Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/rqGkCwnjoxbsxYA8i8ePadbIfVQ.roa
File:                     rqGkCwnjoxbsxYA8i8ePadbIfVQ.roa (raw, json)
Hash identifier:          3EfWSI+mh9B6Cc+Sb/+2zHWmQKlJjhL7wrW6qV1txDk=
Subject key identifier:   AE:A1:A4:0B:09:E3:A3:16:EC:C5:80:3C:8B:C7:8F:69:D6:C8:7D:54
Certificate issuer:       /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial:       018BC022557929C40EEAC55BCA197D3FE8A4
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/rqGkCwnjoxbsxYA8i8ePadbIfVQ.roa
Signing time:             Sat 11 Nov 2023 20:45:57 +0000
ROA not before:           Sat 11 Nov 2023 20:45:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211183
IP address blocks:        79.133.183.0/24 maxlen: 24
                          79.133.182.0/24 maxlen: 24
                          79.133.181.0/24 maxlen: 24
                          91.200.84.0/24 maxlen: 24
                          37.140.241.0/24 maxlen: 24
                          185.240.103.0/24 maxlen: 24
                          185.244.51.0/24 maxlen: 24
                          193.187.96.0/24 maxlen: 24
                          185.250.44.0/24 maxlen: 24
                          185.250.46.0/24 maxlen: 24
                          5.253.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 10 Dec 2023 09:19:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:c0:22:55:79:29:c4:0e:ea:c5:5b:ca:19:7d:3f:e8:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
        Validity
            Not Before: Nov 11 20:45:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aea1a40b09e3a316ecc5803c8bc78f69d6c87d54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:4d:24:d5:04:02:50:01:bc:c7:51:16:65:c2:
                    c6:6d:cb:ca:d4:15:b5:ed:19:9b:fa:2f:6f:2f:8a:
                    90:a7:47:ab:71:fe:0e:7d:69:16:03:99:6e:cd:4b:
                    79:2f:6f:51:a1:cc:b3:5a:b9:34:b8:a1:c0:ee:2b:
                    ed:1d:b9:31:1c:68:85:3c:45:5e:d4:bf:7a:bc:c6:
                    dd:c4:df:7b:58:fd:60:1a:0a:cd:9f:a8:68:5a:29:
                    a0:17:6a:32:c1:00:b3:ee:e3:67:58:19:65:9d:1a:
                    87:c5:a6:ce:c7:be:da:cb:fc:76:7c:c7:36:d4:79:
                    fe:88:d1:f7:b1:ed:45:eb:41:77:2c:83:6e:dd:09:
                    93:9b:b2:d5:b6:29:5b:59:c8:66:97:2e:72:73:51:
                    c6:79:4e:a8:38:96:3b:5c:6d:9a:7b:53:41:66:ea:
                    4d:e5:83:8f:57:74:ff:e7:dc:0c:41:56:d5:34:de:
                    c8:8d:ab:e9:6d:57:2e:4e:9b:fa:04:cf:fd:cc:b5:
                    59:c3:7e:4b:b3:e2:e3:06:18:57:ea:b2:09:62:b6:
                    99:bc:a0:58:d3:7b:f0:2d:3a:b3:00:7f:9d:e2:4f:
                    a5:41:b1:16:5c:12:75:5c:67:da:3b:81:1e:6c:ee:
                    05:f6:30:ea:2a:7d:ec:4a:b1:af:ac:49:cd:ed:de:
                    b3:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:A1:A4:0B:09:E3:A3:16:EC:C5:80:3C:8B:C7:8F:69:D6:C8:7D:54
