Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/UAKjM8yHU_o-fAZvUHdkw8pdv6I.roa
File:                     UAKjM8yHU_o-fAZvUHdkw8pdv6I.roa (raw, json)
Hash identifier:          M6Zh3mAzWg9HFoH1J8Bjl5l3ZPxgF3whJjtIU+JQA7k=
Subject key identifier:   50:02:A3:33:CC:87:53:FA:3E:7C:06:6F:50:77:64:C3:CA:5D:BF:A2
Certificate issuer:       /CN=5be979fb8e477304bb591d6b68eea73da94a815b
Certificate serial:       01856ED4D1C8B2942C13E4779A1DE71CC717
Authority key identifier: 5B:E9:79:FB:8E:47:73:04:BB:59:1D:6B:68:EE:A7:3D:A9:4A:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W-l5-45HcwS7WR1raO6nPalKgVs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/UAKjM8yHU_o-fAZvUHdkw8pdv6I.roa
Signing time:             Sun 01 Jan 2023 19:35:18 +0000
ROA not before:           Sun 01 Jan 2023 19:35:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201290
IP address blocks:        46.231.16.0/23 maxlen: 23
                          46.231.18.0/23 maxlen: 23
                          46.231.22.0/23 maxlen: 23
                          46.231.20.0/23 maxlen: 23
                          192.145.56.0/22 maxlen: 22
                          46.231.244.0/22 maxlen: 22
                          45.128.0.0/22 maxlen: 22
                          185.229.54.0/23 maxlen: 23
                          185.229.52.0/23 maxlen: 23
                          185.94.246.0/23 maxlen: 23
                          185.94.244.0/23 maxlen: 23
                          185.146.104.0/22 maxlen: 22
                          45.153.252.0/22 maxlen: 22
                          185.41.36.0/23 maxlen: 23
                          185.41.38.0/23 maxlen: 23
                          194.39.40.0/22 maxlen: 22
                          185.214.112.0/23 maxlen: 23
                          185.214.114.0/23 maxlen: 23
                          212.115.36.0/22 maxlen: 22
                          2a05:3600::/29 maxlen: 29
                          2a0d:6e00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:d1:c8:b2:94:2c:13:e4:77:9a:1d:e7:1c:c7:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5be979fb8e477304bb591d6b68eea73da94a815b
        Validity
            Not Before: Jan  1 19:35:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5002a333cc8753fa3e7c066f507764c3ca5dbfa2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:bc:93:dd:1d:0e:50:24:9e:07:2d:3b:b3:53:
                    f8:fb:86:0b:f0:62:96:73:8a:7e:8a:34:07:b6:92:
                    51:31:9f:f0:30:cf:0e:7c:61:c9:81:37:9b:cb:3a:
                    cf:29:ab:e4:aa:ea:77:b0:8d:9a:b0:54:98:a5:1f:
                    6d:73:d7:b5:6f:ca:fb:7c:31:32:5d:6c:58:b1:17:
                    69:5b:87:9d:96:f3:80:7d:13:d2:72:9a:5e:37:a4:
                    4e:42:42:ca:f8:c1:30:19:66:5d:d5:44:e2:df:3a:
                    e5:cb:01:8e:a0:74:23:bd:4d:be:55:50:60:84:4a:
                    0e:d6:e2:f4:f9:07:e4:bd:d2:c4:4a:3d:8e:e8:af:
                    74:af:f8:d1:f0:bf:ae:ef:b6:82:ed:e2:8b:0c:46:
                    40:ef:89:8e:52:8f:bd:a4:17:3b:bc:d6:90:c9:eb:
                    67:14:15:77:32:8f:d8:bf:24:87:13:f3:5a:2c:bd:
                    ce:5e:93:f7:bc:7d:b5:b4:05:ae:cc:96:98:93:43:
                    f9:6d:1c:2c:ea:bc:4d:f8:a6:90:c7:70:d8:1f:23:
                    83:b5:bc:23:a6:9d:ab:2e:9d:68:22:a4:74:20:8a:
                    1f:87:3b:89:5e:17:e8:01:d5:9b:04:1c:e6:ff:50:
                    e9:5f:f5:b1:4e:9c:61:a6:bc:de:b0:64:72:fb:84:
                    6d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:02:A3:33:CC:87:53:FA:3E:7C:06:6F:50:77:64:C3:CA:5D:BF:A2
            X509v3 Authority Key Identifier:
                keyid:5B:E9:79:FB:8E:47:73:04:BB:59:1D:6B:68:EE:A7:3D:A9:4A:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-l5-45HcwS7WR1raO6nPalKgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/UAKjM8yHU_o-fAZvUHdkw8pdv6I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/W-l5-45HcwS7WR1raO6nPalKgVs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.0.0/22
                  45.153.252.0/22
                  46.231.16.0/21
                  46.231.244.0/22
                  185.41.36.0/22
                  185.94.244.0/22
                  185.146.104.0/22
                  185.214.112.0/22
                  185.229.52.0/22
                  192.145.56.0/22
                  194.39.40.0/22
                  212.115.36.0/22
                IPv6:
                  2a05:3600::/29
                  2a0d:6e00::/29

    Signature Algorithm: sha256WithRSAEncryption
         97:71:62:f0:0a:0a:3a:50:6c:3e:ef:62:d4:d9:d2:e9:0b:2f:
         af:d7:01:59:3a:12:62:f6:64:73:1f:76:e9:cb:d2:7b:74:4c:
         24:70:ce:7c:a9:cf:8d:73:a6:99:44:02:71:68:ae:54:e5:36:
         70:36:7b:41:c8:68:99:2c:3e:67:1d:a6:64:f0:6c:1f:1b:d5:
         70:ac:32:b7:9e:63:e0:74:33:54:b5:24:c4:a0:a8:4e:04:b2:
         68:7e:4d:5a:6c:57:1b:fa:8d:03:a2:05:a6:b9:bd:69:cb:24:
         af:33:94:0a:2b:0e:f2:42:f0:85:5b:eb:92:7a:32:3a:e1:7a:
         ff:c1:6f:0d:31:99:0e:52:af:48:f6:fd:e9:70:23:b9:3d:40:
         0b:ee:3e:15:47:0a:2e:77:09:e0:dd:6d:0b:07:6e:96:2b:de:
         d2:67:46:7a:92:8b:87:5d:83:01:ad:02:82:d5:c2:ea:ee:22:
         67:ae:56:a8:8a:b2:a6:06:a2:71:ce:3c:e1:c8:b2:33:59:2c:
         e6:d3:bc:2e:d7:b4:f4:9d:c5:67:e9:ee:b0:93:0b:4c:ee:0b:
         5e:54:7e:20:ca:ff:7f:99:e5:c8:7c:cf:09:f1:6b:46:4a:f0:
         cb:6a:42:b2:3d:07:a7:0e:db:64:9e:75:37:b1:7f:27:ff:7b:
         72:3e:08:40
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYVu1NHIspQsE+R3mh3nHMcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZTk3OWZiOGU0NzczMDRiYjU5MWQ2YjY4ZWVhNzNkYTk0
YTgxNWIwHhcNMjMwMTAxMTkzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDAyYTMzM2NjODc1M2ZhM2U3YzA2NmY1MDc3NjRjM2NhNWRiZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7byT3R0OUCSeBy07s1P4+4YL8GKW
c4p+ijQHtpJRMZ/wMM8OfGHJgTebyzrPKavkqup3sI2asFSYpR9tc9e1b8r7fDEy
XWxYsRdpW4edlvOAfRPScppeN6ROQkLK+MEwGWZd1UTi3zrlywGOoHQjvU2+VVBg
hEoO1uL0+QfkvdLESj2O6K90r/jR8L+u77aC7eKLDEZA74mOUo+9pBc7vNaQyetn
FBV3Mo/YvySHE/NaLL3OXpP3vH21tAWuzJaYk0P5bRws6rxN+KaQx3DYHyODtbwj
pp2rLp1oIqR0IIofhzuJXhfoAdWbBBzm/1DpX/WxTpxhprzesGRy+4RtwwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFFACozPMh1P6PnwGb1B3ZMPKXb+iMB8GA1UdIwQY
MBaAFFvpefuOR3MEu1kda2jupz2pSoFbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1sNS00NUhjd1M3V1IxcmFPNm5QYWxLZ1ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MzExZGYtYzNiMi00NjFlLWJkMjMt
MTYwNWIxYmQyOThlLzEvVUFLak04eUhVX28tZkFadlVIZGt3OHBkdjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MzExZGYtYzNiMi00NjFlLWJkMjMtMTYwNWIxYmQyOThl
LzEvVy1sNS00NUhjd1M3V1IxcmFPNm5QYWxLZ1ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQCLYAAAwQC
LZn8AwQDLucQAwQCLuf0AwQCuSkkAwQCuV70AwQCuZJoAwQCudZwAwQCueU0AwQC
wJE4AwQCwicoAwQC1HMkMBQEAgACMA4DBQMqBTYAAwUDKg1uADANBgkqhkiG9w0B
AQsFAAOCAQEAl3Fi8AoKOlBsPu9i1NnS6Qsvr9cBWToSYvZkcx926cvSe3RMJHDO
fKnPjXOmmUQCcWiuVOU2cDZ7QchomSw+Zx2mZPBsHxvVcKwyt55j4HQzVLUkxKCo
TgSyaH5NWmxXG/qNA6IFprm9acskrzOUCisO8kLwhVvrknoyOuF6/8FvDTGZDlKv
SPb96XAjuT1AC+4+FUcKLncJ4N1tCwdulive0mdGepKLh12DAa0CgtXC6u4iZ65W
qIqypgaicc484ciyM1ks5tO8Lte09J3FZ+nusJMLTO4LXlR+IMr/f5nlyHzPCfFr
Rkrwy2pCsj0Hpw7bZJ51N7F/J/97cj4IQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:23 2024 by rpki-client on console-ams.rpki-client.org