Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ELuHUa4LFYwDT8mEhxZW7puCrgA.roa
File:                     ELuHUa4LFYwDT8mEhxZW7puCrgA.roa (raw, json)
Hash identifier:          KHBkB4AMgr+/DjwMqerlsXR6xf0P7TJrPoDcPPtney8=
Subject key identifier:   10:BB:87:51:AE:0B:15:8C:03:4F:C9:84:87:16:56:EE:9B:82:AE:00
Certificate issuer:       /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial:       018F028345E332876F09D4C0392EF3BBDAA6
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ELuHUa4LFYwDT8mEhxZW7puCrgA.roa
Signing time:             Sun 21 Apr 2024 21:15:08 +0000
ROA not before:           Sun 21 Apr 2024 21:15:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39521
IP address blocks:        45.10.16.0/23 maxlen: 23
                          45.10.18.0/24 maxlen: 24
                          45.88.5.0/24 maxlen: 24
                          45.88.6.0/24 maxlen: 24
                          45.88.7.0/24 maxlen: 24
                          45.95.40.0/22 maxlen: 22
                          45.130.100.0/22 maxlen: 22
                          83.229.34.0/24 maxlen: 24
                          95.178.107.0/24 maxlen: 24
                          185.90.223.0/24 maxlen: 24
                          185.144.56.0/22 maxlen: 24
                          188.191.48.0/22 maxlen: 22
                          217.194.153.0/24 maxlen: 24
                          2a05:e4c0::/29 maxlen: 32

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 08:56:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:02:83:45:e3:32:87:6f:09:d4:c0:39:2e:f3:bb:da:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
        Validity
            Not Before: Apr 21 21:15:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=10bb8751ae0b158c034fc984871656ee9b82ae00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:3f:ac:a7:bb:1e:f8:6d:65:c3:00:a8:15:a8:
                    6e:ed:7b:e3:33:af:62:9c:ea:4f:a6:15:54:da:30:
                    26:cb:5c:04:c1:b5:b9:6a:67:2c:81:83:75:57:eb:
                    ed:54:8a:b1:2f:2a:0c:91:45:df:0b:fa:91:38:54:
                    56:1d:2b:d5:73:07:f7:e6:92:32:26:ac:f1:34:70:
                    f4:99:8d:6c:25:ef:87:8f:78:7e:b4:15:f6:79:cc:
                    87:ff:d8:95:46:41:f5:06:3e:33:e8:35:ed:0f:28:
                    5a:18:1b:51:30:88:0a:34:6e:5d:89:74:82:14:d1:
                    e2:33:c4:c8:4c:a8:f3:51:17:7f:a6:c2:7c:88:79:
                    62:a2:0f:ac:db:9a:db:66:09:98:14:11:32:5f:90:
                    d4:93:5a:cf:d2:9f:ec:94:87:60:d7:07:9e:dd:a0:
                    ac:97:32:c2:07:fa:80:34:7b:19:b8:ae:36:a5:e6:
                    fd:04:f7:3b:de:c3:3c:fd:86:99:26:d5:ba:96:53:
                    8d:ce:34:b1:e9:1f:b9:8d:1c:d3:33:af:94:47:f5:
                    b0:33:35:e5:ec:6d:1a:e2:4b:47:2f:69:59:56:14:
                    cf:cd:3c:8e:ec:32:d6:8c:d6:50:2c:35:9b:63:3a:
                    c4:d8:66:98:8f:df:8b:fa:25:b1:97:f4:cb:04:39:
                    b2:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:BB:87:51:AE:0B:15:8C:03:4F:C9:84:87:16:56:EE:9B:82:AE:00
