Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4AuU0UmPbH2IX8vs-l7EbA4l88U.roa
File:                     4AuU0UmPbH2IX8vs-l7EbA4l88U.roa (raw, json)
Hash identifier:          tHCakifXl3Xe98I70hSOhQRT9PzKepUpor2t0/rWKVQ=
Subject key identifier:   E0:0B:94:D1:49:8F:6C:7D:88:5F:CB:EC:FA:5E:C4:6C:0E:25:F3:C5
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       018CC56E15BB76BA1B954A113700CF6CF1ED
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4AuU0UmPbH2IX8vs-l7EbA4l88U.roa
Signing time:             Mon 01 Jan 2024 14:29:35 +0000
ROA not before:           Mon 01 Jan 2024 14:29:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203068
IP address blocks:        185.241.120.0/23 maxlen: 23
                          185.244.232.0/23 maxlen: 23
                          185.71.30.0/24 maxlen: 24
                          185.242.174.0/24 maxlen: 24
                          185.242.173.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 Apr 2024 11:16:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:15:bb:76:ba:1b:95:4a:11:37:00:cf:6c:f1:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 14:29:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e00b94d1498f6c7d885fcbecfa5ec46c0e25f3c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:06:34:bf:5c:ce:f8:d4:14:54:7e:b1:ec:8e:
                    de:81:8b:bf:ac:0f:9e:00:ba:17:c0:a0:3e:82:a6:
                    d2:2d:42:8c:8c:88:fd:b1:c6:2b:ed:52:0f:f9:f0:
                    7e:42:2f:25:a2:18:f1:91:35:a4:88:3d:bf:3f:17:
                    3d:51:32:85:00:a4:f5:58:8e:ab:53:21:8f:d1:55:
                    03:95:14:f2:7e:58:22:ab:c4:14:f7:8f:a5:cb:a5:
                    4d:d3:64:41:bc:65:db:f4:ef:4c:df:e8:15:c0:fe:
                    98:8f:76:e0:f6:57:22:25:ec:66:d6:89:29:8a:05:
                    96:85:cb:cb:31:8b:d8:5f:41:18:34:86:81:2b:1e:
                    b6:46:6b:80:81:7d:e7:81:ac:11:5e:ca:8e:7e:73:
                    ef:ce:70:64:a6:55:9d:36:33:7d:d8:91:97:ca:29:
                    11:47:32:80:2f:c5:d4:07:30:b4:b1:96:bb:ba:dd:
                    c8:23:51:92:ed:3d:22:16:82:e1:ad:e0:c9:b7:02:
                    41:cc:34:05:7f:05:10:fc:e4:48:bd:a5:cb:79:18:
                    43:0f:44:e5:fa:a4:33:62:1b:57:c0:44:76:c6:e0:
                    58:71:f4:33:c7:58:34:ec:80:1f:ef:fc:a6:f0:bf:
                    89:03:a4:bd:ca:14:7f:1b:18:63:62:b5:7d:a7:c4:
                    c3:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:0B:94:D1:49:8F:6C:7D:88:5F:CB:EC:FA:5E:C4:6C:0E:25:F3:C5
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4AuU0UmPbH2IX8vs-l7EbA4l88U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.71.30.0/24
                  185.241.120.0/23
                  185.242.173.0-185.242.174.255
                  185.244.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         45:3d:a7:e7:a2:7f:4d:a4:95:c0:4a:44:cc:f1:f2:60:e2:d1:
         34:f7:1e:d5:93:ae:00:93:e5:70:7e:51:62:56:71:5f:c1:f6:
         e3:4d:3f:66:49:c4:40:50:64:d6:fb:eb:ae:16:bd:8c:39:9c:
         d5:b1:18:03:d4:2e:2b:50:e4:ac:fe:3e:ec:9a:39:7d:8c:21:
         4e:47:8c:fa:3e:2a:15:d7:30:25:4d:d2:6e:eb:e2:f5:b7:94:
         86:73:c2:ec:88:da:e5:d4:66:0d:c4:76:60:b1:d6:2e:04:a5:
         7d:b8:3f:f2:ca:00:65:2c:bc:8d:1a:10:ed:2b:06:7c:bb:a6:
         7f:fa:c4:c8:ff:71:8e:a6:70:8b:4b:bb:c3:33:8d:08:86:a6:
         9b:55:78:a9:d4:c4:ec:e0:6a:13:3c:86:8b:8c:d3:eb:26:ed:
         55:12:4c:f8:27:8a:72:df:cd:2b:58:3b:6a:b0:31:1b:e0:26:
         e5:04:31:66:4d:26:d9:b9:ed:9c:70:cc:cf:c5:18:04:47:6a:
         58:14:f5:1f:de:9d:5e:00:6d:e5:0b:53:08:ad:52:7e:31:7d:
         8b:c9:53:e6:06:c2:fb:ca:bc:27:e1:7c:21:50:43:c4:58:8e:
         44:e6:11:d7:83:2d:3c:ca:fa:47:03:e4:eb:9b:a7:8f:cc:f1:
         25:0f:26:e8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFbhW7droblUoRNwDPbPHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDBiOTRkMTQ5OGY2YzdkODg1ZmNiZWNmYTVlYzQ2YzBlMjVmM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwY0v1zO+NQUVH6x7I7egYu/rA+e
ALoXwKA+gqbSLUKMjIj9scYr7VIP+fB+Qi8lohjxkTWkiD2/Pxc9UTKFAKT1WI6r
UyGP0VUDlRTyflgiq8QU94+ly6VN02RBvGXb9O9M3+gVwP6Yj3bg9lciJexm1okp
igWWhcvLMYvYX0EYNIaBKx62RmuAgX3ngawRXsqOfnPvznBkplWdNjN92JGXyikR
RzKAL8XUBzC0sZa7ut3II1GS7T0iFoLhreDJtwJBzDQFfwUQ/ORIvaXLeRhDD0Tl
+qQzYhtXwER2xuBYcfQzx1g07IAf7/ym8L+JA6S9yhR/GxhjYrV9p8TDSQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOALlNFJj2x9iF/L7PpexGwOJfPFMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvNEF1VTBVbVBiSDJJWDh2cy1sN0ViQTRsODhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAuUceAwQB
ufF4MAwDBAC58q0DBAC58q4DBAG59OgwDQYJKoZIhvcNAQELBQADggEBAEU9p+ei
f02klcBKRMzx8mDi0TT3HtWTrgCT5XB+UWJWcV/B9uNNP2ZJxEBQZNb7664WvYw5
nNWxGAPULitQ5Kz+PuyaOX2MIU5HjPo+KhXXMCVN0m7r4vW3lIZzwuyI2uXUZg3E
dmCx1i4EpX24P/LKAGUsvI0aEO0rBny7pn/6xMj/cY6mcItLu8MzjQiGpptVeKnU
xOzgahM8houM0+sm7VUSTPgninLfzStYO2qwMRvgJuUEMWZNJtm57ZxwzM/FGARH
algU9R/enV4AbeULUwitUn4xfYvJU+YGwvvKvCfhfCFQQ8RYjkTmEdeDLTzK+kcD
5Oubp4/M8SUPJug=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org