Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/5g0WD-9JvIK6yRIANlWk7LA9Fxs.roa
File:                     5g0WD-9JvIK6yRIANlWk7LA9Fxs.roa (raw, json)
Hash identifier:          wkNwGVeyJZ3hkq8znn+hncjwrUTvsalsaUXxw74+4S4=
Subject key identifier:   E6:0D:16:0F:EF:49:BC:82:BA:C9:12:00:36:55:A4:EC:B0:3D:17:1B
Certificate issuer:       /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial:       01856DCB00E78F30AF9E4C09FB7C78120D8F
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/5g0WD-9JvIK6yRIANlWk7LA9Fxs.roa
Signing time:             Sun 01 Jan 2023 14:44:58 +0000
ROA not before:           Sun 01 Jan 2023 14:44:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213301
IP address blocks:        185.174.70.0/24 maxlen: 24
                          185.174.69.0/24 maxlen: 24
                          185.174.68.0/24 maxlen: 24
                          185.78.85.0/24 maxlen: 24
                          185.78.84.0/24 maxlen: 24
                          185.78.87.0/24 maxlen: 24
                          185.78.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Mar 2023 09:15:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:cb:00:e7:8f:30:af:9e:4c:09:fb:7c:78:12:0d:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
        Validity
            Not Before: Jan  1 14:44:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e60d160fef49bc82bac912003655a4ecb03d171b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:fc:69:1b:e1:52:18:48:89:b2:fb:c9:7c:c6:
                    ac:42:6a:fd:55:ed:87:00:17:39:84:6a:ba:e9:9f:
                    49:e7:38:9c:c7:ee:eb:8b:de:1a:91:76:32:41:46:
                    c5:99:a3:c2:c2:0a:9d:19:e4:b1:a6:d0:63:93:b9:
                    dd:51:51:c1:c9:e7:71:64:8f:62:38:31:ae:bd:7f:
                    bd:16:2b:cf:af:eb:c4:51:b8:29:eb:7e:f0:40:60:
                    39:b7:65:df:4e:a2:4f:26:c7:a5:4d:20:45:9f:71:
                    98:39:ea:7f:0f:79:da:b1:8d:a1:b6:41:b7:80:c2:
                    3e:a9:3c:16:d9:23:de:e9:4a:de:3f:cb:10:53:3d:
                    03:67:0b:b6:25:bc:b3:03:29:6f:67:b6:cb:a1:da:
                    aa:af:a3:49:bb:f8:b7:56:0e:d9:96:36:af:7a:5f:
                    04:c9:04:fd:11:b2:21:33:af:a5:fa:a1:95:89:0b:
                    e3:f1:e2:7c:e9:1e:37:5f:41:7a:a5:a5:15:11:4d:
                    98:db:3e:ba:9e:74:e1:5a:e4:a0:6c:0a:f5:1d:73:
                    cd:9b:da:ec:30:e9:f0:28:0a:6f:a1:79:da:26:c0:
                    9b:1c:5e:98:5a:1a:1c:0b:99:5c:2e:6b:a5:a2:c1:
                    85:af:c3:d0:22:66:f2:31:48:b6:a6:f9:68:0a:98:
                    28:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:0D:16:0F:EF:49:BC:82:BA:C9:12:00:36:55:A4:EC:B0:3D:17:1B
            X509v3 Authority Key Identifier:
                keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/5g0WD-9JvIK6yRIANlWk7LA9Fxs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.78.84.0/22
                  185.174.68.0-185.174.70.255

    Signature Algorithm: sha256WithRSAEncryption
         18:a5:46:e7:b2:f7:4f:32:af:16:92:26:b3:b0:12:c2:95:f1:
         6c:69:0d:a8:db:df:8c:87:23:ff:79:15:81:86:c2:56:a1:a2:
         34:14:25:40:d7:e7:2c:91:9b:06:1a:68:29:47:a5:b0:c0:d3:
         8a:46:af:c9:7c:fd:c8:65:7f:0a:77:94:80:5b:07:b5:61:ce:
         77:30:15:50:a8:0f:ed:cb:22:21:12:ab:d6:4c:f8:3b:da:2c:
         00:21:eb:4f:61:8e:f4:9b:c4:e6:ad:d5:fb:26:3e:7a:d9:6d:
         b8:ce:aa:a7:9c:7e:5a:aa:de:68:95:9d:15:5c:53:db:3f:49:
         ca:54:ad:54:4b:78:bc:24:52:8e:6d:b6:5e:81:9a:18:e7:03:
         d4:5a:ec:33:23:52:16:fe:e0:06:5d:b7:80:6f:85:95:f4:b3:
         75:ed:28:ba:bc:1c:4c:04:93:5e:03:ed:bf:78:98:48:f8:6e:
         da:b7:cb:07:aa:a9:02:fa:26:b0:5e:0f:da:9a:44:3d:12:d2:
         5a:e2:ac:29:04:b0:a7:a3:ad:1a:b5:99:60:8a:23:05:5e:58:
         15:5e:74:51:d2:d5:54:cd:29:95:4b:49:0c:fb:e4:85:27:b4:
         a8:56:9c:4b:4e:18:a0:57:f4:db:63:0d:69:a3:b7:ad:8d:00:
         4c:e4:30:6c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtywDnjzCvnkwJ+3x4Eg2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjMwMTAxMTQ0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjBkMTYwZmVmNDliYzgyYmFjOTEyMDAzNjU1YTRlY2IwM2QxNzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfxpG+FSGEiJsvvJfMasQmr9Ve2H
ABc5hGq66Z9J5zicx+7ri94akXYyQUbFmaPCwgqdGeSxptBjk7ndUVHByedxZI9i
ODGuvX+9FivPr+vEUbgp637wQGA5t2XfTqJPJselTSBFn3GYOep/D3nasY2htkG3
gMI+qTwW2SPe6UreP8sQUz0DZwu2JbyzAylvZ7bLodqqr6NJu/i3Vg7Zljavel8E
yQT9EbIhM6+l+qGViQvj8eJ86R43X0F6paUVEU2Y2z66nnThWuSgbAr1HXPNm9rs
MOnwKApvoXnaJsCbHF6YWhocC5lcLmulosGFr8PQImbyMUi2pvloCpgoPQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOYNFg/vSbyCuskSADZVpOywPRcbMB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvNWcwV0QtOUp2SUs2eVJJQU5sV2s3TEE5RnhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuU5UMAwD
BAK5rkQDBAC5rkYwDQYJKoZIhvcNAQELBQADggEBABilRuey908yrxaSJrOwEsKV
8WxpDajb34yHI/95FYGGwlahojQUJUDX5yyRmwYaaClHpbDA04pGr8l8/chlfwp3
lIBbB7VhzncwFVCoD+3LIiESq9ZM+DvaLAAh609hjvSbxOat1fsmPnrZbbjOqqec
flqq3miVnRVcU9s/ScpUrVRLeLwkUo5ttl6BmhjnA9Ra7DMjUhb+4AZdt4BvhZX0
s3XtKLq8HEwEk14D7b94mEj4btq3yweqqQL6JrBeD9qaRD0S0lrirCkEsKejrRq1
mWCKIwVeWBVedFHS1VTNKZVLSQz75IUntKhWnEtOGKBX9NtjDWmjt62NAEzkMGw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:44 2024 by rpki-client on console-ams.rpki-client.org