Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/cBO-7TXBHG1WPA30HQHVKIFy-uk.roa
File:                     cBO-7TXBHG1WPA30HQHVKIFy-uk.roa (raw, json)
Hash identifier:          FApFN+5A1xSQSBRHBie7DU2atVQVj8XQVUPbxsl3M1I=
Subject key identifier:   70:13:BE:ED:35:C1:1C:6D:56:3C:0D:F4:1D:01:D5:28:81:72:FA:E9
Certificate issuer:       /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial:       018B8117B4ECD655B9B7E5619458CA60A0E5
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/cBO-7TXBHG1WPA30HQHVKIFy-uk.roa
Signing time:             Mon 30 Oct 2023 14:58:16 +0000
ROA not before:           Mon 30 Oct 2023 14:58:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30938
IP address blocks:        45.12.216.0/24 maxlen: 24
                          45.12.217.0/24 maxlen: 24
                          45.12.219.0/24 maxlen: 24
                          45.12.218.0/24 maxlen: 24
                          5.39.248.0/24 maxlen: 24
                          5.39.251.0/24 maxlen: 24
                          5.39.252.0/24 maxlen: 24
                          5.39.250.0/24 maxlen: 24
                          5.39.253.0/24 maxlen: 24
                          185.5.36.0/22 maxlen: 22
                          31.192.240.0/21 maxlen: 21
                          5.178.98.0/24 maxlen: 24
                          5.178.97.0/24 maxlen: 24
                          5.178.96.0/24 maxlen: 24
                          5.178.99.0/24 maxlen: 24
                          5.144.183.0/24 maxlen: 24
                          5.178.100.0/24 maxlen: 24
                          5.178.105.0/24 maxlen: 24
                          5.178.104.0/24 maxlen: 24
                          5.178.106.0/24 maxlen: 24
                          5.178.109.0/24 maxlen: 24
                          5.178.110.0/24 maxlen: 24
                          5.39.254.0/24 maxlen: 24
                          5.39.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 05 Nov 2023 00:55:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:81:17:b4:ec:d6:55:b9:b7:e5:61:94:58:ca:60:a0:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
        Validity
            Not Before: Oct 30 14:58:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7013beed35c11c6d563c0df41d01d5288172fae9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:cf:43:02:00:28:b5:94:7c:9e:c2:5f:87:af:
                    60:e0:20:c0:c6:31:cd:4b:bb:85:8c:83:1c:9c:ab:
                    21:66:72:91:c9:94:35:44:1f:2a:81:4c:9a:a6:a1:
                    61:a6:4a:2e:cf:fc:e3:85:db:ea:5b:a9:3d:f0:e4:
                    3b:08:d4:7e:37:7b:c1:5b:4d:05:6b:c3:16:f7:5a:
                    59:51:06:d0:05:0d:68:80:88:2a:41:91:90:90:7a:
                    91:97:fb:a2:f2:af:7e:bd:a7:fe:24:19:2c:49:b3:
                    a7:73:24:94:28:e9:ac:1e:c7:00:0f:0c:d6:a3:fc:
                    91:65:de:84:d7:af:d6:dd:91:13:ad:e7:9b:89:cf:
                    3d:ae:cd:cb:38:cb:a0:fc:c7:4c:48:30:c4:db:76:
                    4f:0d:33:dc:a0:9c:c2:29:2d:7b:8c:9c:9d:6d:ae:
                    c6:21:62:79:1f:15:f5:44:a6:e2:bf:ad:29:38:07:
                    c3:32:f7:ff:a0:93:7c:cb:b4:91:4a:0a:5d:41:7e:
                    fa:73:f5:37:ef:87:7d:e3:be:d7:58:e7:9f:2e:fc:
