Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2Q_m4kG2Y4jundOcQ8-fM_gXyfY.roa
File:                     2Q_m4kG2Y4jundOcQ8-fM_gXyfY.roa (raw, json)
Hash identifier:          aun8PaSgRcgH/XzpM2fx+YgOW/qiu0tXv8YurTXhI/c=
Subject key identifier:   D9:0F:E6:E2:41:B6:63:88:EE:9D:D3:9C:43:CF:9F:33:F8:17:C9:F6
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       018D30FEF5B2770344FB1A9490789433B6AF
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2Q_m4kG2Y4jundOcQ8-fM_gXyfY.roa
Signing time:             Mon 22 Jan 2024 11:47:11 +0000
ROA not before:           Mon 22 Jan 2024 11:47:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202766
IP address blocks:        45.80.80.0/24 maxlen: 24
                          45.80.82.0/23 maxlen: 23
                          45.80.82.0/24 maxlen: 24
                          45.80.83.0/24 maxlen: 24
                          45.83.50.0/23 maxlen: 23
                          45.83.50.0/24 maxlen: 24
                          45.83.51.0/24 maxlen: 24
                          80.66.112.0/23 maxlen: 23
                          80.66.114.0/24 maxlen: 24
                          80.66.115.0/24 maxlen: 24
                          80.66.116.0/24 maxlen: 24
                          80.66.117.0/24 maxlen: 24
                          80.66.118.0/24 maxlen: 24
                          80.66.119.0/24 maxlen: 24
                          80.66.120.0/24 maxlen: 24
                          80.66.121.0/24 maxlen: 24
                          80.66.123.0/24 maxlen: 24
                          80.66.124.0/24 maxlen: 24
                          80.66.125.0/24 maxlen: 24
                          80.66.126.0/24 maxlen: 24
                          80.66.127.0/24 maxlen: 24
                          89.42.70.0/24 maxlen: 24
                          89.44.150.0/24 maxlen: 24
                          89.44.151.0/24 maxlen: 24
                          94.198.46.0/24 maxlen: 24
                          94.198.47.0/24 maxlen: 24
                          178.19.32.0/24 maxlen: 24
                          178.19.33.0/24 maxlen: 24
                          178.19.44.0/24 maxlen: 24
                          178.19.47.0/24 maxlen: 24
                          185.203.22.0/24 maxlen: 24
                          185.203.23.0/24 maxlen: 24
                          185.229.212.0/22 maxlen: 22
                          185.229.212.0/24 maxlen: 24
                          185.229.213.0/24 maxlen: 24
                          185.229.214.0/24 maxlen: 24
                          185.229.215.0/24 maxlen: 24
                          185.242.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 22:38:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:30:fe:f5:b2:77:03:44:fb:1a:94:90:78:94:33:b6:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan 22 11:47:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d90fe6e241b66388ee9dd39c43cf9f33f817c9f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:14:d1:0c:70:26:63:ca:32:56:37:a4:fb:b8:
                    b0:ff:5c:4f:f2:08:5e:3d:c5:f1:3b:e6:e6:6a:35:
                    f8:d5:bc:68:e3:de:e5:73:e4:dd:36:bb:fd:58:d3:
                    80:28:1b:54:58:cf:6d:c9:c3:34:a5:fc:8f:fa:72:
                    6e:0d:c6:04:54:5d:ef:42:67:32:25:17:b0:89:db:
                    bc:b8:65:27:21:d1:49:69:0b:c6:38:6b:4e:8e:43:
                    cb:56:14:12:1f:cc:36:e2:c7:76:e0:b5:c7:b3:e6:
                    77:e1:26:45:8f:bc:d5:3a:20:08:9f:75:a9:07:9b:
                    5b:c5:f6:f3:ed:49:85:c7:d9:0e:51:bf:6b:f0:99:
                    9e:eb:fc:e6:cf:bc:d7:d3:6c:06:87:c2:13:1d:69:
                    6d:1b:42:02:14:e3:d0:24:59:c8:c6:eb:c4:2a:f0:
                    50:de:7b:0c:36:2e:44:70:73:b7:97:2c:7f:5d:4d:
                    1c:13:a6:b8:d7:93:d1:64:9e:24:59:1b:a5:90:ab:
                    2a:9e:f7:d0:ca:32:1a:25:f7:8c:53:49:19:d3:ac:
                    48:a1:b3:68:55:ba:7c:11:0d:bc:5d:ff:39:73:c5:
                    74:df:e6:73:ab:49:3e:f1:6d:d0:d7:d4:d5:0f:69:
                    80:46:35:fb:6b:ab:fd:11:57:c3:54:a8:39:98:cb:
                    57:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:0F:E6:E2:41:B6:63:88:EE:9D:D3:9C:43:CF:9F:33:F8:17:C9:F6
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/2Q_m4kG2Y4jundOcQ8-fM_gXyfY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.80.0/24
                  45.80.82.0/23
                  45.83.50.0/23
                  80.66.112.0-80.66.121.255
                  80.66.123.0-80.66.127.255
                  89.42.70.0/24
                  89.44.150.0/23
                  94.198.46.0/23
                  178.19.32.0/23
                  178.19.44.0/24
                  178.19.47.0/24
                  185.203.22.0/23
                  185.229.212.0/22
                  185.242.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:75:5c:d4:e3:a5:fc:3c:a9:85:1f:d9:35:1f:e3:71:62:ac:
         36:64:0e:61:e9:02:2e:ba:94:d8:19:8a:98:8e:93:24:8b:64:
         ae:f9:4f:3a:63:e6:10:29:b5:e0:b9:39:d2:a5:62:2c:a4:a8:
         0c:47:0b:3b:16:b8:e9:2b:5e:56:3f:5d:78:73:85:3b:52:69:
         ee:7b:29:f2:94:c2:93:08:a7:72:45:e0:d0:db:34:33:a4:cf:
         63:d8:15:14:e5:fa:69:9c:0b:35:2d:9f:da:c2:64:20:82:64:
         ba:58:ae:09:58:ec:ab:cd:97:74:6b:21:77:eb:3e:51:99:fb:
         a4:24:51:48:3c:9c:da:de:9c:48:93:70:8b:55:b6:71:14:f9:
         3a:27:c7:90:aa:96:2f:74:15:71:c2:db:7c:6c:3b:a8:d7:f7:
         15:c6:e6:4b:14:14:b5:81:1c:b9:2a:74:03:43:bd:fa:6c:85:
         5e:bb:5a:a7:4a:a3:73:62:11:72:a7:5c:a2:44:4d:4f:26:0e:
         84:d8:74:ad:ed:04:cc:27:45:3e:dd:46:7d:05:60:cb:14:e2:
         aa:41:6a:00:48:47:15:71:ff:06:32:77:c9:96:6d:40:c5:de:
         8a:3e:68:c8:de:8a:36:84:33:68:9e:59:49:fb:0b:9b:4d:4d:
         db:03:6a:d9
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY0w/vWydwNE+xqUkHiUM7avMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTIyMTE0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTBmZTZlMjQxYjY2Mzg4ZWU5ZGQzOWM0M2NmOWYzM2Y4MTdjOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxTRDHAmY8oyVjek+7iw/1xP8ghe
PcXxO+bmajX41bxo497lc+TdNrv9WNOAKBtUWM9tycM0pfyP+nJuDcYEVF3vQmcy
JRewidu8uGUnIdFJaQvGOGtOjkPLVhQSH8w24sd24LXHs+Z34SZFj7zVOiAIn3Wp
B5tbxfbz7UmFx9kOUb9r8Jme6/zmz7zX02wGh8ITHWltG0ICFOPQJFnIxuvEKvBQ
3nsMNi5EcHO3lyx/XU0cE6a415PRZJ4kWRulkKsqnvfQyjIaJfeMU0kZ06xIobNo
Vbp8EQ28Xf85c8V03+Zzq0k+8W3Q19TVD2mARjX7a6v9EVfDVKg5mMtXIwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFNkP5uJBtmOI7p3TnEPPnzP4F8n2MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvMlFfbTRrRzJZNGp1bmRPY1E4LWZNX2dYeWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQALVBQAwQB
LVBSAwQBLVMyMAwDBARQQnADBAFQQngwDAMEAFBCewMEB1BCAAMEAFkqRgMEAVks
lgMEAV7GLgMEAbITIAMEALITLAMEALITLwMEAbnLFgMEArnl1AMEALnyrzANBgkq
hkiG9w0BAQsFAAOCAQEAYXVc1OOl/DyphR/ZNR/jcWKsNmQOYekCLrqU2BmKmI6T
JItkrvlPOmPmECm14Lk50qViLKSoDEcLOxa46SteVj9deHOFO1Jp7nsp8pTCkwin
ckXg0Ns0M6TPY9gVFOX6aZwLNS2f2sJkIIJkuliuCVjsq82XdGshd+s+UZn7pCRR
SDyc2t6cSJNwi1W2cRT5OifHkKqWL3QVccLbfGw7qNf3FcbmSxQUtYEcuSp0A0O9
+myFXrtap0qjc2IRcqdcokRNTyYOhNh0re0EzCdFPt1GfQVgyxTiqkFqAEhHFXH/
BjJ3yZZtQMXeij5oyN6KNoQzaJ5ZSfsLm01N2wNq2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org