Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/B5_rOyORgJxHwoAmxFLJ9g1q1SE.roa
File:                     B5_rOyORgJxHwoAmxFLJ9g1q1SE.roa (raw, json)
Hash identifier:          CFgtYQM3Q2Fev/w/c3A2ddeKBK8dyVQMPOrbpp/ZKfY=
Subject key identifier:   07:9F:EB:3B:23:91:80:9C:47:C2:80:26:C4:52:C9:F6:0D:6A:D5:21
Certificate issuer:       /CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Certificate serial:       019224CF756F1C0AA5D4162191577D3AA0C0
Authority key identifier: AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/B5_rOyORgJxHwoAmxFLJ9g1q1SE.roa
Signing time:             Tue 24 Sep 2024 16:13:48 +0000
ROA not before:           Tue 24 Sep 2024 16:13:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2872
IP address blocks:        2.58.40.0/22 maxlen: 22
                          2.58.40.0/24 maxlen: 24
                          2.58.41.0/24 maxlen: 24
                          2.58.42.0/24 maxlen: 24
                          45.115.92.0/24 maxlen: 24
                          45.115.93.0/24 maxlen: 24
                          45.115.94.0/24 maxlen: 24
                          45.115.95.0/24 maxlen: 24
                          89.43.206.0/23 maxlen: 23
                          89.43.206.0/24 maxlen: 24
                          89.43.207.0/24 maxlen: 24
                          185.123.0.0/22 maxlen: 22
                          185.123.0.0/24 maxlen: 24
                          185.123.1.0/24 maxlen: 24
                          185.123.2.0/24 maxlen: 24
                          185.123.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 25 Sep 2024 05:56:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:24:cf:75:6f:1c:0a:a5:d4:16:21:91:57:7d:3a:a0:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
        Validity
            Not Before: Sep 24 16:13:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=079feb3b2391809c47c28026c452c9f60d6ad521
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:12:ed:23:b0:3f:46:b0:b5:40:04:18:9a:b4:
                    3e:6a:3e:41:f3:5c:ff:31:a3:fc:97:ee:9b:db:7c:
                    37:75:c5:2a:c7:15:7c:97:d1:0a:1e:0f:31:bb:27:
                    51:d2:f9:bd:62:8f:82:98:d7:d3:5d:28:f1:12:3f:
                    12:83:30:02:b2:b8:6f:18:12:9a:9a:d3:1b:ba:27:
                    78:51:9f:50:f6:29:80:ae:69:55:e3:50:1a:53:58:
                    46:94:fc:c2:8f:10:9c:48:d0:0e:bb:25:44:7c:d1:
                    44:e5:a5:0c:17:65:af:d6:e7:6f:47:ae:e4:7d:22:
                    c7:6d:70:a3:58:ee:05:9c:ce:db:83:a9:fb:2a:51:
                    b2:83:17:12:4b:30:11:69:c3:4c:f9:56:9d:bb:51:
                    06:94:27:1b:c4:6c:69:55:d4:90:b3:41:c5:17:30:
                    11:71:9a:79:f8:0e:40:22:5c:11:b5:4c:95:fc:23:
                    02:fd:40:b6:db:d6:36:b0:d8:51:1e:b0:36:65:ff:
                    63:eb:86:0b:76:53:fc:1b:df:29:66:c5:49:84:04:
                    27:aa:cf:48:1b:ab:1c:d2:93:3f:c5:ae:df:68:ee:
                    a1:5c:15:f7:bf:0d:df:c2:b5:3b:1f:f3:7c:58:16:
                    4d:e1:6a:4d:45:b8:3a:49:98:93:8e:0b:3f:7b:72:
                    84:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:9F:EB:3B:23:91:80:9C:47:C2:80:26:C4:52:C9:F6:0D:6A:D5:21
            X509v3 Authority Key Identifier:
                keyid:AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/B5_rOyORgJxHwoAmxFLJ9g1q1SE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.40.0/22
                  45.115.92.0/22
                  89.43.206.0/23
                  185.123.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:bd:c7:88:83:c5:63:ce:44:99:89:bc:db:ec:c6:8d:c6:c0:
         c6:a2:44:8c:0f:2e:56:d4:d2:6a:7d:83:f0:83:5e:da:4a:b7:
         6d:89:e9:ff:25:ef:2d:36:59:77:cd:63:c3:db:e6:73:07:67:
         18:32:17:f2:e2:b4:c7:a8:a0:01:f7:9b:9a:f0:6e:42:f9:45:
         53:24:78:a1:70:6c:39:75:87:27:62:25:cb:f1:84:a6:5d:95:
         ff:5a:cc:d0:64:34:7c:c1:73:8c:5c:c9:b9:c2:39:4a:f6:27:
         a3:12:1c:c4:16:86:cb:78:c3:aa:60:ee:63:8b:6e:70:49:69:
         6d:74:a1:79:e8:6e:f5:4f:9c:d4:66:73:9f:bd:ac:96:fc:84:
         f5:2c:53:bd:96:09:e5:a2:f4:b8:80:ad:b0:b6:ec:a5:02:be:
         ee:ec:23:8f:b3:09:ce:3e:3d:78:70:18:b6:62:f7:a7:f6:90:
         e3:31:cc:42:72:d3:2c:34:28:ae:5c:64:c0:91:a7:d4:56:59:
         de:7d:34:6d:6f:e4:3e:21:c8:b9:35:78:39:4b:17:3b:d7:21:
         0a:74:90:8e:bc:85:28:f9:e4:4e:0b:b1:6d:cd:8e:54:ad:17:
         9e:78:03:bd:bc:50:33:cf:c6:b1:ae:90:38:2f:c1:f6:23:2e:
         9f:a0:76:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZIkz3VvHAql1BYhkVd9OqDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGY1NDM4MDczYTYyMWFlYTc3MmY1Y2I3YTRlZmQ1OGM2
Yjc3NGMwHhcNMjQwOTI0MTYxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzlmZWIzYjIzOTE4MDljNDdjMjgwMjZjNDUyYzlmNjBkNmFkNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRLtI7A/RrC1QAQYmrQ+aj5B81z/
MaP8l+6b23w3dcUqxxV8l9EKHg8xuydR0vm9Yo+CmNfTXSjxEj8SgzACsrhvGBKa
mtMbuid4UZ9Q9imArmlV41AaU1hGlPzCjxCcSNAOuyVEfNFE5aUMF2Wv1udvR67k
fSLHbXCjWO4FnM7bg6n7KlGygxcSSzARacNM+Vadu1EGlCcbxGxpVdSQs0HFFzAR
cZp5+A5AIlwRtUyV/CMC/UC229Y2sNhRHrA2Zf9j64YLdlP8G98pZsVJhAQnqs9I
G6sc0pM/xa7faO6hXBX3vw3fwrU7H/N8WBZN4WpNRbg6SZiTjgs/e3KE6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAef6zsjkYCcR8KAJsRSyfYNatUhMB8GA1UdIwQY
MBaAFK2PVDgHOmIa6ncvXLek79WMa3dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2Yt
MTc3OGJhMjVkOGI5LzEvQjVfck95T1JnSnhId29BbXhGTEo5ZzFxMVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2YtMTc3OGJhMjVkOGI5
LzEvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjooAwQC
LXNcAwQBWSvOAwQCuXsAMA0GCSqGSIb3DQEBCwUAA4IBAQAdvceIg8VjzkSZibzb
7MaNxsDGokSMDy5W1NJqfYPwg17aSrdtien/Je8tNll3zWPD2+ZzB2cYMhfy4rTH
qKAB95ua8G5C+UVTJHihcGw5dYcnYiXL8YSmXZX/WszQZDR8wXOMXMm5wjlK9iej
EhzEFobLeMOqYO5ji25wSWltdKF56G71T5zUZnOfvayW/IT1LFO9lgnlovS4gK2w
tuylAr7u7COPswnOPj14cBi2Yven9pDjMcxCctMsNCiuXGTAkafUVlnefTRtb+Q+
Ici5NXg5Sxc71yEKdJCOvIUo+eROC7FtzY5UrReeeAO9vFAzz8axrpA4L8H2Iy6f
oHZj
-----END CERTIFICATE-----
Generated at Wed Sep 25 08:29:27 2024 by rpki-client on console-ams.rpki-client.org