Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/higMS0Vc0cD-PvyI75SmptzkEyI.roa
File:                     higMS0Vc0cD-PvyI75SmptzkEyI.roa (raw, json)
Hash identifier:          ivEGavZKDUZX3BmS0u8vz+hhrLmHNJ7F5kGOApqPEjM=
Subject key identifier:   86:28:0C:4B:45:5C:D1:C0:FE:3E:FC:88:EF:94:A6:A6:DC:E4:13:22
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       018BAFE5D5AC005AB05770937A2D31500AED
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/higMS0Vc0cD-PvyI75SmptzkEyI.roa
Signing time:             Wed 08 Nov 2023 17:05:57 +0000
ROA not before:           Wed 08 Nov 2023 17:05:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200845
IP address blocks:        185.231.186.0/24 maxlen: 24
                          185.231.187.0/24 maxlen: 24
                          89.190.152.0/24 maxlen: 24
                          89.190.152.0/22 maxlen: 22
                          89.190.154.0/24 maxlen: 24
                          89.190.153.0/24 maxlen: 24
                          89.190.155.0/24 maxlen: 24
                          45.133.63.0/24 maxlen: 24
                          45.133.62.0/24 maxlen: 24
                          45.133.61.0/24 maxlen: 24
                          45.133.60.0/24 maxlen: 24
                          45.133.60.0/22 maxlen: 22
                          178.19.40.0/22 maxlen: 22
                          178.19.43.0/24 maxlen: 24
                          178.19.42.0/24 maxlen: 24
                          178.19.41.0/24 maxlen: 24
                          178.19.40.0/24 maxlen: 24
                          45.137.12.0/23 maxlen: 23
                          185.244.231.0/24 maxlen: 24
                          185.244.230.0/24 maxlen: 24
                          185.244.229.0/24 maxlen: 24
                          185.244.228.0/24 maxlen: 24
                          185.244.228.0/23 maxlen: 23
                          2.59.192.0/22 maxlen: 22
                          194.32.112.0/24 maxlen: 24
                          45.150.84.0/22 maxlen: 22
                          194.32.112.0/22 maxlen: 22
                          194.32.115.0/24 maxlen: 24
                          194.32.114.0/24 maxlen: 24
                          194.32.113.0/24 maxlen: 24
                          194.31.104.0/22 maxlen: 22
                          185.28.51.0/24 maxlen: 24
                          45.152.140.0/22 maxlen: 22
                          31.15.4.0/24 maxlen: 24
                          31.15.0.0/22 maxlen: 22
                          31.15.7.0/24 maxlen: 24
                          31.15.6.0/24 maxlen: 24
                          31.15.5.0/24 maxlen: 24
                          45.155.56.0/22 maxlen: 22
                          185.225.244.0/22 maxlen: 22
                          185.225.246.0/24 maxlen: 24
                          185.225.245.0/24 maxlen: 24
                          185.225.244.0/24 maxlen: 24
                          185.225.247.0/24 maxlen: 24
                          185.246.12.0/23 maxlen: 23
                          185.246.15.0/24 maxlen: 24
                          185.246.14.0/24 maxlen: 24
                          185.246.13.0/24 maxlen: 24
                          185.246.12.0/24 maxlen: 24
                          45.81.124.0/22 maxlen: 22
                          45.145.132.0/22 maxlen: 22
                          185.229.216.0/22 maxlen: 22
                          92.118.180.0/22 maxlen: 22
                          45.81.104.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 17:40:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:af:e5:d5:ac:00:5a:b0:57:70:93:7a:2d:31:50:0a:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Nov  8 17:05:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=86280c4b455cd1c0fe3efc88ef94a6a6dce41322
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:f3:c7:f3:df:8d:27:9a:ee:b0:83:08:d5:3b:
                    d2:46:8f:f7:e3:7a:9b:67:95:31:26:ff:46:30:d0:
                    3e:de:e5:40:c1:a9:eb:a8:27:cf:9c:f8:7a:a2:e6:
                    13:1c:be:47:1d:95:98:b3:e9:be:64:5c:7b:c6:9e:
                    b0:0f:7e:36:7e:9c:cd:fa:73:1f:3f:97:7f:cc:ca:
