Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/C-scLd4V2r-5bXTajjV2S1YyVtE.roa
File:                     C-scLd4V2r-5bXTajjV2S1YyVtE.roa (raw, json)
Hash identifier:          wH2CfxfysgEZoVStlpGN0ATkW1NdKnja8MZsPVCrrxE=
Subject key identifier:   0B:EB:1C:2D:DE:15:DA:BF:B9:6D:74:DA:8E:35:76:4B:56:32:56:D1
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018A73CA545243C034712E9FC09324A1C71F
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/C-scLd4V2r-5bXTajjV2S1YyVtE.roa
Signing time:             Fri 08 Sep 2023 07:55:54 +0000
ROA not before:           Fri 08 Sep 2023 07:55:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30938
IP address blocks:        45.12.216.0/24 maxlen: 24
                          45.12.217.0/24 maxlen: 24
                          45.12.219.0/24 maxlen: 24
                          45.12.218.0/24 maxlen: 24
                          5.39.248.0/24 maxlen: 24
                          5.39.251.0/24 maxlen: 24
                          5.39.252.0/24 maxlen: 24
                          5.39.250.0/24 maxlen: 24
                          5.39.253.0/24 maxlen: 24
                          185.5.36.0/22 maxlen: 22
                          31.192.240.0/21 maxlen: 21
                          5.178.98.0/24 maxlen: 24
                          5.178.97.0/24 maxlen: 24
                          5.178.96.0/24 maxlen: 24
                          5.178.99.0/24 maxlen: 24
                          5.144.183.0/24 maxlen: 24
                          5.178.100.0/24 maxlen: 24
                          5.178.105.0/24 maxlen: 24
                          5.178.104.0/24 maxlen: 24
                          5.178.106.0/24 maxlen: 24
                          5.178.109.0/24 maxlen: 24
                          5.178.110.0/24 maxlen: 24
                          5.39.254.0/24 maxlen: 24
                          5.39.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 08:18:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:73:ca:54:52:43:c0:34:71:2e:9f:c0:93:24:a1:c7:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Sep  8 07:55:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0beb1c2dde15dabfb96d74da8e35764b563256d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:60:3a:61:d9:cc:e6:a8:5e:b2:34:6e:53:af:
                    28:65:f1:fb:61:dd:e5:ab:46:2f:6b:99:c2:eb:04:
                    21:27:41:26:1f:15:6a:61:cb:12:35:83:eb:78:4d:
                    b4:b4:95:5e:d1:e2:a9:ba:2e:3b:d7:97:9b:da:1c:
                    f7:7b:8f:75:7a:a8:bb:df:f8:8d:05:87:b1:dc:bc:
                    45:79:2a:a0:b4:8d:77:62:f6:90:a2:82:fb:6e:dc:
                    50:c7:ae:51:21:71:d0:f3:42:3d:c5:b5:39:6f:6c:
                    ba:69:f5:6f:0f:17:97:13:87:6b:7f:a4:ad:d5:1b:
                    13:de:43:95:91:ba:26:00:14:b1:08:03:ed:97:de:
                    3d:bb:6e:a0:a1:2c:61:b1:e7:ee:8e:90:71:c7:52:
                    02:d2:c0:18:b3:9c:cf:44:3f:08:49:fd:0b:d5:55:
                    99:dd:3a:6f:25:0b:47:01:f8:59:5e:ed:0b:33:d9:
                    5f:dc:10:e0:fb:17:59:3a:91:2a:87:78:8c:8f:46:
                    99:5f:61:d4:56:e1:80:1d:9b:15:cb:42:85:9d:6f:
                    1c:ee:59:b4:b7:77:b2:c9:59:f0:54:64:91:c8:5a:
                    9a:36:ac:67:f7:19:7d:d7:f7:74:7a:bd:be:be:88:
                    45:e4:e8:60:b2:3f:9e:20:b2:82:ca:50:ea:94:e9:
                    3f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:EB:1C:2D:DE:15:DA:BF:B9:6D:74:DA:8E:35:76:4B:56:32:56:D1
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/C-scLd4V2r-5bXTajjV2S1YyVtE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.39.248.0/24
                  5.39.250.0-5.39.255.255
                  5.144.183.0/24
                  5.178.96.0-5.178.100.255
                  5.178.104.0-5.178.106.255
                  5.178.109.0-5.178.110.255
                  31.192.240.0/21
                  45.12.216.0/22
                  185.5.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         67:56:66:22:1b:b9:6c:d3:1a:a4:d0:0e:a1:7e:36:09:1e:f6:
         49:8b:22:98:07:7e:25:8b:93:c5:dc:80:79:33:3a:4f:1f:09:
         a7:1e:93:b8:d9:49:08:45:fa:e8:57:b4:44:5b:a8:ed:84:bf:
         8e:54:9d:95:c2:38:6d:7a:f5:eb:bc:10:e7:0b:02:36:e8:bb:
         8b:1e:67:30:4d:92:7c:d8:af:4a:b3:dd:76:a5:9a:ff:06:bf:
         4d:96:7a:e7:93:33:b9:4a:c9:fb:75:8d:89:b9:f6:d0:f2:c8:
         8d:57:4e:20:74:ca:9b:8d:21:38:2a:e1:ea:d9:2f:24:0c:5a:
         f6:c4:0c:b7:68:de:0e:b3:f4:1e:53:d4:bd:11:4b:c6:e4:4e:
         07:f4:b1:dc:f1:33:93:cb:22:5c:2d:bd:f1:84:94:71:69:c4:
         03:29:ac:1b:29:f3:06:24:ca:12:3f:9e:1c:3b:e7:6e:85:dd:
         6e:8a:4b:b1:b0:a4:20:a3:6a:90:57:4a:f4:fa:24:fd:6d:d0:
         99:81:59:43:b7:69:63:07:a4:0d:6e:9e:bb:53:2e:e9:40:fb:
         fb:7c:35:07:6f:09:85:9e:a7:16:3e:29:a5:7a:81:ac:87:ff:
         cd:5f:90:fc:8e:4d:da:09:96:fb:9e:9d:3d:73:3d:03:33:8b:
         59:a5:e4:ae
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYpzylRSQ8A0cS6fwJMkoccfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMwOTA4MDc1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmViMWMyZGRlMTVkYWJmYjk2ZDc0ZGE4ZTM1NzY0YjU2MzI1NmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWA6YdnM5qhesjRuU68oZfH7Yd3l
q0Yva5nC6wQhJ0EmHxVqYcsSNYPreE20tJVe0eKpui4715eb2hz3e491eqi73/iN
BYex3LxFeSqgtI13YvaQooL7btxQx65RIXHQ80I9xbU5b2y6afVvDxeXE4drf6St
1RsT3kOVkbomABSxCAPtl949u26goSxhsefujpBxx1IC0sAYs5zPRD8ISf0L1VWZ
3TpvJQtHAfhZXu0LM9lf3BDg+xdZOpEqh3iMj0aZX2HUVuGAHZsVy0KFnW8c7lm0
t3eyyVnwVGSRyFqaNqxn9xl91/d0er2+vohF5Ohgsj+eILKCylDqlOk/PwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFAvrHC3eFdq/uW102o41dktWMlbRMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvQy1zY0xkNFYyci01YlhUYWpqVjJTMVl5VnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBbBAIAATBVAwQABSf4MAsD
BAEFJ/oDAwMFIAMEAAWQtzAMAwQFBbJgAwQABbJkMAwDBAMFsmgDBAAFsmowDAME
AAWybQMEAAWybgMEAx/A8AMEAi0M2AMEArkFJDANBgkqhkiG9w0BAQsFAAOCAQEA
Z1ZmIhu5bNMapNAOoX42CR72SYsimAd+JYuTxdyAeTM6Tx8Jpx6TuNlJCEX66Fe0
RFuo7YS/jlSdlcI4bXr167wQ5wsCNui7ix5nME2SfNivSrPddqWa/wa/TZZ655Mz
uUrJ+3WNibn20PLIjVdOIHTKm40hOCrh6tkvJAxa9sQMt2jeDrP0HlPUvRFLxuRO
B/Sx3PEzk8siXC298YSUcWnEAymsGynzBiTKEj+eHDvnboXdbopLsbCkIKNqkFdK
9Pok/W3QmYFZQ7dpYwekDW6eu1Mu6UD7+3w1B28JhZ6nFj4ppXqBrIf/zV+Q/I5N
2gmW+56dPXM9AzOLWaXkrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org