Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1BXmtbOaxv2hteWvKwl0PBmuf9M.roa
File:                     1BXmtbOaxv2hteWvKwl0PBmuf9M.roa (raw, json)
Hash identifier:          wVeUwLOkjk/A/VpRJvHEDhVO9KjxZoNkBqijDTlm/mM=
Subject key identifier:   D4:15:E6:B5:B3:9A:C6:FD:A1:B5:E5:AF:2B:09:74:3C:19:AE:7F:D3
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       01917AD98A38168C89F19EED9990945B55CD
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1BXmtbOaxv2hteWvKwl0PBmuf9M.roa
Signing time:             Thu 22 Aug 2024 16:09:22 +0000
ROA not before:           Thu 22 Aug 2024 16:09:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     59729
IP address blocks:        5.42.192.0/24 maxlen: 24
                          5.42.195.0/24 maxlen: 24
                          5.42.210.0/24 maxlen: 24
                          193.9.20.0/24 maxlen: 24
                          193.200.199.0/24 maxlen: 24
                          194.26.204.0/24 maxlen: 24
                          194.55.170.0/24 maxlen: 24
                          212.18.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 30 Aug 2024 06:46:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:7a:d9:8a:38:16:8c:89:f1:9e:ed:99:90:94:5b:55:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Aug 22 16:09:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d415e6b5b39ac6fda1b5e5af2b09743c19ae7fd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:18:82:a9:0e:a1:f5:56:e8:67:e1:8c:50:a1:
                    65:37:4e:1c:9b:00:99:d5:69:37:22:54:b5:3d:aa:
                    1b:7b:42:46:6d:ae:9a:bc:a4:de:be:03:d8:b1:c1:
                    57:9a:12:d6:89:1a:4a:25:ac:02:23:2f:44:ef:0e:
                    30:0c:4e:cf:d9:b7:64:b0:df:d9:cb:68:19:c0:e1:
                    e1:b6:25:fe:54:7c:dd:9b:9f:0a:79:e3:c6:a5:79:
                    51:7c:f7:de:c0:e4:e9:1a:55:58:0c:11:dd:ca:b2:
                    32:a2:6e:b8:5e:e3:da:e3:ba:24:71:3e:12:e5:c5:
                    f9:87:bd:02:6b:6f:06:19:51:b3:57:93:4a:2e:bb:
                    b1:bf:3d:cc:78:6a:ac:51:d2:bd:f6:03:03:5a:75:
                    a9:40:21:d8:62:83:41:a0:4a:d8:25:8d:d3:d4:b0:
                    46:0e:9c:0e:5a:ab:27:38:0c:88:77:c1:d4:bc:48:
                    18:03:52:e9:a5:a4:66:4e:e3:64:1e:64:a0:44:2c:
                    27:bc:07:2a:51:d9:55:af:99:4f:08:09:4d:d2:8d:
                    d3:72:f5:2a:41:25:3b:06:e5:dd:a4:26:58:7e:2c:
                    7f:34:25:7d:b3:43:13:b4:d6:e8:96:46:7c:2b:c9:
                    de:91:75:97:b3:f9:5d:cf:27:ac:45:1e:b9:98:82:
                    d5:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:15:E6:B5:B3:9A:C6:FD:A1:B5:E5:AF:2B:09:74:3C:19:AE:7F:D3
