Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/5H2uHv-T6z62zeRuPCH_8J7BwNQ.roa
File:                     5H2uHv-T6z62zeRuPCH_8J7BwNQ.roa (raw, json)
Hash identifier:          49/FrA6p5d37Hrl1QkszvRAQ9qf0P273EQwJEHR8qmU=
Subject key identifier:   E4:7D:AE:1E:FF:93:EB:3E:B6:CD:E4:6E:3C:21:FF:F0:9E:C1:C0:D4
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018A402769CFF921AFC8F193E514DCF7AFAC
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/5H2uHv-T6z62zeRuPCH_8J7BwNQ.roa
Signing time:             Tue 29 Aug 2023 07:17:19 +0000
ROA not before:           Tue 29 Aug 2023 07:17:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        45.151.139.0/24 maxlen: 24
                          45.142.210.0/24 maxlen: 24
                          45.142.211.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          2a09:3d00::/29 maxlen: 36
                          2a0f:cc87::/36 maxlen: 36
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 29
                          2a11:200:a000::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:8000::/36 maxlen: 36
                          2a09:3505:9000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a11:af01::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a0d:5ec0::/29 maxlen: 36
                          2a11:e82::/32 maxlen: 32
                          2a06:d900::/29 maxlen: 29
                          2a11:780::/29 maxlen: 36
                          2a09:3b00::/29 maxlen: 29
                          2a09:4e01:9000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:3000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a11:204::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Tue 29 Aug 2023 11:39:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:40:27:69:cf:f9:21:af:c8:f1:93:e5:14:dc:f7:af:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Aug 29 07:17:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e47dae1eff93eb3eb6cde46e3c21fff09ec1c0d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:14:d0:1c:9f:1c:fa:06:fe:b8:72:a7:2e:a6:
                    99:15:ef:dc:39:b0:43:38:0a:77:19:d1:52:65:35:
                    e7:ca:4d:6e:6e:98:a1:03:9e:e7:38:a0:5b:4a:d9:
                    74:c3:02:2a:1b:de:dc:9c:76:2c:6f:1b:5f:be:c2:
                    db:25:62:fd:9e:e0:53:56:32:bd:90:a9:1d:8a:33:
                    7d:6f:45:5c:86:2d:c6:80:c9:11:ff:8e:41:4e:fe:
                    d7:3d:ad:f4:23:73:14:02:4c:f0:f6:0d:df:68:af:
                    01:d0:8b:8b:d2:a1:94:46:e5:21:00:93:66:8e:6b:
                    ff:01:10:ef:5c:82:bf:c6:99:5a:53:35:81:8d:1f:
                    6b:f9:99:3c:85:cc:e5:cd:03:d3:56:e9:91:c0:4e:
                    0a:e0:10:24:be:bf:cd:7f:e0:dc:8d:81:01:b8:a0:
                    ff:85:9b:cd:e3:20:72:90:14:fd:a4:c3:61:df:61:
                    5e:8c:0a:0e:0f:b2:e2:73:91:bb:8b:2f:49:78:a5:
                    66:81:42:71:3f:5f:a3:7a:96:8a:e8:b0:d7:df:4c:
                    f3:b0:8f:55:72:15:30:78:6f:e8:2c:ef:78:b6:27:
                    42:13:d3:75:d1:ea:f0:ac:3e:88:22:f8:25:c5:07:
                    1b:c0:a5:28:b3:4d:a7:4f:19:34:de:86:26:79:3d:
