:12:81:72:fa:6d:d0:
                    66:3e:79:3a:a1:10:23:ae:f5:1b:3c:a9:58:ea:b6:
                    48:25:0d:c4:a6:f2:c2:40:46:eb:86:57:8c:e1:ac:
                    48:e8:b5:17:f1:82:a2:fa:47:9f:a7:af:b5:c1:2f:
                    90:09:64:a7:23:ee:86:54:a1:82:2e:51:0a:98:34:
                    4c:ca:b2:8d:5d:fc:40:99:6c:25:42:50:31:9f:c0:
                    ad:ef:0e:44:cf:50:f5:5e:40:55:01:f0:39:38:b0:
                    2c:6b:c7:22:50:26:e5:94:a3:72:f7:50:11:66:1e:
                    fe:cf:e9:52:fc:bd:b8:87:45:15:b7:2d:16:26:1a:
                    b6:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:2F:8F:07:93:D5:89:38:A6:AD:D9:C9:C8:B1:B7:05:41:58:27:59
            X509v3 Authority Key Identifier:
                keyid:14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/8C-PB5PViTimrdnJyLG3BUFYJ1k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.188.0/22
                  45.151.8.0/22
                  185.252.236.0/22
                  193.203.52.0/22
                IPv6:
                  2a09:f7c0::/29
                  2a0c:2dc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         00:d8:84:f2:1d:5b:44:3b:9d:d1:04:5a:6e:e3:79:0d:32:ef:
         78:5a:bc:d2:d9:8b:0c:a6:5f:32:4c:70:ee:cf:c6:43:36:93:
         f8:7d:ba:8b:9e:6d:b9:bf:f2:c3:ec:6f:7a:53:99:4a:16:04:
         2d:e1:f4:ee:11:22:9b:7e:e0:47:86:e6:22:a1:4e:1d:45:af:
         a5:e4:e8:43:e6:af:17:4f:bc:c9:c9:5f:06:7a:2c:de:00:3f:
         6a:80:4a:93:82:b8:31:9b:45:7f:f0:2f:85:80:4c:39:46:2f:
         60:ac:98:bc:45:ad:ed:97:1e:ac:4d:77:68:98:91:38:fa:a2:
         51:ca:75:72:7c:23:d5:b8:05:2d:f8:a3:65:c8:64:12:20:b1:
         0f:3b:7a:8f:09:eb:93:ca:27:3f:14:e6:49:58:6f:50:30:f7:
         db:77:81:3b:c4:33:35:84:83:f9:28:65:4f:ce:f5:27:8c:d8:
         dc:42:ad:e3:23:a0:8a:94:fd:00:c3:3c:df:64:c0:f4:74:7b:
         53:77:a1:d8:0a:73:be:7b:87:77:66:4b:83:93:29:9a:77:cd:
         2f:b5:5e:72:88:64:41:a5:74:9d:ce:e4:78:1d:c6:a7:b4:a1:
         54:1c:a8:f9:33:25:fa:31:7f:ba:35:0f:71:05:1d:63:99:70:
         62:4b:0c:e6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYgSyvLjiv9cBxdbpF6s/kYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NWNlYjI5MjA4OWUwZGY3NTcxOWRiM2U5NmM1MDk3NTRm
OTQ4MzcwHhcNMjMwNTEzMDE0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDJmOGYwNzkzZDU4OTM4YTZhZGQ5YzljOGIxYjcwNTQxNTgyNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPuccnLjwX42dfTQuYP+Vka6aHzB
c159B8fSifP9Vnc6Ov+tOLfmIEuQzDluIFJhuNSoMOU8149h9/MifT8cSX2qOoI6
mFOplaQBL+84t9Iid+521ByP979xlrmL4m0B1a5/qpTl4uQhxGa+w/MwNcK7sUJg
35mrwCcmgvPvJbISgXL6bdBmPnk6oRAjrvUbPKlY6rZIJQ3EpvLCQEbrhleM4axI
6LUX8YKi+kefp6+1wS+QCWSnI+6GVKGCLlEKmDRMyrKNXfxAmWwlQlAxn8Ct7w5E
z1D1XkBVAfA5OLAsa8ciUCbllKNy91ARZh7+z+lS/L24h0UVty0WJhq2PQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPAvjweT1Yk4pq3ZycixtwVBWCdZMB8GA1UdIwQY
MBaAFBRc6ykgieDfdXGds+lsUJdU+Ug3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEt
MTI3MTljMjYxY2MwLzEvOEMtUEI1UFZpVGltcmRuSnlMRzNCVUZZSjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEtMTI3MTljMjYxY2Mw
LzEvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCAju8AwQC
LZcIAwQCufzsAwQCwcs0MBQEAgACMA4DBQMqCffAAwUDKgwtwDANBgkqhkiG9w0B
AQsFAAOCAQEAANiE8h1bRDud0QRabuN5DTLveFq80tmLDKZfMkxw7s/GQzaT+H26
i55tub/yw+xvelOZShYELeH07hEim37gR4bmIqFOHUWvpeToQ+avF0+8yclfBnos
3gA/aoBKk4K4MZtFf/AvhYBMOUYvYKyYvEWt7ZcerE13aJiROPqiUcp1cnwj1bgF
LfijZchkEiCxDzt6jwnrk8onPxTmSVhvUDD323eBO8QzNYSD+ShlT871J4zY3EKt
4yOgipT9AMM832TA9HR7U3eh2ApzvnuHd2ZLg5MpmnfNL7VecohkQaV0nc7keB3G
p7ShVByo+TMl+jF/ujUPcQUdY5lwYksM5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:05 2024 by rpki-client on console-fra.rpki-client.org