Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/RnYZ9rNV5KSqEEUUzcEHZcc98_0.roa
File:                     RnYZ9rNV5KSqEEUUzcEHZcc98_0.roa (raw, json)
Hash identifier:          gTTWh1/IHW/Qa7BAXAPCmsuLnKIf+e4OwchbcM+EQaY=
Subject key identifier:   46:76:19:F6:B3:55:E4:A4:AA:10:45:14:CD:C1:07:65:C7:3D:F3:FD
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       01856E14268C7247B81831102042C421D193
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/RnYZ9rNV5KSqEEUUzcEHZcc98_0.roa
Signing time:             Sun 01 Jan 2023 16:04:52 +0000
ROA not before:           Sun 01 Jan 2023 16:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399989
IP address blocks:        62.182.32.0/23 maxlen: 23
                          62.182.34.0/23 maxlen: 23
                          5.133.100.0/23 maxlen: 23
                          5.133.102.0/23 maxlen: 23
                          31.40.204.0/23 maxlen: 23
                          31.40.206.0/23 maxlen: 23
                          212.107.4.0/23 maxlen: 23
                          212.107.6.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Fri 20 Jan 2023 05:54:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:14:26:8c:72:47:b8:18:31:10:20:42:c4:21:d1:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Jan  1 16:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=467619f6b355e4a4aa104514cdc10765c73df3fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:7f:db:cd:ac:41:ed:57:aa:bd:e4:14:db:9d:
                    c7:3a:97:7e:4b:e4:6e:92:37:da:96:13:10:01:11:
                    d6:12:1e:fc:13:75:e6:6f:32:e3:8e:8f:06:98:38:
                    8f:2f:d7:86:5d:24:e1:4e:9c:27:a9:aa:60:fb:de:
                    3b:d9:d4:e3:b9:14:50:91:09:e6:c1:ba:f5:2c:ef:
                    24:ce:5e:34:de:ff:75:ec:df:f2:45:25:46:3d:01:
                    b0:e1:ee:ef:5d:79:39:e0:ed:44:06:11:24:9d:eb:
                    5c:66:99:ab:52:f0:0a:32:f3:52:55:f6:4b:c7:00:
                    c6:fd:10:e9:ca:5c:e8:5c:24:63:00:3b:7f:f8:bb:
                    c4:5b:f9:bc:e8:55:f9:00:93:43:85:3c:f3:40:13:
                    4c:9c:d6:74:39:de:13:65:4c:d9:23:e4:b4:76:2f:
                    d8:6c:ee:7d:81:11:10:08:ba:0f:a2:ce:e7:bc:48:
                    ca:b7:4b:88:56:de:86:e7:ee:4c:42:c3:8f:b0:8d:
                    f6:17:28:51:2f:4a:8e:54:77:20:20:04:7b:4c:96:
                    69:85:b3:94:5d:96:ea:9a:df:6e:59:42:4b:47:ff:
                    4d:a5:4e:1a:cc:ad:2f:90:96:83:3e:df:fa:e7:49:
                    90:02:32:ba:ad:1e:ce:5d:85:69:8f:3a:ed:d7:72:
                    0e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:76:19:F6:B3:55:E4:A4:AA:10:45:14:CD:C1:07:65:C7:3D:F3:FD
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/RnYZ9rNV5KSqEEUUzcEHZcc98_0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.133.100.0/22
                  31.40.204.0/22
                  62.182.32.0/22
                  212.107.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:80:b8:6d:83:7f:84:00:b5:f6:d2:5d:50:f3:b0:79:de:1d:
         a9:4d:69:4c:2b:fe:3b:da:ed:60:53:d4:3f:85:26:9f:38:fc:
         ce:b8:07:81:65:53:c0:39:34:8f:0c:08:aa:b8:4b:0e:53:af:
         f3:ba:7b:bc:b4:a4:dc:88:4f:06:df:57:07:55:cf:dc:6c:46:
         e1:2f:1f:27:58:a6:79:f1:78:81:e0:df:36:98:dd:71:99:4d:
         d2:68:d4:29:3a:c1:07:4f:5f:61:02:53:34:1b:58:5f:af:af:
         bf:b8:7f:05:7a:07:44:24:d6:e5:30:b5:94:a3:d5:0d:83:51:
         c3:39:78:75:55:1f:d2:a3:3b:cb:db:17:45:89:7c:6b:60:64:
         aa:2c:db:41:88:61:75:c2:80:90:35:7c:75:a3:5e:b7:05:59:
         ea:8d:aa:a4:d7:03:6c:64:c0:ad:8d:33:b8:67:0d:d5:f8:e1:
         10:64:1e:3b:7f:4e:28:b9:4b:bb:c5:78:85:74:2a:d8:69:0c:
         32:ab:c6:fc:67:d6:ce:6e:45:c0:1c:9a:ab:53:9b:7c:dc:5f:
         26:9d:5d:6f:7e:7e:33:29:08:e9:a0:dd:43:23:ba:7c:8d:99:
         47:d0:d4:01:d6:ea:5a:79:b4:84:5c:dd:48:eb:c9:f4:54:a5:
         68:9f:e6:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuFCaMcke4GDEQIELEIdGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMTAxMTYwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njc2MTlmNmIzNTVlNGE0YWExMDQ1MTRjZGMxMDc2NWM3M2RmM2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX/bzaxB7VeqveQU253HOpd+S+Ru
kjfalhMQARHWEh78E3XmbzLjjo8GmDiPL9eGXSThTpwnqapg+9472dTjuRRQkQnm
wbr1LO8kzl403v917N/yRSVGPQGw4e7vXXk54O1EBhEknetcZpmrUvAKMvNSVfZL
xwDG/RDpylzoXCRjADt/+LvEW/m86FX5AJNDhTzzQBNMnNZ0Od4TZUzZI+S0di/Y
bO59gREQCLoPos7nvEjKt0uIVt6G5+5MQsOPsI32FyhRL0qOVHcgIAR7TJZphbOU
XZbqmt9uWUJLR/9NpU4azK0vkJaDPt/650mQAjK6rR7OXYVpjzrt13IODwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEZ2GfazVeSkqhBFFM3BB2XHPfP9MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvUm5ZWjlyTlY1S1NxRUVVVXpjRUhaY2M5OF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBYVkAwQC
HyjMAwQCPrYgAwQC1GsEMA0GCSqGSIb3DQEBCwUAA4IBAQAQgLhtg3+EALX20l1Q
87B53h2pTWlMK/472u1gU9Q/hSafOPzOuAeBZVPAOTSPDAiquEsOU6/zunu8tKTc
iE8G31cHVc/cbEbhLx8nWKZ58XiB4N82mN1xmU3SaNQpOsEHT19hAlM0G1hfr6+/
uH8FegdEJNblMLWUo9UNg1HDOXh1VR/SozvL2xdFiXxrYGSqLNtBiGF1woCQNXx1
o163BVnqjaqk1wNsZMCtjTO4Zw3V+OEQZB47f04ouUu7xXiFdCrYaQwyq8b8Z9bO
bkXAHJqrU5t83F8mnV1vfn4zKQjpoN1DI7p8jZlH0NQB1upaebSEXN1I68n0VKVo
n+Z8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org