Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/1-OpFw8qQGCtZwIvVb0g3QnU-w_o.roa
File:                     1-OpFw8qQGCtZwIvVb0g3QnU-w_o.roa (raw, json)
Hash identifier:          3ucjEbTOQu0s20NmTMlUBTpU+M1yWXsssTScVIrpP8U=
Subject key identifier:   F8:EA:45:C3:CA:90:18:2B:59:C0:8B:D5:6F:48:37:42:75:3E:C3:FA
Certificate issuer:       /CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Certificate serial:       018891A41F6BB9D2ABD837565D4A49A0BB92
Authority key identifier: 4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/1-OpFw8qQGCtZwIvVb0g3QnU-w_o.roa
Signing time:             Tue 06 Jun 2023 16:57:12 +0000
ROA not before:           Tue 06 Jun 2023 16:57:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51175
IP address blocks:        194.29.180.0/22 maxlen: 22
                          185.101.188.0/22 maxlen: 22
                          195.110.50.0/23 maxlen: 23
                          213.5.0.0/21 maxlen: 22
                          185.11.108.0/22 maxlen: 24
                          46.148.80.0/20 maxlen: 20
                          178.219.128.0/20 maxlen: 24
                          178.219.129.0/24 maxlen: 24
                          2a00:c020::/32 maxlen: 32
                          2a03:22c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 26 Jul 2023 10:45:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:91:a4:1f:6b:b9:d2:ab:d8:37:56:5d:4a:49:a0:bb:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
        Validity
            Not Before: Jun  6 16:57:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f8ea45c3ca90182b59c08bd56f483742753ec3fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d0:7b:6d:1f:62:62:a5:f5:57:a8:09:f7:8b:
                    43:2d:86:e9:97:f3:2a:fb:4b:ae:a2:77:cd:87:f1:
                    4f:70:cf:b7:e4:f7:fb:67:d1:bc:d5:47:49:60:1e:
                    7a:3c:aa:c2:98:62:36:5b:03:cc:70:e6:2b:82:42:
                    7c:cb:71:0a:4a:0c:ee:1a:57:b7:2d:66:c9:a1:43:
                    87:3a:3a:fe:36:3f:83:72:62:ab:f4:01:ae:70:86:
                    83:50:65:c0:53:43:fb:2d:b5:49:9e:0e:51:6d:76:
                    de:f4:85:a1:4d:73:1e:1c:36:89:1f:69:32:69:09:
                    dc:b3:67:cb:3e:a9:93:fd:e7:d1:e2:07:01:6e:cb:
                    c8:d3:83:53:05:d2:8d:da:9b:6f:67:b2:9f:f5:08:
                    01:92:c2:38:6c:71:55:1d:9b:c8:92:7d:0d:d7:86:
                    21:db:d6:83:bf:f0:82:f7:23:ac:d5:d4:7d:82:3a:
                    af:d1:2d:1d:13:05:5f:07:fa:2a:e1:1a:a1:08:78:
                    f9:fd:eb:85:90:47:df:1e:ac:2d:a2:e8:33:2a:8a:
                    f7:07:15:40:7b:cd:55:25:26:52:ed:63:5c:65:e5:
                    b3:f6:63:0e:92:54:d0:eb:0d:3a:5b:17:47:d4:d0:
                    07:1a:52:30:a8:c1:8d:7f:9c:a9:f7:9a:40:9c:6b:
                    a7:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:EA:45:C3:CA:90:18:2B:59:C0:8B:D5:6F:48:37:42:75:3E:C3:FA
            X509v3 Authority Key Identifier:
                keyid:4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/1-OpFw8qQGCtZwIvVb0g3QnU-w_o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.148.80.0/20
