Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/5lAPNeJA9qaoUCrsYySNNt2WyHw.roa
File:                     5lAPNeJA9qaoUCrsYySNNt2WyHw.roa (raw, json)
Hash identifier:          DwbDsCo3DRhwJxUMnqFsONtgXb1+hNKvdzFZFbWSMdA=
Subject key identifier:   E6:50:0F:35:E2:40:F6:A6:A8:50:2A:EC:63:24:8D:36:DD:96:C8:7C
Certificate issuer:       /CN=4aefb99d2a06ee99dea9566f16bf226db3e56c92
Certificate serial:       0185A0481DD917989DB0B618212B889290B2
Authority key identifier: 4A:EF:B9:9D:2A:06:EE:99:DE:A9:56:6F:16:BF:22:6D:B3:E5:6C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Su-5nSoG7pneqVZvFr8ibbPlbJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/5lAPNeJA9qaoUCrsYySNNt2WyHw.roa
Signing time:             Wed 11 Jan 2023 10:02:38 +0000
ROA not before:           Wed 11 Jan 2023 10:02:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20953
IP address blocks:        195.246.219.0/24 maxlen: 24
                          80.79.192.0/20 maxlen: 20
                          2a02:1d8::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a0:48:1d:d9:17:98:9d:b0:b6:18:21:2b:88:92:90:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4aefb99d2a06ee99dea9566f16bf226db3e56c92
        Validity
            Not Before: Jan 11 10:02:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e6500f35e240f6a6a8502aec63248d36dd96c87c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f4:bf:d6:04:d9:5f:80:da:89:ee:d8:a4:35:
                    35:ec:36:6b:d9:6b:6c:08:59:cc:15:08:c8:27:8d:
                    0d:49:c2:e9:44:c8:1c:29:6b:0b:e4:e4:9b:5c:f7:
                    ea:06:78:f6:8f:19:c4:b8:fb:29:14:f6:35:c9:42:
                    78:58:ed:20:7c:75:10:23:2a:f3:7e:c9:88:12:34:
                    44:a4:11:87:a6:f2:38:18:7d:40:4d:bd:6c:f3:47:
                    69:6d:16:e1:fd:ef:aa:3a:53:74:d7:a2:35:96:73:
                    78:87:0f:48:96:16:ae:ab:fb:33:22:fe:f2:10:45:
                    34:f0:aa:5c:69:dc:04:e2:ef:b8:d5:e3:47:97:a7:
                    50:e4:c7:0d:65:b9:6d:cb:81:0f:15:ee:13:75:3f:
                    af:2f:db:1a:4b:ef:cc:a4:80:50:c6:43:55:f3:a6:
                    71:a2:95:87:1e:ae:93:ae:aa:32:8c:6d:2c:9c:e6:
                    c7:3a:3c:97:22:98:ba:29:f5:fe:1e:85:49:50:78:
                    ad:84:8f:ec:5a:72:0f:89:f9:f9:7f:fb:23:8f:89:
                    5f:36:11:c2:12:7e:51:83:22:d1:78:d3:4a:c7:6e:
                    4d:c8:7f:b4:5d:2d:41:2f:d9:e1:0b:dd:84:74:bb:
                    5e:42:28:02:fa:9e:32:b3:ff:32:89:f0:be:75:15:
                    44:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:50:0F:35:E2:40:F6:A6:A8:50:2A:EC:63:24:8D:36:DD:96:C8:7C
            X509v3 Authority Key Identifier:
                keyid:4A:EF:B9:9D:2A:06:EE:99:DE:A9:56:6F:16:BF:22:6D:B3:E5:6C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Su-5nSoG7pneqVZvFr8ibbPlbJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/5lAPNeJA9qaoUCrsYySNNt2WyHw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/169a3b-6a73-49ec-affa-ed0a7aba8cb2/1/Su-5nSoG7pneqVZvFr8ibbPlbJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.79.192.0/20
