Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/Cu13cIdbkS83mBErN175SPWnCeA.roa
File:                     Cu13cIdbkS83mBErN175SPWnCeA.roa (raw, json)
Hash identifier:          17PPxAUMALXSvvEwroFPiqzAF0uETB2KV7ZKnqVFyao=
Subject key identifier:   0A:ED:77:70:87:5B:91:2F:37:98:11:2B:37:5E:F9:48:F5:A7:09:E0
Certificate issuer:       /CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Certificate serial:       018CC2DB25B79C7726FD258D9E1B07A2309A
Authority key identifier: AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/Cu13cIdbkS83mBErN175SPWnCeA.roa
Signing time:             Mon 01 Jan 2024 02:29:51 +0000
ROA not before:           Mon 01 Jan 2024 02:29:51 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2872
IP address blocks:        2.58.41.0/24 maxlen: 24
                          185.123.0.0/22 maxlen: 22
                          185.123.0.0/24 maxlen: 24
                          2.58.40.0/24 maxlen: 24
                          185.123.3.0/24 maxlen: 24
                          2.58.40.0/22 maxlen: 22
                          185.123.2.0/24 maxlen: 24
                          2.58.42.0/24 maxlen: 24
                          185.123.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Feb 2024 19:17:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:25:b7:9c:77:26:fd:25:8d:9e:1b:07:a2:30:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
        Validity
            Not Before: Jan  1 02:29:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0aed7770875b912f3798112b375ef948f5a709e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:ea:46:63:56:b7:9e:73:b1:00:82:d4:5c:96:
                    bd:07:df:9f:3c:4e:d7:79:dd:86:a2:e0:0a:54:71:
                    64:9a:e5:7d:9d:8e:b8:2e:8e:ae:04:0c:a2:2f:ab:
                    7e:9f:b5:e5:63:71:d9:c5:41:ba:e8:11:10:4c:88:
                    1a:d5:e6:cf:7a:70:9f:b3:90:af:66:68:9b:3d:56:
                    0e:84:67:73:7e:96:9f:d2:7e:f9:0e:b0:63:c4:99:
                    a5:53:6e:d6:2c:c9:68:77:d9:72:d7:45:a7:25:43:
                    e9:51:d1:88:06:a1:62:7b:0d:5c:05:cd:6e:d5:29:
                    fe:66:2d:61:f7:d1:86:a0:6b:c5:e0:e4:f1:f9:f5:
                    48:04:e4:3e:4a:d4:22:fe:22:ef:ce:c9:71:03:77:
                    c3:e0:e8:e5:c4:57:e5:1f:ed:0d:2c:b6:a2:75:43:
                    e3:10:c2:ae:1d:cb:91:4a:ea:85:d8:86:97:cb:71:
                    4c:e3:de:1d:06:30:af:cc:9b:26:45:37:bc:9e:85:
                    05:f5:7c:b5:cb:cc:35:7d:01:8f:38:63:d5:4a:7e:
                    7a:1e:ae:9f:54:31:20:27:92:b2:d3:ba:0a:2f:19:
                    cc:a1:08:a0:07:21:4c:20:df:b8:ea:fe:ca:75:f5:
                    2a:e4:4f:5c:e5:d7:70:9d:48:b3:ab:0c:32:c5:6c:
                    5a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:ED:77:70:87:5B:91:2F:37:98:11:2B:37:5E:F9:48:F5:A7:09:E0
