Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Ni14lxl0tydF-yt1FhW3P9E4vLc.roa
File:                     Ni14lxl0tydF-yt1FhW3P9E4vLc.roa (raw, json)
Hash identifier:          B5g6fuopOIclmQSg4DPI+UVjpopn52beMIMs4Vt2ig4=
Subject key identifier:   36:2D:78:97:19:74:B7:27:45:FB:2B:75:16:15:B7:3F:D1:38:BC:B7
Certificate issuer:       /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial:       018C1735F6D8177A8B798A209AFA5BABB3EC
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Ni14lxl0tydF-yt1FhW3P9E4vLc.roa
Signing time:             Tue 28 Nov 2023 18:34:21 +0000
ROA not before:           Tue 28 Nov 2023 18:34:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52320
IP address blocks:        185.213.194.0/24 maxlen: 24
                          193.38.155.0/24 maxlen: 24
                          194.62.160.0/24 maxlen: 24
                          193.163.87.0/24 maxlen: 24
                          195.225.83.0/24 maxlen: 24
                          5.180.177.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Dec 2023 15:12:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:17:35:f6:d8:17:7a:8b:79:8a:20:9a:fa:5b:ab:b3:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
        Validity
            Not Before: Nov 28 18:34:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=362d78971974b72745fb2b751615b73fd138bcb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:44:89:98:52:21:8f:46:50:f9:ee:36:c0:1d:
                    fe:b4:19:1f:1a:f7:2d:67:b1:6a:f9:93:da:b9:99:
                    69:dd:bc:52:d7:a2:e9:63:e6:da:fc:36:e2:a1:70:
                    eb:68:87:a5:9c:c8:63:db:8e:74:77:fe:8d:94:2c:
                    03:7f:db:75:0b:7e:02:2a:74:01:d1:1b:f1:cd:23:
                    ee:ad:aa:e6:f0:99:12:59:b2:9a:8a:74:6a:39:5e:
                    d7:be:cf:03:f4:af:06:1e:2f:0c:d7:94:a3:af:27:
                    72:8f:a6:33:32:7a:55:be:7b:b6:df:c8:64:88:f1:
                    d8:69:4f:8c:a3:26:3f:87:6b:80:02:15:95:3c:94:
                    b5:d5:f5:66:20:7f:d4:39:51:f7:f6:97:22:b5:65:
                    95:58:22:76:34:de:48:ed:6c:c4:bb:c3:4c:8c:56:
                    1d:2f:62:87:ff:24:a2:4d:d0:b5:55:59:3f:30:26:
                    e9:6f:6c:3c:bf:d8:a1:95:da:29:86:fa:cb:1f:30:
                    80:a7:92:07:b6:5d:dc:fb:f5:8c:e8:ac:5c:99:c4:
                    9c:ca:33:e1:6f:7d:ef:90:6c:56:9c:da:9f:09:24:
                    9a:cf:3a:6b:8e:63:e5:43:94:83:0d:2d:31:38:11:
                    7f:58:81:87:2c:81:8b:54:01:38:35:ad:ab:f0:83:
                    b8:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:2D:78:97:19:74:B7:27:45:FB:2B:75:16:15:B7:3F:D1:38:BC:B7
            X509v3 Authority Key Identifier:
                keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Ni14lxl0tydF-yt1FhW3P9E4vLc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.177.0/24
                  185.213.194.0/24
                  193.38.155.0/24
                  193.163.87.0/24
                  194.62.160.0/24
                  195.225.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:cb:52:ad:6c:84:e1:92:20:68:41:b8:5a:d8:cf:12:63:48:
         f2:5c:a0:a3:2f:85:d5:82:74:52:c3:8f:5f:c7:e9:7f:b2:f4:
         35:1a:55:27:06:2e:a6:38:5f:a5:fe:22:92:d2:31:1b:f9:69:
         fc:b2:47:d5:1b:45:d2:e2:54:7f:10:ce:2a:58:80:7b:34:dd:
         d3:b1:58:e3:b5:b8:cb:66:f6:f3:17:3b:53:a7:f0:72:2a:8b:
         06:09:bf:bd:8f:33:cf:1e:3e:8d:a8:ab:82:60:38:34:27:9c:
         19:a2:b2:9e:93:1e:1f:27:a5:79:34:33:b2:14:34:ae:e5:11:
         e9:8f:6a:3b:b3:c1:f7:77:90:5e:36:c4:c9:8d:b4:6e:a0:c8:
         26:c8:fb:84:a7:b4:40:a6:ca:45:b0:2d:90:39:6d:90:dd:95:
         43:95:8d:3b:1a:98:65:87:a3:97:25:75:4b:5b:69:a2:29:9b:
         04:6f:18:17:b0:b9:36:25:7b:67:13:e6:c3:0e:86:99:cb:8d:
         1e:92:65:98:52:a6:98:b3:9a:47:e8:85:0a:58:9b:bc:3d:be:
         46:da:dd:41:fa:cb:c6:f8:f4:34:b4:9d:69:44:de:66:c5:6f:
         18:63:ec:52:1f:a9:cc:dc:30:4f:ea:67:15:20:42:6e:81:14:
         f6:94:3c:f1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwXNfbYF3qLeYogmvpbq7PsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMTI4MTgzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjJkNzg5NzE5NzRiNzI3NDVmYjJiNzUxNjE1YjczZmQxMzhiY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0SJmFIhj0ZQ+e42wB3+tBkfGvct
Z7Fq+ZPauZlp3bxS16LpY+ba/DbioXDraIelnMhj2450d/6NlCwDf9t1C34CKnQB
0RvxzSPurarm8JkSWbKainRqOV7Xvs8D9K8GHi8M15Sjrydyj6YzMnpVvnu238hk
iPHYaU+MoyY/h2uAAhWVPJS11fVmIH/UOVH39pcitWWVWCJ2NN5I7WzEu8NMjFYd
L2KH/ySiTdC1VVk/MCbpb2w8v9ihldophvrLHzCAp5IHtl3c+/WM6KxcmcScyjPh
b33vkGxWnNqfCSSazzprjmPlQ5SDDS0xOBF/WIGHLIGLVAE4Na2r8IO4uwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDYteJcZdLcnRfsrdRYVtz/ROLy3MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvTmkxNGx4bDB0eWRGLXl0MUZoVzNQOUU0dkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABbSxAwQA
udXCAwQAwSabAwQAwaNXAwQAwj6gAwQAw+FTMA0GCSqGSIb3DQEBCwUAA4IBAQBp
y1KtbIThkiBoQbha2M8SY0jyXKCjL4XVgnRSw49fx+l/svQ1GlUnBi6mOF+l/iKS
0jEb+Wn8skfVG0XS4lR/EM4qWIB7NN3TsVjjtbjLZvbzFztTp/ByKosGCb+9jzPP
Hj6NqKuCYDg0J5wZorKekx4fJ6V5NDOyFDSu5RHpj2o7s8H3d5BeNsTJjbRuoMgm
yPuEp7RApspFsC2QOW2Q3ZVDlY07Gphlh6OXJXVLW2miKZsEbxgXsLk2JXtnE+bD
DoaZy40ekmWYUqaYs5pH6IUKWJu8Pb5G2t1B+svG+PQ0tJ1pRN5mxW8YY+xSH6nM
3DBP6mcVIEJugRT2lDzx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org