Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/pSBQe5y7CwgZA5VjtUH-0UnTOj4.roa
File:                     pSBQe5y7CwgZA5VjtUH-0UnTOj4.roa (raw, json)
Hash identifier:          iLEgeoQtr8YO7bJclfG+oJXKF95mRUaEaJJZk635kD8=
Subject key identifier:   A5:20:50:7B:9C:BB:0B:08:19:03:95:63:B5:41:FE:D1:49:D3:3A:3E
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       018CC56EB4375B382B4FFDEAD4C0A151FC2F
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/pSBQe5y7CwgZA5VjtUH-0UnTOj4.roa
Signing time:             Mon 01 Jan 2024 14:30:15 +0000
ROA not before:           Mon 01 Jan 2024 14:30:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7018
IP address blocks:        37.19.64.0/22 maxlen: 24
                          37.19.68.0/22 maxlen: 24
                          185.145.52.0/24 maxlen: 24
                          5.249.176.0/22 maxlen: 24
                          5.249.184.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 13 Aug 2024 09:21:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:b4:37:5b:38:2b:4f:fd:ea:d4:c0:a1:51:fc:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Jan  1 14:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a520507b9cbb0b0819039563b541fed149d33a3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b3:0f:1d:5e:74:2b:7f:2c:52:fb:5e:0c:68:
                    ee:4b:5f:1b:5c:e2:fb:c3:91:88:7b:4e:1a:65:74:
                    a8:c7:ff:d2:5f:83:21:5b:50:e7:d3:9d:41:2e:fb:
                    de:ee:77:cc:e3:58:84:ff:be:ab:79:e6:ad:82:5f:
                    48:96:d7:6e:8b:75:19:a1:90:cb:99:dc:18:c5:29:
                    05:a0:17:be:f1:86:d2:0e:4d:58:8d:71:af:6a:2d:
                    19:03:7b:fe:37:0a:85:b8:36:6b:23:08:80:63:b2:
                    3d:ee:17:1b:16:f2:b0:aa:41:49:5f:d5:9c:49:ed:
                    a2:21:b4:66:a4:60:08:e7:76:ae:62:df:d9:20:5c:
                    c3:0e:35:98:c8:39:78:b6:d2:b3:e8:47:dc:82:db:
                    04:a1:e1:6d:b7:56:de:43:4d:64:ea:d9:32:eb:c7:
                    eb:d9:c2:77:0c:60:6f:02:93:f3:f6:d8:15:12:39:
                    22:9f:6c:af:9f:e1:4d:68:64:92:1e:8d:fb:07:9d:
                    2e:6f:f7:fe:67:e3:2e:0c:60:7b:3b:d6:16:6d:04:
                    a4:ca:ad:4e:96:01:3a:a4:45:d2:95:31:b0:80:5c:
                    6f:42:65:f7:cb:06:ab:ef:e6:f9:94:d8:81:d6:d8:
                    df:40:8b:6d:dc:5c:8f:74:0a:cb:2c:1d:c9:db:02:
                    28:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:20:50:7B:9C:BB:0B:08:19:03:95:63:B5:41:FE:D1:49:D3:3A:3E
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/pSBQe5y7CwgZA5VjtUH-0UnTOj4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.249.176.0/22
                  5.249.184.0/22
                  37.19.64.0/21
                  185.145.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cf:0c:0b:05:28:71:29:2c:a3:54:75:16:1c:9d:7a:08:da:70:
         b8:4e:ec:5c:66:15:82:3e:8f:fc:f3:26:04:e7:6c:d8:29:23:
         a6:4e:54:a8:c4:10:0c:c2:14:dc:62:40:58:36:b0:45:a7:9d:
         9a:c5:62:99:8c:aa:f3:f2:82:cc:5c:61:40:59:df:c8:a7:e7:
         4c:a1:6d:90:49:f8:b4:bf:56:1e:37:16:7c:88:b3:19:5f:80:
         dc:b0:b5:6e:4a:34:d3:99:10:82:c1:7a:7c:cf:0a:98:28:8c:
         79:99:01:d2:37:dd:16:c6:6b:67:10:ff:a2:0d:ec:26:57:39:
         22:97:cf:27:10:09:1b:cc:d1:52:aa:fa:25:13:37:36:e5:cb:
         35:73:59:4b:a9:e1:62:22:f7:d4:8c:48:bb:81:f6:89:18:17:
         06:c5:95:30:a7:61:34:dc:2d:f0:98:20:12:3b:59:55:99:e0:
         b9:52:ad:c9:83:15:9b:81:f1:01:69:8d:9b:68:9a:32:8c:6b:
         24:5a:0a:40:26:e4:e9:51:5e:a6:ec:14:f3:1a:b3:7b:f3:d5:
         3f:7e:19:59:f3:be:fb:e6:e3:01:74:68:c7:d2:c3:3e:1b:a1:
         f7:de:d9:f3:d8:59:8f:b3:3a:fb:c5:c6:5a:89:49:44:93:2b:
         84:fd:c4:46
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbrQ3WzgrT/3q1MChUfwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjQwMTAxMTQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTIwNTA3YjljYmIwYjA4MTkwMzk1NjNiNTQxZmVkMTQ5ZDMzYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrMPHV50K38sUvteDGjuS18bXOL7
w5GIe04aZXSox//SX4MhW1Dn051BLvve7nfM41iE/76reeatgl9Iltdui3UZoZDL
mdwYxSkFoBe+8YbSDk1YjXGvai0ZA3v+NwqFuDZrIwiAY7I97hcbFvKwqkFJX9Wc
Se2iIbRmpGAI53auYt/ZIFzDDjWYyDl4ttKz6EfcgtsEoeFtt1beQ01k6tky68fr
2cJ3DGBvApPz9tgVEjkin2yvn+FNaGSSHo37B50ub/f+Z+MuDGB7O9YWbQSkyq1O
lgE6pEXSlTGwgFxvQmX3ywar7+b5lNiB1tjfQItt3FyPdArLLB3J2wIoFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKUgUHucuwsIGQOVY7VB/tFJ0zo+MB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvcFNCUWU1eTdDd2daQTVWanRVSC0wVW5UT2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBfmwAwQC
Bfm4AwQDJRNAAwQAuZE0MA0GCSqGSIb3DQEBCwUAA4IBAQDPDAsFKHEpLKNUdRYc
nXoI2nC4TuxcZhWCPo/88yYE52zYKSOmTlSoxBAMwhTcYkBYNrBFp52axWKZjKrz
8oLMXGFAWd/Ip+dMoW2QSfi0v1YeNxZ8iLMZX4DcsLVuSjTTmRCCwXp8zwqYKIx5
mQHSN90WxmtnEP+iDewmVzkil88nEAkbzNFSqvolEzc25cs1c1lLqeFiIvfUjEi7
gfaJGBcGxZUwp2E03C3wmCASO1lVmeC5Uq3JgxWbgfEBaY2baJoyjGskWgpAJuTp
UV6m7BTzGrN789U/fhlZ87775uMBdGjH0sM+G6H33tnz2FmPszr7xcZaiUlEkyuE
/cRG
-----END CERTIFICATE-----
Generated at Tue Aug 13 11:07:20 2024 by rpki-client on console-fra.rpki-client.org