Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/2uI5UVW3gPpoSLHlHa-QBzcrpQc.roa
File:                     2uI5UVW3gPpoSLHlHa-QBzcrpQc.roa (raw, json)
Hash identifier:          oUxfSwuCfQ5/AI8JfkepYUej+6QNotivXdQI0X0WPdk=
Subject key identifier:   DA:E2:39:51:55:B7:80:FA:68:48:B1:E5:1D:AF:90:07:37:2B:A5:07
Certificate issuer:       /CN=d130117ae1cdc2df1c58816e00e5451f87efb370
Certificate serial:       018F4CE6FA1C3A5C7A4285E79F934359A087
Authority key identifier: D1:30:11:7A:E1:CD:C2:DF:1C:58:81:6E:00:E5:45:1F:87:EF:B3:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0TAReuHNwt8cWIFuAOVFH4fvs3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/2uI5UVW3gPpoSLHlHa-QBzcrpQc.roa
Signing time:             Mon 06 May 2024 07:55:56 +0000
ROA not before:           Mon 06 May 2024 07:55:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8351
IP address blocks:        194.59.16.0/23 maxlen: 24
                          195.98.192.0/19 maxlen: 24
                          213.254.32.0/19 maxlen: 24
                          213.254.33.0/24 maxlen: 24
                          213.254.56.0/23 maxlen: 24
                          213.254.57.0/24 maxlen: 24
                          213.254.58.0/24 maxlen: 24
                          213.254.63.0/24 maxlen: 24
                          2a02:320::/29 maxlen: 48

Validation:               Failed, certificate revoked on Fri 10 May 2024 10:11:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4c:e6:fa:1c:3a:5c:7a:42:85:e7:9f:93:43:59:a0:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d130117ae1cdc2df1c58816e00e5451f87efb370
        Validity
            Not Before: May  6 07:55:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=dae2395155b780fa6848b1e51daf9007372ba507
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:aa:ea:6a:9e:bf:e2:2c:26:21:d3:9a:13:2a:
                    48:4e:e0:4d:03:3e:83:81:3b:88:c9:d3:e3:05:03:
                    f9:6f:82:17:e7:bc:d8:de:a2:48:ad:da:52:ed:12:
                    19:22:df:b5:c9:9d:4b:f8:90:5e:b4:2e:96:d1:bf:
                    05:9c:cd:91:62:2c:a1:c0:c1:25:0f:b9:5f:f5:bf:
                    56:82:f8:96:9e:83:b4:d7:f4:52:9a:76:c5:c2:b2:
                    0d:62:43:0f:fa:c2:6b:33:9f:e8:7d:84:52:32:73:
                    0b:85:d1:af:5c:63:8a:6b:5a:d1:c8:c3:8a:1d:89:
                    45:9c:ea:33:f0:33:ee:05:d4:0e:e3:66:01:cd:bf:
                    e1:72:0d:fb:17:96:07:a7:a3:09:07:d7:e1:ef:6e:
                    c7:ee:fb:38:aa:b8:e9:d2:58:f9:dd:20:61:4e:0e:
                    fb:86:12:b3:a0:59:55:4f:cc:da:bb:1c:e8:c2:a9:
                    bc:9f:88:60:1d:22:6f:e6:03:ed:3b:bd:30:94:cc:
                    cb:84:e9:af:39:a6:c7:4f:22:83:6b:82:ed:62:84:
                    6c:92:48:92:0c:99:3e:58:0b:03:cc:a5:a0:bc:92:
                    ed:95:f3:ae:67:c1:7d:d2:f0:92:36:8c:ba:ca:2f:
                    39:43:6e:f5:ff:da:91:2b:7a:2b:3c:c5:57:a8:18:
                    b5:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:E2:39:51:55:B7:80:FA:68:48:B1:E5:1D:AF:90:07:37:2B:A5:07
            X509v3 Authority Key Identifier:
