Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/5zjgGlutEFyAAlgRMxyq2Bi723Q.roa
File:                     5zjgGlutEFyAAlgRMxyq2Bi723Q.roa (raw, json)
Hash identifier:          ATbQXYTbsAcZq1WQa0fRWp39LtLjY/oJsdjWEAqTB+4=
Subject key identifier:   E7:38:E0:1A:5B:AD:10:5C:80:02:58:11:33:1C:AA:D8:18:BB:DB:74
Certificate issuer:       /CN=d58cc8506fedbb5061de9925b07d649918a19926
Certificate serial:       01856FD4F3858BFB7E29EE38FB80A6866C07
Authority key identifier: D5:8C:C8:50:6F:ED:BB:50:61:DE:99:25:B0:7D:64:99:18:A1:99:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1YzIUG_tu1Bh3pklsH1kmRihmSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/5zjgGlutEFyAAlgRMxyq2Bi723Q.roa
Signing time:             Mon 02 Jan 2023 00:15:05 +0000
ROA not before:           Mon 02 Jan 2023 00:15:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44416
IP address blocks:        193.228.2.0/24 maxlen: 24
                          188.239.200.0/21 maxlen: 21
                          188.239.208.0/21 maxlen: 21
                          188.239.216.0/21 maxlen: 21
                          188.239.224.0/21 maxlen: 21
                          188.239.232.0/21 maxlen: 21
                          188.239.240.0/21 maxlen: 21
                          188.239.240.0/20 maxlen: 21
                          188.239.192.0/21 maxlen: 21
                          188.239.192.0/18 maxlen: 18
                          2001:678:c7c::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d4:f3:85:8b:fb:7e:29:ee:38:fb:80:a6:86:6c:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58cc8506fedbb5061de9925b07d649918a19926
        Validity
            Not Before: Jan  2 00:15:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e738e01a5bad105c80025811331caad818bbdb74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:7f:69:88:9c:30:84:44:6a:5c:e8:33:3d:95:
                    9b:fa:15:dc:4d:16:6b:65:e3:b3:45:4d:15:32:67:
                    85:54:99:ba:b8:ad:ea:ba:ad:4d:e9:d4:69:89:51:
                    bb:d6:79:72:59:08:72:ff:f0:c5:8b:41:84:ef:21:
                    6e:62:a4:5d:ef:c7:a1:4a:72:67:84:67:b1:fb:f4:
                    d8:99:a4:5c:8d:6b:8e:00:72:e5:a8:4f:93:0e:24:
                    91:53:e6:61:42:d0:58:82:31:4c:2b:dc:67:fc:f2:
                    17:f8:1f:fe:bd:0e:56:8e:05:72:0b:6d:82:4e:24:
                    1e:1e:19:d9:8e:96:fd:84:7c:c4:19:bd:aa:0f:1b:
                    1a:11:98:22:c5:8a:17:c6:5a:aa:19:3b:ed:17:3b:
                    92:a3:ca:e8:2e:23:77:5a:5d:8f:7e:c9:a7:45:12:
                    ff:de:4c:dd:4f:b6:bf:45:8d:39:9f:e3:a1:ee:e2:
                    b1:6f:79:38:63:0b:be:59:fd:3f:b0:59:8b:4f:d8:
                    11:10:8c:f4:87:b3:82:6a:c8:af:81:e8:34:f0:a4:
                    03:89:70:a6:4a:9e:ef:5c:db:3c:62:e1:35:cc:2b:
                    ee:3a:3c:74:12:76:9b:0f:0d:05:82:c6:ad:11:6a:
                    e7:87:b4:62:a2:75:84:e7:c1:10:26:ce:d3:49:45:
                    46:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:38:E0:1A:5B:AD:10:5C:80:02:58:11:33:1C:AA:D8:18:BB:DB:74
            X509v3 Authority Key Identifier:
                keyid:D5:8C:C8:50:6F:ED:BB:50:61:DE:99:25:B0:7D:64:99:18:A1:99:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YzIUG_tu1Bh3pklsH1kmRihmSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/5zjgGlutEFyAAlgRMxyq2Bi723Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/1YzIUG_tu1Bh3pklsH1kmRihmSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.239.192.0/18
                  193.228.2.0/24
                IPv6:
                  2001:678:c7c::/48

    Signature Algorithm: sha256WithRSAEncryption
         56:87:3f:9d:e6:0b:d4:68:12:b2:1d:13:d0:8f:f4:5e:e7:16:
         6b:f6:e7:69:d7:f2:d4:4a:5e:1b:49:b2:31:b3:8b:34:68:44:
         f8:af:ab:cf:e7:e1:2d:bd:d2:7a:c5:75:95:18:20:f7:de:49:
         50:f0:73:4b:d2:ca:16:0f:45:6f:9e:12:a6:fe:ff:52:34:91:
         a4:e4:17:ec:46:09:46:ba:26:1a:2a:fc:b1:bd:b8:42:a5:13:
         e2:67:f5:59:26:75:a9:9e:90:de:22:b3:29:76:0d:f6:01:34:
         26:da:22:87:56:f0:d7:64:0b:44:82:1e:88:ab:35:ef:d5:0a:
         06:fa:2a:1e:a4:b1:56:fb:93:54:b9:bd:bc:9b:fd:66:c0:e8:
         3b:7f:20:6a:0a:00:8a:df:9f:f9:8e:35:57:89:48:53:8b:25:
         21:f6:c4:26:76:fa:d7:05:e4:f3:12:8c:de:2e:f9:70:ab:d6:
         9b:92:df:b0:9f:9d:f0:af:66:1d:11:01:a3:c0:f7:1d:eb:36:
         88:5a:cd:a0:65:84:b1:d5:d4:9e:b9:2e:c4:73:18:ba:44:00:
         fb:fc:20:0e:3b:d3:7a:ad:fe:fa:de:07:6b:9b:15:4c:81:9b:
         91:d4:51:f8:6d:1f:3f:54:8b:dc:00:ac:bf:84:63:fb:e9:67:
         ed:c7:11:78
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVv1POFi/t+Ke44+4CmhmwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1OGNjODUwNmZlZGJiNTA2MWRlOTkyNWIwN2Q2NDk5MThh
MTk5MjYwHhcNMjMwMTAyMDAxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzM4ZTAxYTViYWQxMDVjODAwMjU4MTEzMzFjYWFkODE4YmJkYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon9piJwwhERqXOgzPZWb+hXcTRZr
ZeOzRU0VMmeFVJm6uK3quq1N6dRpiVG71nlyWQhy//DFi0GE7yFuYqRd78ehSnJn
hGex+/TYmaRcjWuOAHLlqE+TDiSRU+ZhQtBYgjFMK9xn/PIX+B/+vQ5WjgVyC22C
TiQeHhnZjpb9hHzEGb2qDxsaEZgixYoXxlqqGTvtFzuSo8roLiN3Wl2PfsmnRRL/
3kzdT7a/RY05n+Oh7uKxb3k4Ywu+Wf0/sFmLT9gREIz0h7OCasivgeg08KQDiXCm
Sp7vXNs8YuE1zCvuOjx0EnabDw0FgsatEWrnh7RionWE58EQJs7TSUVGVQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOc44BpbrRBcgAJYETMcqtgYu9t0MB8GA1UdIwQY
MBaAFNWMyFBv7btQYd6ZJbB9ZJkYoZkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVl6SVVHX3R1MUJoM3BrbHNIMWttUmlobVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80NmVmYjUtYzllNy00ZjA4LWJjNmEt
YmIzZTgxOWYzZGRjLzEvNXpqZ0dsdXRFRnlBQWxnUk14eXEyQmk3MjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80NmVmYjUtYzllNy00ZjA4LWJjNmEtYmIzZTgxOWYzZGRj
LzEvMVl6SVVHX3R1MUJoM3BrbHNIMWttUmlobVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQGvO/AAwQA
weQCMA8EAgACMAkDBwAgAQZ4DHwwDQYJKoZIhvcNAQELBQADggEBAFaHP53mC9Ro
ErIdE9CP9F7nFmv252nX8tRKXhtJsjGzizRoRPivq8/n4S290nrFdZUYIPfeSVDw
c0vSyhYPRW+eEqb+/1I0kaTkF+xGCUa6Jhoq/LG9uEKlE+Jn9VkmdamekN4isyl2
DfYBNCbaIodW8NdkC0SCHoirNe/VCgb6Kh6ksVb7k1S5vbyb/WbA6Dt/IGoKAIrf
n/mONVeJSFOLJSH2xCZ2+tcF5PMSjN4u+XCr1puS37CfnfCvZh0RAaPA9x3rNoha
zaBlhLHV1J65LsRzGLpEAPv8IA4703qt/vreB2ubFUyBm5HUUfhtHz9Ui9wArL+E
Y/vpZ+3HEXg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:06 2024 by rpki-client on console-ams.rpki-client.org