Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ND54IL3nZp2FpyxBINjIEgXpVHw.roa
File:                     ND54IL3nZp2FpyxBINjIEgXpVHw.roa (raw, json)
Hash identifier:          k1/WUB+uaGwU4QT0BiVKYU933dtrBP5jPF45Mx4zSTM=
Subject key identifier:   34:3E:78:20:BD:E7:66:9D:85:A7:2C:41:20:D8:C8:12:05:E9:54:7C
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       018A23DA8CD55576B742850278A27BA246A1
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ND54IL3nZp2FpyxBINjIEgXpVHw.roa
Signing time:             Wed 23 Aug 2023 19:24:00 +0000
ROA not before:           Wed 23 Aug 2023 19:24:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     27882
IP address blocks:        181.41.144.0/21 maxlen: 21
                          181.41.145.0/24 maxlen: 24
                          181.41.144.0/24 maxlen: 24
                          181.41.150.0/24 maxlen: 24
                          181.41.151.0/24 maxlen: 24
                          181.41.149.0/24 maxlen: 24
                          181.41.147.0/24 maxlen: 24
                          181.41.148.0/24 maxlen: 24
                          181.41.146.0/24 maxlen: 24
                          181.41.159.0/24 maxlen: 24
                          181.41.157.0/24 maxlen: 24
                          181.41.158.0/24 maxlen: 24
                          181.41.156.0/24 maxlen: 24
                          181.41.158.0/23 maxlen: 23
                          181.41.156.0/23 maxlen: 23
                          181.41.156.0/22 maxlen: 22
                          189.28.64.0/24 maxlen: 24
                          189.28.64.0/19 maxlen: 19
                          189.28.71.0/24 maxlen: 24
                          189.28.69.0/24 maxlen: 24
                          189.28.70.0/24 maxlen: 24
                          189.28.67.0/24 maxlen: 24
                          189.28.68.0/24 maxlen: 24
                          189.28.66.0/24 maxlen: 24
                          189.28.65.0/24 maxlen: 24
                          189.28.78.0/24 maxlen: 24
                          189.28.76.0/24 maxlen: 24
                          189.28.77.0/24 maxlen: 24
                          189.28.74.0/24 maxlen: 24
                          189.28.75.0/24 maxlen: 24
                          189.28.73.0/24 maxlen: 24
                          189.28.72.0/24 maxlen: 24
                          189.28.83.0/24 maxlen: 24
                          189.28.84.0/24 maxlen: 24
                          189.28.81.0/24 maxlen: 24
                          189.28.82.0/24 maxlen: 24
                          189.28.80.0/24 maxlen: 24
                          189.28.79.0/24 maxlen: 24
                          189.28.85.0/24 maxlen: 24
                          189.28.90.0/24 maxlen: 24
                          189.28.91.0/24 maxlen: 24
                          189.28.88.0/24 maxlen: 24
                          189.28.89.0/24 maxlen: 24
                          189.28.86.0/24 maxlen: 24
                          189.28.87.0/24 maxlen: 24
                          189.28.95.0/24 maxlen: 24
                          189.28.93.0/24 maxlen: 24
                          189.28.94.0/24 maxlen: 24
                          189.28.92.0/24 maxlen: 24
                          203.88.96.0/22 maxlen: 22
                          203.88.97.0/24 maxlen: 24
                          203.88.98.0/24 maxlen: 24
                          203.88.96.0/24 maxlen: 24
                          203.88.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 23 Sep 2023 13:45:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:23:da:8c:d5:55:76:b7:42:85:02:78:a2:7b:a2:46:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Aug 23 19:24:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=343e7820bde7669d85a72c4120d8c81205e9547c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:62:c3:de:aa:bb:f6:9c:ba:ba:94:8a:82:82:
                    62:fc:78:98:4a:9a:b9:07:64:05:ac:1f:6a:d9:3c:
                    74:a7:ce:be:90:df:ae:43:e5:96:d4:cd:5c:43:75:
                    b9:79:fa:ef:6e:5d:72:aa:b8:40:1b:97:70:4d:de:
                    7a:e3:90:4d:de:3a:f2:6f:e2:b5:e6:d8:97:fe:23:
                    26:39:1a:44:da:bf:8c:52:94:77:40:e0:4d:01:06:
                    f9:f4:32:a3:4c:ee:8b:94:76:6a:05:46:4c:2b:8c:
                    67:0f:89:aa:1e:db:73:bc:b7:35:34:45:e0:89:5c:
                    38:41:0f:c0:25:56:ff:f8:ea:90:22:30:f4:ad:77:
                    2a:e9:d9:c3:d1:09:16:3b:a8:b1:b7:71:c9:13:1a:
                    c2:7f:3b:db:e7:7e:df:39:12:0a:ea:e7:0d:cb:f2:
                    05:f5:0f:af:d2:51:f7:95:b3:c4:ef:1e:fa:d5:64:
                    f4:9a:3b:09:ce:ba:90:71:30:9d:00:8e:61:f2:80:
                    2e:ac:ca:40:02:25:03:e1:69:d0:a4:36:68:8c:92:
                    bf:d6:e1:9a:8f:46:e3:98:85:4f:5d:c3:57:4c:7d:
                    e2:93:ae:8b:b7:60:62:8e:91:cf:32:a9:34:e3:7a:
                    1f:2c:e0:df:10:c1:97:d2:7b:3f:19:ac:9a:7f:45:
                    32:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:3E:78:20:BD:E7:66:9D:85:A7:2C:41:20:D8:C8:12:05:E9:54:7C
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ND54IL3nZp2FpyxBINjIEgXpVHw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.41.144.0/21
                  181.41.156.0/22
                  189.28.64.0/19
                  203.88.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         67:20:53:dd:ae:f5:7b:d6:08:2b:73:5f:0c:31:02:c4:97:a1:
         fc:de:0a:7d:e2:ec:7e:0b:80:87:ee:82:92:b3:b2:44:b0:57:
         c1:01:00:cb:a6:fe:60:b7:c7:2e:dd:20:60:bd:d8:2c:d1:68:
         0c:40:10:c9:5f:bb:cb:7c:0b:47:df:dc:99:f5:24:c0:93:18:
         65:76:6f:2b:f2:12:3e:ad:64:8e:38:72:cd:b9:d6:dd:53:23:
         ae:07:65:5f:e9:9d:67:89:22:d6:38:e2:10:f1:5a:fb:a6:1b:
         dc:9c:57:27:32:1c:80:e4:3e:1e:ff:73:12:10:ca:4e:78:2f:
         80:40:5c:3b:f6:48:85:02:c3:45:bf:87:4c:91:e4:de:c7:b4:
         dc:e0:00:9b:0c:38:5c:4c:1b:95:a1:fc:82:b0:ab:6f:af:2d:
         02:c9:e6:1a:8d:85:a9:47:8e:47:e9:1a:ba:33:98:d3:73:5b:
         d4:f3:e1:be:d9:61:89:bb:c2:3f:ce:4e:4b:43:01:f4:23:be:
         98:60:00:8a:fa:10:ab:59:ab:d5:e6:fb:63:98:e5:e2:3b:db:
         bb:00:73:4c:47:c8:1a:89:5f:a2:9a:f1:9b:dd:0f:01:81:07:
         3f:69:75:e3:5f:62:7e:f8:fc:44:48:47:0e:6e:ca:f2:95:85:
         7d:05:60:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYoj2ozVVXa3QoUCeKJ7okahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwODIzMTkyNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDNlNzgyMGJkZTc2NjlkODVhNzJjNDEyMGQ4YzgxMjA1ZTk1NDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2LD3qq79py6upSKgoJi/HiYSpq5
B2QFrB9q2Tx0p86+kN+uQ+WW1M1cQ3W5efrvbl1yqrhAG5dwTd5645BN3jryb+K1
5tiX/iMmORpE2r+MUpR3QOBNAQb59DKjTO6LlHZqBUZMK4xnD4mqHttzvLc1NEXg
iVw4QQ/AJVb/+OqQIjD0rXcq6dnD0QkWO6ixt3HJExrCfzvb537fORIK6ucNy/IF
9Q+v0lH3lbPE7x761WT0mjsJzrqQcTCdAI5h8oAurMpAAiUD4WnQpDZojJK/1uGa
j0bjmIVPXcNXTH3ik66Lt2BijpHPMqk043ofLODfEMGX0ns/Gayaf0UyYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDQ+eCC952adhacsQSDYyBIF6VR8MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvTkQ1NElMM25acDJGcHl4QklOaklFZ1hwVkh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDtSmQAwQC
tSmcAwQFvRxAAwQCy1hgMA0GCSqGSIb3DQEBCwUAA4IBAQBnIFPdrvV71ggrc18M
MQLEl6H83gp94ux+C4CH7oKSs7JEsFfBAQDLpv5gt8cu3SBgvdgs0WgMQBDJX7vL
fAtH39yZ9STAkxhldm8r8hI+rWSOOHLNudbdUyOuB2Vf6Z1niSLWOOIQ8Vr7phvc
nFcnMhyA5D4e/3MSEMpOeC+AQFw79kiFAsNFv4dMkeTex7Tc4ACbDDhcTBuVofyC
sKtvry0CyeYajYWpR45H6Rq6M5jTc1vU8+G+2WGJu8I/zk5LQwH0I76YYACK+hCr
WavV5vtjmOXiO9u7AHNMR8gaiV+imvGb3Q8BgQc/aXXjX2J++PxESEcObsrylYV9
BWAu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org