Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/cQfHfLXAi5Z-4UhMp8FiG4ggQ40.roa
File:                     cQfHfLXAi5Z-4UhMp8FiG4ggQ40.roa (raw, json)
Hash identifier:          mns21+a8sqV7wrHCyQg3z69J0afXlhrafbS5bxMaB+A=
Subject key identifier:   71:07:C7:7C:B5:C0:8B:96:7E:E1:48:4C:A7:C1:62:1B:88:20:43:8D
Certificate issuer:       /CN=d513872512f1f2d037b401c2603ca8994e721e55
Certificate serial:       01887142F04155B663CDD32366A838E28328
Authority key identifier: D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/cQfHfLXAi5Z-4UhMp8FiG4ggQ40.roa
Signing time:             Wed 31 May 2023 10:03:12 +0000
ROA not before:           Wed 31 May 2023 10:03:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49367
IP address blocks:        83.136.104.0/21 maxlen: 24
                          95.141.32.0/20 maxlen: 24
                          94.198.101.0/24 maxlen: 24
                          158.58.172.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 01 Jun 2023 15:22:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:71:42:f0:41:55:b6:63:cd:d3:23:66:a8:38:e2:83:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d513872512f1f2d037b401c2603ca8994e721e55
        Validity
            Not Before: May 31 10:03:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7107c77cb5c08b967ee1484ca7c1621b8820438d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:04:20:53:d7:76:80:5e:21:71:83:07:f2:3f:
                    7a:59:fa:c3:a4:25:eb:d3:6a:66:8d:03:64:df:10:
                    5d:60:4c:e0:f9:ca:de:6e:19:27:f2:c6:08:a9:ae:
                    a3:24:24:8c:0e:be:e7:ff:1d:40:55:90:83:d1:2c:
                    d0:24:42:73:1f:b1:de:45:d5:cf:25:5f:26:7c:7c:
                    2a:d1:fc:f8:f5:b9:40:31:1f:cb:21:bc:19:17:bb:
                    b0:75:c0:a1:02:56:de:13:28:53:e0:a2:c3:4f:65:
                    0f:cc:c3:3c:1a:46:cd:3c:a8:54:ef:3a:d8:56:e0:
                    a1:0d:d6:76:b2:b9:0a:bf:61:a6:54:cf:6d:6d:ee:
                    e5:ec:a7:06:89:b8:5c:a0:64:ab:02:4c:e6:6f:57:
                    3c:e1:95:54:1b:d0:68:ad:bd:47:5d:b1:18:82:93:
                    d7:f4:5c:fb:4a:da:47:31:45:c9:24:9f:b4:3a:e8:
                    c0:12:2e:ee:a5:cb:b3:03:fc:81:15:e4:63:21:72:
                    0f:44:bf:3d:96:74:d5:1d:69:ef:d2:e5:64:6a:17:
                    1e:6f:a9:6e:ea:3a:0a:a5:bc:7c:08:f7:25:ef:49:
                    04:0a:26:ea:b0:44:60:33:cd:c1:50:c1:b7:2d:a4:
                    e9:27:d9:ba:ec:d6:0f:20:a0:28:81:e2:ef:a9:f8:
                    b3:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:07:C7:7C:B5:C0:8B:96:7E:E1:48:4C:A7:C1:62:1B:88:20:43:8D
            X509v3 Authority Key Identifier:
                keyid:D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/cQfHfLXAi5Z-4UhMp8FiG4ggQ40.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.136.104.0/21
                  94.198.101.0/24
                  95.141.32.0/20
                  158.58.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9f:04:6e:78:35:9e:b9:d6:b1:24:88:e0:ec:fc:94:5c:19:7b:
         87:8e:74:8e:b1:10:bd:00:2c:d4:e1:03:06:b5:d8:3e:90:45:
         30:e6:19:7b:c2:4a:6a:e3:94:da:50:c9:ac:18:4f:8b:10:a7:
         fc:c7:1c:2e:83:e8:6d:50:99:1c:e0:75:09:99:19:72:a1:3c:
         42:7c:4f:77:0a:c1:6c:98:93:da:7b:ec:e9:1c:eb:63:b4:8b:
         f0:56:ef:4d:ab:ec:29:a0:eb:53:ce:1b:28:a6:d3:12:34:b1:
         12:f6:9a:89:9f:e0:59:08:d1:ee:1b:b6:b6:7f:ff:5c:22:42:
         a6:bd:94:5f:da:b8:41:4a:6f:73:3d:b9:65:44:56:57:6b:b5:
         7b:54:64:db:17:f8:95:11:b8:0d:25:1b:53:c9:c4:06:58:42:
         d7:f4:f1:dd:dc:40:4a:27:dc:06:51:18:ab:fc:bc:bf:65:9a:
         9d:a8:59:f6:0b:65:35:be:44:7c:21:22:5c:5a:b0:13:34:57:
         9b:c0:7c:09:be:50:a3:0e:08:f9:af:aa:3d:02:b1:a7:38:25:
         aa:71:ec:3f:5a:3a:53:27:c9:3a:e4:87:03:76:f5:41:5d:26:
         32:c0:46:83:ef:f3:00:ff:e2:9a:a2:d5:9d:f1:6c:43:5e:79:
         98:05:f3:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhxQvBBVbZjzdMjZqg44oMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTM4NzI1MTJmMWYyZDAzN2I0MDFjMjYwM2NhODk5NGU3
MjFlNTUwHhcNMjMwNTMxMTAwMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTA3Yzc3Y2I1YzA4Yjk2N2VlMTQ4NGNhN2MxNjIxYjg4MjA0MzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAQgU9d2gF4hcYMH8j96WfrDpCXr
02pmjQNk3xBdYEzg+crebhkn8sYIqa6jJCSMDr7n/x1AVZCD0SzQJEJzH7HeRdXP
JV8mfHwq0fz49blAMR/LIbwZF7uwdcChAlbeEyhT4KLDT2UPzMM8GkbNPKhU7zrY
VuChDdZ2srkKv2GmVM9tbe7l7KcGibhcoGSrAkzmb1c84ZVUG9Borb1HXbEYgpPX
9Fz7StpHMUXJJJ+0OujAEi7upcuzA/yBFeRjIXIPRL89lnTVHWnv0uVkahceb6lu
6joKpbx8CPcl70kECibqsERgM83BUMG3LaTpJ9m67NYPIKAogeLvqfizzQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHEHx3y1wIuWfuFITKfBYhuIIEONMB8GA1UdIwQY
MBaAFNUThyUS8fLQN7QBwmA8qJlOch5VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEt
NmQ2NTVjZDk0NDY4LzEvY1FmSGZMWEFpNVotNFVoTXA4RmlHNGdnUTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEtNmQ2NTVjZDk0NDY4
LzEvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDU4hoAwQA
XsZlAwQEX40gAwQBnjqsMA0GCSqGSIb3DQEBCwUAA4IBAQCfBG54NZ651rEkiODs
/JRcGXuHjnSOsRC9ACzU4QMGtdg+kEUw5hl7wkpq45TaUMmsGE+LEKf8xxwug+ht
UJkc4HUJmRlyoTxCfE93CsFsmJPae+zpHOtjtIvwVu9Nq+wpoOtTzhsoptMSNLES
9pqJn+BZCNHuG7a2f/9cIkKmvZRf2rhBSm9zPbllRFZXa7V7VGTbF/iVEbgNJRtT
ycQGWELX9PHd3EBKJ9wGURir/Ly/ZZqdqFn2C2U1vkR8ISJcWrATNFebwHwJvlCj
Dgj5r6o9ArGnOCWqcew/WjpTJ8k65IcDdvVBXSYywEaD7/MA/+KaotWd8WxDXnmY
BfMt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:56 2024 by rpki-client on console-fra.rpki-client.org