            X509v3 Authority Key Identifier:
                keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/rqGkCwnjoxbsxYA8i8ePadbIfVQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.62.0/24
                  37.140.241.0/24
                  79.133.181.0-79.133.183.255
                  91.200.84.0/24
                  185.240.103.0/24
                  185.244.51.0/24
                  185.250.44.0/24
                  185.250.46.0/24
                  193.187.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:0a:96:2b:49:bc:ca:44:48:22:f8:85:d6:47:82:68:e4:35:
         94:b3:8c:9d:2d:e5:d3:8b:57:39:22:44:d5:96:e8:2a:52:c7:
         04:b6:bb:e2:10:fe:96:21:70:82:38:d0:9e:d7:1b:54:22:5d:
         18:2c:fe:3b:19:a5:57:ee:61:29:80:73:6e:73:96:5f:9b:1c:
         34:a5:f6:0b:b9:40:96:4a:87:a3:b3:e9:3c:71:5b:84:66:a6:
         3d:3e:e8:d5:ef:72:c6:5e:36:1e:0e:9e:88:a9:37:52:22:0f:
         fb:cd:58:4e:02:bf:31:92:b7:f0:a9:fa:db:14:ff:72:99:99:
         34:a3:99:47:0e:5e:6a:bc:2a:0b:55:80:0f:d7:5b:fa:99:77:
         e8:19:f3:84:67:ce:71:7f:52:ad:93:1e:1c:06:58:62:81:83:
         04:b2:75:6e:8f:e8:9c:fd:10:96:c3:27:3d:e0:3f:9c:e9:5f:
         76:9d:a3:20:b8:c3:33:33:cb:f4:46:41:68:73:85:03:5c:42:
         7e:e8:a1:86:da:27:0d:62:b8:ef:cf:bd:be:1b:e4:24:b4:d9:
         a9:c7:66:e5:ce:e9:56:ef:f9:dd:cc:ac:54:58:42:f3:51:a7:
         ab:83:94:f4:4c:27:67:ae:b1:1e:e5:85:fa:b8:79:33:f6:0a:
         00:75:90:d8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYvAIlV5KcQO6sVbyhl9P+ikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjMxMTExMjA0NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWExYTQwYjA5ZTNhMzE2ZWNjNTgwM2M4YmM3OGY2OWQ2Yzg3ZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4E0k1QQCUAG8x1EWZcLGbcvK1BW1
7Rmb+i9vL4qQp0ercf4OfWkWA5luzUt5L29RocyzWrk0uKHA7ivtHbkxHGiFPEVe
1L96vMbdxN97WP1gGgrNn6hoWimgF2oywQCz7uNnWBllnRqHxabOx77ay/x2fMc2
1Hn+iNH3se1F60F3LINu3QmTm7LVtilbWchmly5yc1HGeU6oOJY7XG2ae1NBZupN
5YOPV3T/59wMQVbVNN7IjavpbVcuTpv6BM/9zLVZw35Ls+LjBhhX6rIJYraZvKBY
03vwLTqzAH+d4k+lQbEWXBJ1XGfaO4EebO4F9jDqKn3sSrGvrEnN7d6z9wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFK6hpAsJ46MW7MWAPIvHj2nWyH1UMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvcnFHa0N3bmpveGJzeFlBOGk4ZVBhZGJJZlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQABf0+AwQA
JYzxMAwDBABPhbUDBANPhbADBABbyFQDBAC58GcDBAC59DMDBAC5+iwDBAC5+i4D
BADBu2AwDQYJKoZIhvcNAQELBQADggEBAEkKlitJvMpESCL4hdZHgmjkNZSzjJ0t
5dOLVzkiRNWW6CpSxwS2u+IQ/pYhcII40J7XG1QiXRgs/jsZpVfuYSmAc25zll+b
HDSl9gu5QJZKh6Oz6TxxW4Rmpj0+6NXvcsZeNh4OnoipN1IiD/vNWE4CvzGSt/Cp
+tsU/3KZmTSjmUcOXmq8KgtVgA/XW/qZd+gZ84RnznF/Uq2THhwGWGKBgwSydW6P
6Jz9EJbDJz3gP5zpX3adoyC4wzMzy/RGQWhzhQNcQn7ooYbaJw1iuO/Pvb4b5CS0
2anHZuXO6Vbv+d3MrFRYQvNRp6uDlPRMJ2eusR7lhfq4eTP2CgB1kNg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:02 2024 by rpki-client on console-ams.rpki-client.org