Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/Wt0hjkuHC5ImKLSBW2gujnoEcoA.roa
File:                     Wt0hjkuHC5ImKLSBW2gujnoEcoA.roa (raw, json)
Hash identifier:          ayemFaTP0dM8d4n/qhd2OOQaUfrYAZGhyzFAW8FwDsY=
Subject key identifier:   5A:DD:21:8E:4B:87:0B:92:26:28:B4:81:5B:68:2E:8E:7A:04:72:80
Certificate issuer:       /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial:       018E61BC7792F32C9F0A6470ED28CB17E164
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/Wt0hjkuHC5ImKLSBW2gujnoEcoA.roa
Signing time:             Thu 21 Mar 2024 15:58:45 +0000
ROA not before:           Thu 21 Mar 2024 15:58:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211183
IP address blocks:        5.253.62.0/24 maxlen: 24
                          37.140.241.0/24 maxlen: 24
                          45.128.204.0/24 maxlen: 24
                          79.133.181.0/24 maxlen: 24
                          79.133.182.0/24 maxlen: 24
                          79.133.183.0/24 maxlen: 24
                          91.200.84.0/24 maxlen: 24
                          94.154.11.0/24 maxlen: 24
                          185.198.152.0/24 maxlen: 24
                          185.240.103.0/24 maxlen: 24
                          185.244.51.0/24 maxlen: 24
                          185.250.44.0/24 maxlen: 24
                          185.250.46.0/24 maxlen: 24
                          185.250.47.0/24 maxlen: 24
                          193.187.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 May 2024 19:21:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:61:bc:77:92:f3:2c:9f:0a:64:70:ed:28:cb:17:e1:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
        Validity
            Not Before: Mar 21 15:58:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5add218e4b870b922628b4815b682e8e7a047280
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:82:2c:04:81:38:02:d9:04:d1:07:7f:b2:75:
                    77:6d:44:ed:6e:69:f2:58:26:6b:aa:de:3c:16:20:
                    20:6d:ba:ab:c8:d7:b8:62:12:58:61:71:db:c4:9c:
                    02:65:ca:5d:98:4d:1c:69:a4:e3:8c:c5:41:88:69:
                    83:0f:b2:dc:2d:f0:2b:b8:4d:9a:18:32:f8:c6:c9:
                    df:65:8f:e7:c1:44:cf:d9:24:d6:47:c6:ca:4c:fb:
                    72:69:3f:7e:2d:ef:da:fd:58:ac:e8:36:9f:58:9b:
                    c3:ae:d9:77:cb:92:b3:4b:32:76:38:c7:d9:81:f8:
                    73:64:e1:f8:36:d2:48:85:32:4e:04:3b:7b:bf:6d:
                    5e:21:7d:95:b0:58:05:8f:11:38:de:29:bc:b6:a1:
                    aa:d8:33:08:7a:35:b7:19:20:45:ba:21:4f:50:b7:
                    f9:c0:de:82:82:de:0f:35:ae:70:18:4d:cc:e2:56:
                    5b:00:ad:82:74:7c:3f:c0:74:94:c6:0e:4d:6e:8a:
                    8d:6d:63:d9:54:a1:c3:91:6f:98:17:0b:2d:6d:51:
                    07:86:77:35:d9:8b:8a:5c:1c:3c:e3:01:0f:8e:c4:
                    6c:96:a7:55:cd:c7:6f:ff:da:e3:e2:57:2b:34:df:
                    c5:bd:a1:03:e2:db:8d:0d:d0:f3:57:00:ce:4f:92:
                    dc:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:DD:21:8E:4B:87:0B:92:26:28:B4:81:5B:68:2E:8E:7A:04:72:80
