Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/pLuKLQHpzhw01NQGerOYhoYjl_0.roa
File:                     pLuKLQHpzhw01NQGerOYhoYjl_0.roa (raw, json)
Hash identifier:          c8QYEnv9xYwHFSGtQ3r2iXmoFKKMjWJV9GIqXC9bkks=
Subject key identifier:   A4:BB:8A:2D:01:E9:CE:1C:34:D4:D4:06:7A:B3:98:86:86:23:97:FD
Certificate issuer:       /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial:       018A50E3BD6D294B49F963BF35EAA75F9582
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/pLuKLQHpzhw01NQGerOYhoYjl_0.roa
Signing time:             Fri 01 Sep 2023 13:16:57 +0000
ROA not before:           Fri 01 Sep 2023 13:16:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52000
IP address blocks:        195.149.87.0/24 maxlen: 24
                          185.250.151.0/24 maxlen: 24
                          74.119.192.0/24 maxlen: 24
                          80.92.205.0/24 maxlen: 24
                          80.92.204.0/24 maxlen: 24
                          74.119.194.0/24 maxlen: 24
                          2a09:7c41::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:50:e3:bd:6d:29:4b:49:f9:63:bf:35:ea:a7:5f:95:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
        Validity
            Not Before: Sep  1 13:16:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a4bb8a2d01e9ce1c34d4d4067ab39886862397fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:05:10:cf:b8:ae:f5:4c:b8:c9:38:b6:40:7e:
                    d5:9c:10:b5:4a:c2:a7:50:3c:14:84:ea:3c:c6:62:
                    2b:f8:21:9e:cc:09:0d:3a:64:2f:d7:01:9f:12:d7:
                    48:f9:c8:7b:cd:c8:47:f3:cc:3a:b4:fa:a5:d5:3d:
                    63:bd:16:5a:0d:e4:8e:7d:48:5d:f7:80:4b:39:6f:
                    74:0b:d1:07:37:80:c6:2e:b3:0a:b8:74:b7:98:4b:
                    5f:ee:ad:a5:62:0f:af:70:f9:b3:0f:36:1a:a4:bc:
                    13:4f:bf:aa:74:3f:68:3f:6c:75:04:45:8a:64:75:
                    9a:c9:d7:72:85:41:e0:72:9c:97:e2:b3:b5:65:ce:
                    9d:81:cf:10:b2:ea:05:28:d1:64:f9:8d:e0:28:99:
                    0b:ef:ad:0d:77:53:9c:2f:de:c7:e7:96:96:65:18:
                    d2:9a:65:53:98:05:51:e9:6a:19:2c:4e:5a:49:da:
                    dd:72:f9:dd:b4:e4:07:da:7e:6c:61:7a:ae:14:10:
                    78:d3:5c:dd:f6:51:77:70:8e:a1:01:94:fb:52:d9:
                    d5:01:87:14:64:1d:62:6a:2e:84:57:65:c3:3f:7e:
                    68:d6:9e:4b:f1:4f:3b:13:c6:25:57:84:f3:b0:c4:
                    8a:15:58:56:af:63:f1:54:89:23:e3:28:a9:89:b1:
                    67:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:BB:8A:2D:01:E9:CE:1C:34:D4:D4:06:7A:B3:98:86:86:23:97:FD
            X509v3 Authority Key Identifier:
                keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/pLuKLQHpzhw01NQGerOYhoYjl_0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  74.119.192.0/24
                  74.119.194.0/24
                  80.92.204.0/23
                  185.250.151.0/24
                  195.149.87.0/24
                IPv6:
                  2a09:7c41::/32

    Signature Algorithm: sha256WithRSAEncryption
         63:0b:63:8c:69:3a:61:f9:cf:44:2f:85:1d:71:df:eb:3c:ca:
         3a:ad:f5:9b:63:8b:c0:97:5f:d9:d1:b4:42:af:b4:2d:7b:7e:
         bf:6a:bf:1f:83:da:d0:c6:6a:ca:28:13:47:a0:1f:29:cd:9c:
         68:ef:13:bc:1a:53:67:65:b5:ca:ba:aa:4a:0b:1d:d6:f3:02:
         fe:69:0d:08:2f:23:16:9c:0b:1e:41:53:b1:38:57:c8:34:12:
         d1:8e:7b:2f:ed:ee:45:17:d1:eb:45:f0:18:12:06:59:db:06:
         47:6d:3a:43:87:1e:99:75:04:7a:47:01:f5:20:1d:db:a5:29:
         04:37:2d:35:75:5b:a5:35:41:f1:85:c6:c9:ac:8f:69:cb:3f:
         7a:56:10:8a:6b:c7:8b:5e:d6:d5:47:d7:94:9b:e4:d0:a0:af:
         b4:ea:f9:bf:75:68:a6:8f:ae:a7:3d:b3:dd:a9:34:5f:68:45:
         bb:47:0a:44:0e:fb:b0:13:5e:af:b8:a2:83:6e:05:82:7a:e2:
         35:9a:b3:6b:0e:f7:37:30:5f:a5:e2:9d:36:d7:eb:f2:b4:2e:
         b2:f9:a4:4a:5d:c6:a5:90:36:ea:34:cd:65:6d:52:b3:53:e6:
         07:73:2d:0c:56:c7:6c:3b:d6:f3:2f:02:ad:db:8d:14:41:96:
         aa:09:19:e3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYpQ471tKUtJ+WO/NeqnX5WCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMwOTAxMTMxNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGJiOGEyZDAxZTljZTFjMzRkNGQ0MDY3YWIzOTg4Njg2MjM5N2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQUQz7iu9Uy4yTi2QH7VnBC1SsKn
UDwUhOo8xmIr+CGezAkNOmQv1wGfEtdI+ch7zchH88w6tPql1T1jvRZaDeSOfUhd
94BLOW90C9EHN4DGLrMKuHS3mEtf7q2lYg+vcPmzDzYapLwTT7+qdD9oP2x1BEWK
ZHWayddyhUHgcpyX4rO1Zc6dgc8QsuoFKNFk+Y3gKJkL760Nd1OcL97H55aWZRjS
mmVTmAVR6WoZLE5aSdrdcvndtOQH2n5sYXquFBB401zd9lF3cI6hAZT7UtnVAYcU
ZB1iai6EV2XDP35o1p5L8U87E8YlV4TzsMSKFVhWr2PxVIkj4yipibFnGQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKS7ii0B6c4cNNTUBnqzmIaGI5f9MB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvcEx1S0xRSHB6aHcwMU5RR2VyT1lob1lqbF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQASnfAAwQA
SnfCAwQBUFzMAwQAufqXAwQAw5VXMA0EAgACMAcDBQAqCXxBMA0GCSqGSIb3DQEB
CwUAA4IBAQBjC2OMaTph+c9EL4Udcd/rPMo6rfWbY4vAl1/Z0bRCr7Qte36/ar8f
g9rQxmrKKBNHoB8pzZxo7xO8GlNnZbXKuqpKCx3W8wL+aQ0ILyMWnAseQVOxOFfI
NBLRjnsv7e5FF9HrRfAYEgZZ2wZHbTpDhx6ZdQR6RwH1IB3bpSkENy01dVulNUHx
hcbJrI9pyz96VhCKa8eLXtbVR9eUm+TQoK+06vm/dWimj66nPbPdqTRfaEW7RwpE
DvuwE16vuKKDbgWCeuI1mrNrDvc3MF+l4p021+vytC6y+aRKXcalkDbqNM1lbVKz
U+YHcy0MVsdsO9bzLwKt240UQZaqCRnj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org