Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/RGChcglPZEmAeMGCxpEigyZlzpg.roa
File:                     RGChcglPZEmAeMGCxpEigyZlzpg.roa (raw, json)
Hash identifier:          mw9k9kcflEidgjiugAR9jDI9+Pp3ssACt6qIjdphkXs=
Subject key identifier:   44:60:A1:72:09:4F:64:49:80:78:C1:82:C6:91:22:83:26:65:CE:98
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       018BEF2F610D5E5BA2FA303CCA5DB9B4AD0A
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/RGChcglPZEmAeMGCxpEigyZlzpg.roa
Signing time:             Tue 21 Nov 2023 00:02:21 +0000
ROA not before:           Tue 21 Nov 2023 00:02:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        45.155.52.0/22 maxlen: 32
                          45.91.52.0/22 maxlen: 32
                          195.16.74.0/24 maxlen: 24
                          45.150.64.0/24 maxlen: 32
                          45.150.67.0/24 maxlen: 32
                          45.150.65.0/24 maxlen: 32
                          45.140.166.0/24 maxlen: 32
                          5.181.20.0/24 maxlen: 32
                          45.140.167.0/24 maxlen: 32
                          5.181.22.0/24 maxlen: 32
                          5.181.21.0/24 maxlen: 32
                          185.234.247.0/24 maxlen: 32
                          5.181.23.0/24 maxlen: 32
                          45.144.29.0/24 maxlen: 32
                          45.144.28.0/24 maxlen: 32
                          45.144.31.0/24 maxlen: 32
                          45.144.30.0/24 maxlen: 32
                          45.140.147.0/24 maxlen: 32
                          45.140.146.0/24 maxlen: 32
                          146.19.230.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Dec 2023 15:16:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ef:2f:61:0d:5e:5b:a2:fa:30:3c:ca:5d:b9:b4:ad:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Nov 21 00:02:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4460a172094f64498078c182c69122832665ce98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:53:8b:ec:d7:d1:79:97:60:6c:80:0c:14:07:
                    b2:10:dc:b8:7a:93:df:c9:c3:7a:5c:c0:54:ff:b4:
                    e5:80:6d:42:1b:12:75:71:e1:92:ad:61:c6:c5:7c:
                    c0:95:70:ef:98:88:4a:0a:5d:94:fd:84:bb:f2:f4:
                    cb:24:8f:6e:2b:7c:d3:6d:7d:3b:09:ae:9e:50:c4:
                    24:fd:21:b0:0e:01:e5:94:c8:b6:fe:5b:49:bc:ec:
                    8c:2a:b9:3c:d6:48:10:2b:47:d1:97:a0:a5:da:52:
                    cc:06:b5:ee:8a:d3:a9:71:f1:b6:b9:e1:41:30:06:
                    86:1b:8f:5d:9e:a1:45:40:11:b1:b1:74:18:cd:68:
                    e5:d4:d6:10:a4:ec:d8:d2:3a:ee:e4:fb:2c:76:15:
                    cf:1a:2c:7c:ab:f8:58:1f:ab:d1:47:67:96:14:3f:
                    5d:b9:a7:b8:ab:11:e1:b2:51:73:19:d1:f7:33:ee:
                    24:80:b7:50:82:7d:d1:cd:c8:ef:64:69:bb:4f:79:
                    23:dc:3e:12:00:5e:a5:17:bf:0c:f8:1f:08:fb:22:
                    7e:48:71:51:dd:df:b2:13:41:b2:2b:31:53:61:9f:
                    1f:a5:9c:b5:3b:d0:34:e5:ec:c6:0a:a1:24:62:cc:
                    72:a0:e4:1c:0c:af:9b:ed:1a:3c:eb:2d:62:29:65:
                    1d:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:60:A1:72:09:4F:64:49:80:78:C1:82:C6:91:22:83:26:65:CE:98
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/RGChcglPZEmAeMGCxpEigyZlzpg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.20.0/22
                  45.91.52.0/22
                  45.140.146.0/23
                  45.140.166.0/23
                  45.144.28.0/22
                  45.150.64.0/23
                  45.150.67.0/24
                  45.155.52.0/22
                  146.19.230.0/24
                  185.234.247.0/24
                  195.16.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:e5:1e:5f:9f:c9:1a:31:95:6e:8b:36:f1:92:be:d3:42:05:
         0f:85:1b:e7:e1:82:16:a9:11:59:50:28:55:22:7e:67:18:d3:
         a4:79:1e:b6:9f:ed:42:d1:55:88:fe:97:57:f1:c8:6d:a7:4d:
         34:23:0a:fc:bd:4f:b6:ab:79:6c:31:5d:ff:ee:e2:42:0d:33:
         3b:2c:ca:2c:5c:96:d5:e8:f2:15:c7:19:78:ce:ef:56:4e:c9:
         c9:76:26:8b:9d:79:f7:32:04:e3:64:61:6c:e4:2d:30:76:b6:
         24:b0:79:68:3c:8b:3a:46:ea:ed:09:29:db:b6:4e:fe:8d:d7:
         a3:cf:8b:df:fb:bb:2c:33:ea:bd:57:8f:38:38:ca:3c:6a:41:
         26:ef:09:de:f0:f9:77:5c:21:4a:9e:4c:08:de:c9:7b:be:21:
         16:b0:e4:b3:fc:43:9d:80:7d:24:d4:14:ab:fc:80:e4:39:eb:
         d5:05:9c:0b:51:57:99:00:da:db:c0:6b:52:36:9a:e5:8c:79:
         f7:3c:16:dd:98:b0:94:2c:04:b9:c2:75:cf:04:f6:ee:76:30:
         ec:e4:78:1c:1a:8a:9f:21:14:c0:ba:d8:61:a4:6a:9e:91:d1:
         af:ad:a7:7b:38:cc:f6:0c:77:e7:14:71:aa:83:94:87:4a:15:
         42:8a:d4:f6
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYvvL2ENXlui+jA8yl25tK0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMxMTIxMDAwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDYwYTE3MjA5NGY2NDQ5ODA3OGMxODJjNjkxMjI4MzI2NjVjZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VOL7NfReZdgbIAMFAeyENy4epPf
ycN6XMBU/7TlgG1CGxJ1ceGSrWHGxXzAlXDvmIhKCl2U/YS78vTLJI9uK3zTbX07
Ca6eUMQk/SGwDgHllMi2/ltJvOyMKrk81kgQK0fRl6Cl2lLMBrXuitOpcfG2ueFB
MAaGG49dnqFFQBGxsXQYzWjl1NYQpOzY0jru5PssdhXPGix8q/hYH6vRR2eWFD9d
uae4qxHhslFzGdH3M+4kgLdQgn3RzcjvZGm7T3kj3D4SAF6lF78M+B8I+yJ+SHFR
3d+yE0GyKzFTYZ8fpZy1O9A05ezGCqEkYsxyoOQcDK+b7Ro86y1iKWUdWwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFERgoXIJT2RJgHjBgsaRIoMmZc6YMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvUkdDaGNnbFBaRW1BZU1HQ3hwRWlneVpsenBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCBbUUAwQC
LVs0AwQBLYySAwQBLYymAwQCLZAcAwQBLZZAAwQALZZDAwQCLZs0AwQAkhPmAwQA
uer3AwQAwxBKMA0GCSqGSIb3DQEBCwUAA4IBAQAN5R5fn8kaMZVuizbxkr7TQgUP
hRvn4YIWqRFZUChVIn5nGNOkeR62n+1C0VWI/pdX8chtp000Iwr8vU+2q3lsMV3/
7uJCDTM7LMosXJbV6PIVxxl4zu9WTsnJdiaLnXn3MgTjZGFs5C0wdrYksHloPIs6
RurtCSnbtk7+jdejz4vf+7ssM+q9V484OMo8akEm7wne8Pl3XCFKnkwI3sl7viEW
sOSz/EOdgH0k1BSr/IDkOevVBZwLUVeZANrbwGtSNprljHn3PBbdmLCULAS5wnXP
BPbudjDs5HgcGoqfIRTAuthhpGqekdGvrad7OMz2DHfnFHGqg5SHShVCitT2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org