Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/Us2_5_BNvtHaJPxkT4gdkkRTyrQ.roa
File:                     Us2_5_BNvtHaJPxkT4gdkkRTyrQ.roa (raw, json)
Hash identifier:          JqmdE+LGLE5/vRblWmmaf1v/s+44tWFl6g68zgZM6lg=
Subject key identifier:   52:CD:BF:E7:F0:4D:BE:D1:DA:24:FC:64:4F:88:1D:92:44:53:CA:B4
Certificate issuer:       /CN=76b8ec733b9f994d5a858c5e555178e8ae8aa2ed
Certificate serial:       018572CCA75FB2C2957A72505EFA2AA22C6B
Authority key identifier: 76:B8:EC:73:3B:9F:99:4D:5A:85:8C:5E:55:51:78:E8:AE:8A:A2:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/drjsczufmU1ahYxeVVF46K6Kou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/Us2_5_BNvtHaJPxkT4gdkkRTyrQ.roa
Signing time:             Mon 02 Jan 2023 14:04:52 +0000
ROA not before:           Mon 02 Jan 2023 14:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201283
IP address blocks:        185.79.124.0/24 maxlen: 24
                          185.79.127.0/24 maxlen: 24
                          185.79.126.0/24 maxlen: 24
                          2a05:7380::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:a7:5f:b2:c2:95:7a:72:50:5e:fa:2a:a2:2c:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76b8ec733b9f994d5a858c5e555178e8ae8aa2ed
        Validity
            Not Before: Jan  2 14:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=52cdbfe7f04dbed1da24fc644f881d924453cab4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:77:ef:7a:b9:e1:26:07:93:35:58:e3:f8:ae:
                    ee:11:0c:7a:a1:8f:e1:ed:5d:e6:1d:1a:48:65:b2:
                    5d:71:0b:5d:f7:de:70:d8:fe:3d:59:aa:30:96:36:
                    51:a4:77:27:5d:b6:b4:0d:58:42:b2:fa:46:6c:0c:
                    9c:ec:b8:39:52:38:3c:55:ee:0c:6d:9a:f0:14:10:
                    33:9c:3c:70:20:87:83:26:e8:0a:46:d3:52:8c:93:
                    6b:51:e3:09:1c:ea:7a:6f:c0:d7:6b:60:60:96:e5:
                    4d:df:46:eb:7f:ef:57:fe:6a:00:7b:ac:fc:01:8b:
                    f5:15:3f:13:a8:f2:15:11:c6:60:04:4c:8f:64:8c:
                    4c:45:18:f5:2a:63:35:2e:c0:98:f3:ed:48:b4:59:
                    57:01:a5:a8:48:fc:0f:bb:99:52:ac:8c:f0:ba:de:
                    12:1d:38:73:d3:b8:a8:df:7b:d4:72:de:a8:44:0b:
                    70:6d:96:20:c7:2c:00:5b:60:3d:17:dd:1a:b4:ac:
                    52:fa:1b:8c:c1:43:8a:07:59:84:e3:8f:e4:c6:de:
                    ec:9f:d2:9d:61:fa:d8:ce:f0:43:20:6d:5b:4f:fb:
                    9c:6c:88:d4:c6:9c:e8:21:d7:cd:a3:f1:59:58:8c:
                    38:b8:01:bd:ff:fb:3b:98:10:b2:b9:1d:c8:8f:1e:
                    30:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:CD:BF:E7:F0:4D:BE:D1:DA:24:FC:64:4F:88:1D:92:44:53:CA:B4
            X509v3 Authority Key Identifier:
                keyid:76:B8:EC:73:3B:9F:99:4D:5A:85:8C:5E:55:51:78:E8:AE:8A:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/drjsczufmU1ahYxeVVF46K6Kou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/Us2_5_BNvtHaJPxkT4gdkkRTyrQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/eb4c6e-a2b0-4e5b-9aea-8b7cf9b86764/1/drjsczufmU1ahYxeVVF46K6Kou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.79.124.0/24