                    50:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:7D:AE:1E:FF:93:EB:3E:B6:CD:E4:6E:3C:21:FF:F0:9E:C1:C0:D4
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/5H2uHv-T6z62zeRuPCH_8J7BwNQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/23
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3505:9000::/36
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::/36
                  2a09:b680::/29
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
                  2a11:200:a000::/36
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:204::/32
                  2a11:780::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         34:21:8b:b4:70:11:83:a5:7e:c4:c1:0c:17:0e:c0:52:05:1c:
         72:81:03:cf:98:fd:54:9d:51:f0:4e:a6:9c:76:ee:71:b9:3f:
         bf:dd:b9:21:79:e0:0a:9f:79:87:1f:8f:b8:d2:7a:cd:31:4d:
         31:04:27:b5:96:db:7c:07:ba:15:84:71:a9:ef:61:3b:a2:81:
         61:0e:23:78:72:b2:d9:9d:69:82:24:af:8a:af:95:11:05:4c:
         e2:3a:eb:de:66:b8:b6:1d:41:b0:0f:90:33:80:0f:de:69:65:
         d0:2c:bb:16:64:d2:8e:a6:e1:64:f1:41:14:bd:84:56:c5:b1:
         f2:2d:08:b3:9a:cd:35:11:f1:0c:ee:4c:1a:0c:0d:24:0b:e1:
         7b:f8:df:0e:be:31:31:7f:12:e7:ae:be:0f:30:02:75:53:f1:
         6d:79:5d:a7:60:a1:06:b6:6a:32:a1:7e:be:dc:5e:87:2c:3c:
         8b:d6:6f:bf:7d:8d:18:6c:31:53:ce:b3:d6:79:31:d6:1b:77:
         f3:66:14:b3:bd:9b:37:0d:9c:9d:71:a0:82:e0:64:7a:fa:80:
         92:6e:4e:4f:2b:44:53:7d:69:01:e7:78:29:6e:33:d1:ea:d2:
         8b:f3:fc:7b:29:28:d7:79:7d:cb:4a:ea:68:0b:34:cb:0a:1a:
         04:43:1c:2c
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAYpAJ2nP+SGvyPGT5RTc96+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwODI5MDcxNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDdkYWUxZWZmOTNlYjNlYjZjZGU0NmUzYzIxZmZmMDllYzFjMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRTQHJ8c+gb+uHKnLqaZFe/cObBD
OAp3GdFSZTXnyk1ubpihA57nOKBbStl0wwIqG97cnHYsbxtfvsLbJWL9nuBTVjK9
kKkdijN9b0Vchi3GgMkR/45BTv7XPa30I3MUAkzw9g3faK8B0IuL0qGURuUhAJNm
jmv/ARDvXIK/xplaUzWBjR9r+Zk8hczlzQPTVumRwE4K4BAkvr/Nf+DcjYEBuKD/
hZvN4yBykBT9pMNh32FejAoOD7Lic5G7iy9JeKVmgUJxP1+jepaK6LDX30zzsI9V
chUweG/oLO94tidCE9N10erwrD6IIvglxQcbwKUos02nTxk03oYmeT1QtwIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFOR9rh7/k+s+ts3kbjwh//CewcDUMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvNUgydUh2LVQ2ejYyemVSdVBDSF84SjdCd05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wJAQCAAEwHgMEAS2O
0gMEAC2XiwMEAlOr8AMEAFQ2JAMEAMJxaTCBxgQCAAIwgb8DBQMqBtkAAwYEKgk1
BZADBQMqCTsAAwUDKgk9ADAQAwYEKglOATADBgUqCU4BQAMGBCoJTgGQAwUDKgm2
gAMFAyoM6MADBQMqDV7AAwYEKg/MhwADBQMqEMDAAwUDKhDDQAMGBCoRAgAAAwYF
KhECAEAwEAMGBCoRAgBwAwYEKhECAIADBgQqEQIAoDAOAwUAKhECAQMFACoRAgID
BQAqEQIEAwUDKhEHgAMFAyoRC4ADBQAqEQ6CAwUAKhGvATANBgkqhkiG9w0BAQsF
AAOCAQEANCGLtHARg6V+xMEMFw7AUgUccoEDz5j9VJ1R8E6mnHbucbk/v925IXng
Cp95hx+PuNJ6zTFNMQQntZbbfAe6FYRxqe9hO6KBYQ4jeHKy2Z1pgiSviq+VEQVM
4jrr3ma4th1BsA+QM4AP3mll0Cy7FmTSjqbhZPFBFL2EVsWx8i0Is5rNNRHxDO5M
GgwNJAvhe/jfDr4xMX8S566+DzACdVPxbXldp2ChBrZqMqF+vtxehyw8i9Zvv32N
GGwxU86z1nkx1ht382YUs72bNw2cnXGgguBkevqAkm5OTytEU31pAed4KW4z0erS
i/P8eyko13l9y0rqaAs0ywoaBEMcLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org