Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AzTS43Ds-BePF7-Kq7Y6-w00tEM.roa
File:                     AzTS43Ds-BePF7-Kq7Y6-w00tEM.roa (raw, json)
Hash identifier:          KIjuWdm3DjE4xitCr1D6E7R8K5HYJQVvd9Agd1P/fwY=
Subject key identifier:   03:34:D2:E3:70:EC:F8:17:8F:17:BF:8A:AB:B6:3A:FB:0D:34:B4:43
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185C6C6914B44D4E3A61FC2D5E4A71D4D91
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AzTS43Ds-BePF7-Kq7Y6-w00tEM.roa
Signing time:             Wed 18 Jan 2023 21:26:20 +0000
ROA not before:           Wed 18 Jan 2023 21:26:20 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203790
IP address blocks:        45.148.118.0/24 maxlen: 24
                          45.148.116.0/24 maxlen: 24
                          45.148.119.0/24 maxlen: 24
                          194.50.111.0/24 maxlen: 24
                          2a0e:97c0:460::/44 maxlen: 48
                          2a0e:b107:12a0::/44 maxlen: 48
                          2a10:cc40:1d0::/44 maxlen: 48
                          2a0e:b101::/32 maxlen: 48
                          2a10:cc41:110::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 23 Jan 2023 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:c6:c6:91:4b:44:d4:e3:a6:1f:c2:d5:e4:a7:1d:4d:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 18 21:26:20 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0334d2e370ecf8178f17bf8aabb63afb0d34b443
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:87:ea:41:d0:a4:3f:c6:86:0c:f9:fd:29:0c:
                    6e:dd:b4:31:af:61:d2:2c:33:4f:e8:9a:c8:88:16:
                    8b:b6:32:e0:76:55:21:fc:10:0b:c7:e9:9f:97:de:
                    fe:e3:dd:b1:bd:bf:ba:f4:10:27:bc:1f:69:8d:11:
                    bd:ab:81:a1:26:2e:ba:bc:80:3a:38:02:ed:32:09:
                    e1:af:68:46:ef:64:4d:96:4b:a4:48:7d:97:a1:b8:
                    44:ce:94:22:a2:48:20:46:31:56:bc:9f:d7:2c:f7:
                    09:33:71:f4:d6:55:4f:6f:c8:39:f9:e1:35:9b:cb:
                    c1:ad:db:6c:7f:88:d5:a3:e5:16:24:84:80:ba:a7:
                    7a:d2:7e:ae:29:de:0f:39:a4:3c:a4:07:65:7b:5d:
                    e9:b8:8e:87:cc:a5:68:a8:b8:98:cd:c2:38:0c:a0:
                    0b:f6:11:28:00:19:f8:60:28:10:54:17:76:fd:50:
                    e1:13:98:e6:07:b1:0e:1b:06:6f:b1:fa:d5:9f:21:
                    12:b2:22:8f:cd:b1:7c:c4:ed:c9:df:f1:03:7c:4a:
                    7c:93:25:02:c2:a0:9a:cb:f3:c2:db:8b:0e:a3:99:
                    b7:12:15:29:eb:00:f7:c9:22:50:54:e4:ac:0f:6a:
                    6e:49:33:76:99:d8:cf:46:75:8d:ed:ea:16:87:19:
                    55:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:34:D2:E3:70:EC:F8:17:8F:17:BF:8A:AB:B6:3A:FB:0D:34:B4:43
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AzTS43Ds-BePF7-Kq7Y6-w00tEM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.116.0/24
                  45.148.118.0/23
                  194.50.111.0/24
                IPv6:
                  2a0e:97c0:460::/44
                  2a0e:b101::/32
                  2a0e:b107:12a0::/44
                  2a10:cc40:1d0::/44
                  2a10:cc41:110::/44

    Signature Algorithm: sha256WithRSAEncryption
         31:ce:be:ab:bf:37:3f:3c:37:65:43:0a:94:e8:6f:2f:58:18:
         0f:30:b0:08:70:49:af:21:c9:de:f1:d7:f4:ce:54:82:6e:c3:
         db:4e:31:76:67:49:cc:ca:a5:0d:e8:3e:01:66:36:bf:93:b6:
         3c:68:d3:65:4a:96:d9:41:0b:8f:be:04:d5:93:30:a1:91:41:
         e2:33:4e:79:d6:5d:f2:20:53:77:fe:56:1b:eb:c7:34:86:e8:
         0c:0e:f7:ed:f4:d7:c8:55:c2:52:93:9c:b5:b1:a4:c8:9a:cf:
         8c:d6:21:6f:0a:1f:cb:ee:cc:ce:23:03:b7:b6:da:af:4a:f2:
         7a:bf:0b:d6:4f:bb:17:40:06:1f:01:1b:22:17:da:59:00:40:
         f1:73:5e:f7:b3:d7:bd:b6:e9:3e:88:45:0b:71:c9:58:6a:74:
         d1:ad:14:18:45:76:ba:0f:f4:5d:05:27:ec:3d:f8:1c:b3:b0:
         fa:7f:61:fe:99:ad:5f:6e:d8:d0:ac:51:ae:72:75:b1:e9:35:
         b3:86:24:4f:8e:71:e3:a8:c9:ab:71:13:6d:38:4d:28:ba:5f:
         6d:87:28:72:2f:25:d5:95:4f:02:b3:cc:8c:b3:33:27:5d:6b:
         9b:51:a5:b1:83:f3:5a:31:d8:8e:45:e5:d1:50:18:2e:3e:a1:
         45:79:e1:6a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYXGxpFLRNTjph/C1eSnHU2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTE4MjEyNjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzM0ZDJlMzcwZWNmODE3OGYxN2JmOGFhYmI2M2FmYjBkMzRiNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4fqQdCkP8aGDPn9KQxu3bQxr2HS
LDNP6JrIiBaLtjLgdlUh/BALx+mfl97+492xvb+69BAnvB9pjRG9q4GhJi66vIA6
OALtMgnhr2hG72RNlkukSH2XobhEzpQiokggRjFWvJ/XLPcJM3H01lVPb8g5+eE1
m8vBrdtsf4jVo+UWJISAuqd60n6uKd4POaQ8pAdle13puI6HzKVoqLiYzcI4DKAL
9hEoABn4YCgQVBd2/VDhE5jmB7EOGwZvsfrVnyESsiKPzbF8xO3J3/EDfEp8kyUC
wqCay/PC24sOo5m3EhUp6wD3ySJQVOSsD2puSTN2mdjPRnWN7eoWhxlVfwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAM00uNw7PgXjxe/iqu2OvsNNLRDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQXpUUzQzRHMtQmVQRjctS3E3WTYtdzAwdEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQALZR0AwQB
LZR2AwQAwjJvMDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDM
QAHQAwcEKhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQAxzr6rvzc/PDdlQwqU6G8v
WBgPMLAIcEmvIcne8df0zlSCbsPbTjF2Z0nMyqUN6D4BZja/k7Y8aNNlSpbZQQuP
vgTVkzChkUHiM0551l3yIFN3/lYb68c0hugMDvft9NfIVcJSk5y1saTIms+M1iFv
Ch/L7szOIwO3ttqvSvJ6vwvWT7sXQAYfARsiF9pZAEDxc173s9e9tuk+iEULcclY
anTRrRQYRXa6D/RdBSfsPfgcs7D6f2H+ma1fbtjQrFGucnWx6TWzhiRPjnHjqMmr
cRNtOE0oul9thyhyLyXVlU8Cs8yMszMnXWubUaWxg/NaMdiOReXRUBguPqFFeeFq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org