Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/rqcprmzdb21AcslhKy_XHKzZ0sY.roa
File:                     rqcprmzdb21AcslhKy_XHKzZ0sY.roa (raw, json)
Hash identifier:          SGn+bCiLM0FUhIgi2fEbaIRjwlATWDPi0RXnb/3+RqM=
Subject key identifier:   AE:A7:29:AE:6C:DD:6F:6D:40:72:C9:61:2B:2F:D7:1C:AC:D9:D2:C6
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       018D30FEF62266B746370B9CCF641ACE71B1
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/rqcprmzdb21AcslhKy_XHKzZ0sY.roa
Signing time:             Mon 22 Jan 2024 11:47:11 +0000
ROA not before:           Mon 22 Jan 2024 11:47:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206077
IP address blocks:        45.80.81.0/24 maxlen: 24
                          185.226.192.0/23 maxlen: 24
                          201.49.191.0/24 maxlen: 24
                          217.26.188.0/22 maxlen: 22
                          217.26.188.0/23 maxlen: 23
                          217.26.188.0/24 maxlen: 24
                          217.26.189.0/24 maxlen: 24
                          217.76.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 May 2024 10:47:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:30:fe:f6:22:66:b7:46:37:0b:9c:cf:64:1a:ce:71:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan 22 11:47:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=aea729ae6cdd6f6d4072c9612b2fd71cacd9d2c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:6e:58:f0:e2:27:a3:60:4d:d1:a6:28:3a:4a:
                    ae:13:d2:3c:8a:50:00:01:19:ad:a1:16:37:fd:eb:
                    1a:9e:bf:ec:04:8b:02:9c:07:1e:cd:eb:5c:d7:ed:
                    ec:38:dd:81:b5:51:13:9d:7a:eb:ae:ca:2f:87:18:
                    60:e2:53:3a:d1:27:c0:d7:0c:fc:c0:37:92:4d:64:
                    e8:1f:8e:26:2a:39:99:92:21:55:00:58:2a:96:8f:
                    a7:ab:3a:31:b3:34:f1:4e:c2:5c:f3:67:ad:5c:ba:
                    5e:41:1d:2a:67:3a:05:d2:18:bd:e7:bc:89:00:b3:
                    6d:fc:45:0c:80:f1:73:23:7c:52:e4:c7:6b:e6:f4:
                    b9:ff:c2:4b:c3:81:30:37:61:da:b9:4f:fc:7e:01:
                    e8:bc:cb:d8:ba:d8:b5:77:eb:5e:b3:e3:07:f3:8e:
                    52:d7:7b:09:4c:e6:04:ec:af:3c:fe:70:66:a4:71:
                    d8:3b:ce:66:35:a6:bd:30:58:df:66:6d:21:5d:67:
                    a3:05:04:b9:84:1f:9c:38:f2:e7:fd:f3:e0:ab:a2:
                    80:8e:9d:1e:48:24:9b:ae:bf:c6:c6:ba:a9:6d:aa:
                    09:ec:8b:01:e0:fb:9a:f9:c8:0e:3c:c6:db:17:ae:
                    cd:09:a5:5a:aa:0e:87:c6:a1:92:17:24:86:5d:16:
                    e1:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:A7:29:AE:6C:DD:6F:6D:40:72:C9:61:2B:2F:D7:1C:AC:D9:D2:C6
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/rqcprmzdb21AcslhKy_XHKzZ0sY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.81.0/24
                  185.226.192.0/23
                  201.49.191.0/24
                  217.26.188.0/22
                  217.76.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:b1:72:ff:e2:38:71:f7:e5:4b:13:fe:bf:ac:d7:a6:6a:6a:
         b5:97:f5:ad:c7:5c:d0:da:0f:2f:20:24:7a:6a:41:aa:e9:29:
         09:66:30:b9:66:80:60:2c:c2:33:bf:59:06:52:2f:e5:71:82:
         24:ad:44:bc:4a:5b:01:bc:d2:6f:c2:e9:c0:96:da:f1:2a:50:
         9a:f7:36:ff:c2:49:ec:a5:d3:19:d5:48:cd:ab:ae:ea:b1:6c:
         c4:e9:35:ec:a7:89:2f:94:86:a5:9f:46:56:e9:7a:6a:f4:07:
         a1:ca:04:23:10:b2:72:17:ba:73:7e:26:f5:58:87:bf:26:46:
         fd:de:fa:c7:50:24:00:87:a3:26:0e:8e:73:5c:0e:16:2d:e6:
         67:75:e2:a8:d5:c3:0d:30:98:e3:df:f5:1e:52:75:ad:87:27:
         3d:dd:d4:49:8a:2d:d1:49:76:58:2a:fa:2d:0e:68:e7:78:2d:
         c6:7c:95:7f:cf:3b:03:f5:62:ce:49:1e:f7:77:c7:c2:09:97:
         bc:ad:95:57:bf:79:18:8a:94:a7:ae:af:f4:4a:08:3f:2d:58:
         a0:59:a2:93:ea:6c:24:da:60:bd:de:2e:0c:bc:da:93:68:0f:
         c0:e8:ca:ef:3d:4d:98:70:66:8d:0e:f0:8d:ad:11:e5:87:1d:
         ea:32:09:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0w/vYiZrdGNwucz2QaznGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTIyMTE0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWE3MjlhZTZjZGQ2ZjZkNDA3MmM5NjEyYjJmZDcxY2FjZDlkMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW5Y8OIno2BN0aYoOkquE9I8ilAA
ARmtoRY3/esanr/sBIsCnAcezetc1+3sON2BtVETnXrrrsovhxhg4lM60SfA1wz8
wDeSTWToH44mKjmZkiFVAFgqlo+nqzoxszTxTsJc82etXLpeQR0qZzoF0hi957yJ
ALNt/EUMgPFzI3xS5Mdr5vS5/8JLw4EwN2HauU/8fgHovMvYuti1d+tes+MH845S
13sJTOYE7K88/nBmpHHYO85mNaa9MFjfZm0hXWejBQS5hB+cOPLn/fPgq6KAjp0e
SCSbrr/GxrqpbaoJ7IsB4Pua+cgOPMbbF67NCaVaqg6HxqGSFySGXRbhOwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK6nKa5s3W9tQHLJYSsv1xys2dLGMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvcnFjcHJtemRiMjFBY3NsaEt5X1hIS3paMHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVBRAwQB
ueLAAwQAyTG/AwQC2Rq8AwQA2Uz8MA0GCSqGSIb3DQEBCwUAA4IBAQARsXL/4jhx
9+VLE/6/rNemamq1l/Wtx1zQ2g8vICR6akGq6SkJZjC5ZoBgLMIzv1kGUi/lcYIk
rUS8SlsBvNJvwunAltrxKlCa9zb/wknspdMZ1UjNq67qsWzE6TXsp4kvlIaln0ZW
6Xpq9AehygQjELJyF7pzfib1WIe/Jkb93vrHUCQAh6MmDo5zXA4WLeZndeKo1cMN
MJjj3/UeUnWthyc93dRJii3RSXZYKvotDmjneC3GfJV/zzsD9WLOSR73d8fCCZe8
rZVXv3kYipSnrq/0Sgg/LVigWaKT6mwk2mC93i4MvNqTaA/A6MrvPU2YcGaNDvCN
rRHlhx3qMgn/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org