Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/U6BBkOTsTBauL-wqPMamtNzxm1c.roa
File:                     U6BBkOTsTBauL-wqPMamtNzxm1c.roa (raw, json)
Hash identifier:          EVZnzCP1h6EWXMaPHni5tNJY32Q96SgUX+r/F0PKrrs=
Subject key identifier:   53:A0:41:90:E4:EC:4C:16:AE:2F:EC:2A:3C:C6:A6:B4:DC:F1:9B:57
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       018FA5F0A65CE2A1E064A33A24C1F4F442EF
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/U6BBkOTsTBauL-wqPMamtNzxm1c.roa
Signing time:             Thu 23 May 2024 14:52:42 +0000
ROA not before:           Thu 23 May 2024 14:52:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        45.135.181.0/24 maxlen: 24
                          45.135.182.0/24 maxlen: 24
                          45.135.183.0/24 maxlen: 24
                          86.105.4.0/24 maxlen: 24
                          89.34.106.0/24 maxlen: 24
                          92.114.32.0/24 maxlen: 24
                          93.114.183.0/24 maxlen: 24
                          94.177.51.0/24 maxlen: 24
                          185.198.234.0/24 maxlen: 24
                          188.64.142.0/24 maxlen: 24
                          188.208.103.0/24 maxlen: 24
                          217.19.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 May 2024 23:59:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:a5:f0:a6:5c:e2:a1:e0:64:a3:3a:24:c1:f4:f4:42:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: May 23 14:52:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=53a04190e4ec4c16ae2fec2a3cc6a6b4dcf19b57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a1:67:b0:8e:b2:d3:ee:34:db:db:a8:4d:bf:
                    9f:b1:f4:b4:bc:80:80:5a:eb:9d:72:58:a9:e9:8e:
                    e2:5b:ae:6d:e6:16:4f:8f:87:f6:2f:ac:3b:f6:95:
                    12:8c:5d:6c:a8:a3:b8:f4:24:e2:35:b8:6a:27:25:
                    56:33:ec:f3:1f:43:61:f7:8a:24:2e:8a:b8:e2:09:
                    38:52:6b:91:e2:5d:d8:71:66:24:77:1c:ad:57:ea:
                    2b:78:94:51:cd:c5:37:92:61:e8:ea:7c:9d:6f:a6:
                    20:43:ea:d2:56:c3:9a:5a:24:2d:84:57:14:ae:65:
                    1b:ba:3d:58:d9:f8:c3:8a:03:fc:22:fa:b5:10:99:
                    be:b0:28:03:98:cf:71:61:df:66:2b:67:07:42:60:
                    5e:7d:7f:54:84:14:cf:aa:b5:75:33:17:e2:db:43:
                    4e:b1:f0:11:ba:12:6b:68:b9:87:7d:81:8b:80:e9:
                    22:56:b0:28:48:f5:a7:e3:41:f8:06:72:dc:07:89:
                    f4:c7:18:7a:e1:93:5d:24:83:d5:2e:c0:35:ac:39:
                    34:6c:9a:7a:e4:38:32:ee:0a:73:fa:7c:02:20:d8:
                    a8:f7:a9:74:44:90:d4:62:0b:8d:36:46:6c:cc:44:
                    06:66:57:b7:84:34:a0:02:26:2d:12:76:9e:ca:ad:
                    9f:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:A0:41:90:E4:EC:4C:16:AE:2F:EC:2A:3C:C6:A6:B4:DC:F1:9B:57
