Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/194f22-8689-4fdb-9c41-058bbf9d5e27/1/84_lpNATtexEHPNP2rQIkbGyUNU.roa
File:                     84_lpNATtexEHPNP2rQIkbGyUNU.roa (raw, json)
Hash identifier:          lZFSS9at/r0LNAhOo1heUI5jfmc1JEBfII6yBS3wtmo=
Subject key identifier:   F3:8F:E5:A4:D0:13:B5:EC:44:1C:F3:4F:DA:B4:08:91:B1:B2:50:D5
Certificate issuer:       /CN=2b003e583bdb2511ff57ab7a32fce741334b343b
Certificate serial:       0185710BE7E833289E039F1E76729D913CEC
Authority key identifier: 2B:00:3E:58:3B:DB:25:11:FF:57:AB:7A:32:FC:E7:41:33:4B:34:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KwA-WDvbJRH_V6t6MvznQTNLNDs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/194f22-8689-4fdb-9c41-058bbf9d5e27/1/84_lpNATtexEHPNP2rQIkbGyUNU.roa
Signing time:             Mon 02 Jan 2023 05:54:43 +0000
ROA not before:           Mon 02 Jan 2023 05:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51349
IP address blocks:        195.43.86.0/23 maxlen: 23
                          185.83.4.0/24 maxlen: 24
                          185.83.4.0/22 maxlen: 22
                          2a00:c3a0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0b:e7:e8:33:28:9e:03:9f:1e:76:72:9d:91:3c:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b003e583bdb2511ff57ab7a32fce741334b343b
        Validity
            Not Before: Jan  2 05:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f38fe5a4d013b5ec441cf34fdab40891b1b250d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:4b:e0:76:58:df:cc:b8:a0:80:e2:1a:12:2a:
                    d1:d8:c8:17:d0:6f:49:9c:cf:dc:da:02:7f:89:83:
                    4e:7a:ff:a1:ab:43:ed:76:91:9f:2f:f4:94:f2:fc:
                    e9:b4:19:5f:89:5a:0f:b1:c1:ff:80:a6:86:c4:d7:
                    a5:e2:a6:c5:7a:a8:de:a5:09:37:7f:0e:4f:f6:96:
                    31:d3:ce:22:5e:e7:05:0c:50:f8:14:3c:d3:e6:d0:
                    48:fe:97:74:1d:d7:da:fb:0b:78:26:b8:08:c6:d6:
                    8c:34:44:0c:7d:58:27:50:3d:2e:a4:f3:b2:0c:52:
                    e4:db:67:25:55:43:bc:e0:b4:c5:62:be:06:d5:8c:
                    08:6c:82:f5:47:25:f6:40:48:cf:58:82:6f:84:69:
                    cb:e9:83:29:aa:2e:8b:b4:ae:80:b0:cf:26:df:e8:
                    0b:d3:e3:15:47:5d:f1:b3:d5:5a:d6:9d:ef:ca:b6:
                    82:1d:ff:2c:b4:5d:7d:a3:fb:ad:79:3c:88:fb:e4:
                    fa:6f:17:17:c5:30:1b:cf:57:0c:8a:89:25:7d:8b:
                    41:06:ac:98:91:c0:eb:f0:12:93:81:05:30:f1:bc:
                    54:78:21:99:5b:80:ae:2d:ba:dc:b8:69:1b:6c:88:
                    1d:fb:2f:5d:e7:0e:18:b0:9c:25:d7:28:f5:ad:e7:
                    c3:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:8F:E5:A4:D0:13:B5:EC:44:1C:F3:4F:DA:B4:08:91:B1:B2:50:D5
            X509v3 Authority Key Identifier:
                keyid:2B:00:3E:58:3B:DB:25:11:FF:57:AB:7A:32:FC:E7:41:33:4B:34:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwA-WDvbJRH_V6t6MvznQTNLNDs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/194f22-8689-4fdb-9c41-058bbf9d5e27/1/84_lpNATtexEHPNP2rQIkbGyUNU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/194f22-8689-4fdb-9c41-058bbf9d5e27/1/KwA-WDvbJRH_V6t6MvznQTNLNDs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.83.4.0/22
