Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1425a6-1863-42a0-8323-3c72967ff7c1/1/4uXW5YsiXzpR6DtzzsRBsPm2ZIo.roa
File:                     4uXW5YsiXzpR6DtzzsRBsPm2ZIo.roa (raw, json)
Hash identifier:          miHYILMkp0ybBbw5ti19ZUjzD3MvdbYBQRHkFL9Cl5o=
Subject key identifier:   E2:E5:D6:E5:8B:22:5F:3A:51:E8:3B:73:CE:C4:41:B0:F9:B6:64:8A
Certificate issuer:       /CN=564ead38096303bc4b6a1f2b02e1b91be4849146
Certificate serial:       018C65381FDD680CEE49B99D43FD4EF60B29
Authority key identifier: 56:4E:AD:38:09:63:03:BC:4B:6A:1F:2B:02:E1:B9:1B:E4:84:91:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vk6tOAljA7xLah8rAuG5G-SEkUY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/1425a6-1863-42a0-8323-3c72967ff7c1/1/4uXW5YsiXzpR6DtzzsRBsPm2ZIo.roa
Signing time:             Wed 13 Dec 2023 22:07:06 +0000
ROA not before:           Wed 13 Dec 2023 22:07:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203416
IP address blocks:        185.131.8.0/24 maxlen: 24
                          185.131.10.0/23 maxlen: 23
                          185.131.9.0/24 maxlen: 24
                          91.244.192.0/22 maxlen: 22
                          2a06:dd40:1::/48 maxlen: 48
                          2a06:dd40:5601::/48 maxlen: 48
                          2a06:dd40::/29 maxlen: 29
                          2a06:dd40:2::/48 maxlen: 48
                          2a06:dd40::/48 maxlen: 48
                          2a06:dd40:5600::/48 maxlen: 48
                          2a06:dd40:3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:65:38:1f:dd:68:0c:ee:49:b9:9d:43:fd:4e:f6:0b:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=564ead38096303bc4b6a1f2b02e1b91be4849146
        Validity
            Not Before: Dec 13 22:07:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e2e5d6e58b225f3a51e83b73cec441b0f9b6648a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:8d:56:71:27:d0:eb:1a:bf:d5:10:8a:e9:57:
                    f6:20:95:b1:69:8b:b5:e8:fd:0b:27:ea:7f:1b:25:
                    a6:2f:d1:a8:7c:0c:09:ad:3f:ff:00:33:fc:06:08:
                    e7:b1:18:a2:8b:e6:b2:02:a0:e5:20:37:b0:d3:7c:
                    93:77:80:bb:c1:cc:15:c2:8d:54:da:d3:9f:67:83:
                    ee:9d:a1:de:92:b4:b5:3b:b4:29:25:de:ed:c2:fe:
                    d6:98:b2:7c:17:f4:28:48:9e:d8:c8:5d:86:31:37:
                    26:ba:04:44:77:e6:b8:22:1c:d7:96:1a:44:47:c4:
                    6e:9f:5e:74:69:6b:50:01:aa:03:3b:e4:45:33:3f:
                    18:6e:02:47:76:76:6c:3f:39:f4:de:19:c9:f9:b6:
                    02:44:1a:b2:d3:26:a8:20:95:2b:e4:f3:6f:c0:db:
                    ce:6b:4a:aa:3d:57:58:cb:67:8a:80:d8:f7:d2:54:
                    37:d3:3c:59:92:32:65:ac:d5:8a:84:21:05:13:c5:
                    df:38:9d:83:0e:22:05:eb:e8:fd:f9:48:8a:9e:2c:
                    cc:37:21:71:7f:3b:94:34:47:e7:f1:27:17:48:77:
                    0b:b5:e2:5b:01:4b:90:36:a6:8d:08:7a:09:ca:14:
                    a3:55:f1:c1:64:3a:b6:85:4e:9d:14:a9:27:1e:90:
                    39:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:E5:D6:E5:8B:22:5F:3A:51:E8:3B:73:CE:C4:41:B0:F9:B6:64:8A
            X509v3 Authority Key Identifier:
                keyid:56:4E:AD:38:09:63:03:BC:4B:6A:1F:2B:02:E1:B9:1B:E4:84:91:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vk6tOAljA7xLah8rAuG5G-SEkUY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1425a6-1863-42a0-8323-3c72967ff7c1/1/4uXW5YsiXzpR6DtzzsRBsPm2ZIo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1425a6-1863-42a0-8323-3c72967ff7c1/1/Vk6tOAljA7xLah8rAuG5G-SEkUY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.244.192.0/22
                  185.131.8.0/22
                IPv6:
                  2a06:dd40::/29

    Signature Algorithm: sha256WithRSAEncryption
         2d:03:f8:f5:58:a3:c8:d0:b4:b7:e8:61:76:98:a8:40:48:61:
         58:c9:22:54:7f:2d:01:90:36:b7:2e:62:d9:d9:5d:de:34:b3:
         ae:33:89:90:c9:75:0b:8b:c1:99:54:99:09:37:06:a5:80:18:
         ed:3c:52:78:a4:0b:16:c7:0b:c2:c0:8b:0e:b0:0f:64:ac:35:
         7a:35:7a:39:75:f7:e6:cb:ce:f6:f2:2f:b5:65:17:57:b8:0f:
         7d:eb:fc:0a:b4:ff:6a:26:ee:c1:e2:6f:4a:89:40:87:15:6e:
         c1:04:c4:8b:e3:2b:c4:bf:91:9e:03:37:16:8b:f4:c0:01:59:
         3f:a7:b1:0e:ed:95:ca:37:22:b7:4d:b2:d9:38:83:bc:ec:9d:
         86:b2:9f:ad:6b:b2:31:8c:a9:dd:87:e1:d6:84:9c:3c:61:13:
         d6:86:0c:64:05:ad:65:a4:11:26:8d:1a:a6:d7:37:72:b5:71:
         15:ce:d6:f3:7d:a9:47:1c:f8:eb:85:57:fd:c5:8a:05:9a:bf:
         ff:5d:0c:1e:57:1e:d7:40:41:8f:ff:36:35:44:83:76:c0:9d:
         3d:21:09:5b:d5:79:eb:8a:9f:2e:65:eb:27:45:d6:58:3e:af:
         8d:e4:9d:b8:43:8b:76:33:32:cf:2f:44:5d:52:66:f7:47:05:
         bd:6f:bf:a0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYxlOB/daAzuSbmdQ/1O9gspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NGVhZDM4MDk2MzAzYmM0YjZhMWYyYjAyZTFiOTFiZTQ4
NDkxNDYwHhcNMjMxMjEzMjIwNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmU1ZDZlNThiMjI1ZjNhNTFlODNiNzNjZWM0NDFiMGY5YjY2NDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko1WcSfQ6xq/1RCK6Vf2IJWxaYu1
6P0LJ+p/GyWmL9GofAwJrT//ADP8BgjnsRiii+ayAqDlIDew03yTd4C7wcwVwo1U
2tOfZ4PunaHekrS1O7QpJd7twv7WmLJ8F/QoSJ7YyF2GMTcmugREd+a4IhzXlhpE
R8Run150aWtQAaoDO+RFMz8YbgJHdnZsPzn03hnJ+bYCRBqy0yaoIJUr5PNvwNvO
a0qqPVdYy2eKgNj30lQ30zxZkjJlrNWKhCEFE8XfOJ2DDiIF6+j9+UiKnizMNyFx
fzuUNEfn8ScXSHcLteJbAUuQNqaNCHoJyhSjVfHBZDq2hU6dFKknHpA5DQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOLl1uWLIl86Ueg7c87EQbD5tmSKMB8GA1UdIwQY
MBaAFFZOrTgJYwO8S2ofKwLhuRvkhJFGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVms2dE9BbGpBN3hMYWg4ckF1RzVHLVNFa1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xNDI1YTYtMTg2My00MmEwLTgzMjMt
M2M3Mjk2N2ZmN2MxLzEvNHVYVzVZc2lYenBSNkR0enpzUkJzUG0yWklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xNDI1YTYtMTg2My00MmEwLTgzMjMtM2M3Mjk2N2ZmN2Mx
LzEvVms2dE9BbGpBN3hMYWg4ckF1RzVHLVNFa1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW/TAAwQC
uYMIMA0EAgACMAcDBQMqBt1AMA0GCSqGSIb3DQEBCwUAA4IBAQAtA/j1WKPI0LS3
6GF2mKhASGFYySJUfy0BkDa3LmLZ2V3eNLOuM4mQyXULi8GZVJkJNwalgBjtPFJ4
pAsWxwvCwIsOsA9krDV6NXo5dffmy8728i+1ZRdXuA996/wKtP9qJu7B4m9KiUCH
FW7BBMSL4yvEv5GeAzcWi/TAAVk/p7EO7ZXKNyK3TbLZOIO87J2Gsp+ta7IxjKnd
h+HWhJw8YRPWhgxkBa1lpBEmjRqm1zdytXEVztbzfalHHPjrhVf9xYoFmr//XQwe
Vx7XQEGP/zY1RIN2wJ09IQlb1Xnrip8uZesnRdZYPq+N5J24Q4t2MzLPL0RdUmb3
RwW9b7+g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:28 2024 by rpki-client on console-fra.rpki-client.org