Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Pr1bujQeKoVRXmp7ChbuxcF35sc.roa
File:                     Pr1bujQeKoVRXmp7ChbuxcF35sc.roa (raw, json)
Hash identifier:          FiM5oTC9Y4PlR+lsL+h72ryBjmRZNUu5JfOVKqyINyI=
Subject key identifier:   3E:BD:5B:BA:34:1E:2A:85:51:5E:6A:7B:0A:16:EE:C5:C1:77:E6:C7
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       0185725EBC3C0D3B7CC8F2FE2F6F548BF196
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Pr1bujQeKoVRXmp7ChbuxcF35sc.roa
Signing time:             Mon 02 Jan 2023 12:04:49 +0000
ROA not before:           Mon 02 Jan 2023 12:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201207
IP address blocks:        216.173.76.0/24 maxlen: 24
                          216.173.82.0/24 maxlen: 24
                          104.239.10.0/23 maxlen: 23
                          45.43.167.0/24 maxlen: 24
                          216.173.96.0/22 maxlen: 22
                          216.173.102.0/24 maxlen: 24
                          216.173.106.0/24 maxlen: 24
                          216.173.107.0/24 maxlen: 24
                          216.173.110.0/24 maxlen: 24
                          104.239.104.0/24 maxlen: 24
                          104.239.105.0/24 maxlen: 24
                          104.239.107.0/24 maxlen: 24
                          104.239.111.0/24 maxlen: 24
                          104.239.106.0/24 maxlen: 24
                          104.239.124.0/23 maxlen: 23
                          104.239.126.0/24 maxlen: 24
                          216.173.120.0/24 maxlen: 24
                          104.239.76.0/23 maxlen: 23
                          104.239.75.0/24 maxlen: 24
                          104.239.78.0/24 maxlen: 24
                          104.239.80.0/23 maxlen: 23
                          104.233.12.0/22 maxlen: 22
                          104.233.24.0/23 maxlen: 23
                          104.233.26.0/24 maxlen: 24
                          104.238.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 25 Jan 2023 15:51:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:5e:bc:3c:0d:3b:7c:c8:f2:fe:2f:6f:54:8b:f1:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Jan  2 12:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ebd5bba341e2a85515e6a7b0a16eec5c177e6c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:5e:22:8d:38:ea:53:5d:20:ce:bc:b4:08:c5:
                    d5:0d:77:e9:6e:2c:4e:87:88:d9:93:50:32:3e:90:
                    bb:5a:61:44:7b:c1:c0:bf:38:58:20:5f:85:f7:2b:
                    51:b6:15:7d:5d:5f:26:cd:21:1d:79:8e:60:5f:c2:
                    e0:81:44:23:84:37:9d:95:e5:3d:aa:05:74:34:f9:
                    12:88:54:79:4f:ec:0e:72:52:61:e4:75:86:ac:e2:
                    e0:0a:9f:6f:22:cc:a7:38:92:d9:d6:55:55:ae:3a:
                    f8:dd:e0:be:00:89:21:98:e1:f3:45:c3:1e:c1:dd:
                    18:06:81:1f:39:0c:26:d8:b4:55:2b:ee:68:51:7d:
                    29:33:a7:aa:5e:0f:ec:5b:6d:fb:08:92:4d:50:c3:
                    da:a3:39:9e:32:92:b6:56:62:97:94:76:4a:e5:6f:
                    b1:e7:33:fa:4e:0e:01:07:87:5b:20:5c:ff:03:22:
                    d9:5f:f2:5f:ec:49:c1:b5:60:22:81:f8:9e:d2:06:
                    16:40:76:0a:b8:9f:8b:c4:63:5d:88:70:2f:3b:c1:
                    ab:7b:bc:0f:98:76:7c:8a:12:a2:ba:6d:0f:84:54:
                    be:b1:ee:45:59:75:d7:5d:36:3a:77:f9:2a:10:20:
                    0e:3a:3f:a4:3a:51:5a:86:32:fe:bb:19:88:b1:37:
                    66:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:BD:5B:BA:34:1E:2A:85:51:5E:6A:7B:0A:16:EE:C5:C1:77:E6:C7
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Pr1bujQeKoVRXmp7ChbuxcF35sc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.43.167.0/24
                  104.233.12.0/22
                  104.233.24.0-104.233.26.255
                  104.238.10.0/24
                  104.239.10.0/23
                  104.239.75.0-104.239.78.255
                  104.239.80.0/23
                  104.239.104.0/22
                  104.239.111.0/24
                  104.239.124.0-104.239.126.255
                  216.173.76.0/24
                  216.173.82.0/24
                  216.173.96.0/22
                  216.173.102.0/24
                  216.173.106.0/23
                  216.173.110.0/24
                  216.173.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:2f:e0:cb:a4:21:03:d0:6e:31:97:c6:8d:bf:8a:0a:bf:3b:
         f8:1e:15:9e:68:3e:52:46:f1:ea:ab:f8:d2:a8:a9:24:b5:33:
         fb:f6:e0:07:1d:25:9b:39:2d:43:34:4f:ff:0f:c8:74:45:3d:
         39:7a:66:da:50:bc:dd:eb:fc:c9:02:4f:1f:b1:44:3f:a1:d5:
         00:f1:b4:0e:fe:b8:ca:3b:5b:00:9e:01:7e:79:29:ff:93:da:
         bf:30:ec:52:ad:16:3f:db:a1:c9:e4:92:ad:70:b7:02:4c:e1:
         8a:99:fa:11:0b:f0:92:76:8e:33:bb:a8:bb:43:10:94:d6:fe:
         0a:90:0c:f2:7d:94:10:7c:8f:25:d6:bb:18:e9:14:fd:02:2a:
         d1:ca:00:83:64:3e:b2:7a:2b:1c:11:44:9e:10:d7:f1:30:52:
         76:34:d4:63:ac:25:98:c3:c8:0b:e2:bf:05:56:06:0c:51:c6:
         37:8f:8b:63:dd:d0:96:6e:e0:73:cc:9d:5b:47:0e:e6:06:71:
         35:8b:29:77:8c:49:9e:80:e7:15:6b:c5:6e:55:68:5c:be:5d:
         49:f0:e1:69:ae:e3:3c:85:f0:66:ee:44:15:15:02:75:43:c7:
         7f:2e:a6:80:10:ef:a8:4c:e4:ae:13:24:b2:d2:35:dc:2d:41:
         b1:31:39:19
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYVyXrw8DTt8yPL+L29Ui/GWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWJkNWJiYTM0MWUyYTg1NTE1ZTZhN2IwYTE2ZWVjNWMxNzdlNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk14ijTjqU10gzry0CMXVDXfpbixO
h4jZk1AyPpC7WmFEe8HAvzhYIF+F9ytRthV9XV8mzSEdeY5gX8LggUQjhDedleU9
qgV0NPkSiFR5T+wOclJh5HWGrOLgCp9vIsynOJLZ1lVVrjr43eC+AIkhmOHzRcMe
wd0YBoEfOQwm2LRVK+5oUX0pM6eqXg/sW237CJJNUMPaozmeMpK2VmKXlHZK5W+x
5zP6Tg4BB4dbIFz/AyLZX/Jf7EnBtWAigfie0gYWQHYKuJ+LxGNdiHAvO8Gre7wP
mHZ8ihKium0PhFS+se5FWXXXXTY6d/kqECAOOj+kOlFahjL+uxmIsTdm1QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFD69W7o0HiqFUV5qewoW7sXBd+bHMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvUHIxYnVqUWVLb1ZSWG1wN0NoYnV4Y0YzNXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAC0r
pwMEAmjpDDAMAwQDaOkYAwQAaOkaAwQAaO4KAwQBaO8KMAwDBABo70sDBABo704D
BAFo71ADBAJo72gDBABo728wDAMEAmjvfAMEAGjvfgMEANitTAMEANitUgMEAtit
YAMEANitZgMEAditagMEANitbgMEANiteDANBgkqhkiG9w0BAQsFAAOCAQEAfi/g
y6QhA9BuMZfGjb+KCr87+B4Vnmg+Ukbx6qv40qipJLUz+/bgBx0lmzktQzRP/w/I
dEU9OXpm2lC83ev8yQJPH7FEP6HVAPG0Dv64yjtbAJ4Bfnkp/5PavzDsUq0WP9uh
yeSSrXC3Akzhipn6EQvwknaOM7uou0MQlNb+CpAM8n2UEHyPJda7GOkU/QIq0coA
g2Q+snorHBFEnhDX8TBSdjTUY6wlmMPIC+K/BVYGDFHGN4+LY93Qlm7gc8ydW0cO
5gZxNYspd4xJnoDnFWvFblVoXL5dSfDhaa7jPIXwZu5EFRUCdUPHfy6mgBDvqEzk
rhMkstI13C1BsTE5GQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org