Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/LwnAmyGSCfBqy9B6fM6IkCZ28Pw.roa
File:                     LwnAmyGSCfBqy9B6fM6IkCZ28Pw.roa (raw, json)
Hash identifier:          FxoUISd6HLMqy7tm8K9aEOAB3Z95zKJb394C5aIMGe8=
Subject key identifier:   2F:09:C0:9B:21:92:09:F0:6A:CB:D0:7A:7C:CE:88:90:26:76:F0:FC
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       0187DBA9ADEA4EACA300D84B017782D6AC94
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/LwnAmyGSCfBqy9B6fM6IkCZ28Pw.roa
Signing time:             Tue 02 May 2023 08:52:23 +0000
ROA not before:           Tue 02 May 2023 08:52:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     27882
IP address blocks:        181.41.144.0/21 maxlen: 21
                          181.41.145.0/24 maxlen: 24
                          181.41.144.0/24 maxlen: 24
                          181.41.150.0/24 maxlen: 24
                          181.41.151.0/24 maxlen: 24
                          181.41.149.0/24 maxlen: 24
                          181.41.147.0/24 maxlen: 24
                          181.41.148.0/24 maxlen: 24
                          181.41.146.0/24 maxlen: 24
                          181.41.156.0/22 maxlen: 22
                          189.28.64.0/24 maxlen: 24
                          189.28.71.0/24 maxlen: 24
                          189.28.69.0/24 maxlen: 24
                          189.28.70.0/24 maxlen: 24
                          189.28.67.0/24 maxlen: 24
                          189.28.68.0/24 maxlen: 24
                          189.28.66.0/24 maxlen: 24
                          189.28.65.0/24 maxlen: 24
                          189.28.78.0/24 maxlen: 24
                          189.28.76.0/24 maxlen: 24
                          189.28.77.0/24 maxlen: 24
                          189.28.74.0/24 maxlen: 24
                          189.28.75.0/24 maxlen: 24
                          189.28.73.0/24 maxlen: 24
                          189.28.72.0/24 maxlen: 24
                          189.28.83.0/24 maxlen: 24
                          189.28.84.0/24 maxlen: 24
                          189.28.81.0/24 maxlen: 24
                          189.28.82.0/24 maxlen: 24
                          189.28.80.0/24 maxlen: 24
                          189.28.79.0/24 maxlen: 24
                          189.28.85.0/24 maxlen: 24
                          189.28.90.0/24 maxlen: 24
                          189.28.91.0/24 maxlen: 24
                          189.28.88.0/24 maxlen: 24
                          189.28.89.0/24 maxlen: 24
                          189.28.86.0/24 maxlen: 24
                          189.28.87.0/24 maxlen: 24
                          189.28.95.0/24 maxlen: 24
                          189.28.93.0/24 maxlen: 24
                          189.28.94.0/24 maxlen: 24
                          189.28.92.0/24 maxlen: 24
                          203.88.96.0/22 maxlen: 22
                          203.88.97.0/24 maxlen: 24
                          203.88.98.0/24 maxlen: 24
                          203.88.96.0/24 maxlen: 24
                          203.88.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 20 May 2023 06:31:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:db:a9:ad:ea:4e:ac:a3:00:d8:4b:01:77:82:d6:ac:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: May  2 08:52:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f09c09b219209f06acbd07a7cce88902676f0fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:bc:10:75:16:ed:97:21:01:55:8f:d6:e7:71:
                    8a:27:ce:cd:19:51:16:2d:c4:65:56:64:a7:f6:93:
                    bc:40:15:df:7e:cf:2a:d2:03:8a:70:5b:ad:ea:08:
                    3c:e1:23:bb:21:c9:d4:2f:66:a9:69:8e:95:a2:01:
                    f6:72:14:be:0f:b4:90:23:09:42:6c:d3:bd:d6:b3:
                    ca:46:3d:1f:fe:f5:96:a0:25:e0:e3:4b:53:4b:bc:
                    2b:ce:e3:c1:7e:2b:fe:4d:08:09:c3:d0:e7:ce:9c:
                    33:77:32:25:93:8d:9d:6a:c3:43:80:b1:02:b6:6d:
                    07:92:b3:3f:7e:a4:31:4a:97:cf:06:ce:b8:6e:83:
                    4a:e5:a6:43:64:b3:f9:58:01:8f:fa:44:bc:fe:6f:
                    67:95:be:26:0b:6f:f2:57:79:f4:7c:1c:0d:f5:5d:
                    43:b9:11:35:59:92:d9:f4:5c:12:66:f5:d1:77:a1:
                    94:aa:e6:32:4b:72:ea:09:0b:43:7a:c1:cd:05:6c:
                    54:1d:39:cf:6b:07:ad:4f:8a:5c:9d:18:80:7f:b9:
                    86:b3:28:36:55:28:cc:00:ea:05:bd:fa:ee:30:b0:
                    c1:a5:be:a9:49:63:d4:65:6f:5d:a5:4b:59:b8:81:
                    65:88:ef:9b:32:96:31:ef:28:a6:e0:d6:0b:5f:12:
                    ed:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:09:C0:9B:21:92:09:F0:6A:CB:D0:7A:7C:CE:88:90:26:76:F0:FC
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/LwnAmyGSCfBqy9B6fM6IkCZ28Pw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.41.144.0/21
                  181.41.156.0/22
                  189.28.64.0/19
                  203.88.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9d:94:c7:b1:c9:8d:a9:0c:c4:d9:8c:23:e5:79:dc:56:7a:c5:
         93:fe:2b:7d:9a:01:61:8f:bb:e3:bd:6c:b0:bc:af:43:b6:45:
         fa:32:d3:94:20:d8:bc:01:83:22:c8:46:25:f9:2b:23:51:da:
         a2:78:0b:36:db:6c:6e:2b:5d:52:7e:a6:f7:d3:de:6a:e4:3c:
         f8:af:70:34:28:f9:61:8e:38:52:77:cc:48:91:45:53:63:a7:
         28:79:6a:15:91:80:15:65:51:d6:8a:b5:50:58:30:44:d9:4e:
         e2:36:c4:b5:84:4a:81:6f:77:2e:0f:cc:e7:2e:ec:f1:f6:7f:
         7a:07:7b:94:7b:7c:25:51:b1:38:ac:ce:26:48:3b:2a:db:f0:
         05:cc:d1:e5:95:74:88:ca:66:8e:3a:c1:75:b8:48:dd:e3:48:
         d3:50:b9:14:4f:33:64:3c:b3:4f:ca:8e:32:f7:78:8b:20:1d:
         68:9a:28:4f:e6:f9:64:1b:94:1b:d4:c1:af:32:d5:2e:d6:39:
         17:87:b6:f8:fb:6a:ff:70:79:ea:28:92:04:9c:2c:f2:eb:b2:
         8a:b1:97:d0:12:e4:ae:1b:a8:0c:01:66:54:6b:f5:41:02:1a:
         40:14:09:be:ea:7c:d2:1c:7d:ce:2c:b0:9d:a3:21:bb:0d:81:
         94:cb:3d:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYfbqa3qTqyjANhLAXeC1qyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwNTAyMDg1MjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjA5YzA5YjIxOTIwOWYwNmFjYmQwN2E3Y2NlODg5MDI2NzZmMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLwQdRbtlyEBVY/W53GKJ87NGVEW
LcRlVmSn9pO8QBXffs8q0gOKcFut6gg84SO7IcnUL2apaY6VogH2chS+D7SQIwlC
bNO91rPKRj0f/vWWoCXg40tTS7wrzuPBfiv+TQgJw9DnzpwzdzIlk42dasNDgLEC
tm0HkrM/fqQxSpfPBs64boNK5aZDZLP5WAGP+kS8/m9nlb4mC2/yV3n0fBwN9V1D
uRE1WZLZ9FwSZvXRd6GUquYyS3LqCQtDesHNBWxUHTnPawetT4pcnRiAf7mGsyg2
VSjMAOoFvfruMLDBpb6pSWPUZW9dpUtZuIFliO+bMpYx7yim4NYLXxLtfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC8JwJshkgnwasvQenzOiJAmdvD8MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvTHduQW15R1NDZkJxeTlCNmZNNklrQ1oyOFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDtSmQAwQC
tSmcAwQFvRxAAwQCy1hgMA0GCSqGSIb3DQEBCwUAA4IBAQCdlMexyY2pDMTZjCPl
edxWesWT/it9mgFhj7vjvWywvK9DtkX6MtOUINi8AYMiyEYl+SsjUdqieAs222xu
K11Sfqb3095q5Dz4r3A0KPlhjjhSd8xIkUVTY6coeWoVkYAVZVHWirVQWDBE2U7i
NsS1hEqBb3cuD8znLuzx9n96B3uUe3wlUbE4rM4mSDsq2/AFzNHllXSIymaOOsF1
uEjd40jTULkUTzNkPLNPyo4y93iLIB1omihP5vlkG5Qb1MGvMtUu1jkXh7b4+2r/
cHnqKJIEnCzy67KKsZfQEuSuG6gMAWZUa/VBAhpAFAm+6nzSHH3OLLCdoyG7DYGU
yz1s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org