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/U6BBkOTsTBauL-wqPMamtNzxm1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.135.181.0-45.135.183.255
                  86.105.4.0/24
                  89.34.106.0/24
                  92.114.32.0/24
                  93.114.183.0/24
                  94.177.51.0/24
                  185.198.234.0/24
                  188.64.142.0/24
                  188.208.103.0/24
                  217.19.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:19:87:aa:76:c9:a2:ef:5d:d8:37:2a:ad:30:ec:79:25:dd:
         f0:c8:11:1d:72:2e:d3:65:54:b3:35:74:b3:c7:f3:6b:1c:50:
         4d:12:6b:e4:19:dc:7a:c2:9d:cb:ea:ff:71:bd:de:e0:b0:b6:
         d5:d6:14:84:89:37:fd:0b:50:90:a7:5b:cc:d5:40:c3:4d:f2:
         34:b8:04:21:5c:a1:32:28:6a:6a:3e:68:53:f8:9c:de:ad:20:
         c2:48:a5:be:40:a1:89:82:8a:82:70:11:e5:b8:34:c7:d3:e8:
         6e:b1:1e:74:4f:64:d9:14:a4:ed:a9:be:b6:4f:63:e6:57:f6:
         81:38:b0:51:63:87:83:ec:29:5b:ed:b2:2a:1d:89:1d:57:e5:
         35:3b:a8:4f:3b:b0:5a:21:ec:43:e1:2a:b3:5f:7e:61:b2:ce:
         ca:6a:35:28:69:9b:1e:c5:6a:1a:e3:93:e7:23:70:a6:9a:e5:
         2d:c3:65:47:1c:ec:fd:38:03:19:70:9e:f6:63:51:80:54:84:
         26:56:7f:6f:75:c5:2b:a9:22:81:0c:62:8d:76:6e:97:02:f9:
         df:ad:26:c3:b2:f1:58:10:98:00:33:47:79:87:f5:75:e0:93:
         a9:ec:ea:d0:e3:30:03:9e:3d:be:08:ab:1d:d2:cf:90:da:88:
         c4:9d:2d:5f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY+l8KZc4qHgZKM6JMH09ELvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNTIzMTQ1MjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2EwNDE5MGU0ZWM0YzE2YWUyZmVjMmEzY2M2YTZiNGRjZjE5YjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6FnsI6y0+4029uoTb+fsfS0vICA
Wuudclip6Y7iW65t5hZPj4f2L6w79pUSjF1sqKO49CTiNbhqJyVWM+zzH0Nh94ok
Loq44gk4UmuR4l3YcWYkdxytV+oreJRRzcU3kmHo6nydb6YgQ+rSVsOaWiQthFcU
rmUbuj1Y2fjDigP8Ivq1EJm+sCgDmM9xYd9mK2cHQmBefX9UhBTPqrV1Mxfi20NO
sfARuhJraLmHfYGLgOkiVrAoSPWn40H4BnLcB4n0xxh64ZNdJIPVLsA1rDk0bJp6
5Dgy7gpz+nwCINio96l0RJDUYguNNkZszEQGZle3hDSgAiYtEnaeyq2fswIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFFOgQZDk7EwWri/sKjzGprTc8ZtXMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvVTZCQmtPVHNUQmF1TC13cVBNYW10Tnp4bTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBAAth7UD
BAMth7ADBABWaQQDBABZImoDBABcciADBABdcrcDBABesTMDBAC5xuoDBAC8QI4D
BAC80GcDBADZEwQwDQYJKoZIhvcNAQELBQADggEBAHMZh6p2yaLvXdg3Kq0w7Hkl
3fDIER1yLtNlVLM1dLPH82scUE0Sa+QZ3HrCncvq/3G93uCwttXWFISJN/0LUJCn
W8zVQMNN8jS4BCFcoTIoamo+aFP4nN6tIMJIpb5AoYmCioJwEeW4NMfT6G6xHnRP
ZNkUpO2pvrZPY+ZX9oE4sFFjh4PsKVvtsiodiR1X5TU7qE87sFoh7EPhKrNffmGy
zspqNShpmx7Fahrjk+cjcKaa5S3DZUcc7P04AxlwnvZjUYBUhCZWf291xSupIoEM
Yo12bpcC+d+tJsOy8VgQmAAzR3mH9XXgk6ns6tDjMAOePb4Iqx3Sz5DaiMSdLV8=
-----END CERTIFICATE-----