Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/1T5HCpAgrZb3vnBAcleJZq0w0sE.roa
File:                     1T5HCpAgrZb3vnBAcleJZq0w0sE.roa (raw, json)
Hash identifier:          sBzv2urhQjasHfqYefSBEFOjMZbgzVpnCpWdSL+oHqA=
Subject key identifier:   D5:3E:47:0A:90:20:AD:96:F7:BE:70:40:72:57:89:66:AD:30:D2:C1
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       0186E4A653B1A12886ECDF7167E46451A80E
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/1T5HCpAgrZb3vnBAcleJZq0w0sE.roa
Signing time:             Wed 15 Mar 2023 09:42:30 +0000
ROA not before:           Wed 15 Mar 2023 09:42:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212477
IP address blocks:        45.139.50.0/23 maxlen: 24
                          45.140.140.0/22 maxlen: 24
                          45.137.198.0/23 maxlen: 24
                          45.137.206.0/24 maxlen: 24
                          45.140.188.0/22 maxlen: 24
                          45.137.204.0/23 maxlen: 24
                          193.176.244.0/23 maxlen: 24
                          45.137.207.0/24 maxlen: 24
                          45.140.213.0/24 maxlen: 24
                          45.140.212.0/24 maxlen: 24
                          2a07:e345:100::/40 maxlen: 48

Validation:               Failed, certificate revoked on Thu 30 Mar 2023 18:42:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e4:a6:53:b1:a1:28:86:ec:df:71:67:e4:64:51:a8:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Mar 15 09:42:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d53e470a9020ad96f7be704072578966ad30d2c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:63:fe:30:81:01:5b:dd:13:c5:4b:90:7b:34:
                    3c:43:98:da:b0:95:97:a0:0c:49:9f:9a:28:75:71:
                    fc:7e:4b:f7:59:ac:19:bc:4f:c3:1a:f8:08:69:c7:
                    48:de:7b:98:be:d1:ae:0e:dd:8e:38:c7:8b:b1:ef:
                    d7:2b:57:6e:5b:89:42:94:ca:c8:35:6e:10:ed:b9:
                    d6:bd:6f:8d:59:da:6b:f3:2c:cb:80:3a:eb:bc:cc:
                    7d:1b:f7:de:59:8a:f8:f5:ef:f8:3a:05:8e:9c:1f:
                    d7:a4:16:5b:06:d2:4e:19:01:23:99:a3:e4:52:47:
                    cd:1e:6c:76:20:c8:60:6d:10:fd:d0:b3:da:8b:8c:
                    1c:81:8e:5a:e1:39:5b:0e:82:dd:ab:e9:9b:29:df:
                    15:e8:84:79:76:ad:20:12:68:34:d2:b6:9e:8e:41:
                    cd:84:c3:37:d6:82:6e:8e:8d:19:ae:90:72:d2:3c:
                    5d:26:59:a9:ca:af:c9:74:b0:32:90:fc:32:2f:a3:
                    b4:ec:49:06:64:7c:d0:47:67:7e:51:1b:82:1a:a0:
                    fa:4e:bd:fd:f9:b1:f1:51:23:6f:bf:0f:a3:1e:de:
                    78:ce:a4:a7:38:96:1c:23:9e:d8:f7:f3:15:da:44:
                    4b:fe:87:1f:9f:ef:4f:5a:b5:01:70:15:e8:c7:64:
                    f6:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:3E:47:0A:90:20:AD:96:F7:BE:70:40:72:57:89:66:AD:30:D2:C1
