Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/50UveVaeKF9Nt1xhIuKQ-28VES8.roa
File:                     50UveVaeKF9Nt1xhIuKQ-28VES8.roa (raw, json)
Hash identifier:          yg/dWn9q0I3XD/qrJwd+xv8TlRUne6m82TP7U11yjrg=
Subject key identifier:   E7:45:2F:79:56:9E:28:5F:4D:B7:5C:61:22:E2:90:FB:6F:15:11:2F
Certificate issuer:       /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial:       01856D6641155E8A61A6FB71540F925D7CD4
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/50UveVaeKF9Nt1xhIuKQ-28VES8.roa
Signing time:             Sun 01 Jan 2023 12:54:55 +0000
ROA not before:           Sun 01 Jan 2023 12:54:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31197
IP address blocks:        83.133.184.0/21 maxlen: 21
                          81.209.144.0/22 maxlen: 22
                          83.125.12.0/22 maxlen: 22
                          81.209.179.0/24 maxlen: 24
                          81.209.185.0/24 maxlen: 24
                          82.197.138.0/24 maxlen: 24
                          81.209.200.0/23 maxlen: 23
                          82.197.152.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:66:41:15:5e:8a:61:a6:fb:71:54:0f:92:5d:7c:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
        Validity
            Not Before: Jan  1 12:54:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e7452f79569e285f4db75c6122e290fb6f15112f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:e6:54:5c:f0:86:24:fe:eb:9c:b5:a6:9c:b4:
                    1d:5b:05:c9:71:7b:3c:d3:ee:4b:eb:64:b5:f8:e2:
                    f6:41:3f:c7:e8:3c:fc:5d:6d:a4:29:38:3e:06:5e:
                    0f:73:a4:eb:47:45:4e:5d:f0:7c:70:81:31:55:69:
                    2b:f2:5e:e0:b8:63:f7:5b:52:65:22:4c:d5:66:26:
                    22:68:cf:44:b5:06:d0:a4:9f:79:f0:93:61:f1:e0:
                    2b:8a:c2:23:b2:e5:78:c7:24:e7:2b:1f:1e:71:94:
                    90:09:19:7a:30:e0:61:21:77:15:60:cb:5b:09:ac:
                    d2:19:f6:0e:01:8a:f7:c1:b2:69:30:ac:71:2d:36:
                    e0:e6:7b:2a:fb:39:9a:5f:4a:00:a4:70:51:ec:da:
                    be:c5:6d:5b:0b:5a:71:01:d3:eb:26:4a:9c:6d:31:
                    d2:c4:b0:6e:02:c5:11:ee:4a:31:35:e5:39:8b:59:
                    f7:92:a7:01:3a:c0:41:44:e2:2b:e6:75:1e:25:b6:
                    0d:e2:41:8b:11:dd:ca:c1:bd:87:32:6d:a5:2c:7b:
                    fa:38:fa:d3:81:3c:70:be:7b:2a:48:ea:0a:63:cc:
                    05:2a:db:08:92:9f:46:c4:e2:7c:b2:c9:e3:47:47:
                    ef:4d:13:9c:7b:33:93:aa:63:ba:0a:8c:c3:79:88:
                    55:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:45:2F:79:56:9E:28:5F:4D:B7:5C:61:22:E2:90:FB:6F:15:11:2F
            X509v3 Authority Key Identifier:
                keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/50UveVaeKF9Nt1xhIuKQ-28VES8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.209.144.0/22
                  81.209.179.0/24
                  81.209.185.0/24
                  81.209.200.0/23
                  82.197.138.0/24
                  82.197.152.0/21
                  83.125.12.0/22
                  83.133.184.0/21

    Signature Algorithm: sha256WithRSAEncryption
         5a:25:7b:69:a8:a0:69:75:7a:13:a2:bc:bc:13:7c:38:9f:e1:
         3c:26:87:73:13:23:2d:b3:8d:cb:57:89:23:96:a9:35:1d:f0:
         26:c7:d8:6f:34:5c:88:68:69:2a:ee:5c:21:65:81:09:8c:44:
         51:53:8d:dc:5b:8a:f7:66:83:11:18:79:25:fe:ac:48:f6:b2:
         a6:d2:4a:5a:db:8e:25:44:97:48:af:b3:d5:c9:9f:53:b1:53:
         78:7a:8c:41:27:be:03:c4:b5:dd:67:17:31:95:0e:f9:25:57:
         b6:a5:27:2d:12:e8:bd:03:ee:9e:3c:d0:50:ca:01:ed:ba:e9:
         2a:6b:fd:3f:86:8a:7f:52:f2:86:cd:81:9d:13:cc:62:a5:d6:
         09:4c:99:a5:54:b5:30:9f:7a:5b:6b:97:eb:6f:69:55:3e:08:
         3b:ed:a4:5b:4a:04:46:0b:21:58:9c:44:72:b1:18:46:35:c7:
         8a:f0:7d:46:b5:30:b7:d8:23:cf:54:7f:7b:a2:06:50:5d:1e:
         c8:73:09:c0:83:8d:76:9f:8a:5d:5e:3d:bb:9f:2e:cc:90:40:
         ba:49:39:e0:a3:fc:d1:53:91:2c:5a:5a:ab:2c:01:34:35:eb:
         10:34:d5:d7:b2:d9:82:b5:d0:71:1d:58:46:e0:05:5a:fe:1c:
         dc:2c:6b:9e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVtZkEVXophpvtxVA+SXXzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwMTAxMTI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzQ1MmY3OTU2OWUyODVmNGRiNzVjNjEyMmUyOTBmYjZmMTUxMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheZUXPCGJP7rnLWmnLQdWwXJcXs8
0+5L62S1+OL2QT/H6Dz8XW2kKTg+Bl4Pc6TrR0VOXfB8cIExVWkr8l7guGP3W1Jl
IkzVZiYiaM9EtQbQpJ958JNh8eArisIjsuV4xyTnKx8ecZSQCRl6MOBhIXcVYMtb
CazSGfYOAYr3wbJpMKxxLTbg5nsq+zmaX0oApHBR7Nq+xW1bC1pxAdPrJkqcbTHS
xLBuAsUR7koxNeU5i1n3kqcBOsBBROIr5nUeJbYN4kGLEd3Kwb2HMm2lLHv6OPrT
gTxwvnsqSOoKY8wFKtsIkp9GxOJ8ssnjR0fvTROcezOTqmO6CozDeYhVlQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOdFL3lWnihfTbdcYSLikPtvFREvMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvNTBVdmVWYWVLRjlOdDF4aEl1S1EtMjhWRVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCUdGQAwQA
UdGzAwQAUdG5AwQBUdHIAwQAUsWKAwQDUsWYAwQCU30MAwQDU4W4MA0GCSqGSIb3
DQEBCwUAA4IBAQBaJXtpqKBpdXoTory8E3w4n+E8JodzEyMts43LV4kjlqk1HfAm
x9hvNFyIaGkq7lwhZYEJjERRU43cW4r3ZoMRGHkl/qxI9rKm0kpa244lRJdIr7PV
yZ9TsVN4eoxBJ74DxLXdZxcxlQ75JVe2pSctEui9A+6ePNBQygHtuukqa/0/hop/
UvKGzYGdE8xipdYJTJmlVLUwn3pba5frb2lVPgg77aRbSgRGCyFYnERysRhGNceK
8H1GtTC32CPPVH97ogZQXR7IcwnAg412n4pdXj27ny7MkEC6STngo/zRU5EsWlqr
LAE0NesQNNXXstmCtdBxHVhG4AVa/hzcLGue
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:10 2024 by rpki-client on console-ams.rpki-client.org