Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/FQLPrxlwDlC6UDKvHaIGltKDEA0.roa
File:                     FQLPrxlwDlC6UDKvHaIGltKDEA0.roa (raw, json)
Hash identifier:          LZP1TbAiIdx8kw5OoiNfq/SgFuMI7pOj6A3uc/VcH9g=
Subject key identifier:   15:02:CF:AF:19:70:0E:50:BA:50:32:AF:1D:A2:06:96:D2:83:10:0D
Certificate issuer:       /CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Certificate serial:       0185723A30A36CCEE08A85028737A686DE6C
Authority key identifier: 5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/FQLPrxlwDlC6UDKvHaIGltKDEA0.roa
Signing time:             Mon 02 Jan 2023 11:24:54 +0000
ROA not before:           Mon 02 Jan 2023 11:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49558
IP address blocks:        195.20.137.0/24 maxlen: 24
                          194.4.164.0/22 maxlen: 22
                          91.228.64.0/22 maxlen: 22
                          45.128.224.0/22 maxlen: 22
                          91.213.39.0/24 maxlen: 24
                          2a0d:8540::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sun 11 Jun 2023 09:21:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:3a:30:a3:6c:ce:e0:8a:85:02:87:37:a6:86:de:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
        Validity
            Not Before: Jan  2 11:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1502cfaf19700e50ba5032af1da20696d283100d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:f5:6e:43:e4:43:95:cb:df:cd:12:0c:0c:65:
                    2f:3b:f0:a3:80:c6:e4:71:d9:02:86:f4:3b:42:ec:
                    13:a9:18:74:7e:90:1a:ef:f1:be:f6:34:e9:ee:a1:
                    40:13:15:49:ae:69:5c:04:9a:70:28:2b:ee:7d:89:
                    9f:56:9a:8a:f3:05:79:ff:5d:20:2d:45:6d:bb:c7:
                    22:06:e4:f9:94:e4:ac:fa:77:9b:0f:19:33:35:1a:
                    35:83:8d:1f:7b:77:62:8e:2a:d2:cc:36:c5:62:76:
                    8f:98:4d:58:4b:07:73:92:67:36:88:aa:40:62:38:
                    97:72:aa:0e:32:73:13:a1:ad:f9:38:02:8b:79:1e:
                    e0:ba:fc:f8:fd:0d:ae:6a:d8:9a:8b:3a:60:a6:84:
                    29:49:0d:ff:3c:2d:1d:88:09:0a:c1:fc:e2:8a:a1:
                    9c:7f:d5:b4:66:56:3e:a6:68:4b:ba:ea:b2:59:c1:
                    ea:ba:7d:b7:33:7e:be:ba:fe:c0:96:aa:4b:58:35:
                    10:53:1b:ff:34:c3:7b:1c:d2:ec:6e:8f:79:67:26:
                    7d:ad:25:26:33:e3:dc:78:48:84:54:65:9d:04:1d:
                    b3:b5:8c:36:3a:ac:cf:b8:7e:87:71:55:8f:63:fc:
                    ce:87:5e:51:60:67:29:c1:c8:d0:8f:6d:94:ae:e1:
                    49:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:02:CF:AF:19:70:0E:50:BA:50:32:AF:1D:A2:06:96:D2:83:10:0D
            X509v3 Authority Key Identifier:
                keyid:5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/FQLPrxlwDlC6UDKvHaIGltKDEA0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W-4FGpOQHswBdEB5qkrC-wd7n8E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.224.0/22