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/1T5HCpAgrZb3vnBAcleJZq0w0sE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.198.0/23
                  45.137.204.0/22
                  45.139.50.0/23
                  45.140.140.0/22
                  45.140.188.0/22
                  45.140.212.0/23
                  193.176.244.0/23
                IPv6:
                  2a07:e345:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         9e:29:a9:88:25:d5:76:57:5f:b6:ef:09:78:12:8a:c0:58:f5:
         81:47:39:8c:12:07:1a:62:95:c1:34:30:eb:a6:30:81:f7:6a:
         90:fc:56:cd:69:92:f5:53:6b:25:a0:ae:da:22:18:29:29:30:
         f2:2c:91:22:49:51:17:70:5a:41:fa:6c:41:0b:8a:9c:68:fa:
         e1:6f:ba:02:d4:35:25:96:56:b8:49:6f:c1:df:09:03:9d:cd:
         15:a4:ec:a4:71:87:1e:5b:1a:44:8b:81:36:e4:f9:29:bf:dc:
         a0:4b:7b:ee:80:5e:b7:35:6c:59:73:db:18:76:4b:ad:54:f1:
         cd:6a:0f:d9:2e:ef:91:5b:28:26:96:c2:7b:aa:15:70:d9:18:
         f0:77:7a:55:b2:1a:ed:b0:eb:12:b8:59:5e:78:f9:e6:1d:6b:
         2d:8b:0d:0a:d6:8f:a8:84:f0:2f:c2:9b:cb:d5:3f:6c:44:d6:
         a1:d6:43:c1:ea:08:f9:51:63:cd:f7:1c:ca:cc:fe:06:d7:cb:
         dc:a9:ac:1d:29:c9:3e:6c:77:fe:62:84:ce:72:91:6d:87:68:
         d9:6d:b2:b2:8f:a5:81:40:fc:4c:9f:21:03:95:aa:e2:07:8f:
         f6:46:ca:b7:a6:a3:fd:8c:56:4b:91:31:06:6f:f7:90:43:ac:
         52:7e:7d:4d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYbkplOxoSiG7N9xZ+RkUagOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMzE1MDk0MjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTNlNDcwYTkwMjBhZDk2ZjdiZTcwNDA3MjU3ODk2NmFkMzBkMmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWP+MIEBW90TxUuQezQ8Q5jasJWX
oAxJn5oodXH8fkv3WawZvE/DGvgIacdI3nuYvtGuDt2OOMeLse/XK1duW4lClMrI
NW4Q7bnWvW+NWdpr8yzLgDrrvMx9G/feWYr49e/4OgWOnB/XpBZbBtJOGQEjmaPk
UkfNHmx2IMhgbRD90LPai4wcgY5a4TlbDoLdq+mbKd8V6IR5dq0gEmg00raejkHN
hMM31oJujo0ZrpBy0jxdJlmpyq/JdLAykPwyL6O07EkGZHzQR2d+URuCGqD6Tr39
+bHxUSNvvw+jHt54zqSnOJYcI57Y9/MV2kRL/ocfn+9PWrUBcBXox2T2EwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFNU+RwqQIK2W975wQHJXiWatMNLBMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvMVQ1SENwQWdyWmIzdm5CQWNsZUpacTB3MHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAwBAIAATAqAwQBLYnGAwQC
LYnMAwQBLYsyAwQCLYyMAwQCLYy8AwQBLYzUAwQBwbD0MA4EAgACMAgDBgAqB+NF
ATANBgkqhkiG9w0BAQsFAAOCAQEAnimpiCXVdldftu8JeBKKwFj1gUc5jBIHGmKV
wTQw66YwgfdqkPxWzWmS9VNrJaCu2iIYKSkw8iyRIklRF3BaQfpsQQuKnGj64W+6
AtQ1JZZWuElvwd8JA53NFaTspHGHHlsaRIuBNuT5Kb/coEt77oBetzVsWXPbGHZL
rVTxzWoP2S7vkVsoJpbCe6oVcNkY8Hd6VbIa7bDrErhZXnj55h1rLYsNCtaPqITw
L8Kby9U/bETWodZDweoI+VFjzfccysz+BtfL3KmsHSnJPmx3/mKEznKRbYdo2W2y
so+lgUD8TJ8hA5Wq4geP9kbKt6aj/YxWS5ExBm/3kEOsUn59TQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org