                    34:18:b8:52:3e:fa:82:00:d7:38:eb:74:0b:54:5e:
                    8e:2e:c6:03:08:69:3d:44:f2:8f:a9:58:3b:b9:23:
                    11:11:00:ac:30:b6:5a:0e:ee:70:b6:b1:cc:63:48:
                    1f:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:13:BE:ED:35:C1:1C:6D:56:3C:0D:F4:1D:01:D5:28:81:72:FA:E9
            X509v3 Authority Key Identifier:
                keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/cBO-7TXBHG1WPA30HQHVKIFy-uk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.39.248.0/24
                  5.39.250.0-5.39.255.255
                  5.144.183.0/24
                  5.178.96.0-5.178.100.255
                  5.178.104.0-5.178.106.255
                  5.178.109.0-5.178.110.255
                  31.192.240.0/21
                  45.12.216.0/22
                  185.5.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:c5:d5:9a:9d:c6:c3:08:13:43:24:ea:30:c0:03:72:fa:a2:
         e3:80:4f:8c:2f:44:7e:9b:c1:38:86:16:3e:5a:00:1d:3e:8f:
         ee:8a:bb:f7:5a:2b:af:f9:32:7f:4a:1d:6d:d4:ab:69:4e:0b:
         e0:c6:f1:16:5c:4d:16:9a:4e:87:81:8b:21:9a:a6:f3:c3:05:
         ce:0f:7f:3c:88:fd:06:d5:2b:74:b4:15:1f:32:c1:4e:8d:96:
         22:aa:78:c0:32:d2:93:0a:9e:ff:99:c4:df:93:60:a7:2c:6e:
         64:06:83:68:82:b6:04:0e:85:b0:f8:73:ab:6a:5d:db:27:70:
         43:a3:3d:77:05:2a:fb:82:e6:f7:22:c9:d1:9f:51:ab:a7:ea:
         8b:ea:9b:bb:1a:3c:94:4c:9d:cc:30:06:92:5e:3a:54:71:5e:
         b5:b3:3e:5a:d7:62:aa:f3:c1:6e:c9:82:ed:9e:1f:aa:31:10:
         f9:9a:99:ce:5e:b1:a9:9a:71:b0:fd:0a:4e:a5:af:6a:4e:0b:
         39:f9:be:4f:58:76:b7:da:93:95:9e:fc:89:aa:29:1a:f9:d7:
         b8:e6:11:b9:89:e7:97:18:fb:c2:3f:d4:22:be:f8:ae:df:ce:
         ce:6d:e0:16:67:3a:81:49:7b:a4:2c:f5:de:58:00:67:a0:04:
         e4:4b:34:f2
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYuBF7Ts1lW5t+VhlFjKYKDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMxMDMwMTQ1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDEzYmVlZDM1YzExYzZkNTYzYzBkZjQxZDAxZDUyODgxNzJmYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm89DAgAotZR8nsJfh69g4CDAxjHN
S7uFjIMcnKshZnKRyZQ1RB8qgUyapqFhpkouz/zjhdvqW6k98OQ7CNR+N3vBW00F
a8MW91pZUQbQBQ1ogIgqQZGQkHqRl/ui8q9+vaf+JBksSbOncySUKOmsHscADwzW
o/yRZd6E16/W3ZETreebic89rs3LOMug/MdMSDDE23ZPDTPcoJzCKS17jJydba7G
IWJ5HxX1RKbiv60pOAfDMvf/oJN8y7SRSgpdQX76c/U374d9477XWOefLvw0GLhS
PvqCANc463QLVF6OLsYDCGk9RPKPqVg7uSMREQCsMLZaDu5wtrHMY0gfOQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFHATvu01wRxtVjwN9B0B1SiBcvrpMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvY0JPLTdUWEJIRzFXUEEzMEhRSFZLSUZ5LXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBbBAIAATBVAwQABSf4MAsD
BAEFJ/oDAwMFIAMEAAWQtzAMAwQFBbJgAwQABbJkMAwDBAMFsmgDBAAFsmowDAME
AAWybQMEAAWybgMEAx/A8AMEAi0M2AMEArkFJDANBgkqhkiG9w0BAQsFAAOCAQEA
J8XVmp3GwwgTQyTqMMADcvqi44BPjC9EfpvBOIYWPloAHT6P7oq791orr/kyf0od
bdSraU4L4MbxFlxNFppOh4GLIZqm88MFzg9/PIj9BtUrdLQVHzLBTo2WIqp4wDLS
kwqe/5nE35NgpyxuZAaDaIK2BA6FsPhzq2pd2ydwQ6M9dwUq+4Lm9yLJ0Z9Rq6fq
i+qbuxo8lEydzDAGkl46VHFetbM+WtdiqvPBbsmC7Z4fqjEQ+ZqZzl6xqZpxsP0K
TqWvak4LOfm+T1h2t9qTlZ78iaopGvnXuOYRuYnnlxj7wj/UIr74rt/Ozm3gFmc6
gUl7pCz13lgAZ6AE5Es08g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:15 2024 by rpki-client on console-ams.rpki-client.org