Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/q8-Zrq9p78j-jz1oXLqXCSOiWSM.roa
File:                     q8-Zrq9p78j-jz1oXLqXCSOiWSM.roa (raw, json)
Hash identifier:          SyEC2MrdtOm6XPCF6tjyqt29wuyQcEQDT6Fozkbwuf0=
Subject key identifier:   AB:CF:99:AE:AF:69:EF:C8:FE:8F:3D:68:5C:BA:97:09:23:A2:59:23
Certificate issuer:       /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial:       018CC8DECD238D1763432CFBA9D6938C4FE3
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/q8-Zrq9p78j-jz1oXLqXCSOiWSM.roa
Signing time:             Tue 02 Jan 2024 06:31:33 +0000
ROA not before:           Tue 02 Jan 2024 06:31:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42831
IP address blocks:        185.17.24.0/22 maxlen: 22
                          78.157.192.0/19 maxlen: 19
                          78.110.160.0/20 maxlen: 20
                          94.229.64.0/20 maxlen: 20
                          77.74.192.0/21 maxlen: 21
                          31.132.0.0/21 maxlen: 21
                          185.103.96.0/22 maxlen: 22
                          178.159.0.0/20 maxlen: 20
                          37.9.56.0/21 maxlen: 21
                          5.101.136.0/21 maxlen: 21
                          5.101.144.0/21 maxlen: 21
                          77.75.120.0/21 maxlen: 21
                          5.101.168.0/21 maxlen: 21
                          2a01:a500::/32 maxlen: 32
                          2a01:a500:2566::/48 maxlen: 48
                          2a01:a500:1228::/48 maxlen: 48
                          2a01:a500:1::/48 maxlen: 48
                          2a01:a507::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 19:47:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:de:cd:23:8d:17:63:43:2c:fb:a9:d6:93:8c:4f:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
        Validity
            Not Before: Jan  2 06:31:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=abcf99aeaf69efc8fe8f3d685cba970923a25923
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:47:f0:24:3c:47:49:1c:ec:84:7c:92:ff:1d:
                    e6:b5:50:a8:6d:8f:05:6b:9b:54:8e:87:33:83:30:
                    0d:6e:7c:c6:a2:76:b7:da:2a:85:a4:94:5a:47:57:
                    7d:76:69:90:e1:b9:7a:b5:b1:12:26:de:b2:ba:3b:
                    dd:26:b4:c9:6c:b5:81:9e:01:af:a1:fe:76:ba:d5:
                    ba:f9:2c:90:ba:d4:17:be:cb:00:26:ee:d3:e8:b3:
                    98:3b:ff:ba:5c:49:b0:82:d2:72:ff:09:69:b0:26:
                    45:76:58:d8:d9:ee:3e:c0:3a:74:16:b6:d9:1f:d2:
                    8a:bb:1a:2e:c2:37:64:5d:5a:89:69:a8:93:42:96:
                    c1:a2:a1:75:13:38:46:96:86:fd:c2:83:ab:0b:92:
                    a1:e5:71:55:a9:b9:c3:d6:29:95:5e:77:ca:97:aa:
                    0c:19:d4:3f:30:13:d2:e9:51:5d:5c:b4:e0:b3:6a:
                    3a:bb:ad:af:32:01:7e:d4:b1:ec:59:2d:f8:34:c4:
                    0a:9c:85:2f:9b:ba:b0:f7:da:10:01:cf:ea:03:da:
                    28:d9:94:44:e9:eb:01:3e:be:1e:61:8c:ec:20:31:
                    16:0a:e7:40:08:95:6e:d3:17:f7:d9:2c:14:ca:db:
                    a4:37:82:3f:17:43:a7:a7:af:a2:4a:c7:c0:37:ef:
                    37:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:CF:99:AE:AF:69:EF:C8:FE:8F:3D:68:5C:BA:97:09:23:A2:59:23
            X509v3 Authority Key Identifier:
                keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/q8-Zrq9p78j-jz1oXLqXCSOiWSM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.101.136.0-5.101.151.255
                  5.101.168.0/21
                  31.132.0.0/21
                  37.9.56.0/21
                  77.74.192.0/21
                  77.75.120.0/21
                  78.110.160.0/20
                  78.157.192.0/19
                  94.229.64.0/20
                  178.159.0.0/20
                  185.17.24.0/22
                  185.103.96.0/22
                IPv6:
                  2a01:a500::/32
                  2a01:a507::/32

    Signature Algorithm: sha256WithRSAEncryption
         7a:1b:83:63:0b:9c:63:ca:9a:a1:3f:bf:26:2b:ad:ef:e7:6a:
         31:89:1a:ea:a5:e3:b7:7b:2b:a5:1a:34:26:e0:3e:b7:67:d5:
         40:2e:1e:b5:8b:1a:da:7c:b6:d8:26:03:e0:fa:a5:d1:85:4e:
         12:f4:3e:c2:e0:94:73:70:d5:03:f2:d4:1a:0d:3d:70:37:39:
         78:94:9e:f5:e5:3f:d8:a7:b2:9f:a3:3a:a3:cb:86:be:df:57:
         3d:90:f2:d2:d0:35:1e:86:6f:62:76:d0:de:c7:cf:6d:cc:75:
         e8:d5:eb:9c:9c:52:1c:4c:2a:ce:ff:2c:25:1f:f9:a2:4a:eb:
         52:91:ca:bd:fd:ba:aa:6f:91:31:ad:1d:63:e1:a0:f0:ca:2e:
         3d:df:1a:94:6d:2b:6b:70:cd:f6:24:c1:ae:c7:37:b7:5a:71:
         b7:47:62:8c:28:51:b7:34:89:c1:ff:57:af:f5:24:49:f8:ab:
         e0:b4:63:e4:d6:39:fa:47:5b:50:b9:90:b4:ee:0b:ff:00:c8:
         45:73:53:1e:32:67:54:9d:75:90:2e:3f:d6:e0:bb:6a:5d:af:
         94:57:3d:37:d4:8f:5b:98:a4:28:1d:2d:d3:69:f0:28:25:21:
         07:c7:7c:2f:74:99:8c:d5:ab:80:48:1c:47:51:94:2c:53:2a:
         5d:96:bb:42
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYzI3s0jjRdjQyz7qdaTjE/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmZkYmI2YTRiMTY2MzM2OWRhNDA3ZGI5N2IwMjFmNzMy
ODRhMjgwHhcNMjQwMTAyMDYzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmNmOTlhZWFmNjllZmM4ZmU4ZjNkNjg1Y2JhOTcwOTIzYTI1OTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkfwJDxHSRzshHyS/x3mtVCobY8F
a5tUjoczgzANbnzGona32iqFpJRaR1d9dmmQ4bl6tbESJt6yujvdJrTJbLWBngGv
of52utW6+SyQutQXvssAJu7T6LOYO/+6XEmwgtJy/wlpsCZFdljY2e4+wDp0FrbZ
H9KKuxouwjdkXVqJaaiTQpbBoqF1EzhGlob9woOrC5Kh5XFVqbnD1imVXnfKl6oM
GdQ/MBPS6VFdXLTgs2o6u62vMgF+1LHsWS34NMQKnIUvm7qw99oQAc/qA9oo2ZRE
6esBPr4eYYzsIDEWCudACJVu0xf32SwUytukN4I/F0Onp6+iSsfAN+83swIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFKvPma6vae/I/o89aFy6lwkjolkjMB8GA1UdIwQY
MBaAFAW/27aksWYzadpAfbl7Ah9zKEooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMt
MDYwZGFjZmViZTBmLzEvcTgtWnJxOXA3OGotanoxb1hMcVhDU09pV1NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMtMDYwZGFjZmViZTBm
LzEvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQMAwDBAMFZYgD
BAMFZZADBAMFZagDBAMfhAADBAMlCTgDBANNSsADBANNS3gDBARObqADBAVOncAD
BARe5UADBASynwADBAK5ERgDBAK5Z2AwFAQCAAIwDgMFACoBpQADBQAqAaUHMA0G
CSqGSIb3DQEBCwUAA4IBAQB6G4NjC5xjypqhP78mK63v52oxiRrqpeO3eyulGjQm
4D63Z9VALh61ixrafLbYJgPg+qXRhU4S9D7C4JRzcNUD8tQaDT1wNzl4lJ715T/Y
p7Kfozqjy4a+31c9kPLS0DUehm9idtDex89tzHXo1eucnFIcTCrO/ywlH/miSutS
kcq9/bqqb5ExrR1j4aDwyi493xqUbStrcM32JMGuxze3WnG3R2KMKFG3NInB/1ev
9SRJ+KvgtGPk1jn6R1tQuZC07gv/AMhFc1MeMmdUnXWQLj/W4LtqXa+UVz031I9b
mKQoHS3TafAoJSEHx3wvdJmM1auASBxHUZQsUypdlrtC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:47 2024 by rpki-client on console-ams.rpki-client.org