                  195.246.219.0/24
                IPv6:
                  2a02:1d8::/32

    Signature Algorithm: sha256WithRSAEncryption
         47:e7:38:86:eb:75:82:34:78:57:b6:79:6c:a9:b0:77:ab:b8:
         68:00:fc:df:89:cb:f7:f5:19:0c:6e:db:b7:5b:73:29:78:f3:
         b1:55:5b:c5:5f:d1:aa:82:a2:97:0d:b2:2b:99:b4:ed:47:35:
         3d:fc:5c:48:2d:45:f8:10:95:b4:d5:da:e1:b4:02:44:da:fb:
         b7:5c:e9:4e:3b:d0:10:2b:6a:52:6a:92:c4:f6:eb:cd:f1:2e:
         1e:d7:fe:b1:06:44:09:59:26:c5:ff:03:55:d4:10:3f:51:55:
         70:89:26:81:7e:e5:a1:bf:25:27:ce:54:f4:c3:df:40:54:d5:
         55:6a:b0:e0:4d:41:bb:21:87:0b:5f:93:e9:af:91:e8:cf:2a:
         b0:a3:0a:b4:9d:26:fd:2a:cc:96:9c:7c:ff:40:12:f8:ea:69:
         df:c0:d2:67:25:33:4e:3e:03:4c:55:81:3a:2c:bd:0e:5a:83:
         74:39:31:d9:44:56:ff:13:8f:71:69:88:b1:3d:dc:0d:88:99:
         37:46:68:63:9c:6e:5a:cd:29:8d:8f:1b:a9:98:49:d2:9c:c1:
         1a:a1:a9:8c:7a:c1:91:0a:96:00:92:3a:9a:18:e7:c9:01:a1:
         73:cb:ab:43:8a:ea:0b:a5:ee:3d:71:0b:b8:44:62:26:34:55:
         e8:1e:0c:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYWgSB3ZF5idsLYYISuIkpCyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZWZiOTlkMmEwNmVlOTlkZWE5NTY2ZjE2YmYyMjZkYjNl
NTZjOTIwHhcNMjMwMTExMTAwMjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjUwMGYzNWUyNDBmNmE2YTg1MDJhZWM2MzI0OGQzNmRkOTZjODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvS/1gTZX4Daie7YpDU17DZr2Wts
CFnMFQjIJ40NScLpRMgcKWsL5OSbXPfqBnj2jxnEuPspFPY1yUJ4WO0gfHUQIyrz
fsmIEjREpBGHpvI4GH1ATb1s80dpbRbh/e+qOlN016I1lnN4hw9Ilhauq/szIv7y
EEU08KpcadwE4u+41eNHl6dQ5McNZblty4EPFe4TdT+vL9saS+/MpIBQxkNV86Zx
opWHHq6TrqoyjG0snObHOjyXIpi6KfX+HoVJUHithI/sWnIPifn5f/sjj4lfNhHC
En5RgyLReNNKx25NyH+0XS1BL9nhC92EdLteQigC+p4ys/8yifC+dRVEDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOZQDzXiQPamqFAq7GMkjTbdlsh8MB8GA1UdIwQY
MBaAFErvuZ0qBu6Z3qlWbxa/Im2z5WySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3UtNW5Tb0c3cG5lcVZadkZyOGliYlBsYkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xNjlhM2ItNmE3My00OWVjLWFmZmEt
ZWQwYTdhYmE4Y2IyLzEvNWxBUE5lSkE5cWFvVUNyc1l5U05OdDJXeUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xNjlhM2ItNmE3My00OWVjLWFmZmEtZWQwYTdhYmE4Y2Iy
LzEvU3UtNW5Tb0c3cG5lcVZadkZyOGliYlBsYkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUE/AAwQA
w/bbMA0EAgACMAcDBQAqAgHYMA0GCSqGSIb3DQEBCwUAA4IBAQBH5ziG63WCNHhX
tnlsqbB3q7hoAPzficv39RkMbtu3W3MpePOxVVvFX9GqgqKXDbIrmbTtRzU9/FxI
LUX4EJW01drhtAJE2vu3XOlOO9AQK2pSapLE9uvN8S4e1/6xBkQJWSbF/wNV1BA/
UVVwiSaBfuWhvyUnzlT0w99AVNVVarDgTUG7IYcLX5Ppr5Hozyqwowq0nSb9KsyW
nHz/QBL46mnfwNJnJTNOPgNMVYE6LL0OWoN0OTHZRFb/E49xaYixPdwNiJk3Rmhj
nG5azSmNjxupmEnSnMEaoamMesGRCpYAkjqaGOfJAaFzy6tDiuoLpe49cQu4RGIm
NFXoHgyC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:00 2024 by rpki-client on console-fra.rpki-client.org