Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/o5mgP-zWQRJaEBEnqhlbh1r0Chw.roa
File:                     o5mgP-zWQRJaEBEnqhlbh1r0Chw.roa (raw, json)
Hash identifier:          VTEyoX052M7Zsj2DDWKUAxJPmwIxa/0kqaKXN9Qe1qc=
Subject key identifier:   A3:99:A0:3F:EC:D6:41:12:5A:10:11:27:AA:19:5B:87:5A:F4:0A:1C
Certificate issuer:       /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial:       0192FBAB9EEDF2E085CC559B458FF0789D7B
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/o5mgP-zWQRJaEBEnqhlbh1r0Chw.roa
Signing time:             Tue 05 Nov 2024 09:33:01 +0000
ROA not before:           Tue 05 Nov 2024 09:33:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     54994
IP address blocks:        140.150.0.0/24 maxlen: 24
                          140.150.1.0/24 maxlen: 24
                          140.150.2.0/24 maxlen: 24
                          140.150.3.0/24 maxlen: 24
                          140.150.4.0/24 maxlen: 24
                          140.150.5.0/24 maxlen: 24
                          140.150.6.0/24 maxlen: 24
                          140.150.7.0/24 maxlen: 24
                          140.150.8.0/23 maxlen: 24
                          140.150.12.0/24 maxlen: 24
                          140.150.18.0/24 maxlen: 24
                          140.150.19.0/24 maxlen: 24
                          140.150.21.0/24 maxlen: 24
                          140.150.24.0/24 maxlen: 24
                          140.150.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Nov 2024 06:28:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:fb:ab:9e:ed:f2:e0:85:cc:55:9b:45:8f:f0:78:9d:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
        Validity
            Not Before: Nov  5 09:33:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a399a03fecd641125a101127aa195b875af40a1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f2:f0:cc:1d:ef:ae:4f:45:21:cf:96:41:c4:
                    71:ab:61:5a:a8:97:72:eb:13:e9:4b:51:c6:e1:07:
                    b8:a3:74:66:98:ab:b8:c9:21:6c:31:b4:8c:e0:1d:
                    be:1b:bf:32:df:01:f0:f1:d7:85:03:ec:71:e9:65:
                    94:49:f1:4e:8b:9b:6f:14:47:79:42:0e:39:70:26:
                    93:cb:4f:ac:e7:1d:d0:06:45:68:77:07:76:57:f9:
                    fd:83:51:82:fc:2d:b4:e3:a1:6f:df:ac:eb:e2:9e:
                    72:d4:53:dd:fb:d5:00:f6:f3:ac:4d:eb:9e:6a:92:
                    8e:a3:65:65:70:72:23:f8:9e:73:07:4b:f5:3b:a7:
                    10:4c:d0:31:38:9a:40:36:a3:11:ab:cf:bb:a6:80:
                    c7:61:38:1c:db:84:1a:d8:7d:73:b2:ea:7e:40:a3:
                    9d:c2:9a:34:74:20:32:c0:86:f6:65:aa:c4:43:a6:
                    66:d0:e7:a9:21:ba:c2:f0:82:79:89:30:31:1d:ba:
                    3a:4f:c1:86:b6:49:7d:ad:b1:a6:90:75:8f:2e:7f:
                    19:fb:82:2e:bb:04:b6:3b:30:89:37:69:f1:6a:d2:
                    df:1a:ca:96:a9:46:3b:43:62:de:be:7d:51:a7:76:
                    cf:00:51:de:74:85:31:cc:c0:87:93:58:52:0e:47:
                    b9:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:99:A0:3F:EC:D6:41:12:5A:10:11:27:AA:19:5B:87:5A:F4:0A:1C
            X509v3 Authority Key Identifier:
                keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/o5mgP-zWQRJaEBEnqhlbh1r0Chw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.150.0.0-140.150.9.255
                  140.150.12.0/24
                  140.150.18.0/23
                  140.150.21.0/24
                  140.150.24.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c6:b1:fe:20:88:e1:1e:5e:9a:5b:1e:e6:1f:bd:39:30:eb:f5:
         d8:a9:de:18:72:11:ef:2f:ea:18:6f:7b:70:12:7f:f8:24:33:
         2e:ed:af:ed:f5:9c:b6:6c:6e:d1:64:0f:84:96:6f:d9:97:71:
         20:cd:3d:db:4f:33:3f:d1:e0:bb:03:b4:2e:7e:d9:b1:b3:f9:
         bc:39:d9:61:35:d3:b7:0a:4d:b0:f0:e3:70:66:7c:f2:40:1d:
         80:f6:76:8a:5f:6e:29:16:c4:96:50:58:ec:db:8f:34:0e:b9:
         dc:5b:13:4b:28:6e:63:bc:35:e7:db:48:01:39:8a:ba:9e:ea:
         19:42:a5:e8:01:13:0c:fe:c6:1a:24:55:6e:91:4d:52:c3:53:
         20:52:f4:1d:8e:59:ae:96:25:6a:18:81:a3:9e:50:55:e3:56:
         ef:3d:43:c8:f3:d9:4c:8c:9b:80:72:14:3f:02:5e:a8:a0:82:
         8c:16:f4:7c:d4:c0:10:fb:a4:2e:58:f1:54:5b:a2:b7:b1:bd:
         b0:78:f3:5c:d1:a6:a8:25:9d:b2:da:ab:46:26:5a:47:4e:c0:
         01:79:70:51:81:7a:98:52:b5:5c:d4:f8:b2:8e:c6:f9:5a:38:
         ba:00:98:83:d4:02:eb:97:43:4f:54:af:5b:f7:12:00:e3:e9:
         b0:93:ab:01
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZL7q57t8uCFzFWbRY/weJ17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjQxMTA1MDkzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzk5YTAzZmVjZDY0MTEyNWExMDExMjdhYTE5NWI4NzVhZjQwYTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvLwzB3vrk9FIc+WQcRxq2FaqJdy
6xPpS1HG4Qe4o3RmmKu4ySFsMbSM4B2+G78y3wHw8deFA+xx6WWUSfFOi5tvFEd5
Qg45cCaTy0+s5x3QBkVodwd2V/n9g1GC/C2046Fv36zr4p5y1FPd+9UA9vOsTeue
apKOo2VlcHIj+J5zB0v1O6cQTNAxOJpANqMRq8+7poDHYTgc24Qa2H1zsup+QKOd
wpo0dCAywIb2ZarEQ6Zm0OepIbrC8IJ5iTAxHbo6T8GGtkl9rbGmkHWPLn8Z+4Iu
uwS2OzCJN2nxatLfGsqWqUY7Q2Levn1Rp3bPAFHedIUxzMCHk1hSDke5qwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFKOZoD/s1kESWhARJ6oZW4da9AocMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvbzVtZ1AteldRUkphRUJFbnFobGJoMXIwQ2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAlMAsDAwGMlgME
AYyWCAMEAIyWDAMEAYyWEgMEAIyWFQMEAYyWGDANBgkqhkiG9w0BAQsFAAOCAQEA
xrH+IIjhHl6aWx7mH705MOv12KneGHIR7y/qGG97cBJ/+CQzLu2v7fWctmxu0WQP
hJZv2ZdxIM09208zP9HguwO0Ln7ZsbP5vDnZYTXTtwpNsPDjcGZ88kAdgPZ2il9u
KRbEllBY7NuPNA653FsTSyhuY7w159tIATmKup7qGUKl6AETDP7GGiRVbpFNUsNT
IFL0HY5ZrpYlahiBo55QVeNW7z1DyPPZTIybgHIUPwJeqKCCjBb0fNTAEPukLljx
VFuit7G9sHjzXNGmqCWdstqrRiZaR07AAXlwUYF6mFK1XNT4so7G+Vo4ugCYg9QC
65dDT1SvW/cSAOPpsJOrAQ==
-----END CERTIFICATE-----
Generated at Mon Nov 18 08:29:21 2024 by rpki-client on console-fra.rpki-client.org