Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/UytPKBKT8MGRrMvn16PU6vut4zc.roa
File:                     UytPKBKT8MGRrMvn16PU6vut4zc.roa (raw, json)
Hash identifier:          XFIUl+cbVsi3xQxW/9CwGQOUe5mxg0TgGGEzwJ2J048=
Subject key identifier:   53:2B:4F:28:12:93:F0:C1:91:AC:CB:E7:D7:A3:D4:EA:FB:AD:E3:37
Certificate issuer:       /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial:       018BCD576007C48E389AF3F0EB2623D70DBB
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/UytPKBKT8MGRrMvn16PU6vut4zc.roa
Signing time:             Tue 14 Nov 2023 10:18:57 +0000
ROA not before:           Tue 14 Nov 2023 10:18:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     4809
IP address blocks:        5.10.136.112/29 maxlen: 29
                          5.154.132.0/24 maxlen: 24
                          5.10.141.136/30 maxlen: 30
                          5.10.141.8/30 maxlen: 30
                          5.154.133.0/24 maxlen: 24
                          5.154.138.0/24 maxlen: 24
                          5.154.139.0/24 maxlen: 24
                          5.154.137.0/24 maxlen: 24
                          5.154.136.0/24 maxlen: 24
                          5.154.140.0/24 maxlen: 24
                          5.154.141.0/24 maxlen: 24
                          5.154.159.0/24 maxlen: 24
                          5.154.158.0/24 maxlen: 24
                          145.14.83.0/24 maxlen: 24
                          145.14.81.0/24 maxlen: 24
                          145.14.82.0/24 maxlen: 24
                          145.14.79.0/24 maxlen: 24
                          145.14.80.0/24 maxlen: 24
                          145.14.84.0/24 maxlen: 24
                          145.14.85.0/24 maxlen: 24
                          145.14.90.0/24 maxlen: 24
                          145.14.88.0/24 maxlen: 24
                          145.14.89.0/24 maxlen: 24
                          145.14.86.0/24 maxlen: 24
                          145.14.87.0/24 maxlen: 24
                          145.14.91.0/24 maxlen: 24
                          145.14.93.0/24 maxlen: 24
                          185.75.172.0/24 maxlen: 24
                          185.75.174.0/24 maxlen: 24
                          185.75.173.0/24 maxlen: 24
                          5.10.136.208/30 maxlen: 30
                          145.14.64.0/24 maxlen: 24
                          145.14.70.0/24 maxlen: 24
                          145.14.71.0/24 maxlen: 24
                          145.14.69.0/24 maxlen: 24
                          145.14.67.0/24 maxlen: 24
                          145.14.68.0/24 maxlen: 24
                          145.14.65.0/24 maxlen: 24
                          145.14.66.0/24 maxlen: 24
                          145.14.76.0/24 maxlen: 24
                          145.14.74.0/24 maxlen: 24
                          145.14.75.0/24 maxlen: 24
                          145.14.72.0/24 maxlen: 24
                          145.14.73.0/24 maxlen: 24
                          145.14.77.0/24 maxlen: 24
                          145.14.78.0/24 maxlen: 24
                          5.10.138.0/24 maxlen: 24
                          5.10.139.0/24 maxlen: 24
                          5.10.137.0/24 maxlen: 24
                          5.10.136.0/24 maxlen: 24
                          5.10.140.0/24 maxlen: 24
                          5.10.143.0/24 maxlen: 24
                          5.10.142.0/24 maxlen: 24
                          2a04:f580:9210::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 15 Nov 2023 02:53:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:cd:57:60:07:c4:8e:38:9a:f3:f0:eb:26:23:d7:0d:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
        Validity
            Not Before: Nov 14 10:18:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=532b4f281293f0c191accbe7d7a3d4eafbade337
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0b:fa:29:4e:1c:43:7a:e6:5b:45:0d:0e:94:
                    c2:83:dc:86:1f:41:27:2c:40:94:17:52:84:77:dd:
                    30:28:0e:e2:8a:56:89:bb:27:47:e4:69:20:8d:cf:
                    78:dc:3f:64:3f:90:9a:9b:83:41:31:40:a2:7c:b9:
                    e0:b8:a5:eb:4b:30:5f:c0:35:b9:e6:04:81:3c:65:
                    b9:0b:d5:b9:65:a8:ea:2b:fb:70:13:0e:47:4c:b5:
                    54:4b:96:80:dc:e0:4b:78:16:94:ed:48:fc:ba:05:
                    72:51:2a:4d:49:79:c7:d5:5c:7c:9a:e6:20:50:1a:
                    a4:e8:0e:5a:4a:8e:83:c6:5f:0b:b1:00:b8:a9:73:
                    8a:39:54:a5:b2:17:21:72:f2:57:7e:d1:9c:56:2e:
                    a7:2c:b6:0f:67:4a:09:81:51:fe:63:32:70:9f:0b:
                    2a:9c:08:63:a6:e8:aa:a7:21:ca:bd:be:46:d3:24:
                    a2:94:c5:57:1b:44:3a:bd:26:d7:79:a8:95:8f:67:
                    f5:1b:ec:06:52:5c:0d:53:8b:a1:e1:44:a4:8c:e6:
                    2c:8b:33:a1:18:5c:2c:81:85:08:d6:df:66:64:6f:
                    43:09:29:30:ba:9e:cf:ef:33:c4:12:9d:3b:fc:bb:
                    2b:05:db:21:b4:65:08:9a:db:a7:4e:3d:47:37:2d:
                    83:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:2B:4F:28:12:93:F0:C1:91:AC:CB:E7:D7:A3:D4:EA:FB:AD:E3:37
            X509v3 Authority Key Identifier:
                keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/UytPKBKT8MGRrMvn16PU6vut4zc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.10.136.0-5.10.140.255
                  5.10.141.8/30
                  5.10.141.136/30
                  5.10.142.0/23
                  5.154.132.0/23
                  5.154.136.0-5.154.141.255
                  5.154.158.0/23
                  145.14.64.0-145.14.91.255
                  145.14.93.0/24
                  185.75.172.0-185.75.174.255
                IPv6:
                  2a04:f580:9210::/48

    Signature Algorithm: sha256WithRSAEncryption
         82:04:54:cc:f2:b4:0d:5f:c5:4d:5c:fa:49:c3:8a:c1:0f:7c:
         92:e3:db:e5:e3:27:9f:50:e1:7e:fe:57:ab:63:c7:11:65:b2:
         c9:9c:29:f7:1b:28:31:ce:4f:6a:79:2a:f4:27:4b:34:b7:0e:
         ec:b0:b6:36:57:c5:71:77:57:02:31:8b:0d:53:ec:cc:88:34:
         5a:72:b0:c5:93:3b:6c:76:68:61:cb:bc:45:63:3d:b3:58:4e:
         51:55:e1:d7:74:45:d2:28:eb:d8:9f:cb:7c:91:b8:f9:a8:4c:
         e6:a6:9d:35:dc:83:21:2c:e7:37:a2:dd:d1:d7:f4:29:db:4e:
         7f:3f:1e:61:06:b9:c2:83:5b:27:47:5e:7e:23:58:67:c8:49:
         8e:52:d4:f4:de:8b:83:4f:1b:d0:7a:f3:63:18:eb:bf:67:2c:
         0d:6c:22:95:bd:d8:68:65:cc:34:8f:32:67:84:37:14:65:29:
         69:c7:36:89:33:13:3c:6d:53:a4:eb:ea:4e:f4:07:4f:a9:8e:
         70:ae:d0:75:c2:73:e7:d5:a0:05:2a:a9:b5:6f:a2:10:1d:64:
         43:bc:24:d3:cc:4b:2b:23:a5:74:40:74:bb:05:24:b9:37:f3:
         82:e6:7b:03:4e:77:d4:2a:db:66:f1:26:d4:0e:35:76:48:21:
         f9:62:a1:80
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYvNV2AHxI44mvPw6yYj1w27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjMxMTE0MTAxODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzJiNGYyODEyOTNmMGMxOTFhY2NiZTdkN2EzZDRlYWZiYWRlMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgv6KU4cQ3rmW0UNDpTCg9yGH0En
LECUF1KEd90wKA7iilaJuydH5Gkgjc943D9kP5Cam4NBMUCifLnguKXrSzBfwDW5
5gSBPGW5C9W5ZajqK/twEw5HTLVUS5aA3OBLeBaU7Uj8ugVyUSpNSXnH1Vx8muYg
UBqk6A5aSo6Dxl8LsQC4qXOKOVSlshchcvJXftGcVi6nLLYPZ0oJgVH+YzJwnwsq
nAhjpuiqpyHKvb5G0ySilMVXG0Q6vSbXeaiVj2f1G+wGUlwNU4uh4USkjOYsizOh
GFwsgYUI1t9mZG9DCSkwup7P7zPEEp07/LsrBdshtGUImtunTj1HNy2D/QIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFFMrTygSk/DBkazL59ej1Or7reM3MB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvVXl0UEtCS1Q4TUdSck12bjE2UFU2dnV0NHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZAQCAAEwXjAMAwQDBQqI
AwQABQqMAwUCBQqNCAMFAgUKjYgDBAEFCo4DBAEFmoQwDAMEAwWaiAMEAQWajAME
AQWanjAMAwQGkQ5AAwQCkQ5YAwQAkQ5dMAwDBAK5S6wDBAC5S64wDwQCAAIwCQMH
ACoE9YCSEDANBgkqhkiG9w0BAQsFAAOCAQEAggRUzPK0DV/FTVz6ScOKwQ98kuPb
5eMnn1Dhfv5Xq2PHEWWyyZwp9xsoMc5Pankq9CdLNLcO7LC2NlfFcXdXAjGLDVPs
zIg0WnKwxZM7bHZoYcu8RWM9s1hOUVXh13RF0ijr2J/LfJG4+ahM5qadNdyDISzn
N6Ld0df0KdtOfz8eYQa5woNbJ0defiNYZ8hJjlLU9N6Lg08b0HrzYxjrv2csDWwi
lb3YaGXMNI8yZ4Q3FGUpacc2iTMTPG1TpOvqTvQHT6mOcK7QdcJz59WgBSqptW+i
EB1kQ7wk08xLKyOldEB0uwUkuTfzguZ7A0531CrbZvEm1A41dkgh+WKhgA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:54 2024 by rpki-client on console-ams.rpki-client.org