                  185.79.126.0/23
                IPv6:
                  2a05:7380::/29

    Signature Algorithm: sha256WithRSAEncryption
         57:97:a4:b2:2d:93:37:93:08:95:41:a3:b2:80:5c:4f:ed:65:
         ef:7a:e9:0f:d0:6d:0f:2b:0f:6f:e6:9e:53:43:e0:cb:9c:a9:
         e6:cc:71:06:27:3c:a8:c8:f1:0a:75:96:6d:cb:e5:c1:6e:75:
         2f:e4:67:cf:10:d2:ef:53:45:92:ca:80:c8:99:19:2a:72:32:
         fa:46:5e:67:4b:61:a4:90:01:de:80:48:2c:74:79:1a:9d:1d:
         c6:fd:c1:da:80:3b:dc:4e:5d:22:83:15:a6:47:5f:65:80:96:
         d7:87:57:56:73:3e:fa:25:3e:31:94:2f:71:e8:09:a2:11:00:
         11:0a:18:d6:0b:96:9a:25:92:bd:a0:62:27:01:4d:9a:24:c5:
         d3:e0:2f:76:f6:a5:0e:16:d3:1f:db:7c:d6:28:dd:7d:3f:82:
         94:dd:f8:e9:63:88:5d:75:22:e4:7a:1c:9f:77:5d:0a:82:b4:
         00:f7:d1:fd:e3:33:43:2d:ad:ce:e0:66:9c:1f:e9:c4:95:37:
         9b:84:4d:31:52:63:fe:90:1f:bb:c5:2a:61:0a:47:00:19:8d:
         55:07:26:e1:d1:18:53:ed:60:53:f6:9a:fe:5d:86:c2:57:14:
         35:9b:af:4d:02:b9:57:4a:d7:3d:87:48:d2:b5:4f:f7:1e:3d:
         47:a7:2e:4f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyzKdfssKVenJQXvoqoixrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YjhlYzczM2I5Zjk5NGQ1YTg1OGM1ZTU1NTE3OGU4YWU4
YWEyZWQwHhcNMjMwMTAyMTQwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmNkYmZlN2YwNGRiZWQxZGEyNGZjNjQ0Zjg4MWQ5MjQ0NTNjYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3fvernhJgeTNVjj+K7uEQx6oY/h
7V3mHRpIZbJdcQtd995w2P49WaowljZRpHcnXba0DVhCsvpGbAyc7Lg5Ujg8Ve4M
bZrwFBAznDxwIIeDJugKRtNSjJNrUeMJHOp6b8DXa2BgluVN30brf+9X/moAe6z8
AYv1FT8TqPIVEcZgBEyPZIxMRRj1KmM1LsCY8+1ItFlXAaWoSPwPu5lSrIzwut4S
HThz07io33vUct6oRAtwbZYgxywAW2A9F90atKxS+huMwUOKB1mE44/kxt7sn9Kd
YfrYzvBDIG1bT/ucbIjUxpzoIdfNo/FZWIw4uAG9//s7mBCyuR3Ijx4wwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFLNv+fwTb7R2iT8ZE+IHZJEU8q0MB8GA1UdIwQY
MBaAFHa47HM7n5lNWoWMXlVReOiuiqLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHJqc2N6dWZtVTFhaFl4ZVZWRjQ2SzZLb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lYjRjNmUtYTJiMC00ZTViLTlhZWEt
OGI3Y2Y5Yjg2NzY0LzEvVXMyXzVfQk52dEhhSlB4a1Q0Z2Rra1JUeXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lYjRjNmUtYTJiMC00ZTViLTlhZWEtOGI3Y2Y5Yjg2NzY0
LzEvZHJqc2N6dWZtVTFhaFl4ZVZWRjQ2SzZLb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuU98AwQB
uU9+MA0EAgACMAcDBQMqBXOAMA0GCSqGSIb3DQEBCwUAA4IBAQBXl6SyLZM3kwiV
QaOygFxP7WXveukP0G0PKw9v5p5TQ+DLnKnmzHEGJzyoyPEKdZZty+XBbnUv5GfP
ENLvU0WSyoDImRkqcjL6Rl5nS2GkkAHegEgsdHkanR3G/cHagDvcTl0igxWmR19l
gJbXh1dWcz76JT4xlC9x6AmiEQARChjWC5aaJZK9oGInAU2aJMXT4C929qUOFtMf
23zWKN19P4KU3fjpY4hddSLkehyfd10KgrQA99H94zNDLa3O4GacH+nElTebhE0x
UmP+kB+7xSphCkcAGY1VBybh0RhT7WBT9pr+XYbCVxQ1m69NArlXStc9h0jStU/3
Hj1Hpy5P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:24 2024 by rpki-client on console-fra.rpki-client.org