                  195.43.86.0/23
                IPv6:
                  2a00:c3a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         96:6d:ce:84:bc:37:a7:f1:26:d7:e7:0f:d0:55:83:86:9d:cf:
         f4:40:db:2a:0f:63:0f:76:85:2e:ad:ea:6c:e6:a8:65:fe:cd:
         39:75:b5:30:03:69:3d:ed:b2:de:08:4e:28:63:ad:8e:8d:f6:
         19:10:0c:92:ac:d7:b7:dd:10:32:d4:09:58:a0:80:da:13:24:
         97:c8:30:30:ef:b4:ea:10:b9:46:e2:b6:76:05:0c:36:ad:27:
         dd:45:43:c9:07:2c:54:be:a3:a0:9e:07:d3:ec:de:33:2e:40:
         af:90:b1:4a:b5:d7:43:35:91:06:a9:0b:bb:ce:ad:c0:99:bc:
         d7:94:09:59:58:be:a4:80:b2:d8:4f:95:92:b6:06:69:75:9a:
         af:67:0a:ab:3b:aa:a6:40:d5:af:b8:db:39:f4:74:7e:b8:48:
         af:59:1b:3a:b8:5c:e6:d2:d7:df:81:0e:75:de:6e:a5:f5:16:
         a3:33:c8:66:04:2d:e1:b7:4d:10:ee:7b:70:23:23:e8:5a:1f:
         99:76:19:c1:26:69:17:a1:47:c8:41:4c:c5:50:cc:4a:31:8b:
         15:4c:52:44:ad:df:2e:14:6d:f6:5c:53:2b:9d:48:e7:b4:6d:
         da:2b:c9:23:de:f1:a6:74:c8:b1:f5:7d:4b:3e:84:88:00:af:
         7d:95:a5:b8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxC+foMyieA58ednKdkTzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMDAzZTU4M2JkYjI1MTFmZjU3YWI3YTMyZmNlNzQxMzM0
YjM0M2IwHhcNMjMwMTAyMDU1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzhmZTVhNGQwMTNiNWVjNDQxY2YzNGZkYWI0MDg5MWIxYjI1MGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0vgdljfzLiggOIaEirR2MgX0G9J
nM/c2gJ/iYNOev+hq0PtdpGfL/SU8vzptBlfiVoPscH/gKaGxNel4qbFeqjepQk3
fw5P9pYx084iXucFDFD4FDzT5tBI/pd0Hdfa+wt4JrgIxtaMNEQMfVgnUD0upPOy
DFLk22clVUO84LTFYr4G1YwIbIL1RyX2QEjPWIJvhGnL6YMpqi6LtK6AsM8m3+gL
0+MVR13xs9Va1p3vyraCHf8stF19o/uteTyI++T6bxcXxTAbz1cMioklfYtBBqyY
kcDr8BKTgQUw8bxUeCGZW4CuLbrcuGkbbIgd+y9d5w4YsJwl1yj1refDDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPOP5aTQE7XsRBzzT9q0CJGxslDVMB8GA1UdIwQY
MBaAFCsAPlg72yUR/1erejL850EzSzQ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3dBLVdEdmJKUkhfVjZ0Nk12em5RVE5MTkRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8xOTRmMjItODY4OS00ZmRiLTljNDEt
MDU4YmJmOWQ1ZTI3LzEvODRfbHBOQVR0ZXhFSFBOUDJyUUlrYkd5VU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8xOTRmMjItODY4OS00ZmRiLTljNDEtMDU4YmJmOWQ1ZTI3
LzEvS3dBLVdEdmJKUkhfVjZ0Nk12em5RVE5MTkRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVMEAwQB
wytWMA0EAgACMAcDBQAqAMOgMA0GCSqGSIb3DQEBCwUAA4IBAQCWbc6EvDen8SbX
5w/QVYOGnc/0QNsqD2MPdoUureps5qhl/s05dbUwA2k97bLeCE4oY62OjfYZEAyS
rNe33RAy1AlYoIDaEySXyDAw77TqELlG4rZ2BQw2rSfdRUPJByxUvqOgngfT7N4z
LkCvkLFKtddDNZEGqQu7zq3AmbzXlAlZWL6kgLLYT5WStgZpdZqvZwqrO6qmQNWv
uNs59HR+uEivWRs6uFzm0tffgQ513m6l9RajM8hmBC3ht00Q7ntwIyPoWh+ZdhnB
JmkXoUfIQUzFUMxKMYsVTFJErd8uFG32XFMrnUjntG3aK8kj3vGmdMix9X1LPoSI
AK99laW4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:33 2024 by rpki-client on console-fra.rpki-client.org