            X509v3 Authority Key Identifier:
                keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/Wt0hjkuHC5ImKLSBW2gujnoEcoA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.62.0/24
                  37.140.241.0/24
                  45.128.204.0/24
                  79.133.181.0-79.133.183.255
                  91.200.84.0/24
                  94.154.11.0/24
                  185.198.152.0/24
                  185.240.103.0/24
                  185.244.51.0/24
                  185.250.44.0/24
                  185.250.46.0/23
                  193.187.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:9b:47:1c:8c:1e:94:93:f9:ef:fb:71:ae:0f:8f:e1:0a:1c:
         88:cb:67:1a:31:a0:a8:21:4f:5a:97:fc:0b:cc:8c:02:83:4e:
         87:cb:71:93:94:53:e1:b0:1a:31:84:70:e0:9e:69:c2:6e:72:
         02:64:da:06:74:65:c4:e7:91:f1:c3:fd:85:a5:a2:55:74:7f:
         28:75:4b:20:57:62:6b:f8:95:2f:34:74:53:30:10:55:ff:2c:
         4a:42:5c:36:fd:b9:7f:a9:ca:35:84:26:b8:38:53:12:e5:4b:
         49:56:af:27:d9:cf:d4:ca:e7:7d:c9:da:20:54:43:7f:50:17:
         48:fd:51:c8:2b:1c:94:ba:d0:ab:21:5a:ef:16:75:d6:71:ea:
         1a:d9:ba:14:b3:e2:52:09:fd:94:63:8c:53:34:22:18:25:86:
         fe:7a:8a:0b:55:6d:cf:60:f5:77:67:ee:b5:9d:55:2c:32:f6:
         da:1f:60:ce:54:46:52:e5:ee:d1:6c:40:c9:ea:e8:16:79:17:
         6a:46:2e:1a:05:0f:a3:4b:10:c9:6b:47:52:c4:b5:1d:69:1a:
         75:54:e7:35:d4:d9:ef:6b:ad:44:37:8e:55:f0:02:7b:89:81:
         0a:8b:d2:2b:0a:e4:37:70:ad:ba:05:7b:4c:98:b8:ac:ed:bb:
         8c:7c:84:a8
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY5hvHeS8yyfCmRw7SjLF+FkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwMzIxMTU1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWRkMjE4ZTRiODcwYjkyMjYyOGI0ODE1YjY4MmU4ZTdhMDQ3MjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIIsBIE4AtkE0Qd/snV3bUTtbmny
WCZrqt48FiAgbbqryNe4YhJYYXHbxJwCZcpdmE0caaTjjMVBiGmDD7LcLfAruE2a
GDL4xsnfZY/nwUTP2STWR8bKTPtyaT9+Le/a/Vis6DafWJvDrtl3y5KzSzJ2OMfZ
gfhzZOH4NtJIhTJOBDt7v21eIX2VsFgFjxE43im8tqGq2DMIejW3GSBFuiFPULf5
wN6Cgt4PNa5wGE3M4lZbAK2CdHw/wHSUxg5NboqNbWPZVKHDkW+YFwstbVEHhnc1
2YuKXBw84wEPjsRslqdVzcdv/9rj4lcrNN/FvaED4tuNDdDzVwDOT5LccQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFFrdIY5LhwuSJii0gVtoLo56BHKAMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvV3QwaGprdUhDNUltS0xTQlcyZ3Vqbm9FY29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQABf0+AwQA
JYzxAwQALYDMMAwDBABPhbUDBANPhbADBABbyFQDBABemgsDBAC5xpgDBAC58GcD
BAC59DMDBAC5+iwDBAG5+i4DBADBu2AwDQYJKoZIhvcNAQELBQADggEBAISbRxyM
HpST+e/7ca4Pj+EKHIjLZxoxoKghT1qX/AvMjAKDTofLcZOUU+GwGjGEcOCeacJu
cgJk2gZ0ZcTnkfHD/YWlolV0fyh1SyBXYmv4lS80dFMwEFX/LEpCXDb9uX+pyjWE
Jrg4UxLlS0lWryfZz9TK533J2iBUQ39QF0j9UcgrHJS60KshWu8WddZx6hrZuhSz
4lIJ/ZRjjFM0Ihglhv56igtVbc9g9Xdn7rWdVSwy9tofYM5URlLl7tFsQMnq6BZ5
F2pGLhoFD6NLEMlrR1LEtR1pGnVU5zXU2e9rrUQ3jlXwAnuJgQqL0isK5DdwrboF
e0yYuKztu4x8hKg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:59 2024 by rpki-client on console-fra.rpki-client.org