Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/UXPlrJ05tCRnezuHwtotoVsbbtY.roa
File:                     UXPlrJ05tCRnezuHwtotoVsbbtY.roa (raw, json)
Hash identifier:          EOCtkpnDasBpWkaqrfa/46T303kUJ8aqTJlaEEN9euM=
Subject key identifier:   51:73:E5:AC:9D:39:B4:24:67:7B:3B:87:C2:DA:2D:A1:5B:1B:6E:D6
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       01863032D26FA5024D8B256BA13E2F325B05
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/UXPlrJ05tCRnezuHwtotoVsbbtY.roa
Signing time:             Wed 08 Feb 2023 08:44:42 +0000
ROA not before:           Wed 08 Feb 2023 08:44:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        45.150.64.0/24 maxlen: 32
                          45.150.67.0/24 maxlen: 32
                          45.140.147.0/24 maxlen: 32
                          45.140.146.0/24 maxlen: 32
                          185.234.247.0/24 maxlen: 32
                          45.144.29.0/24 maxlen: 32
                          45.144.28.0/24 maxlen: 32
                          45.144.31.0/24 maxlen: 32
                          45.144.30.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Wed 22 Mar 2023 10:45:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:30:32:d2:6f:a5:02:4d:8b:25:6b:a1:3e:2f:32:5b:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Feb  8 08:44:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5173e5ac9d39b424677b3b87c2da2da15b1b6ed6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:fd:6c:32:27:6b:a4:c7:dd:4f:fc:9b:89:41:
                    39:28:d7:98:66:ed:9a:db:f1:57:5c:d6:b5:06:fd:
                    8a:90:c1:a9:c8:7f:13:36:94:5a:1d:51:fe:db:e9:
                    53:51:ce:fe:ee:07:2a:5f:e6:41:10:fe:5f:f2:26:
                    79:e1:9f:b8:f7:da:1a:78:7f:40:59:9f:62:77:cd:
                    a4:53:90:94:d6:4a:a7:71:8a:f0:93:de:55:4b:7c:
                    5c:67:e7:36:1c:a6:74:5d:66:ef:2a:37:dd:e8:7f:
                    7f:5c:dc:06:aa:32:32:2f:8e:de:b0:cb:1c:aa:7e:
                    d9:2d:bd:d1:7b:ab:2e:bd:80:fc:62:1b:68:ab:ea:
                    ac:1b:42:e0:ad:5b:74:23:00:0f:e8:e1:3d:8a:89:
                    9a:eb:6c:dd:af:57:05:fe:cc:c5:c3:52:4d:8b:df:
                    3a:4f:dc:e8:46:5d:80:f1:ae:f5:22:1e:95:8b:53:
                    d3:0c:f2:b3:4c:74:1a:79:e3:25:39:f6:45:97:22:
                    8e:18:ef:ba:65:ca:4b:b5:44:93:4a:38:43:c8:95:
                    ed:68:e1:ff:21:dd:00:9b:d6:4a:6b:87:0f:c6:29:
                    83:63:4c:25:6e:26:cf:bd:8e:26:92:0a:6a:c5:a1:
                    6b:24:94:d0:cf:fc:15:9a:74:5e:a8:8c:5f:c4:81:
                    19:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:73:E5:AC:9D:39:B4:24:67:7B:3B:87:C2:DA:2D:A1:5B:1B:6E:D6
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/UXPlrJ05tCRnezuHwtotoVsbbtY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.140.146.0/23
                  45.144.28.0/22
                  45.150.64.0/24
                  45.150.67.0/24
                  185.234.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:ab:18:67:8a:d9:83:01:d3:b7:a7:0c:19:4c:f4:55:38:65:
         74:36:83:44:0a:36:dd:29:05:01:9f:df:5b:93:06:57:63:47:
         01:13:ce:7f:57:59:09:e3:ff:e8:2e:01:7a:9b:ad:c5:5d:c5:
         a1:e6:ec:69:a6:a2:f1:93:1c:72:8e:64:30:40:ef:0f:cc:6a:
         bf:b5:7b:25:ad:2a:aa:0f:70:01:28:15:a7:bc:02:40:6e:60:
         72:2c:33:cd:55:fa:b5:27:26:a2:ba:81:ee:17:7d:05:63:80:
         79:a7:cb:87:41:df:00:ab:bf:2e:2f:d2:3c:8d:6d:61:e7:ec:
         99:ad:4a:c3:5e:b0:72:22:6d:e1:23:dc:05:bf:12:27:c3:f7:
         5d:b1:89:e7:2d:fa:fc:49:9f:17:05:2e:49:4c:3e:d1:86:38:
         95:41:b0:77:42:a1:d8:f0:bd:a2:ee:1b:91:f2:ae:ee:30:4e:
         df:6f:47:d2:f2:f1:0e:44:b0:75:50:8c:63:54:f9:57:d1:5d:
         bc:ef:d9:6a:35:d9:ee:de:cf:c2:6a:45:95:16:fc:56:8a:c8:
         8a:ce:8d:16:cb:ae:1e:c4:67:fe:64:ff:f9:53:c4:4a:c1:07:
         18:00:4b:8e:c6:1c:ff:06:e7:02:f4:0d:49:2a:b5:75:6c:bd:
         46:14:5c:5b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYwMtJvpQJNiyVroT4vMlsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwMjA4MDg0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTczZTVhYzlkMzliNDI0Njc3YjNiODdjMmRhMmRhMTViMWI2ZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/1sMidrpMfdT/ybiUE5KNeYZu2a
2/FXXNa1Bv2KkMGpyH8TNpRaHVH+2+lTUc7+7gcqX+ZBEP5f8iZ54Z+499oaeH9A
WZ9id82kU5CU1kqncYrwk95VS3xcZ+c2HKZ0XWbvKjfd6H9/XNwGqjIyL47esMsc
qn7ZLb3Re6suvYD8Yhtoq+qsG0LgrVt0IwAP6OE9ioma62zdr1cF/szFw1JNi986
T9zoRl2A8a71Ih6Vi1PTDPKzTHQaeeMlOfZFlyKOGO+6ZcpLtUSTSjhDyJXtaOH/
Id0Am9ZKa4cPximDY0wlbibPvY4mkgpqxaFrJJTQz/wVmnReqIxfxIEZLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFFz5aydObQkZ3s7h8LaLaFbG27WMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvVVhQbHJKMDV0Q1JuZXp1SHd0b3RvVnNiYnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLYySAwQC
LZAcAwQALZZAAwQALZZDAwQAuer3MA0GCSqGSIb3DQEBCwUAA4IBAQCsqxhnitmD
AdO3pwwZTPRVOGV0NoNECjbdKQUBn99bkwZXY0cBE85/V1kJ4//oLgF6m63FXcWh
5uxppqLxkxxyjmQwQO8PzGq/tXslrSqqD3ABKBWnvAJAbmByLDPNVfq1JyaiuoHu
F30FY4B5p8uHQd8Aq78uL9I8jW1h5+yZrUrDXrByIm3hI9wFvxInw/ddsYnnLfr8
SZ8XBS5JTD7RhjiVQbB3QqHY8L2i7huR8q7uME7fb0fS8vEORLB1UIxjVPlX0V28
79lqNdnu3s/CakWVFvxWisiKzo0Wy64exGf+ZP/5U8RKwQcYAEuOxhz/BucC9A1J
KrV1bL1GFFxb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org