Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/er1cn_Psw6IOTiyoyQVKWTUsrls.roa
File:                     er1cn_Psw6IOTiyoyQVKWTUsrls.roa (raw, json)
Hash identifier:          KLhtDJzqpaTGBrz+Fo/3T42AMwSrkKH8HzC1AQJ/7Uw=
Subject key identifier:   7A:BD:5C:9F:F3:EC:C3:A2:0E:4E:2C:A8:C9:05:4A:59:35:2C:AE:5B
Certificate issuer:       /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial:       01856F42ED58D2B3FDFD39331CA4EE13541B
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/er1cn_Psw6IOTiyoyQVKWTUsrls.roa
Signing time:             Sun 01 Jan 2023 21:35:35 +0000
ROA not before:           Sun 01 Jan 2023 21:35:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204650
IP address blocks:        5.160.77.0/24 maxlen: 24
                          46.209.57.0/24 maxlen: 24
                          46.209.56.0/23 maxlen: 24
                          46.209.214.0/24 maxlen: 24
                          77.237.66.0/23 maxlen: 24
                          46.209.134.0/24 maxlen: 24
                          46.209.134.0/23 maxlen: 23
                          46.209.133.0/24 maxlen: 24
                          5.160.208.0/23 maxlen: 23
                          5.160.111.0/24 maxlen: 24
                          5.160.110.0/24 maxlen: 24
                          5.160.110.0/23 maxlen: 23
                          5.160.131.0/24 maxlen: 24
                          5.160.130.0/23 maxlen: 24
                          5.160.130.0/24 maxlen: 24
                          46.209.108.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 05 Mar 2023 13:23:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:ed:58:d2:b3:fd:fd:39:33:1c:a4:ee:13:54:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
        Validity
            Not Before: Jan  1 21:35:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7abd5c9ff3ecc3a20e4e2ca8c9054a59352cae5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:14:5c:b7:0c:0e:b4:4e:58:69:64:a9:0e:8f:
                    e5:bd:7f:96:7a:77:5c:e6:d4:44:4c:96:e4:12:6f:
                    17:4c:86:c4:44:40:7e:8f:07:d8:49:1c:f0:15:b1:
                    04:e2:70:78:74:0b:24:a5:34:04:3d:4f:e3:df:ea:
                    1e:ec:16:c0:ea:bc:98:75:a7:a2:57:f3:c4:dc:e6:
                    21:c7:98:a1:6c:17:83:55:a3:1c:66:28:62:c5:05:
                    c5:56:49:73:4d:75:9e:d9:7e:6e:4f:0d:21:00:9d:
                    dd:0c:22:e3:0e:11:5c:c3:99:5e:7b:6b:95:2b:64:
                    b4:bf:b9:8a:8e:88:b7:78:14:45:83:83:ec:5a:5f:
                    7a:1b:1d:8e:e9:25:ad:14:32:62:06:bf:82:94:a8:
                    3d:2f:68:e4:55:8d:64:9a:5f:36:be:b0:bf:33:a1:
                    b5:b4:90:c7:3f:5d:1d:d4:cb:2d:51:40:93:02:32:
                    d3:21:e1:57:7a:29:90:96:4d:93:e8:98:2a:1e:44:
                    46:a2:06:47:03:63:fa:ad:f8:10:31:b9:81:0b:16:
                    1e:0b:c6:91:74:d4:b8:e7:20:35:14:19:d0:2a:66:
                    bb:79:ba:e1:24:0d:66:c8:3e:7a:0b:ea:25:35:4d:
                    13:20:40:ee:cc:44:97:f1:30:df:9d:d2:e9:fb:89:
                    49:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:BD:5C:9F:F3:EC:C3:A2:0E:4E:2C:A8:C9:05:4A:59:35:2C:AE:5B
            X509v3 Authority Key Identifier:
                keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/er1cn_Psw6IOTiyoyQVKWTUsrls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.77.0/24
                  5.160.110.0/23
                  5.160.130.0/23
                  5.160.208.0/23
                  46.209.56.0/23
                  46.209.108.0/22
                  46.209.133.0-46.209.135.255
                  46.209.214.0/24
                  77.237.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9d:b4:b4:39:dd:04:76:31:c7:92:dc:e3:dd:8e:59:73:90:76:
         e9:2c:31:bc:81:b2:80:a1:5e:5f:d4:90:93:69:e3:ac:db:a6:
         8d:b3:7f:cd:48:31:c6:de:44:b0:91:f1:17:ab:61:96:5a:5c:
         b4:88:d0:e9:fb:e7:db:7e:ce:65:3a:6d:fa:a1:ac:5d:f4:be:
         08:d8:4c:7e:b3:84:ca:19:92:80:e2:86:73:a7:81:ad:6b:93:
         ce:a6:72:01:49:d7:2f:86:0f:1c:81:72:b0:aa:be:1c:e3:6c:
         e9:fc:cc:ae:48:14:41:77:fa:de:6c:60:cd:2f:1e:06:d1:08:
         f8:74:da:2a:5e:e6:06:4f:d1:dc:32:b8:be:b4:49:6c:32:70:
         e2:5d:dc:27:e0:cc:6b:4a:be:a4:f2:af:86:74:97:12:5b:36:
         03:3c:86:a3:0c:2c:f8:ed:19:e5:cc:77:8e:a6:2d:b2:d6:aa:
         58:8b:51:d3:aa:02:71:bd:fa:0f:6d:95:d7:d5:31:4d:77:ce:
         78:4d:02:27:cc:b5:f5:28:aa:74:3e:78:47:af:b9:5c:47:17:
         82:b0:ac:e1:38:ab:da:53:0e:1a:58:20:7a:94:2d:ff:9d:73:
         ac:8b:93:f9:13:e9:87:48:93:a8:b9:2a:42:55:e4:54:57:dd:
         88:5c:94:0d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYVvQu1Y0rP9/TkzHKTuE1QbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMTAxMjEzNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJkNWM5ZmYzZWNjM2EyMGU0ZTJjYThjOTA1NGE1OTM1MmNhZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxRctwwOtE5YaWSpDo/lvX+Wendc
5tRETJbkEm8XTIbEREB+jwfYSRzwFbEE4nB4dAskpTQEPU/j3+oe7BbA6ryYdaei
V/PE3OYhx5ihbBeDVaMcZihixQXFVklzTXWe2X5uTw0hAJ3dDCLjDhFcw5lee2uV
K2S0v7mKjoi3eBRFg4PsWl96Gx2O6SWtFDJiBr+ClKg9L2jkVY1kml82vrC/M6G1
tJDHP10d1MstUUCTAjLTIeFXeimQlk2T6JgqHkRGogZHA2P6rfgQMbmBCxYeC8aR
dNS45yA1FBnQKma7ebrhJA1myD56C+olNU0TIEDuzESX8TDfndLp+4lJSQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFHq9XJ/z7MOiDk4sqMkFSlk1LK5bMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvZXIxY25fUHN3NklPVGl5b3lRVktXVFVzcmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQABaBNAwQB
BaBuAwQBBaCCAwQBBaDQAwQBLtE4AwQCLtFsMAwDBAAu0YUDBAMu0YADBAAu0dYD
BAFN7UIwDQYJKoZIhvcNAQELBQADggEBAJ20tDndBHYxx5Lc492OWXOQduksMbyB
soChXl/UkJNp46zbpo2zf81IMcbeRLCR8RerYZZaXLSI0On759t+zmU6bfqhrF30
vgjYTH6zhMoZkoDihnOnga1rk86mcgFJ1y+GDxyBcrCqvhzjbOn8zK5IFEF3+t5s
YM0vHgbRCPh02ipe5gZP0dwyuL60SWwycOJd3CfgzGtKvqTyr4Z0lxJbNgM8hqMM
LPjtGeXMd46mLbLWqliLUdOqAnG9+g9tldfVMU13znhNAifMtfUoqnQ+eEevuVxH
F4KwrOE4q9pTDhpYIHqULf+dc6yLk/kT6YdIk6i5KkJV5FRX3YhclA0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:31 2024 by rpki-client on console-fra.rpki-client.org