Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/1ec1d7-aced-4eaa-978c-2a990f2850fb/1/gLUGtFodGdG1V0M1ztv8ftOmkRM.roa
File:                     gLUGtFodGdG1V0M1ztv8ftOmkRM.roa (raw, json)
Hash identifier:          QkSaBryncQZv3wJ1GyeQPn9Nc64ng9PRtzIDXKzoT+8=
Subject key identifier:   80:B5:06:B4:5A:1D:19:D1:B5:57:43:35:CE:DB:FC:7E:D3:A6:91:13
Certificate issuer:       /CN=f5e8e36be1dba073590382bb1ffff317653900d1
Certificate serial:       01856D81980BB704097254F974B5EB761CA3
Authority key identifier: F5:E8:E3:6B:E1:DB:A0:73:59:03:82:BB:1F:FF:F3:17:65:39:00:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9ejja-HboHNZA4K7H__zF2U5ANE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/1ec1d7-aced-4eaa-978c-2a990f2850fb/1/gLUGtFodGdG1V0M1ztv8ftOmkRM.roa
Signing time:             Sun 01 Jan 2023 13:24:47 +0000
ROA not before:           Sun 01 Jan 2023 13:24:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200003
IP address blocks:        185.39.104.0/22 maxlen: 22
                          185.39.104.0/24 maxlen: 24
                          185.39.105.0/24 maxlen: 24
                          185.39.107.0/24 maxlen: 24
                          185.39.106.0/24 maxlen: 24
                          2a04:7b40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:98:0b:b7:04:09:72:54:f9:74:b5:eb:76:1c:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5e8e36be1dba073590382bb1ffff317653900d1
        Validity
            Not Before: Jan  1 13:24:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=80b506b45a1d19d1b5574335cedbfc7ed3a69113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:eb:b5:82:fe:f4:d2:23:a7:7c:e4:6e:2b:f9:
                    3b:2e:5f:55:17:35:eb:91:aa:6f:dd:3c:b7:8e:28:
                    30:16:67:d3:5b:ce:b0:7e:42:90:1a:25:56:78:a2:
                    02:89:12:6b:90:c7:dc:08:d2:d0:37:57:49:c5:7a:
                    65:25:5a:96:32:00:90:04:50:79:f6:22:ea:2d:db:
                    a9:52:e9:80:ae:2d:09:78:5a:06:15:ca:94:12:ad:
                    73:95:ba:23:da:ef:6c:12:a8:27:33:71:be:f1:6a:
                    18:95:a2:5b:07:04:32:26:15:0d:e8:9f:ed:7e:71:
                    dd:d5:32:4d:e2:3d:b1:40:bd:6a:80:82:66:ad:24:
                    b9:99:e9:c8:7f:3c:d7:00:09:5f:d3:fe:2c:ce:17:
                    1e:0e:91:8f:19:6f:df:45:64:49:f4:a4:a8:20:97:
                    df:a4:cf:02:aa:2e:3c:90:f9:c9:1e:e5:6c:b2:6f:
                    0b:b8:56:0c:20:79:6a:6a:c5:10:33:22:a8:b8:a5:
                    5b:d2:3f:2d:ac:18:a0:79:39:fc:f3:08:0d:b5:b6:
                    14:d3:48:80:03:3e:e7:88:e5:05:eb:8a:0e:a0:29:
                    0e:b6:9a:43:27:38:96:41:ba:67:88:ad:d2:1b:90:
                    fd:2d:89:19:83:0a:d2:b3:53:99:fc:6b:10:8b:ca:
                    76:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:B5:06:B4:5A:1D:19:D1:B5:57:43:35:CE:DB:FC:7E:D3:A6:91:13
            X509v3 Authority Key Identifier:
                keyid:F5:E8:E3:6B:E1:DB:A0:73:59:03:82:BB:1F:FF:F3:17:65:39:00:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ejja-HboHNZA4K7H__zF2U5ANE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1ec1d7-aced-4eaa-978c-2a990f2850fb/1/gLUGtFodGdG1V0M1ztv8ftOmkRM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1ec1d7-aced-4eaa-978c-2a990f2850fb/1/9ejja-HboHNZA4K7H__zF2U5ANE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.39.104.0/22
                IPv6:
                  2a04:7b40::/29

    Signature Algorithm: sha256WithRSAEncryption
         9d:98:51:f3:38:38:db:0c:3e:e1:6e:e7:08:fc:89:8c:b1:21:
         01:94:7e:bf:32:d2:b0:04:c3:ea:7b:dc:48:cd:e8:1d:4e:03:
         2e:5f:fb:eb:2c:c6:72:b6:0e:f9:f1:a4:ba:e8:9b:28:c5:38:
         49:7e:e1:e0:d1:fd:af:34:f5:70:98:70:9f:07:32:64:b4:05:
         69:68:4d:87:eb:1b:dc:15:cc:aa:19:09:7d:86:92:f9:b6:f6:
         36:30:68:f1:66:fe:9e:8c:be:c5:34:24:6f:0b:8c:ed:b4:49:
         0e:f4:46:b6:5f:7d:56:1c:4a:86:a6:06:61:42:c0:51:4d:b6:
         75:e5:6b:f0:71:81:26:c9:3f:49:6a:1c:4c:cd:7d:db:43:2d:
         cc:12:7a:75:14:a8:6c:11:2e:cc:0f:81:3d:80:a1:fb:47:00:
         0a:66:c1:78:b5:97:04:e0:9f:6b:32:95:6f:a6:f3:88:a4:20:
         66:f1:0d:99:33:4c:cc:a6:52:97:6d:f0:e7:a0:95:33:e1:67:
         fc:85:1b:b2:96:b3:f7:cd:0a:ec:9b:c1:da:41:a8:76:52:59:
         70:cd:cd:41:d8:7c:08:7e:7f:18:d9:f5:42:fb:40:b3:5d:04:
         11:a8:83:58:76:5c:cc:23:c2:96:57:e4:1f:7f:80:43:fa:b8:
         ab:55:44:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtgZgLtwQJclT5dLXrdhyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZThlMzZiZTFkYmEwNzM1OTAzODJiYjFmZmZmMzE3NjUz
OTAwZDEwHhcNMjMwMTAxMTMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGI1MDZiNDVhMWQxOWQxYjU1NzQzMzVjZWRiZmM3ZWQzYTY5MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuu1gv700iOnfORuK/k7Ll9VFzXr
kapv3Ty3jigwFmfTW86wfkKQGiVWeKICiRJrkMfcCNLQN1dJxXplJVqWMgCQBFB5
9iLqLdupUumAri0JeFoGFcqUEq1zlboj2u9sEqgnM3G+8WoYlaJbBwQyJhUN6J/t
fnHd1TJN4j2xQL1qgIJmrSS5menIfzzXAAlf0/4szhceDpGPGW/fRWRJ9KSoIJff
pM8Cqi48kPnJHuVssm8LuFYMIHlqasUQMyKouKVb0j8trBigeTn88wgNtbYU00iA
Az7niOUF64oOoCkOtppDJziWQbpniK3SG5D9LYkZgwrSs1OZ/GsQi8p2iwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIC1BrRaHRnRtVdDNc7b/H7TppETMB8GA1UdIwQY
MBaAFPXo42vh26BzWQOCux//8xdlOQDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWVqamEtSGJvSE5aQTRLN0hfX3pGMlU1QU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xZWMxZDctYWNlZC00ZWFhLTk3OGMt
MmE5OTBmMjg1MGZiLzEvZ0xVR3RGb2RHZEcxVjBNMXp0djhmdE9ta1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xZWMxZDctYWNlZC00ZWFhLTk3OGMtMmE5OTBmMjg1MGZi
LzEvOWVqamEtSGJvSE5aQTRLN0hfX3pGMlU1QU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSdoMA0E
AgACMAcDBQMqBHtAMA0GCSqGSIb3DQEBCwUAA4IBAQCdmFHzODjbDD7hbucI/ImM
sSEBlH6/MtKwBMPqe9xIzegdTgMuX/vrLMZytg758aS66JsoxThJfuHg0f2vNPVw
mHCfBzJktAVpaE2H6xvcFcyqGQl9hpL5tvY2MGjxZv6ejL7FNCRvC4zttEkO9Ea2
X31WHEqGpgZhQsBRTbZ15WvwcYEmyT9JahxMzX3bQy3MEnp1FKhsES7MD4E9gKH7
RwAKZsF4tZcE4J9rMpVvpvOIpCBm8Q2ZM0zMplKXbfDnoJUz4Wf8hRuylrP3zQrs
m8HaQah2Ullwzc1B2HwIfn8Y2fVC+0CzXQQRqINYdlzMI8KWV+Qff4BD+rirVURK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:23 2024 by rpki-client on console-fra.rpki-client.org