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1BXmtbOaxv2hteWvKwl0PBmuf9M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.42.192.0/24
                  5.42.195.0/24
                  5.42.210.0/24
                  193.9.20.0/24
                  193.200.199.0/24
                  194.26.204.0/24
                  194.55.170.0/24
                  212.18.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:4f:e2:65:00:00:6d:ef:21:98:42:8a:51:c7:e8:7a:ac:4c:
         2b:16:41:6e:27:21:4d:b6:c5:1c:1f:74:a8:cb:29:9b:61:78:
         dd:fa:8d:3d:04:10:7f:24:7a:3e:7a:0f:ff:4e:91:e6:f4:e4:
         ab:4d:7b:91:09:32:c9:cc:dc:46:9d:c9:84:37:21:a2:dc:17:
         28:f0:72:60:8e:e2:a0:06:fa:df:61:c6:a0:f2:d8:11:27:82:
         75:de:ff:1a:8b:c9:9d:13:84:47:48:3b:25:88:8e:3b:16:7a:
         80:90:b7:1a:1f:38:bf:a2:c0:9f:2d:45:f1:5d:ca:b0:4d:db:
         74:ac:db:4e:ba:e8:9c:bd:8b:dc:c2:70:f8:0e:e5:4d:68:69:
         aa:c7:97:ff:79:40:b4:3c:80:d9:ef:8a:90:75:0d:b9:96:03:
         03:b4:eb:45:de:b6:82:8f:d4:19:e6:a7:cc:56:3e:9d:d3:f2:
         3e:5e:3f:1c:bd:8d:1f:c0:6f:97:f6:40:c1:ba:e8:ee:82:96:
         2d:ac:9a:11:53:41:4d:2a:60:24:15:44:3f:f7:50:c5:2e:4d:
         84:4b:e0:55:92:de:6b:4f:60:95:9e:91:e2:d7:72:97:89:25:
         b5:96:6d:d3:01:f1:f5:2e:2c:1b:36:5c:2d:7c:0e:b2:40:b6:
         94:3b:58:dc
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZF62Yo4FoyJ8Z7tmZCUW1XNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODIyMTYwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDE1ZTZiNWIzOWFjNmZkYTFiNWU1YWYyYjA5NzQzYzE5YWU3ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBiCqQ6h9VboZ+GMUKFlN04cmwCZ
1Wk3IlS1Paobe0JGba6avKTevgPYscFXmhLWiRpKJawCIy9E7w4wDE7P2bdksN/Z
y2gZwOHhtiX+VHzdm58KeePGpXlRfPfewOTpGlVYDBHdyrIyom64XuPa47okcT4S
5cX5h70Ca28GGVGzV5NKLruxvz3MeGqsUdK99gMDWnWpQCHYYoNBoErYJY3T1LBG
DpwOWqsnOAyId8HUvEgYA1LppaRmTuNkHmSgRCwnvAcqUdlVr5lPCAlN0o3TcvUq
QSU7BuXdpCZYfix/NCV9s0MTtNbolkZ8K8nekXWXs/ldzyesRR65mILV2QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNQV5rWzmsb9obXlrysJdDwZrn/TMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMUJYbXRiT2F4djJodGVXdkt3bDBQQm11ZjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABSrAAwQA
BSrDAwQABSrSAwQAwQkUAwQAwcjHAwQAwhrMAwQAwjeqAwQA1BJ4MA0GCSqGSIb3
DQEBCwUAA4IBAQByT+JlAABt7yGYQopRx+h6rEwrFkFuJyFNtsUcH3SoyymbYXjd
+o09BBB/JHo+eg//TpHm9OSrTXuRCTLJzNxGncmENyGi3Bco8HJgjuKgBvrfYcag
8tgRJ4J13v8ai8mdE4RHSDsliI47FnqAkLcaHzi/osCfLUXxXcqwTdt0rNtOuuic
vYvcwnD4DuVNaGmqx5f/eUC0PIDZ74qQdQ25lgMDtOtF3raCj9QZ5qfMVj6d0/I+
Xj8cvY0fwG+X9kDBuujugpYtrJoRU0FNKmAkFUQ/91DFLk2ES+BVkt5rT2CVnpHi
13KXiSW1lm3TAfH1LiwbNlwtfA6yQLaUO1jc
-----END CERTIFICATE-----
Generated at Fri Aug 30 09:04:40 2024 by rpki-client on console-fra.rpki-client.org