Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_UX0WknF5ifabK2anPFWl9IKeBo.roa
File:                     _UX0WknF5ifabK2anPFWl9IKeBo.roa (raw, json)
Hash identifier:          7wkZwsfHdfLiyyaRFpYeCzzaEIL4OEUUnpEgu15YHQM=
Subject key identifier:   FD:45:F4:5A:49:C5:E6:27:DA:6C:AD:9A:9C:F1:56:97:D2:0A:78:1A
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018E3D7CB00B918A1AAF89D65991E779B0DE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_UX0WknF5ifabK2anPFWl9IKeBo.roa
Signing time:             Thu 14 Mar 2024 15:02:45 +0000
ROA not before:           Thu 14 Mar 2024 15:02:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        45.148.116.0/22 maxlen: 24
                          185.238.188.0/22 maxlen: 24
                          2a06:de01:d0::/44 maxlen: 48
                          2a0c:3b87:ff00::/40 maxlen: 48
                          2a0c:3b87:ffff::/48 maxlen: 48
                          2a0e:97c0:750::/48 maxlen: 48
                          2a0e:97c0:791::/48 maxlen: 48
                          2a0e:97c0:792::/48 maxlen: 48
                          2a0e:97c4:ac00::/38 maxlen: 48
                          2a0e:b107:9f4::/48 maxlen: 48
                          2a0e:b107:9f6::/48 maxlen: 48
                          2a0e:b107:df2::/48 maxlen: 48
                          2a0e:b107:1870::/48 maxlen: 48
                          2a0e:b107:1b9e::/48 maxlen: 48
                          2a0e:b107:278b::/48 maxlen: 48
                          2a10:ccc3:ccca::/48 maxlen: 48
                          2a10:ccc3:ccce::/47 maxlen: 48
                          2a10:ccc7:9000::/38 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Apr 2024 15:59:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:3d:7c:b0:0b:91:8a:1a:af:89:d6:59:91:e7:79:b0:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar 14 15:02:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fd45f45a49c5e627da6cad9a9cf15697d20a781a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:fe:00:41:c6:bb:c2:1f:b3:25:1d:b6:1d:1f:
                    f3:cc:ab:b5:1c:27:f5:d3:05:a9:68:3f:25:33:5e:
                    a2:9d:5a:a0:5a:bb:ce:0b:b1:40:71:33:f9:c5:b2:
                    c3:f1:6b:4a:d7:41:81:9e:1b:13:20:97:58:78:09:
                    92:c4:dc:53:30:6f:ca:fe:e2:c6:6d:21:95:87:46:
                    23:38:a0:fc:0f:7b:e1:3e:22:28:6b:71:22:54:83:
                    33:34:ad:23:de:65:f8:41:b2:48:f4:59:57:23:8a:
                    dc:9a:e8:4f:45:cb:cd:f9:ff:73:57:10:dd:e9:34:
                    8a:fd:7e:41:2c:54:89:f1:35:3f:1a:23:d8:dc:1b:
                    32:eb:15:d8:d1:af:2b:fe:45:27:41:22:13:aa:5b:
                    2e:e8:0f:43:b8:a5:93:a4:38:16:3c:ac:c7:65:4d:
                    16:c7:c6:1a:25:29:fc:cf:89:5a:90:a9:73:cb:e6:
                    bf:08:6a:65:af:e0:bd:3a:dd:8d:57:f3:aa:93:be:
                    38:3b:b4:24:47:fa:4f:28:6a:53:c3:e6:e2:a0:b8:
                    b1:9b:a7:5a:7e:a0:a9:a3:6f:63:1c:68:29:02:b6:
                    28:89:ae:e5:01:90:a4:95:ee:a4:50:78:a0:58:0e:
                    02:eb:1b:dc:d7:9b:c1:f9:dc:0b:08:4f:e9:df:99:
                    0b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:45:F4:5A:49:C5:E6:27:DA:6C:AD:9A:9C:F1:56:97:D2:0A:78:1A
