Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/gQ2ko5DS9L3mtcOYM9uXcIQa_nY.roa
File:                     gQ2ko5DS9L3mtcOYM9uXcIQa_nY.roa (raw, json)
Hash identifier:          feLquzPSva10pAkZuPRK/vFcwy/WxHwvnwEdJrrO+eE=
Subject key identifier:   81:0D:A4:A3:90:D2:F4:BD:E6:B5:C3:98:33:DB:97:70:84:1A:FE:76
Certificate issuer:       /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial:       018F398212F9DBA6E54A369251FC6BF6C199
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/gQ2ko5DS9L3mtcOYM9uXcIQa_nY.roa
Signing time:             Thu 02 May 2024 13:32:56 +0000
ROA not before:           Thu 02 May 2024 13:32:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57043
IP address blocks:        79.133.180.0/24 maxlen: 24
                          185.233.184.0/24 maxlen: 24
                          185.244.49.0/24 maxlen: 24
                          185.250.45.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 03 May 2024 13:46:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:39:82:12:f9:db:a6:e5:4a:36:92:51:fc:6b:f6:c1:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
        Validity
            Not Before: May  2 13:32:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=810da4a390d2f4bde6b5c39833db9770841afe76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7e:0e:d2:97:2b:55:2c:79:8b:dd:22:61:6c:
                    64:b4:74:aa:01:e9:96:80:f5:6b:6c:d8:fe:33:69:
                    cb:92:e8:9e:0b:76:5b:f1:e6:7f:4b:28:df:a3:1b:
                    df:fa:23:b3:d4:c0:23:24:20:94:1c:79:10:59:42:
                    ff:c6:90:85:4d:ed:f8:0d:dc:21:f3:a7:db:92:40:
                    d0:15:59:7a:e5:83:96:b3:94:c4:21:ff:1c:8e:74:
                    cd:cd:95:63:7f:ca:79:6c:2d:3c:a7:49:2c:fc:09:
                    a0:ed:d4:c0:36:4d:06:0e:d4:7e:a9:ad:24:87:bc:
                    09:d7:c4:ab:be:3c:9b:5d:19:6b:1a:12:69:5a:9b:
                    55:2d:f6:a3:60:b8:f5:2a:bf:19:fd:23:d7:61:53:
                    07:af:b9:e6:3e:45:d8:bc:e4:47:02:9a:6c:b7:fa:
                    b9:a7:b6:16:bc:86:41:26:48:80:c6:de:07:9f:3e:
                    2d:73:ea:3d:5d:87:82:96:24:b2:e7:ec:09:08:2a:
                    2e:bb:18:26:34:18:d4:d4:57:8b:b4:ec:21:5e:92:
                    03:99:3c:4d:8a:ba:fe:82:e4:2b:e6:0c:af:08:fa:
                    05:e1:5f:8b:08:aa:d7:1e:56:ab:ed:c8:61:3b:05:
                    75:42:1b:03:f1:94:83:55:35:d6:fe:7f:40:d0:0d:
                    1a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:0D:A4:A3:90:D2:F4:BD:E6:B5:C3:98:33:DB:97:70:84:1A:FE:76
            X509v3 Authority Key Identifier:
                keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/gQ2ko5DS9L3mtcOYM9uXcIQa_nY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.133.180.0/24
                  185.233.184.0/24
                  185.244.49.0/24
                  185.250.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:9e:46:75:29:cb:e6:33:02:59:7c:4d:e0:28:20:f4:ad:ba:
         f7:c3:40:53:b5:3c:a2:66:d0:9f:05:94:6d:21:71:15:47:e9:
         3d:09:62:67:9e:f2:3b:ff:8e:d7:70:74:f1:04:f3:17:07:84:
         e3:9d:f5:1e:8c:75:be:6d:1f:df:bb:b2:34:9a:ae:57:5d:7e:
         ca:0a:f1:0d:36:9f:47:93:7f:c1:1b:a0:93:2b:d4:11:8f:be:
         bc:2b:64:bb:dd:b4:84:cb:d8:c4:9b:2c:88:d6:45:c7:0a:f7:
         0d:cb:fe:ae:e0:9e:1b:68:f6:17:d2:2c:f3:28:c7:33:1c:ce:
         21:1f:d0:08:80:6b:a1:68:50:48:8e:1b:55:36:d9:4e:23:c8:
         af:0f:b6:d1:ed:3d:cc:66:d0:40:34:2c:67:13:23:2e:69:c8:
         be:34:a7:57:ca:63:ff:70:75:85:af:38:bc:62:14:95:1b:79:
         2b:71:60:7c:f4:bb:44:f6:1b:5b:87:30:49:81:04:fe:da:f6:
         3c:81:99:0d:83:4a:fe:c7:ad:c7:8d:9e:e4:8f:c3:6d:6b:5a:
         bd:66:51:f5:27:93:95:9b:ec:f2:6e:7e:26:dd:60:2d:0a:cd:
         a8:0c:5d:dc:6e:39:0f:11:d5:5f:67:63:11:bf:40:70:fd:31:
         a0:90:57:3b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY85ghL526blSjaSUfxr9sGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwNTAyMTMzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTBkYTRhMzkwZDJmNGJkZTZiNWMzOTgzM2RiOTc3MDg0MWFmZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs34O0pcrVSx5i90iYWxktHSqAemW
gPVrbNj+M2nLkuieC3Zb8eZ/Syjfoxvf+iOz1MAjJCCUHHkQWUL/xpCFTe34Ddwh
86fbkkDQFVl65YOWs5TEIf8cjnTNzZVjf8p5bC08p0ks/Amg7dTANk0GDtR+qa0k
h7wJ18SrvjybXRlrGhJpWptVLfajYLj1Kr8Z/SPXYVMHr7nmPkXYvORHAppst/q5
p7YWvIZBJkiAxt4Hnz4tc+o9XYeCliSy5+wJCCouuxgmNBjU1FeLtOwhXpIDmTxN
irr+guQr5gyvCPoF4V+LCKrXHlar7chhOwV1QhsD8ZSDVTXW/n9A0A0amQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIENpKOQ0vS95rXDmDPbl3CEGv52MB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvZ1Eya281RFM5TDNtdGNPWU05dVhjSVFhX25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT4W0AwQA
uem4AwQAufQxAwQAufotMA0GCSqGSIb3DQEBCwUAA4IBAQBfnkZ1KcvmMwJZfE3g
KCD0rbr3w0BTtTyiZtCfBZRtIXEVR+k9CWJnnvI7/47XcHTxBPMXB4TjnfUejHW+
bR/fu7I0mq5XXX7KCvENNp9Hk3/BG6CTK9QRj768K2S73bSEy9jEmyyI1kXHCvcN
y/6u4J4baPYX0izzKMczHM4hH9AIgGuhaFBIjhtVNtlOI8ivD7bR7T3MZtBANCxn
EyMuaci+NKdXymP/cHWFrzi8YhSVG3krcWB89LtE9htbhzBJgQT+2vY8gZkNg0r+
x63HjZ7kj8Nta1q9ZlH1J5OVm+zybn4m3WAtCs2oDF3cbjkPEdVfZ2MRv0Bw/TGg
kFc7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:59 2024 by rpki-client on console-fra.rpki-client.org