                  178.219.128.0/20
                  185.11.108.0/22
                  185.101.188.0/22
                  194.29.180.0/22
                  195.110.50.0/23
                  213.5.0.0/21
                IPv6:
                  2a00:c020::/32
                  2a03:22c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         56:7a:83:13:b7:e2:06:a3:fe:74:36:e7:b9:f3:db:09:ae:11:
         0b:f9:0c:2c:64:8c:ad:47:6b:90:25:fb:aa:72:aa:20:6c:f9:
         d9:82:92:7e:34:ba:66:f1:de:74:34:f6:de:75:e4:de:8d:e9:
         5d:30:10:4a:c3:af:4d:4e:73:f8:da:2a:8e:43:45:c2:d3:f4:
         f4:06:cf:78:10:da:31:62:71:5a:4a:5f:9e:e9:ee:8c:ee:67:
         2d:fa:1b:11:a8:91:d5:4c:83:c9:1b:f7:ba:6d:85:a4:10:bf:
         6f:d8:ef:80:40:8b:cc:60:a4:d6:e5:fb:a3:fc:26:59:58:9b:
         31:b3:78:43:2f:ea:ab:78:8b:9d:ae:a6:84:1e:6c:fa:24:c3:
         e4:31:b3:e2:3f:87:11:ca:35:f8:54:84:4c:f9:be:5c:50:64:
         6d:91:7d:86:00:fd:d2:4c:9b:07:f3:85:5f:dc:c1:9e:6e:1c:
         c5:6a:38:e4:6c:f6:c9:83:08:ca:10:46:0a:f1:3b:6d:58:06:
         4a:5d:de:c5:5b:be:de:58:1b:e8:fc:2d:f2:b8:f9:77:af:5b:
         79:d4:04:f0:a5:52:ff:05:73:2d:d5:f6:cc:85:6b:a8:cc:ef:
         62:ad:15:8d:96:1b:ba:ad:21:fe:69:70:8a:7f:eb:71:58:65:
         94:5a:11:b8
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYiRpB9rudKr2DdWXUpJoLuSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWYwY2IwNmE1YTQ3YjRkZGFjN2Y0ZDZkZmQ0NGFiYTRk
MzFmMmUwHhcNMjMwNjA2MTY1NzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGVhNDVjM2NhOTAxODJiNTljMDhiZDU2ZjQ4Mzc0Mjc1M2VjM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NB7bR9iYqX1V6gJ94tDLYbpl/Mq
+0uuonfNh/FPcM+35Pf7Z9G81UdJYB56PKrCmGI2WwPMcOYrgkJ8y3EKSgzuGle3
LWbJoUOHOjr+Nj+DcmKr9AGucIaDUGXAU0P7LbVJng5RbXbe9IWhTXMeHDaJH2ky
aQncs2fLPqmT/efR4gcBbsvI04NTBdKN2ptvZ7Kf9QgBksI4bHFVHZvIkn0N14Yh
29aDv/CC9yOs1dR9gjqv0S0dEwVfB/oq4RqhCHj5/euFkEffHqwtougzKor3BxVA
e81VJSZS7WNcZeWz9mMOklTQ6w06WxdH1NAHGlIwqMGNf5yp95pAnGunPwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFPjqRcPKkBgrWcCL1W9IN0J1PsP6MB8GA1UdIwQY
MBaAFE1fDLBqWke03ax/TW39RKuk0x8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2Mt
ZGM4YjUyZTNlYTBhLzEvMS1PcEZ3OHFRR0N0WndJdlZiMGczUW5VLXdfby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzIvY2I4MzM5LWNlZTMtNDAzNy1iYWNjLWRjOGI1MmUzZWEw
YS8xL1RWOE1zR3BhUjdUZHJIOU5iZjFFcTZUVEh5NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBZBggrBgEFBQcBBwEB/wRKMEgwMAQCAAEwKgMEBC6UUAME
BLLbgAMEArkLbAMEArllvAMEAsIdtAMEAcNuMgMEA9UFADAUBAIAAjAOAwUAKgDA
IAMFACoDIsAwDQYJKoZIhvcNAQELBQADggEBAFZ6gxO34gaj/nQ257nz2wmuEQv5
DCxkjK1Ha5Al+6pyqiBs+dmCkn40umbx3nQ09t515N6N6V0wEErDr01Oc/jaKo5D
RcLT9PQGz3gQ2jFicVpKX57p7ozuZy36GxGokdVMg8kb97pthaQQv2/Y74BAi8xg
pNbl+6P8JllYmzGzeEMv6qt4i52upoQebPokw+Qxs+I/hxHKNfhUhEz5vlxQZG2R
fYYA/dJMmwfzhV/cwZ5uHMVqOORs9smDCMoQRgrxO21YBkpd3sVbvt5YG+j8LfK4
+XevW3nUBPClUv8Fcy3V9syFa6jM72KtFY2WG7qtIf5pcIp/63FYZZRaEbg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:59 2024 by rpki-client on console-ams.rpki-client.org