Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/L_tMICnSg7RRDzsU6VzVt8F_jKM.roa
File:                     L_tMICnSg7RRDzsU6VzVt8F_jKM.roa (raw, json)
Hash identifier:          42L9xye+9ot1yuXbJrOwmufOPiUHCwhH0XMTH7Ll7ZU=
Subject key identifier:   2F:FB:4C:20:29:D2:83:B4:51:0F:3B:14:E9:5C:D5:B7:C1:7F:8C:A3
Certificate issuer:       /CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Certificate serial:       0188244772F953FB164ED6154B486D4A5350
Authority key identifier: 4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/L_tMICnSg7RRDzsU6VzVt8F_jKM.roa
Signing time:             Tue 16 May 2023 11:17:22 +0000
ROA not before:           Tue 16 May 2023 11:17:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51175
IP address blocks:        194.29.180.0/22 maxlen: 22
                          185.101.190.0/24 maxlen: 24
                          185.101.188.0/22 maxlen: 22
                          195.110.50.0/23 maxlen: 23
                          213.5.0.0/21 maxlen: 22
                          185.11.108.0/22 maxlen: 24
                          46.148.80.0/20 maxlen: 20
                          178.219.128.0/20 maxlen: 24
                          178.219.129.0/24 maxlen: 24
                          2a00:c020::/32 maxlen: 32
                          2a03:22c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 06 Jun 2023 16:57:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:24:47:72:f9:53:fb:16:4e:d6:15:4b:48:6d:4a:53:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
        Validity
            Not Before: May 16 11:17:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2ffb4c2029d283b4510f3b14e95cd5b7c17f8ca3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:b6:b2:4b:d8:a5:32:3a:83:13:4a:82:ea:f7:
                    4e:f0:ac:d3:0a:55:83:da:e1:f4:23:76:49:6c:3a:
                    d2:97:fc:fb:aa:35:f8:24:b7:37:75:94:53:3e:99:
                    ab:56:36:34:94:22:03:48:5c:62:89:02:69:5e:dd:
                    62:c2:e1:e8:10:5a:21:81:e8:e2:1c:68:35:a7:70:
                    4f:d3:69:4d:62:69:f2:c8:28:40:15:1e:bd:1d:c1:
                    61:5d:eb:7b:cf:79:1e:7b:2d:a2:0d:ca:73:f7:2a:
                    1c:11:0d:d1:b9:21:41:66:ff:20:2b:92:48:b6:ac:
                    00:bd:31:26:60:94:ec:25:3e:33:87:de:d7:2a:a9:
                    de:45:51:f3:9c:a2:2e:6d:03:5c:92:56:a7:91:02:
                    8d:7f:58:fd:24:2d:f4:c8:5d:c7:41:57:82:99:3a:
                    5d:cb:21:3f:45:02:8f:70:c6:30:76:ea:fb:d1:50:
                    64:61:c3:3c:b9:47:13:08:2d:76:35:19:5f:6e:5b:
                    cd:70:40:6c:43:e2:ab:c4:4c:d1:1f:ab:67:a8:2a:
                    f3:cc:8b:1d:8a:88:05:6b:c0:d5:a9:aa:93:43:31:
                    51:1f:4a:19:a1:25:48:bb:4d:cf:38:04:c9:49:94:
                    c1:b7:43:29:af:93:3d:0c:e6:0f:d2:9e:c3:3c:4f:
                    48:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:FB:4C:20:29:D2:83:B4:51:0F:3B:14:E9:5C:D5:B7:C1:7F:8C:A3
            X509v3 Authority Key Identifier:
                keyid:4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/L_tMICnSg7RRDzsU6VzVt8F_jKM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.148.80.0/20
                  178.219.128.0/20
                  185.11.108.0/22
                  185.101.188.0/22
                  194.29.180.0/22
                  195.110.50.0/23
                  213.5.0.0/21
                IPv6:
                  2a00:c020::/32
                  2a03:22c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         82:f9:83:71:17:1f:18:fa:d5:3a:c4:64:a4:1a:28:0c:ea:75:
         6f:82:7b:5e:a2:f9:e0:64:0b:5c:f6:49:11:91:1b:c9:15:ba:
         e7:21:88:8d:c5:4c:68:79:69:11:77:e2:a2:5d:ac:ae:ff:46:
         7b:cc:0b:7f:cf:67:ae:0a:58:a1:29:60:64:23:22:e1:26:d9:
         68:dd:54:1f:58:dd:c3:17:e3:91:3d:e1:64:b1:03:2d:f8:46:
         89:c9:ca:0e:0b:cf:a3:7f:91:d7:3d:23:34:f9:f3:eb:01:87:
         95:e1:0c:d7:72:59:8d:f8:80:b4:2a:fa:5d:6a:43:67:51:54:
         f7:28:76:c3:3d:54:f5:95:4b:63:23:2f:5c:71:2f:63:51:5f:
         75:6e:42:5b:74:1e:aa:54:82:60:9b:cb:16:80:ff:25:27:9c:
         d5:15:e5:b4:42:d1:f0:b6:83:70:c3:3e:8d:be:4f:06:6f:a5:
         87:91:62:04:45:b0:c7:f2:24:b6:cf:36:2a:93:f4:a2:56:08:
         af:d8:ae:92:1a:a7:02:47:80:fa:a0:3f:33:c4:ec:00:56:77:
         52:23:30:7c:68:89:92:ff:d2:c8:20:b9:d0:c1:f9:c2:b8:cc:
         77:96:bd:d8:b3:c9:05:62:bb:02:e3:99:95:7d:99:64:87:b7:
         f6:17:74:a1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYgkR3L5U/sWTtYVS0htSlNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWYwY2IwNmE1YTQ3YjRkZGFjN2Y0ZDZkZmQ0NGFiYTRk
MzFmMmUwHhcNMjMwNTE2MTExNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmZiNGMyMDI5ZDI4M2I0NTEwZjNiMTRlOTVjZDViN2MxN2Y4Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbayS9ilMjqDE0qC6vdO8KzTClWD
2uH0I3ZJbDrSl/z7qjX4JLc3dZRTPpmrVjY0lCIDSFxiiQJpXt1iwuHoEFohgeji
HGg1p3BP02lNYmnyyChAFR69HcFhXet7z3keey2iDcpz9yocEQ3RuSFBZv8gK5JI
tqwAvTEmYJTsJT4zh97XKqneRVHznKIubQNcklankQKNf1j9JC30yF3HQVeCmTpd
yyE/RQKPcMYwdur70VBkYcM8uUcTCC12NRlfblvNcEBsQ+KrxEzRH6tnqCrzzIsd
iogFa8DVqaqTQzFRH0oZoSVIu03POATJSZTBt0Mpr5M9DOYP0p7DPE9IdQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFC/7TCAp0oO0UQ87FOlc1bfBf4yjMB8GA1UdIwQY
MBaAFE1fDLBqWke03ax/TW39RKuk0x8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2Mt
ZGM4YjUyZTNlYTBhLzEvTF90TUlDblNnN1JSRHpzVTZWelZ0OEZfaktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2MtZGM4YjUyZTNlYTBh
LzEvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQELpRQAwQE
stuAAwQCuQtsAwQCuWW8AwQCwh20AwQBw24yAwQD1QUAMBQEAgACMA4DBQAqAMAg
AwUAKgMiwDANBgkqhkiG9w0BAQsFAAOCAQEAgvmDcRcfGPrVOsRkpBooDOp1b4J7
XqL54GQLXPZJEZEbyRW65yGIjcVMaHlpEXfiol2srv9Ge8wLf89nrgpYoSlgZCMi
4SbZaN1UH1jdwxfjkT3hZLEDLfhGicnKDgvPo3+R1z0jNPnz6wGHleEM13JZjfiA
tCr6XWpDZ1FU9yh2wz1U9ZVLYyMvXHEvY1FfdW5CW3QeqlSCYJvLFoD/JSec1RXl
tELR8LaDcMM+jb5PBm+lh5FiBEWwx/Ikts82KpP0olYIr9iukhqnAkeA+qA/M8Ts
AFZ3UiMwfGiJkv/SyCC50MH5wrjMd5a92LPJBWK7AuOZlX2ZZIe39hd0oQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:44 2024 by rpki-client on console-fra.rpki-client.org