Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/X1drLxl3h4D9nHPJxqix-vMvqL8.roa
File:                     X1drLxl3h4D9nHPJxqix-vMvqL8.roa (raw, json)
Hash identifier:          isZkOW01cM9w2YPvwCS1IMyL2hQLzhgbF4P9gt3GjgA=
Subject key identifier:   5F:57:6B:2F:19:77:87:80:FD:9C:73:C9:C6:A8:B1:FA:F3:2F:A8:BF
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       018C8F0B18D7DC870AFDBB1449A6BA5C8795
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/X1drLxl3h4D9nHPJxqix-vMvqL8.roa
Signing time:             Fri 22 Dec 2023 01:01:58 +0000
ROA not before:           Fri 22 Dec 2023 01:01:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197730
IP address blocks:        45.136.184.0/22 maxlen: 24
                          45.136.185.0/24 maxlen: 24
                          45.136.186.0/24 maxlen: 24
                          45.136.187.0/24 maxlen: 24
                          185.241.58.0/24 maxlen: 24
                          45.130.181.0/24 maxlen: 24
                          45.130.183.0/24 maxlen: 24
                          62.106.75.0/24 maxlen: 24
                          45.130.182.0/24 maxlen: 24
                          45.130.180.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Dec 2023 06:48:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:8f:0b:18:d7:dc:87:0a:fd:bb:14:49:a6:ba:5c:87:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Dec 22 01:01:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f576b2f19778780fd9c73c9c6a8b1faf32fa8bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:9b:b7:90:dd:e1:81:38:ee:00:07:de:9a:e1:
                    29:98:ce:a1:e3:8c:1b:a5:14:64:b9:a2:e8:59:34:
                    97:7d:43:98:f9:65:ab:3f:74:4a:95:d0:f0:81:bd:
                    2a:bb:1e:e2:48:cb:4c:65:6c:c2:31:e6:5d:c0:a6:
                    b2:52:a2:11:c7:41:19:d1:2e:df:e5:d4:1b:67:89:
                    84:c1:5e:25:b5:cd:cd:a7:b5:e2:af:77:ca:80:bc:
                    86:fa:9f:68:84:ef:b2:b4:8c:b2:f9:7e:fe:f2:27:
                    58:fb:9b:45:16:ee:42:f4:21:6a:6a:24:17:75:6e:
                    91:7b:27:b5:91:9b:90:c8:15:e0:17:87:80:b9:e6:
                    51:41:35:5e:c8:2c:44:b6:0f:1d:a8:31:04:ae:6d:
                    c4:91:4e:c4:ad:08:55:a3:bf:c2:97:c4:cf:d1:7a:
                    42:e9:d4:34:80:d8:4a:78:88:d3:28:5e:ef:54:5f:
                    d9:6f:09:d0:a7:d0:94:66:ff:16:c2:96:24:89:26:
                    be:79:41:4c:7e:81:de:8e:8c:29:fc:a4:c6:db:2d:
                    b6:8e:2d:f8:4b:d6:40:06:62:d1:a3:d3:d5:56:56:
                    f9:f4:7b:80:96:31:f0:8d:09:df:a6:c4:94:a0:f5:
                    33:bb:13:ed:ae:13:47:f2:5b:eb:dd:c7:c4:d6:a1:
                    f3:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:57:6B:2F:19:77:87:80:FD:9C:73:C9:C6:A8:B1:FA:F3:2F:A8:BF
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/X1drLxl3h4D9nHPJxqix-vMvqL8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.130.180.0/22
                  45.136.184.0/22
                  62.106.75.0/24
                  185.241.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:cd:6e:01:ea:c6:a9:7e:99:e6:ed:58:e2:ad:b1:26:73:fe:
         23:9b:9b:72:4b:af:6f:54:65:cd:f7:19:7b:eb:c5:a5:75:f8:
         07:5e:5e:55:a5:46:40:8b:bd:3a:4a:39:df:4a:56:b5:5b:16:
         4e:43:d3:ca:bc:1c:a7:fc:57:8c:ea:23:92:e5:1f:bc:f0:7d:
         02:ea:9a:52:ed:b1:60:1b:0b:83:d1:60:4f:a1:36:27:67:f1:
         74:cb:dc:67:76:07:4d:bf:52:b2:ac:18:7c:f3:9c:87:05:ca:
         90:de:d2:6c:37:e2:82:24:7a:d3:1c:47:85:2f:b3:75:78:0f:
         9b:88:c7:2b:06:d4:e4:e1:e4:ec:73:4e:7a:2e:3e:89:c2:5b:
         42:b6:32:35:7f:71:0f:09:25:e1:6b:06:18:91:a9:c6:7b:0a:
         fe:7f:40:4c:42:51:b9:c5:80:d9:a0:b3:15:27:64:12:78:e1:
         08:22:27:c3:84:f0:4d:f7:3b:bd:43:06:85:eb:48:81:d5:f7:
         06:ee:00:7b:a0:62:82:69:bd:7f:b2:db:45:7e:05:3b:da:be:
         98:78:cc:52:8d:d1:3d:32:27:f6:a3:76:7b:53:43:7d:dc:2e:
         c2:67:e4:19:bc:fb:05:54:47:b9:ee:40:39:d2:fa:09:f4:54:
         db:63:44:0e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYyPCxjX3IcK/bsUSaa6XIeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMxMjIyMDEwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjU3NmIyZjE5Nzc4NzgwZmQ5YzczYzljNmE4YjFmYWYzMmZhOGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZu3kN3hgTjuAAfemuEpmM6h44wb
pRRkuaLoWTSXfUOY+WWrP3RKldDwgb0qux7iSMtMZWzCMeZdwKayUqIRx0EZ0S7f
5dQbZ4mEwV4ltc3Np7Xir3fKgLyG+p9ohO+ytIyy+X7+8idY+5tFFu5C9CFqaiQX
dW6Reye1kZuQyBXgF4eAueZRQTVeyCxEtg8dqDEErm3EkU7ErQhVo7/Cl8TP0XpC
6dQ0gNhKeIjTKF7vVF/ZbwnQp9CUZv8WwpYkiSa+eUFMfoHejowp/KTG2y22ji34
S9ZABmLRo9PVVlb59HuAljHwjQnfpsSUoPUzuxPtrhNH8lvr3cfE1qHzywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF9Xay8Zd4eA/ZxzycaosfrzL6i/MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvWDFkckx4bDNoNEQ5bkhQSnhxaXgtdk12cUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYK0AwQC
LYi4AwQAPmpLAwQAufE6MA0GCSqGSIb3DQEBCwUAA4IBAQBQzW4B6sapfpnm7Vji
rbEmc/4jm5tyS69vVGXN9xl768WldfgHXl5VpUZAi706SjnfSla1WxZOQ9PKvByn
/FeM6iOS5R+88H0C6ppS7bFgGwuD0WBPoTYnZ/F0y9xndgdNv1KyrBh885yHBcqQ
3tJsN+KCJHrTHEeFL7N1eA+biMcrBtTk4eTsc056Lj6JwltCtjI1f3EPCSXhawYY
kanGewr+f0BMQlG5xYDZoLMVJ2QSeOEIIifDhPBN9zu9QwaF60iB1fcG7gB7oGKC
ab1/sttFfgU72r6YeMxSjdE9Mif2o3Z7U0N93C7CZ+QZvPsFVEe57kA50voJ9FTb
Y0QO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org