                    01:e7:08:ae:b7:87:5f:ad:bf:da:6f:8c:14:24:01:
                    46:7f:a6:0a:93:03:c6:2e:3a:8c:13:1f:81:4e:a8:
                    72:cd:25:5d:c6:2b:c3:87:23:f4:c0:60:80:32:6e:
                    1b:85:95:cf:0b:a0:0e:7e:5e:71:9f:f5:e9:65:7b:
                    8e:c5:0a:ab:ef:b5:4e:97:c6:85:38:60:97:fb:3e:
                    5c:ce:f5:66:42:bd:25:98:c9:d0:6e:42:37:95:d8:
                    9e:e6:8b:90:3d:7a:7a:7f:22:12:8c:6b:97:84:ba:
                    c2:4d:1e:c8:0e:61:33:c5:2a:43:fd:13:b7:e7:b5:
                    37:3f:b7:39:50:1e:49:73:de:6e:cf:f1:62:8f:f9:
                    b4:14:3e:d1:34:f4:dc:f3:88:c2:6c:72:06:31:13:
                    fc:7e:9e:85:fe:1f:27:46:42:cd:03:70:95:29:07:
                    04:f0:87:4e:0b:0c:f7:a9:bc:c5:07:57:bd:1e:ff:
                    b4:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:28:0C:4B:45:5C:D1:C0:FE:3E:FC:88:EF:94:A6:A6:DC:E4:13:22
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/higMS0Vc0cD-PvyI75SmptzkEyI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.192.0/22
                  31.15.0.0/21
                  45.81.104.0/22
                  45.81.124.0/22
                  45.133.60.0/22
                  45.137.12.0/23
                  45.145.132.0/22
                  45.150.84.0/22
                  45.152.140.0/22
                  45.155.56.0/22
                  89.190.152.0/22
                  92.118.180.0/22
                  178.19.40.0/22
                  185.28.51.0/24
                  185.225.244.0/22
                  185.229.216.0/22
                  185.231.186.0/23
                  185.244.228.0/22
                  185.246.12.0/22
                  194.31.104.0/22
                  194.32.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ae:75:01:fc:1a:53:dd:ff:b1:5d:57:04:8c:25:56:8c:e5:a6:
         42:d0:73:26:4b:c5:28:75:8a:2b:7e:48:f9:d1:57:a5:40:10:
         62:42:ed:c6:5b:fa:4e:73:1e:f9:b1:48:01:f2:22:a2:fe:52:
         51:e7:e9:42:d8:d9:c4:0d:c6:e1:b8:1b:d1:aa:bc:ac:02:f9:
         b9:9a:09:c7:0e:0a:18:f8:e0:45:91:52:45:80:64:27:0d:75:
         70:1f:14:94:1a:90:26:25:33:81:ba:66:5d:78:68:51:0a:ed:
         af:2d:6c:d4:9c:56:ee:5c:db:06:86:ab:9b:af:27:87:57:80:
         ab:8d:b5:34:4b:05:f5:da:8d:32:79:c9:55:6b:f7:69:19:35:
         20:d1:b0:1c:c2:a5:93:a6:c2:fa:aa:39:d3:69:cd:8a:54:88:
         00:57:b0:8f:22:42:a0:26:0c:af:6d:83:1f:54:2b:e9:18:ca:
         31:3a:9b:35:9c:8c:7e:e6:64:45:8b:6b:e4:d4:70:00:6e:62:
         ee:06:20:58:42:2d:fa:1c:1e:f1:02:37:05:ac:d5:8b:86:51:
         d2:6e:69:45:49:92:eb:f0:32:46:02:9b:1d:7e:96:23:02:8c:
         1e:51:aa:3a:d4:0b:9e:26:cd:f4:90:08:3e:6a:d2:ff:d3:bb:
         8d:61:17:d6
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYuv5dWsAFqwV3CTei0xUArtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMxMTA4MTcwNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI4MGM0YjQ1NWNkMWMwZmUzZWZjODhlZjk0YTZhNmRjZTQxMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPPH89+NJ5rusIMI1TvSRo/343qb
Z5UxJv9GMNA+3uVAwanrqCfPnPh6ouYTHL5HHZWYs+m+ZFx7xp6wD342fpzN+nMf
P5d/zMoB5wiut4dfrb/ab4wUJAFGf6YKkwPGLjqMEx+BTqhyzSVdxivDhyP0wGCA
Mm4bhZXPC6AOfl5xn/XpZXuOxQqr77VOl8aFOGCX+z5czvVmQr0lmMnQbkI3ldie
5ouQPXp6fyISjGuXhLrCTR7IDmEzxSpD/RO357U3P7c5UB5Jc95uz/Fij/m0FD7R
NPTc84jCbHIGMRP8fp6F/h8nRkLNA3CVKQcE8IdOCwz3qbzFB1e9Hv+0SwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFIYoDEtFXNHA/j78iO+Upqbc5BMiMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvaGlnTVMwVmMwY0QtUHZ5STc1U21wdHprRXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgI7
wAMEAx8PAAMEAi1RaAMEAi1RfAMEAi2FPAMEAS2JDAMEAi2RhAMEAi2WVAMEAi2Y
jAMEAi2bOAMEAlm+mAMEAlx2tAMEArITKAMEALkcMwMEArnh9AMEArnl2AMEAbnn
ugMEArn05AMEArn2DAMEAsIfaAMEAsIgcDANBgkqhkiG9w0BAQsFAAOCAQEArnUB
/BpT3f+xXVcEjCVWjOWmQtBzJkvFKHWKK35I+dFXpUAQYkLtxlv6TnMe+bFIAfIi
ov5SUefpQtjZxA3G4bgb0aq8rAL5uZoJxw4KGPjgRZFSRYBkJw11cB8UlBqQJiUz
gbpmXXhoUQrtry1s1JxW7lzbBoarm68nh1eAq421NEsF9dqNMnnJVWv3aRk1INGw
HMKlk6bC+qo502nNilSIAFewjyJCoCYMr22DH1Qr6RjKMTqbNZyMfuZkRYtr5NRw
AG5i7gYgWEIt+hwe8QI3BazVi4ZR0m5pRUmS6/AyRgKbHX6WIwKMHlGqOtQLnibN
9JAIPmrS/9O7jWEX1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org