            X509v3 Authority Key Identifier:
                keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ELuHUa4LFYwDT8mEhxZW7puCrgA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.16.0-45.10.18.255
                  45.88.5.0-45.88.7.255
                  45.95.40.0/22
                  45.130.100.0/22
                  83.229.34.0/24
                  95.178.107.0/24
                  185.90.223.0/24
                  185.144.56.0/22
                  188.191.48.0/22
                  217.194.153.0/24
                IPv6:
                  2a05:e4c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         5a:ea:2a:72:f5:86:89:7e:f4:40:9f:9e:61:21:5e:28:9b:75:
         38:0b:ad:de:02:9b:55:09:42:d5:64:17:35:08:1c:4a:f8:5d:
         9a:87:aa:a0:44:cd:c3:94:f8:05:f8:3a:cc:c6:71:5e:d7:9a:
         96:55:ae:79:25:e9:ae:76:1a:4f:3c:8a:9f:0c:7b:58:e3:6a:
         4b:60:7a:25:7f:d5:c8:4d:cc:88:6b:e4:23:4b:08:bb:e6:2c:
         7a:75:6f:bd:78:8d:49:36:8b:f5:b8:ed:ab:10:61:61:51:4f:
         98:c9:98:a3:f8:da:97:32:bb:40:71:89:8f:8e:7f:40:0a:eb:
         9b:da:0e:2f:1e:76:f2:f5:c9:09:2b:1d:64:ef:e4:46:bb:69:
         72:69:97:bc:53:ca:d5:f6:10:e1:f0:f7:00:62:4d:01:9e:9f:
         f0:e6:90:71:bf:d9:97:23:01:48:87:47:db:d9:da:8c:ea:33:
         01:37:0a:05:ea:97:ca:29:32:40:b3:49:08:54:cb:bd:f6:f8:
         f6:58:89:99:0a:98:95:34:48:67:d2:8a:eb:bf:b3:66:33:8e:
         31:0d:c3:b0:cc:8e:b0:51:de:c3:80:09:7b:73:05:c5:03:ca:
         69:83:d5:b0:b1:a5:01:00:b4:15:5f:f3:e7:d7:f7:9c:ce:24:
         44:ea:4e:0d
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAY8Cg0XjModvCdTAOS7zu9qmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjQwNDIxMjExNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGJiODc1MWFlMGIxNThjMDM0ZmM5ODQ4NzE2NTZlZTliODJhZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz+sp7se+G1lwwCoFahu7XvjM69i
nOpPphVU2jAmy1wEwbW5amcsgYN1V+vtVIqxLyoMkUXfC/qROFRWHSvVcwf35pIy
JqzxNHD0mY1sJe+Hj3h+tBX2ecyH/9iVRkH1Bj4z6DXtDyhaGBtRMIgKNG5diXSC
FNHiM8TITKjzURd/psJ8iHliog+s25rbZgmYFBEyX5DUk1rP0p/slIdg1wee3aCs
lzLCB/qANHsZuK42peb9BPc73sM8/YaZJtW6llONzjSx6R+5jRzTM6+UR/WwMzXl
7G0a4ktHL2lZVhTPzTyO7DLWjNZQLDWbYzrE2GaYj9+L+iWxl/TLBDmyZQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFBC7h1GuCxWMA0/JhIcWVu6bgq4AMB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvRUx1SFVhNExGWXdEVDhtRWh4Wlc3cHVDcmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMMAwDBAQtChAD
BAAtChIwDAMEAC1YBQMEAy1YAAMEAi1fKAMEAi2CZAMEAFPlIgMEAF+yawMEALla
3wMEArmQOAMEAry/MAMEANnCmTANBAIAAjAHAwUDKgXkwDANBgkqhkiG9w0BAQsF
AAOCAQEAWuoqcvWGiX70QJ+eYSFeKJt1OAut3gKbVQlC1WQXNQgcSvhdmoeqoETN
w5T4Bfg6zMZxXteallWueSXprnYaTzyKnwx7WONqS2B6JX/VyE3MiGvkI0sIu+Ys
enVvvXiNSTaL9bjtqxBhYVFPmMmYo/jalzK7QHGJj45/QArrm9oOLx528vXJCSsd
ZO/kRrtpcmmXvFPK1fYQ4fD3AGJNAZ6f8OaQcb/ZlyMBSIdH29najOozATcKBeqX
yikyQLNJCFTLvfb49liJmQqYlTRIZ9KK67+zZjOOMQ3DsMyOsFHew4AJe3MFxQPK
aYPVsLGlAQC0FV/z59f3nM4kROpODQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:07 2024 by rpki-client on console-fra.rpki-client.org