            X509v3 Authority Key Identifier:
                keyid:AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/Cu13cIdbkS83mBErN175SPWnCeA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.40.0/22
                  185.123.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         06:d7:c9:cb:0d:b6:30:96:8c:f4:62:6b:d0:f6:3a:fb:89:af:
         fb:d4:45:4a:a7:8b:a3:9b:07:2b:70:96:2c:d4:cb:74:15:42:
         41:ad:38:c1:52:fe:b3:5c:b4:7d:36:e4:b9:84:1d:f0:0d:ee:
         7b:50:20:37:24:b7:fc:c8:ce:c6:70:dc:ac:94:9f:aa:0f:79:
         6b:dc:d5:e0:e6:63:42:f0:6c:53:9a:0d:93:a5:af:f2:2e:d3:
         c8:e9:86:97:98:f6:31:e4:78:09:dc:8c:e3:2f:c7:0f:ae:d8:
         43:b3:78:09:a3:04:da:28:4d:39:b4:76:bf:dd:38:10:87:b1:
         9e:4a:a9:47:6b:19:8e:fc:6f:b1:29:48:0a:5f:8b:82:b9:ac:
         c4:b0:d6:a4:78:1e:71:c6:c9:4f:87:3a:1c:23:3d:c3:67:6e:
         4c:29:e6:36:93:71:39:55:49:48:90:26:b3:13:19:a7:45:37:
         4a:64:57:00:6a:3b:8e:5c:c8:01:ad:66:d2:25:00:40:39:d2:
         02:c5:68:32:b1:b4:fe:49:22:06:d9:66:bb:f2:44:fb:f8:e5:
         3e:cb:70:30:cf:22:d2:85:ac:2e:d7:7e:94:ef:f9:b6:f7:10:
         9e:74:2d:71:ee:c8:57:64:89:6e:25:1f:1e:aa:c1:fb:36:05:
         30:6d:3f:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2yW3nHcm/SWNnhsHojCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGY1NDM4MDczYTYyMWFlYTc3MmY1Y2I3YTRlZmQ1OGM2
Yjc3NGMwHhcNMjQwMTAxMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWVkNzc3MDg3NWI5MTJmMzc5ODExMmIzNzVlZjk0OGY1YTcwOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlepGY1a3nnOxAILUXJa9B9+fPE7X
ed2GouAKVHFkmuV9nY64Lo6uBAyiL6t+n7XlY3HZxUG66BEQTIga1ebPenCfs5Cv
ZmibPVYOhGdzfpaf0n75DrBjxJmlU27WLMlod9ly10WnJUPpUdGIBqFiew1cBc1u
1Sn+Zi1h99GGoGvF4OTx+fVIBOQ+StQi/iLvzslxA3fD4OjlxFflH+0NLLaidUPj
EMKuHcuRSuqF2IaXy3FM494dBjCvzJsmRTe8noUF9Xy1y8w1fQGPOGPVSn56Hq6f
VDEgJ5Ky07oKLxnMoQigByFMIN+46v7KdfUq5E9c5ddwnUizqwwyxWxanwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFArtd3CHW5EvN5gRKzde+Uj1pwngMB8GA1UdIwQY
MBaAFK2PVDgHOmIa6ncvXLek79WMa3dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2Yt
MTc3OGJhMjVkOGI5LzEvQ3UxM2NJZGJrUzgzbUJFck4xNzVTUFduQ2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2YtMTc3OGJhMjVkOGI5
LzEvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjooAwQC
uXsAMA0GCSqGSIb3DQEBCwUAA4IBAQAG18nLDbYwloz0YmvQ9jr7ia/71EVKp4uj
mwcrcJYs1Mt0FUJBrTjBUv6zXLR9NuS5hB3wDe57UCA3JLf8yM7GcNyslJ+qD3lr
3NXg5mNC8GxTmg2Tpa/yLtPI6YaXmPYx5HgJ3IzjL8cPrthDs3gJowTaKE05tHa/
3TgQh7GeSqlHaxmO/G+xKUgKX4uCuazEsNakeB5xxslPhzocIz3DZ25MKeY2k3E5
VUlIkCazExmnRTdKZFcAajuOXMgBrWbSJQBAOdICxWgysbT+SSIG2Wa78kT7+OU+
y3AwzyLShawu136U7/m29xCedC1x7shXZIluJR8eqsH7NgUwbT+3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:49 2024 by rpki-client on console-fra.rpki-client.org