Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XFnR0Z_T_rZZbuOjRhx1SQqsNZc.roa
File:                     XFnR0Z_T_rZZbuOjRhx1SQqsNZc.roa (raw, json)
Hash identifier:          8nZLVkgEn9QHPrFbJCfxmyL+5JkkazsRFhMa5DElkm8=
Subject key identifier:   5C:59:D1:D1:9F:D3:FE:B6:59:6E:E3:A3:46:1C:75:49:0A:AC:35:97
Certificate issuer:       /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial:       018A2C1CCC3A6A67670CA242B785254D5078
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XFnR0Z_T_rZZbuOjRhx1SQqsNZc.roa
Signing time:             Fri 25 Aug 2023 09:53:19 +0000
ROA not before:           Fri 25 Aug 2023 09:53:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202496
IP address blocks:        216.173.78.0/23 maxlen: 23
                          104.249.30.0/23 maxlen: 23
                          45.43.176.0/23 maxlen: 23
                          45.43.176.0/20 maxlen: 20
                          45.43.178.0/23 maxlen: 23
                          45.43.180.0/23 maxlen: 23
                          45.43.182.0/23 maxlen: 23
                          45.43.186.0/23 maxlen: 23
                          45.43.184.0/23 maxlen: 23
                          104.143.235.0/24 maxlen: 24
                          45.43.190.0/23 maxlen: 23
                          45.43.188.0/23 maxlen: 23
                          104.249.60.0/23 maxlen: 23
                          104.238.4.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:2c:1c:cc:3a:6a:67:67:0c:a2:42:b7:85:25:4d:50:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
        Validity
            Not Before: Aug 25 09:53:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5c59d1d19fd3feb6596ee3a3461c75490aac3597
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:5e:69:90:ac:d7:da:91:30:c0:ab:da:5c:91:
                    a3:92:37:b2:37:17:fc:61:f5:d3:36:a1:ac:58:9e:
                    c8:95:d7:ac:19:91:86:97:cb:dc:6f:71:8b:0b:70:
                    dd:ae:fa:eb:e1:64:96:65:3c:77:48:ea:ea:a2:01:
                    92:c8:c5:9d:04:81:d3:50:84:a0:dd:7d:79:bd:2d:
                    d1:79:e2:5b:ba:c9:b4:72:1a:3c:22:c1:db:6d:72:
                    56:ab:b3:17:2c:0d:da:09:83:13:a6:34:27:75:ac:
                    dd:78:c3:11:1c:ae:1e:d5:73:a3:51:44:53:9f:3e:
                    50:6e:45:0f:75:1b:6b:6b:40:ad:44:1b:d6:4d:b1:
                    53:b3:46:19:20:3f:ca:fa:ed:6a:b3:c5:8c:54:ec:
                    a5:72:d5:93:35:21:bc:ef:f8:6e:81:e2:7c:33:a6:
                    e5:96:8e:4f:26:61:fb:12:3f:c8:f0:c5:90:22:1f:
                    e2:04:73:f1:6d:05:f2:5c:b5:d0:e7:49:b8:8f:1a:
                    e4:c0:4c:97:bf:16:16:ee:da:ce:dd:ea:7c:8e:45:
                    e3:71:b9:05:4c:e2:bf:77:be:41:dc:b8:76:16:ce:
                    24:12:c4:72:c2:47:8d:5e:d9:f9:ca:ac:2e:b3:90:
                    4a:af:c7:96:14:54:e7:55:a1:26:db:ec:3e:89:07:
                    00:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:59:D1:D1:9F:D3:FE:B6:59:6E:E3:A3:46:1C:75:49:0A:AC:35:97
            X509v3 Authority Key Identifier:
                keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XFnR0Z_T_rZZbuOjRhx1SQqsNZc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.43.176.0/20
                  104.143.235.0/24
                  104.238.4.0/23
                  104.249.30.0/23
                  104.249.60.0/23
                  216.173.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         21:30:55:0a:40:5f:4a:77:52:89:67:c4:19:c4:fa:8f:3d:86:
         91:5e:26:68:0b:da:33:2b:83:0d:9c:85:83:b1:cd:c0:08:c9:
         0f:15:6c:a2:46:e6:43:ff:ae:9f:53:c3:f3:77:fe:fb:d4:70:
         43:5b:f2:85:db:a0:9b:d1:1e:7a:a2:40:1a:03:15:2b:d3:34:
         7b:64:dc:b3:ec:a8:44:40:ea:c8:ed:03:74:c5:05:0c:30:3e:
         a8:22:b9:25:49:ab:eb:56:5e:9f:2d:fb:c1:f2:1a:c4:19:51:
         ee:58:4f:c1:00:e3:9b:e8:3d:17:c1:3d:32:91:25:f9:1d:d5:
         95:0c:f8:25:e9:4d:f4:ee:ce:b3:fd:ed:77:90:96:7c:2e:53:
         4f:43:fd:36:e3:27:1f:45:6f:00:8b:95:eb:d1:b5:5d:88:59:
         2d:14:d9:ba:d3:74:d2:b3:cd:10:c8:cd:84:6b:96:5a:1e:32:
         18:62:aa:8e:bf:fa:6f:d1:af:fd:b3:08:fc:5f:02:49:a9:74:
         ca:90:a7:18:4f:96:7c:d4:3d:ac:1b:19:c6:21:6f:fb:12:12:
         23:1b:59:40:69:52:4e:01:8b:b9:8b:dc:c8:9e:33:72:e0:4a:
         73:0a:da:59:7b:7c:89:57:e7:4f:89:e2:26:7c:99:b0:e8:65:
         7c:1a:03:89
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYosHMw6amdnDKJCt4UlTVB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwODI1MDk1MzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU5ZDFkMTlmZDNmZWI2NTk2ZWUzYTM0NjFjNzU0OTBhYWMzNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxV5pkKzX2pEwwKvaXJGjkjeyNxf8
YfXTNqGsWJ7IldesGZGGl8vcb3GLC3Ddrvrr4WSWZTx3SOrqogGSyMWdBIHTUISg
3X15vS3ReeJbusm0cho8IsHbbXJWq7MXLA3aCYMTpjQndazdeMMRHK4e1XOjUURT
nz5QbkUPdRtra0CtRBvWTbFTs0YZID/K+u1qs8WMVOylctWTNSG87/hugeJ8M6bl
lo5PJmH7Ej/I8MWQIh/iBHPxbQXyXLXQ50m4jxrkwEyXvxYW7trO3ep8jkXjcbkF
TOK/d75B3Lh2Fs4kEsRywkeNXtn5yqwus5BKr8eWFFTnVaEm2+w+iQcAcQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFxZ0dGf0/62WW7jo0YcdUkKrDWXMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWEZuUjBaX1RfclpaYnVPalJoeDFTUXFzTlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQELSuwAwQA
aI/rAwQBaO4EAwQBaPkeAwQBaPk8AwQB2K1OMA0GCSqGSIb3DQEBCwUAA4IBAQAh
MFUKQF9Kd1KJZ8QZxPqPPYaRXiZoC9ozK4MNnIWDsc3ACMkPFWyiRuZD/66fU8Pz
d/771HBDW/KF26Cb0R56okAaAxUr0zR7ZNyz7KhEQOrI7QN0xQUMMD6oIrklSavr
Vl6fLfvB8hrEGVHuWE/BAOOb6D0XwT0ykSX5HdWVDPgl6U307s6z/e13kJZ8LlNP
Q/024ycfRW8Ai5Xr0bVdiFktFNm603TSs80QyM2Ea5ZaHjIYYqqOv/pv0a/9swj8
XwJJqXTKkKcYT5Z81D2sGxnGIW/7EhIjG1lAaVJOAYu5i9zInjNy4EpzCtpZe3yJ
V+dPieImfJmw6GV8GgOJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org