Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/N6tJW_qh7wi1FbjqodjyE5DQZMc.roa
File:                     N6tJW_qh7wi1FbjqodjyE5DQZMc.roa (raw, json)
Hash identifier:          Wt3OiPtra0pWpMU3NfpeRi2hZsV3Oc6O7AycJYUgusU=
Subject key identifier:   37:AB:49:5B:FA:A1:EF:08:B5:15:B8:EA:A1:D8:F2:13:90:D0:64:C7
Certificate issuer:       /CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
Certificate serial:       018C853B03E54CE26A14FF27A29669DD90DB
Authority key identifier: A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/N6tJW_qh7wi1FbjqodjyE5DQZMc.roa
Signing time:             Wed 20 Dec 2023 03:18:06 +0000
ROA not before:           Wed 20 Dec 2023 03:18:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39812
IP address blocks:        5.44.0.0/20 maxlen: 20
                          78.139.64.0/19 maxlen: 19
                          185.12.252.0/22 maxlen: 22
                          185.137.160.0/23 maxlen: 23
                          185.137.162.0/23 maxlen: 23
                          109.202.32.0/19 maxlen: 19
                          185.106.56.0/22 maxlen: 22
                          130.255.32.0/19 maxlen: 19
                          78.139.96.0/21 maxlen: 21
                          78.139.104.0/21 maxlen: 21
                          89.107.112.0/21 maxlen: 21
                          78.139.112.0/21 maxlen: 21
                          78.139.120.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:85:3b:03:e5:4c:e2:6a:14:ff:27:a2:96:69:dd:90:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0b6a5b1a14c86d4cfb46c4e86ecd4066804cc90
        Validity
            Not Before: Dec 20 03:18:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=37ab495bfaa1ef08b515b8eaa1d8f21390d064c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:2a:df:10:9d:fd:6e:1e:60:f7:7d:8f:3e:e5:
                    9f:db:da:7c:51:cf:25:d4:be:1c:e7:18:17:d1:e5:
                    90:c0:53:ce:b1:d4:96:b5:37:63:5f:d0:3e:a7:ad:
                    ba:9f:88:50:55:9e:1f:89:04:47:db:de:ec:cf:51:
                    02:95:a2:55:94:22:df:92:9f:7f:fe:c9:2a:3b:29:
                    d4:2f:a1:a9:76:01:38:6c:c9:d4:df:a7:ce:e3:fd:
                    2d:c6:63:2d:da:0c:64:77:64:77:c2:2d:3a:aa:5b:
                    8b:f3:a0:80:80:f3:76:6f:c7:79:29:a2:a6:d7:10:
                    89:4b:db:ef:d0:2b:66:99:9e:27:76:af:70:1f:96:
                    1c:4d:35:c4:10:3a:a4:96:a8:ba:dc:30:93:0b:c3:
                    87:c4:f3:be:3e:c0:79:cc:df:4d:c9:af:ec:cc:42:
                    6f:b2:10:09:49:41:3d:68:08:7b:26:0a:23:b0:cf:
                    b4:10:a1:d5:c0:0f:4a:97:ae:fe:0e:22:fa:c9:84:
                    e3:bf:59:2d:9e:6a:7a:79:bd:c8:ac:55:2a:8f:d4:
                    9e:68:cb:d4:56:85:e3:e2:ce:2c:57:65:98:e7:0e:
                    26:20:fa:1d:7c:16:db:41:e7:27:18:4f:59:6c:38:
                    9e:a8:71:a7:b5:ad:f5:ea:59:1b:99:79:1f:3c:c5:
                    4b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:AB:49:5B:FA:A1:EF:08:B5:15:B8:EA:A1:D8:F2:13:90:D0:64:C7
            X509v3 Authority Key Identifier:
                keyid:A0:B6:A5:B1:A1:4C:86:D4:CF:B4:6C:4E:86:EC:D4:06:68:04:CC:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oLalsaFMhtTPtGxOhuzUBmgEzJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/N6tJW_qh7wi1FbjqodjyE5DQZMc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/e1fb52-979d-4436-be51-8584bef0b7d5/1/oLalsaFMhtTPtGxOhuzUBmgEzJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.44.0.0/20
                  78.139.64.0/18
                  89.107.112.0/21
                  109.202.32.0/19
                  130.255.32.0/19
                  185.12.252.0/22
                  185.106.56.0/22
                  185.137.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b5:48:f4:0b:68:4b:b6:19:de:5a:38:ae:d0:12:02:3b:d4:51:
         fe:4b:3c:39:3e:f1:4f:5a:82:52:9c:40:70:99:c6:25:6d:b7:
         d1:de:64:f8:65:90:23:1e:c0:c9:e4:ae:10:d2:c0:68:55:cd:
         18:65:0e:09:89:3c:0a:5d:27:d6:e7:9f:f0:64:3f:4c:be:73:
         9f:9f:2d:d7:79:b5:d2:c7:db:f2:b2:5b:53:c9:d9:01:4e:9b:
         83:35:05:11:56:c3:4c:a1:19:ce:20:e1:88:9e:06:41:3b:21:
         75:9c:0b:bc:ae:96:2c:d4:a9:c1:23:d7:7a:fa:ce:33:44:bc:
         35:ba:a7:63:3e:a6:8e:24:d1:94:95:60:76:8c:38:dd:98:2f:
         4d:13:0a:4f:12:2b:21:0e:fe:5a:2e:4f:42:0b:50:ef:70:8b:
         55:cf:ea:98:26:a9:af:97:e4:20:2c:59:8b:5e:c0:bb:3e:1d:
         88:c2:32:dc:0d:25:83:8a:6d:5f:31:07:00:39:30:f1:89:e1:
         4e:07:ba:f5:f7:bd:b1:c1:aa:00:85:bb:7e:69:b0:e5:1f:0d:
         90:06:e5:78:b9:31:4c:14:b0:31:19:95:b5:18:d9:97:60:28:
         fd:8c:d2:04:b5:ec:9e:e3:ac:23:02:bc:f6:df:80:fb:50:30:
         c3:4e:2a:d8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYyFOwPlTOJqFP8nopZp3ZDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYjZhNWIxYTE0Yzg2ZDRjZmI0NmM0ZTg2ZWNkNDA2Njgw
NGNjOTAwHhcNMjMxMjIwMDMxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2FiNDk1YmZhYTFlZjA4YjUxNWI4ZWFhMWQ4ZjIxMzkwZDA2NGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSrfEJ39bh5g932PPuWf29p8Uc8l
1L4c5xgX0eWQwFPOsdSWtTdjX9A+p626n4hQVZ4fiQRH297sz1EClaJVlCLfkp9/
/skqOynUL6GpdgE4bMnU36fO4/0txmMt2gxkd2R3wi06qluL86CAgPN2b8d5KaKm
1xCJS9vv0CtmmZ4ndq9wH5YcTTXEEDqklqi63DCTC8OHxPO+PsB5zN9Nya/szEJv
shAJSUE9aAh7JgojsM+0EKHVwA9Kl67+DiL6yYTjv1ktnmp6eb3IrFUqj9SeaMvU
VoXj4s4sV2WY5w4mIPodfBbbQecnGE9ZbDieqHGnta316lkbmXkfPMVLDwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDerSVv6oe8ItRW46qHY8hOQ0GTHMB8GA1UdIwQY
MBaAFKC2pbGhTIbUz7RsTobs1AZoBMyQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEt
ODU4NGJlZjBiN2Q1LzEvTjZ0SldfcWg3d2kxRmJqcW9kanlFNURRWk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lMWZiNTItOTc5ZC00NDM2LWJlNTEtODU4NGJlZjBiN2Q1
LzEvb0xhbHNhRk1odFRQdEd4T2h1elVCbWdFekpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEBSwAAwQG
TotAAwQDWWtwAwQFbcogAwQFgv8gAwQCuQz8AwQCuWo4AwQCuYmgMA0GCSqGSIb3
DQEBCwUAA4IBAQC1SPQLaEu2Gd5aOK7QEgI71FH+Szw5PvFPWoJSnEBwmcYlbbfR
3mT4ZZAjHsDJ5K4Q0sBoVc0YZQ4JiTwKXSfW55/wZD9MvnOfny3XebXSx9vysltT
ydkBTpuDNQURVsNMoRnOIOGIngZBOyF1nAu8rpYs1KnBI9d6+s4zRLw1uqdjPqaO
JNGUlWB2jDjdmC9NEwpPEishDv5aLk9CC1DvcItVz+qYJqmvl+QgLFmLXsC7Ph2I
wjLcDSWDim1fMQcAOTDxieFOB7r1972xwaoAhbt+abDlHw2QBuV4uTFMFLAxGZW1
GNmXYCj9jNIEteye46wjArz234D7UDDDTirY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:31 2024 by rpki-client on console-ams.rpki-client.org