Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JdFIe2sXA04XD3r7c9RCWxpV7YQ.roa
File:                     JdFIe2sXA04XD3r7c9RCWxpV7YQ.roa (raw, json)
Hash identifier:          KVtYkHtVqxniWbztFARHQSPN8ExGofypYYz9u7MKtAc=
Subject key identifier:   25:D1:48:7B:6B:17:03:4E:17:0F:7A:FB:73:D4:42:5B:1A:55:ED:84
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       018F72345F763C457E4198CE9B95B9590CD7
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JdFIe2sXA04XD3r7c9RCWxpV7YQ.roa
Signing time:             Mon 13 May 2024 13:46:25 +0000
ROA not before:           Mon 13 May 2024 13:46:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     398465
IP address blocks:        45.43.172.0/22 maxlen: 22
                          64.137.29.0/24 maxlen: 24
                          64.137.39.0/24 maxlen: 24
                          64.137.44.0/24 maxlen: 24
                          64.137.45.0/24 maxlen: 24
                          64.137.46.0/24 maxlen: 24
                          64.137.72.0/24 maxlen: 24
                          64.137.85.0/24 maxlen: 24
                          64.137.114.0/24 maxlen: 24
                          64.137.116.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 07 Jun 2024 09:22:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:72:34:5f:76:3c:45:7e:41:98:ce:9b:95:b9:59:0c:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: May 13 13:46:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=25d1487b6b17034e170f7afb73d4425b1a55ed84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ae:48:5b:ec:12:dd:3a:66:5b:93:ab:ec:96:
                    c5:84:15:5a:86:d9:b8:98:30:6a:46:5c:96:42:a4:
                    49:99:4b:65:a4:4c:f6:49:6f:54:dc:96:8d:25:02:
                    40:ae:66:c3:f6:67:ad:78:88:fa:ce:e9:41:80:ac:
                    a7:58:52:12:6a:7b:7d:df:f5:7f:f6:78:99:5b:c6:
                    cb:f7:65:c2:f1:7b:a3:49:94:12:3a:d6:5f:19:16:
                    93:aa:64:b5:53:5c:ed:2e:b9:41:c7:75:bf:45:f8:
                    ab:73:c0:1d:74:0b:ae:a8:51:11:67:a8:e2:26:92:
                    c6:ea:48:e3:e5:f0:d2:9c:1e:ea:66:09:41:27:c5:
                    fa:71:b6:f5:7a:da:b3:1d:3b:43:18:51:8b:ae:21:
                    75:e8:68:55:ac:d6:34:5f:4a:9f:51:c4:3d:5c:f7:
                    12:35:aa:21:39:51:b3:01:3f:7a:45:f6:1e:91:a9:
                    29:11:d5:6f:24:f8:41:df:4f:cb:8e:13:b4:62:aa:
                    97:5a:3c:62:72:1d:f2:7b:61:8c:77:51:5d:90:ad:
                    3a:43:50:0d:0c:f1:03:fd:7b:87:b0:58:a7:78:a4:
                    23:94:c2:5f:d4:a9:f0:5f:49:fa:8e:95:c6:8e:b7:
                    50:9a:0a:14:29:f6:37:29:e9:04:03:52:c0:bf:9c:
                    53:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:D1:48:7B:6B:17:03:4E:17:0F:7A:FB:73:D4:42:5B:1A:55:ED:84