                keyid:D1:30:11:7A:E1:CD:C2:DF:1C:58:81:6E:00:E5:45:1F:87:EF:B3:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0TAReuHNwt8cWIFuAOVFH4fvs3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/2uI5UVW3gPpoSLHlHa-QBzcrpQc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/0TAReuHNwt8cWIFuAOVFH4fvs3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.59.16.0/23
                  195.98.192.0/19
                  213.254.32.0/19
                IPv6:
                  2a02:320::/29

    Signature Algorithm: sha256WithRSAEncryption
         45:0b:6f:8a:c9:36:9c:d3:68:4c:37:48:6d:0d:1f:e2:6d:25:
         99:88:01:9f:74:28:7e:38:3d:f3:db:ff:71:49:48:41:d3:a1:
         13:13:46:ee:f2:cb:93:1b:e5:c2:89:dd:5f:56:3d:5d:37:93:
         a7:ce:6f:a5:83:19:2b:56:f2:bb:fc:cd:ac:c4:6b:81:e6:8a:
         0b:30:49:f8:b7:36:ff:56:30:ee:29:63:b5:1f:d5:d4:b9:3f:
         1a:04:1c:46:05:a9:99:73:ac:e4:01:fc:6a:bd:73:38:68:40:
         26:3e:a0:41:97:bf:e3:34:38:2a:83:dc:dd:8e:67:e1:cf:a3:
         c1:06:d3:9a:7d:22:05:e2:5c:2e:69:a0:c5:43:ff:37:7b:56:
         d5:2b:3c:a9:c7:a7:a3:fd:b9:6f:86:42:33:f8:85:f0:57:c6:
         d4:26:17:e8:93:ff:7a:10:8f:8e:42:42:51:db:af:00:24:7e:
         ca:cc:1b:f6:11:4e:c9:3e:0f:d5:6d:85:8a:3f:3c:ad:1c:19:
         6f:07:c5:9a:62:70:f4:03:84:4f:6e:52:55:0b:ff:1a:2e:2f:
         61:62:e6:c2:05:e8:e9:d1:d1:b3:de:27:d5:b5:ae:63:b7:5b:
         73:4b:4e:75:ad:2e:25:a2:0e:62:e5:34:4f:2b:4a:04:b3:20:
         36:bf:56:b3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY9M5vocOlx6QoXnn5NDWaCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMzAxMTdhZTFjZGMyZGYxYzU4ODE2ZTAwZTU0NTFmODdl
ZmIzNzAwHhcNMjQwNTA2MDc1NTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWUyMzk1MTU1Yjc4MGZhNjg0OGIxZTUxZGFmOTAwNzM3MmJhNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKrqap6/4iwmIdOaEypITuBNAz6D
gTuIydPjBQP5b4IX57zY3qJIrdpS7RIZIt+1yZ1L+JBetC6W0b8FnM2RYiyhwMEl
D7lf9b9WgviWnoO01/RSmnbFwrINYkMP+sJrM5/ofYRSMnMLhdGvXGOKa1rRyMOK
HYlFnOoz8DPuBdQO42YBzb/hcg37F5YHp6MJB9fh727H7vs4qrjp0lj53SBhTg77
hhKzoFlVT8zauxzowqm8n4hgHSJv5gPtO70wlMzLhOmvOabHTyKDa4LtYoRskkiS
DJk+WAsDzKWgvJLtlfOuZ8F90vCSNoy6yi85Q271/9qRK3orPMVXqBi17QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNriOVFVt4D6aEix5R2vkAc3K6UHMB8GA1UdIwQY
MBaAFNEwEXrhzcLfHFiBbgDlRR+H77NwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFRBUmV1SE53dDhjV0lGdUFPVkZINGZ2czNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xMGNlNzMtM2Q0Zi00M2VmLWI2ODUt
MjUwYTRkNzc3YmE2LzEvMnVJNVVWVzNnUHBvU0xIbEhhLVFCemNycFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xMGNlNzMtM2Q0Zi00M2VmLWI2ODUtMjUwYTRkNzc3YmE2
LzEvMFRBUmV1SE53dDhjV0lGdUFPVkZINGZ2czNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwjsQAwQF
w2LAAwQF1f4gMA0EAgACMAcDBQMqAgMgMA0GCSqGSIb3DQEBCwUAA4IBAQBFC2+K
yTac02hMN0htDR/ibSWZiAGfdCh+OD3z2/9xSUhB06ETE0bu8suTG+XCid1fVj1d
N5Onzm+lgxkrVvK7/M2sxGuB5ooLMEn4tzb/VjDuKWO1H9XUuT8aBBxGBamZc6zk
AfxqvXM4aEAmPqBBl7/jNDgqg9zdjmfhz6PBBtOafSIF4lwuaaDFQ/83e1bVKzyp
x6ej/blvhkIz+IXwV8bUJhfok/96EI+OQkJR268AJH7KzBv2EU7JPg/VbYWKPzyt
HBlvB8WaYnD0A4RPblJVC/8aLi9hYubCBejp0dGz3ifVta5jt1tzS051rS4log5i
5TRPK0oEsyA2v1az
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:27 2024 by rpki-client on console-ams.rpki-client.org