Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/_BhGb_o2-KDpeXIduEdQg7wqHeU.roa
File:                     _BhGb_o2-KDpeXIduEdQg7wqHeU.roa (raw, json)
Hash identifier:          p5ArTcdx+jmp6r2Ux116MQypAYKCd65sOdo+PHckOhg=
Subject key identifier:   FC:18:46:6F:FA:36:F8:A0:E9:79:72:1D:B8:47:50:83:BC:2A:1D:E5
Certificate issuer:       /CN=7b89385c0002330b096567b21514d8e1bc09689f
Certificate serial:       01856F1DA9C8E36250DFF88D36903F26CA14
Authority key identifier: 7B:89:38:5C:00:02:33:0B:09:65:67:B2:15:14:D8:E1:BC:09:68:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e4k4XAACMwsJZWeyFRTY4bwJaJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/_BhGb_o2-KDpeXIduEdQg7wqHeU.roa
Signing time:             Sun 01 Jan 2023 20:54:52 +0000
ROA not before:           Sun 01 Jan 2023 20:54:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51580
IP address blocks:        185.212.16.0/22 maxlen: 24
                          185.143.152.0/22 maxlen: 24
                          5.172.96.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:a9:c8:e3:62:50:df:f8:8d:36:90:3f:26:ca:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b89385c0002330b096567b21514d8e1bc09689f
        Validity
            Not Before: Jan  1 20:54:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fc18466ffa36f8a0e979721db8475083bc2a1de5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:08:1c:50:d4:8b:ee:64:01:1c:0e:50:39:08:
                    54:9e:fe:0b:29:90:53:f3:24:f4:d0:b2:9e:55:c7:
                    6c:72:80:53:21:20:5d:98:12:51:a9:bb:2b:78:f4:
                    8c:60:f7:27:a0:06:3e:dc:58:7b:5d:b4:af:a3:52:
                    ed:a5:b8:6a:03:54:e6:f3:3e:1c:ee:36:4c:a0:d3:
                    60:8d:71:29:56:72:66:d1:36:62:bd:bb:c7:65:42:
                    c8:aa:6b:90:58:d5:8a:89:8a:aa:49:c9:e0:d0:c0:
                    ef:27:e6:e4:4a:84:79:58:8b:cb:5f:c5:b4:90:11:
                    db:67:3d:03:a6:7b:b0:58:f1:f3:00:b6:91:33:ca:
                    e4:47:ce:2a:66:b2:31:6a:e8:5a:ea:0d:7b:68:a3:
                    76:68:df:b6:b8:08:9c:9f:36:77:a6:ff:ce:37:03:
                    c9:1a:cd:7a:fa:72:c7:fe:b7:6c:fa:0b:0e:30:aa:
                    56:21:d2:72:ce:b5:6e:ee:94:ac:26:72:1f:0e:b7:
                    23:84:3d:3d:16:b1:e9:08:03:4b:9a:ca:b2:f2:9a:
                    ab:b0:ad:71:ed:36:51:57:af:4d:ff:23:d0:3a:bb:
                    ac:de:01:78:e5:90:75:b6:b8:dd:54:c8:a3:83:86:
                    6b:be:6f:0b:51:a4:f5:8d:5a:3e:89:8e:3c:cf:14:
                    dc:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:18:46:6F:FA:36:F8:A0:E9:79:72:1D:B8:47:50:83:BC:2A:1D:E5
            X509v3 Authority Key Identifier:
                keyid:7B:89:38:5C:00:02:33:0B:09:65:67:B2:15:14:D8:E1:BC:09:68:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4k4XAACMwsJZWeyFRTY4bwJaJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/_BhGb_o2-KDpeXIduEdQg7wqHeU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/e4k4XAACMwsJZWeyFRTY4bwJaJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.172.96.0/23