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JdFIe2sXA04XD3r7c9RCWxpV7YQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.43.172.0/22
                  64.137.29.0/24
                  64.137.39.0/24
                  64.137.44.0-64.137.46.255
                  64.137.72.0/24
                  64.137.85.0/24
                  64.137.114.0/24
                  64.137.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:ea:6c:ee:6e:6b:78:e3:de:23:27:f2:ed:65:a2:e5:e3:c0:
         89:65:b6:74:79:7e:4e:0c:06:cc:16:cc:e3:07:d0:9d:f9:d9:
         77:c3:88:1b:b7:be:cc:3e:c0:49:27:a4:ce:08:6d:aa:52:82:
         83:95:c9:c0:fe:74:38:3c:d2:00:ce:e8:1b:58:54:ed:a5:4a:
         6b:1f:26:55:4d:bd:99:01:a8:b6:9b:f8:e2:9c:66:67:e3:54:
         bb:59:45:3e:91:d9:29:7b:96:d7:f9:e2:e4:8c:59:9a:d5:b6:
         0f:ef:ae:d7:10:ee:0a:d8:70:d0:80:7c:a8:76:3f:66:1e:65:
         80:ae:71:6f:25:6d:f5:65:00:4b:f9:3e:5b:30:c9:d5:a1:0a:
         0d:2e:27:3c:38:16:28:01:16:23:dd:b5:f0:f3:6d:71:87:04:
         82:f1:81:3d:d9:c8:c1:bc:71:2d:ec:e0:4a:c6:6c:cf:aa:07:
         d6:a5:d7:19:ab:95:49:8d:94:06:88:52:4c:e4:72:76:04:3e:
         fc:19:c1:77:9f:f0:0c:7a:d9:0f:77:d2:34:23:f2:53:10:d3:
         89:cc:9c:e9:8c:b1:17:bf:e7:26:6e:9a:51:e9:db:8a:18:95:
         7d:28:68:9f:0a:c2:30:14:2d:fb:27:bc:ba:14:dd:e9:5c:19:
         c5:96:44:bd
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY9yNF92PEV+QZjOm5W5WQzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNTEzMTM0NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQxNDg3YjZiMTcwMzRlMTcwZjdhZmI3M2Q0NDI1YjFhNTVlZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa5IW+wS3TpmW5Or7JbFhBVahtm4
mDBqRlyWQqRJmUtlpEz2SW9U3JaNJQJArmbD9meteIj6zulBgKynWFISant93/V/
9niZW8bL92XC8XujSZQSOtZfGRaTqmS1U1ztLrlBx3W/Rfirc8AddAuuqFERZ6ji
JpLG6kjj5fDSnB7qZglBJ8X6cbb1etqzHTtDGFGLriF16GhVrNY0X0qfUcQ9XPcS
NaohOVGzAT96RfYekakpEdVvJPhB30/LjhO0YqqXWjxich3ye2GMd1FdkK06Q1AN
DPED/XuHsFineKQjlMJf1KnwX0n6jpXGjrdQmgoUKfY3KekEA1LAv5xT+wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCXRSHtrFwNOFw96+3PUQlsaVe2EMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSmRGSWUyc1hBMDRYRDNyN2M5UkNXeHBWN1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCLSusAwQA
QIkdAwQAQIknMAwDBAJAiSwDBABAiS4DBABAiUgDBABAiVUDBABAiXIDBABAiXQw
DQYJKoZIhvcNAQELBQADggEBAAHqbO5ua3jj3iMn8u1louXjwIlltnR5fk4MBswW
zOMH0J352XfDiBu3vsw+wEknpM4IbapSgoOVycD+dDg80gDO6BtYVO2lSmsfJlVN
vZkBqLab+OKcZmfjVLtZRT6R2Sl7ltf54uSMWZrVtg/vrtcQ7grYcNCAfKh2P2Ye
ZYCucW8lbfVlAEv5PlswydWhCg0uJzw4FigBFiPdtfDzbXGHBILxgT3ZyMG8cS3s
4ErGbM+qB9al1xmrlUmNlAaIUkzkcnYEPvwZwXef8Ax62Q930jQj8lMQ04nMnOmM
sRe/5yZumlHp24oYlX0oaJ8KwjAULfsnvLoU3elcGcWWRL0=
-----END CERTIFICATE-----
Generated at Fri Jun 7 12:32:28 2024 by rpki-client on console-fra.rpki-client.org