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_UX0WknF5ifabK2anPFWl9IKeBo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.148.116.0/22
                  185.238.188.0/22
                IPv6:
                  2a06:de01:d0::/44
                  2a0c:3b87:ff00::/40
                  2a0e:97c0:750::/48
                  2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
                  2a0e:97c4:ac00::/38
                  2a0e:b107:9f4::/48
                  2a0e:b107:9f6::/48
                  2a0e:b107:df2::/48
                  2a0e:b107:1870::/48
                  2a0e:b107:1b9e::/48
                  2a0e:b107:278b::/48
                  2a10:ccc3:ccca::/48
                  2a10:ccc3:ccce::/47
                  2a10:ccc7:9000::/38

    Signature Algorithm: sha256WithRSAEncryption
         b5:f9:38:7c:b6:ac:77:26:b8:89:ab:72:06:66:e6:c2:57:38:
         96:4f:00:aa:ba:73:a7:09:02:18:15:16:01:ab:a8:46:e7:b2:
         55:8d:e9:a9:68:4a:92:f4:cf:9e:15:ab:f1:5b:bd:48:64:fb:
         14:d7:88:41:c6:98:c8:9f:0f:45:30:64:a5:70:5a:e5:f1:dd:
         d1:5d:c5:74:fa:da:f9:2a:f1:6f:7d:21:0f:f3:0e:e8:b2:c6:
         91:31:05:9e:1b:33:d9:a7:e6:3a:3f:09:7a:d9:3b:3e:07:f2:
         d8:de:6e:dd:63:b3:e4:07:9a:b9:37:07:10:5b:c6:c7:d5:e8:
         fe:da:e7:1e:f2:a9:b7:3c:21:0c:22:b5:7a:66:dd:89:14:db:
         c6:81:15:2c:21:d3:ec:1b:08:bc:37:8a:c1:a7:94:19:30:ec:
         30:4a:40:68:37:3e:b9:a3:0b:21:bb:38:5e:90:a3:0a:5d:6d:
         8b:c7:b2:4a:8a:39:7e:b2:63:e1:32:32:d7:f5:0f:d8:78:78:
         d9:96:1b:cb:81:03:a3:61:50:d8:31:47:06:68:7a:89:20:83:
         19:8a:d7:1a:e3:ef:6d:fe:49:37:c6:c5:69:76:87:cd:06:c7:
         ba:16:02:bd:c6:38:56:13:03:b6:8f:3a:00:ca:e0:04:57:9b:
         36:b1:fa:ee
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAY49fLALkYoar4nWWZHnebDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzE0MTUwMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDQ1ZjQ1YTQ5YzVlNjI3ZGE2Y2FkOWE5Y2YxNTY5N2QyMGE3ODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlf4AQca7wh+zJR22HR/zzKu1HCf1
0wWpaD8lM16inVqgWrvOC7FAcTP5xbLD8WtK10GBnhsTIJdYeAmSxNxTMG/K/uLG
bSGVh0YjOKD8D3vhPiIoa3EiVIMzNK0j3mX4QbJI9FlXI4rcmuhPRcvN+f9zVxDd
6TSK/X5BLFSJ8TU/GiPY3Bsy6xXY0a8r/kUnQSITqlsu6A9DuKWTpDgWPKzHZU0W
x8YaJSn8z4lakKlzy+a/CGplr+C9Ot2NV/Oqk744O7QkR/pPKGpTw+bioLixm6da
fqCpo29jHGgpArYoia7lAZCkle6kUHigWA4C6xvc15vB+dwLCE/p35kLqQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFP1F9FpJxeYn2mytmpzxVpfSCngaMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX1VYMFdrbkY1aWZhYksyYW5QRldsOUlLZUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDASBAIAATAMAwQCLZR0
AwQCue68MIGNBAIAAjCBhgMHBCoG3gEA0AMGACoMO4f/AwcAKg6XwAdQMBIDBwAq
DpfAB5EDBwAqDpfAB5IDBgIqDpfErAMHACoOsQcJ9AMHACoOsQcJ9gMHACoOsQcN
8gMHACoOsQcYcAMHACoOsQcbngMHACoOsQcniwMHACoQzMPMygMHASoQzMPMzgMG
AioQzMeQMA0GCSqGSIb3DQEBCwUAA4IBAQC1+Th8tqx3JriJq3IGZubCVziWTwCq
unOnCQIYFRYBq6hG57JVjempaEqS9M+eFavxW71IZPsU14hBxpjInw9FMGSlcFrl
8d3RXcV0+tr5KvFvfSEP8w7ossaRMQWeGzPZp+Y6Pwl62Ts+B/LY3m7dY7PkB5q5
NwcQW8bH1ej+2uce8qm3PCEMIrV6Zt2JFNvGgRUsIdPsGwi8N4rBp5QZMOwwSkBo
Nz65owshuzhekKMKXW2Lx7JKijl+smPhMjLX9Q/YeHjZlhvLgQOjYVDYMUcGaHqJ
IIMZitca4+9t/kk3xsVpdofNBse6FgK9xjhWEwO2jzoAyuAEV5s2sfru
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:34 2024 by rpki-client on console-fra.rpki-client.org