                  185.143.152.0/22
                  185.212.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         47:34:bb:bf:cf:7e:d1:5a:40:e5:2c:42:4f:5e:9f:68:d2:d4:
         48:06:41:8a:b9:e2:68:12:a0:34:bc:a3:82:f9:8a:b6:20:2f:
         6d:df:76:db:f5:36:a1:13:64:a7:1e:55:44:66:e9:96:9a:23:
         dc:77:5c:a4:4e:c4:59:de:6a:ab:a7:8e:29:7d:35:1f:7a:2e:
         f3:e0:1c:83:8a:5c:47:06:d3:fc:fe:da:ac:25:e2:8e:bc:fe:
         36:5d:2c:5b:e7:fc:b5:02:39:8c:a1:84:e3:09:09:a2:5c:20:
         8e:56:19:6a:f1:bb:01:20:d0:fb:c8:20:dc:c4:f8:d9:7e:42:
         23:f2:19:a2:05:36:03:1b:0d:19:0a:d7:aa:9d:ac:a6:7a:1a:
         3d:c6:46:31:10:6c:10:58:ec:6f:45:9b:f3:af:a7:e4:d6:3d:
         0c:c5:e3:8f:18:31:d1:63:e3:21:7d:dd:d7:fc:da:67:2a:96:
         10:ad:c5:bc:a1:ef:c5:12:27:09:68:35:00:42:36:92:99:f0:
         1e:68:46:56:52:f9:02:24:00:38:97:3d:e7:e8:44:c2:07:7e:
         c4:a5:25:b5:74:25:98:fd:07:85:95:c8:d0:74:b9:c0:81:b3:
         16:4b:16:01:e2:91:e6:18:8d:e4:1a:3e:3e:11:dd:1f:2b:33:
         9e:76:4e:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvHanI42JQ3/iNNpA/JsoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODkzODVjMDAwMjMzMGIwOTY1NjdiMjE1MTRkOGUxYmMw
OTY4OWYwHhcNMjMwMTAxMjA1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzE4NDY2ZmZhMzZmOGEwZTk3OTcyMWRiODQ3NTA4M2JjMmExZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQgcUNSL7mQBHA5QOQhUnv4LKZBT
8yT00LKeVcdscoBTISBdmBJRqbsrePSMYPcnoAY+3Fh7XbSvo1LtpbhqA1Tm8z4c
7jZMoNNgjXEpVnJm0TZivbvHZULIqmuQWNWKiYqqScng0MDvJ+bkSoR5WIvLX8W0
kBHbZz0DpnuwWPHzALaRM8rkR84qZrIxauha6g17aKN2aN+2uAicnzZ3pv/ONwPJ
Gs16+nLH/rds+gsOMKpWIdJyzrVu7pSsJnIfDrcjhD09FrHpCANLmsqy8pqrsK1x
7TZRV69N/yPQOrus3gF45ZB1trjdVMijg4Zrvm8LUaT1jVo+iY48zxTc6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPwYRm/6Nvig6XlyHbhHUIO8Kh3lMB8GA1UdIwQY
MBaAFHuJOFwAAjMLCWVnshUU2OG8CWifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRrNFhBQUNNd3NKWldleUZSVFk0YndKYUo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zNzk4MTYtZDZiNC00MmI1LTk1YWQt
ZmUyNzkyMWUxNTQyLzEvX0JoR2JfbzItS0RwZVhJZHVFZFFnN3dxSGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zNzk4MTYtZDZiNC00MmI1LTk1YWQtZmUyNzkyMWUxNTQy
LzEvZTRrNFhBQUNNd3NKWldleUZSVFk0YndKYUo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBaxgAwQC
uY+YAwQCudQQMA0GCSqGSIb3DQEBCwUAA4IBAQBHNLu/z37RWkDlLEJPXp9o0tRI
BkGKueJoEqA0vKOC+Yq2IC9t33bb9TahE2SnHlVEZumWmiPcd1ykTsRZ3mqrp44p
fTUfei7z4ByDilxHBtP8/tqsJeKOvP42XSxb5/y1AjmMoYTjCQmiXCCOVhlq8bsB
IND7yCDcxPjZfkIj8hmiBTYDGw0ZCteqnaymeho9xkYxEGwQWOxvRZvzr6fk1j0M
xeOPGDHRY+Mhfd3X/NpnKpYQrcW8oe/FEicJaDUAQjaSmfAeaEZWUvkCJAA4lz3n
6ETCB37EpSW1dCWY/QeFlcjQdLnAgbMWSxYB4pHmGI3kGj4+Ed0fKzOedk58
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:05 2024 by rpki-client on console-fra.rpki-client.org