Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/LUzG2t2X9D5jqF7X36F_Dhj-z-U.roa
File:                     LUzG2t2X9D5jqF7X36F_Dhj-z-U.roa (raw, json)
Hash identifier:          snbmn4VX4AyrsHTd5zeNFMvaE+7WpU7f5/g6pfHroBw=
Subject key identifier:   2D:4C:C6:DA:DD:97:F4:3E:63:A8:5E:D7:DF:A1:7F:0E:18:FE:CF:E5
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       018CBBF44A4B2037D7FD46171242870E764A
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/LUzG2t2X9D5jqF7X36F_Dhj-z-U.roa
Signing time:             Sat 30 Dec 2023 18:19:58 +0000
ROA not before:           Sat 30 Dec 2023 18:19:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212271
IP address blocks:        2a05:4140::/29 maxlen: 48
                          2a05:4143::/32 maxlen: 48
                          2a05:4140:32::/48 maxlen: 48
                          2a11:e102::/32 maxlen: 32
                          2a05:4140:30::/48 maxlen: 48
                          2a05:4140:190::/48 maxlen: 48
                          2a05:4140:10::/48 maxlen: 48
                          2a05:4140:34::/48 maxlen: 48
                          2a05:4144::/32 maxlen: 32
                          2a05:4140:5::/48 maxlen: 48
                          2a05:4140:8::/48 maxlen: 48
                          2a05:4140:3::/48 maxlen: 48
                          2a05:4140:187::/48 maxlen: 48
                          2a05:4140:100::/40 maxlen: 48
                          2a05:4140:400::/40 maxlen: 48
                          2a05:4140:300::/40 maxlen: 40
                          2a05:4140:36::/48 maxlen: 48
                          2a05:4140:16::/48 maxlen: 48
                          2a05:4140:31::/48 maxlen: 48
                          2a05:4140:4::/48 maxlen: 48
                          2a05:4140:15::/48 maxlen: 48
                          2a05:4140:35::/48 maxlen: 64
                          2a05:4140:33::/48 maxlen: 48
                          2a05:4140:29::/48 maxlen: 48
                          2a05:4140:9::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:bb:f4:4a:4b:20:37:d7:fd:46:17:12:42:87:0e:76:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Dec 30 18:19:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2d4cc6dadd97f43e63a85ed7dfa17f0e18fecfe5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:91:a0:83:21:59:73:9b:ae:84:47:23:4a:47:
                    25:f1:c3:ec:b1:9d:ea:ca:e5:cc:d1:4b:0b:eb:c2:
                    ac:42:89:bd:09:7d:ed:32:88:b2:4d:4e:26:99:ad:
                    92:85:df:4c:8f:64:0c:7f:11:e9:d0:20:a2:3e:ab:
                    ca:a0:78:9e:7e:75:8b:81:a6:b9:65:c5:9c:48:60:
                    a8:aa:5a:ec:5c:05:0f:60:fd:f2:64:d4:b7:1a:35:
                    d9:6c:de:a4:70:7f:f1:86:c2:fd:81:a3:ff:77:3a:
                    16:b7:9c:71:97:4c:da:96:8f:1c:7d:13:0c:1f:16:
                    93:89:5e:ca:f5:64:53:a6:e7:25:9c:10:3d:19:35:
                    25:6a:94:60:de:8b:e0:c0:ce:d5:56:d7:c6:0f:59:
                    1b:6f:a6:e1:d3:1c:4b:b9:32:9a:27:d2:92:88:05:
                    c2:ca:1d:8f:9a:cb:45:fc:7b:af:fc:24:84:38:1f:
                    a1:be:15:af:ca:69:37:4d:c9:e1:48:c8:c4:65:58:
                    ee:d8:46:09:ce:d0:e5:bc:f0:54:fb:d0:78:22:85:
                    ae:86:22:4a:10:d3:92:0b:bf:98:a5:f6:ae:b4:eb:
                    96:da:ca:c5:86:0a:2d:f7:a5:47:8f:00:ab:69:46:
                    c0:75:3a:6c:b7:98:e2:4b:60:40:f5:36:6a:51:cd:
                    0b:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:4C:C6:DA:DD:97:F4:3E:63:A8:5E:D7:DF:A1:7F:0E:18:FE:CF:E5
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/LUzG2t2X9D5jqF7X36F_Dhj-z-U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140::/29
                  2a11:e102::/32

    Signature Algorithm: sha256WithRSAEncryption
         38:e4:6e:35:87:55:f9:68:1c:59:64:09:c1:f4:cf:55:af:94:
         59:e2:ea:1b:02:d6:cb:de:7c:d0:8a:65:9b:46:c7:6e:53:21:
         e9:ac:65:e2:37:1c:38:ef:e6:cb:de:c6:8f:eb:99:5b:c3:f8:
         31:31:ba:cb:97:44:1b:9e:c6:57:29:9d:6f:6c:9d:b3:aa:de:
         b8:ad:fc:bf:74:42:27:31:f0:bc:72:e5:1f:88:a6:3c:49:61:
         40:f9:16:f2:2b:34:04:34:4f:06:dd:a8:98:ed:49:d0:a1:eb:
         85:9f:31:3a:e9:49:aa:53:f9:08:e8:47:45:44:2d:51:43:8b:
         0c:49:97:43:98:db:4a:71:cd:dd:4a:98:16:1d:af:20:b4:e4:
         4f:c5:76:c7:c5:2b:69:65:1c:b9:02:df:34:c3:a1:31:e0:4d:
         2c:71:80:17:30:2d:63:f7:d3:b0:e9:f2:a8:66:f3:e7:67:0e:
         ea:07:6a:5a:b5:84:ae:1a:a3:ca:47:b7:18:83:cd:fb:99:8c:
         69:e7:55:21:7c:75:4c:a7:87:f7:bd:23:86:76:d7:b0:3e:6a:
         9f:62:5c:a4:e9:35:81:37:d0:d4:4c:37:ae:6e:98:85:73:fd:
         cb:98:a4:ee:45:58:f9:d8:c6:f9:b2:f3:95:36:5b:c0:72:7a:
         11:76:cd:61
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYy79EpLIDfX/UYXEkKHDnZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjMxMjMwMTgxOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDRjYzZkYWRkOTdmNDNlNjNhODVlZDdkZmExN2YwZTE4ZmVjZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJGggyFZc5uuhEcjSkcl8cPssZ3q
yuXM0UsL68KsQom9CX3tMoiyTU4mma2Shd9Mj2QMfxHp0CCiPqvKoHiefnWLgaa5
ZcWcSGCoqlrsXAUPYP3yZNS3GjXZbN6kcH/xhsL9gaP/dzoWt5xxl0zalo8cfRMM
HxaTiV7K9WRTpuclnBA9GTUlapRg3ovgwM7VVtfGD1kbb6bh0xxLuTKaJ9KSiAXC
yh2PmstF/Huv/CSEOB+hvhWvymk3TcnhSMjEZVju2EYJztDlvPBU+9B4IoWuhiJK
ENOSC7+YpfautOuW2srFhgot96VHjwCraUbAdTpst5jiS2BA9TZqUc0LYwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC1Mxtrdl/Q+Y6he19+hfw4Y/s/lMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvTFV6RzJ0Mlg5RDVqcUY3WDM2Rl9EaGotei1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgVBQAMF
ACoR4QIwDQYJKoZIhvcNAQELBQADggEBADjkbjWHVfloHFlkCcH0z1WvlFni6hsC
1svefNCKZZtGx25TIemsZeI3HDjv5svexo/rmVvD+DExusuXRBuexlcpnW9snbOq
3rit/L90Qicx8Lxy5R+IpjxJYUD5FvIrNAQ0TwbdqJjtSdCh64WfMTrpSapT+Qjo
R0VELVFDiwxJl0OY20pxzd1KmBYdryC05E/FdsfFK2llHLkC3zTDoTHgTSxxgBcw
LWP307Dp8qhm8+dnDuoHalq1hK4ao8pHtxiDzfuZjGnnVSF8dUynh/e9I4Z217A+
ap9iXKTpNYE30NRMN65umIVz/cuYpO5FWPnYxvmy85U2W8ByehF2zWE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:53 2024 by rpki-client on console-fra.rpki-client.org