                  91.213.39.0/24
                  91.228.64.0/22
                  194.4.164.0/22
                  195.20.137.0/24
                IPv6:
                  2a0d:8540::/29

    Signature Algorithm: sha256WithRSAEncryption
         48:ec:cf:ca:c9:8d:d1:ff:ca:39:1c:f3:46:4e:47:92:aa:d3:
         67:55:9b:03:68:0c:b8:dd:0a:bc:81:02:a8:22:97:25:c0:7d:
         4a:c7:b3:6b:37:81:db:0c:72:36:67:3d:44:44:1a:29:37:33:
         53:89:65:ba:fc:80:94:79:a6:ce:77:3b:8d:76:5f:59:42:d0:
         ff:55:b5:c0:75:05:74:ab:c2:cd:65:6c:b6:90:10:47:b2:68:
         72:13:72:09:9f:85:0e:32:ba:ca:24:9a:5e:58:ac:e2:a3:ff:
         08:35:b1:d6:52:ed:65:fe:01:ef:b4:39:3f:c6:49:85:87:c0:
         f3:bc:ac:84:d2:c9:cd:8a:be:8b:05:7d:ae:2d:df:ed:23:97:
         19:12:ed:83:e2:c9:42:8b:bf:5f:38:17:fb:66:68:23:05:8c:
         0f:6a:5a:1d:b4:57:43:b6:69:32:04:e8:d8:af:85:5a:28:15:
         6d:33:1c:4e:19:d3:fa:7e:af:4d:b8:49:83:45:b8:a6:3d:25:
         83:f9:b3:aa:25:04:cf:42:f1:0e:76:19:8d:ce:71:ee:d1:ef:
         3f:19:88:a0:f3:cd:9b:e6:af:d3:f9:56:3e:31:8a:66:82:14:
         ff:61:d2:c1:42:b6:5e:b0:b9:0e:99:56:44:cb:48:07:1e:41:
         25:9e:bf:3d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVyOjCjbM7gioUChzemht5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWUwNTFhOTM5MDFlY2MwMTc0NDA3OWFhNGFjMmZiMDc3
YjlmYzEwHhcNMjMwMTAyMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTAyY2ZhZjE5NzAwZTUwYmE1MDMyYWYxZGEyMDY5NmQyODMxMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifVuQ+RDlcvfzRIMDGUvO/CjgMbk
cdkChvQ7QuwTqRh0fpAa7/G+9jTp7qFAExVJrmlcBJpwKCvufYmfVpqK8wV5/10g
LUVtu8ciBuT5lOSs+nebDxkzNRo1g40fe3dijirSzDbFYnaPmE1YSwdzkmc2iKpA
YjiXcqoOMnMToa35OAKLeR7guvz4/Q2uatiaizpgpoQpSQ3/PC0diAkKwfziiqGc
f9W0ZlY+pmhLuuqyWcHqun23M36+uv7AlqpLWDUQUxv/NMN7HNLsbo95ZyZ9rSUm
M+PceEiEVGWdBB2ztYw2OqzPuH6HcVWPY/zOh15RYGcpwcjQj22UruFJQQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBUCz68ZcA5QulAyrx2iBpbSgxANMB8GA1UdIwQY
MBaAFFvuBRqTkB7MAXRAeapKwvsHe5/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjIt
YTUyYTg3OTVkOTU2LzEvRlFMUHJ4bHdEbEM2VURLdkhhSUdsdEtERUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjItYTUyYTg3OTVkOTU2
LzEvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLYDgAwQA
W9UnAwQCW+RAAwQCwgSkAwQAwxSJMA0EAgACMAcDBQMqDYVAMA0GCSqGSIb3DQEB
CwUAA4IBAQBI7M/KyY3R/8o5HPNGTkeSqtNnVZsDaAy43Qq8gQKoIpclwH1Kx7Nr
N4HbDHI2Zz1ERBopNzNTiWW6/ICUeabOdzuNdl9ZQtD/VbXAdQV0q8LNZWy2kBBH
smhyE3IJn4UOMrrKJJpeWKzio/8INbHWUu1l/gHvtDk/xkmFh8DzvKyE0snNir6L
BX2uLd/tI5cZEu2D4slCi79fOBf7ZmgjBYwPalodtFdDtmkyBOjYr4VaKBVtMxxO
GdP6fq9NuEmDRbimPSWD+bOqJQTPQvEOdhmNznHu0e8/GYig882b5q/T+VY+MYpm
ghT/YdLBQrZesLkOmVZEy0gHHkElnr89
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:13 2024 by rpki-client on console-fra.rpki-client.org