Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/5BF_F_470CkNol0wRhmdb8_e6Rk.roa
File:                     5BF_F_470CkNol0wRhmdb8_e6Rk.roa (raw, json)
Hash identifier:          NMqJc8uddS2VQ8v1COhuDjt5KWjV9SAZuoPPw4XXAOo=
Subject key identifier:   E4:11:7F:17:FE:3B:D0:29:0D:A2:5D:30:46:19:9D:6F:CF:DE:E9:19
Certificate issuer:       /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial:       0189D22CCDD4A814488B907E9FB468076A42
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/5BF_F_470CkNol0wRhmdb8_e6Rk.roa
Signing time:             Mon 07 Aug 2023 22:44:58 +0000
ROA not before:           Mon 07 Aug 2023 22:44:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        45.149.94.0/24 maxlen: 24
                          80.246.225.0/24 maxlen: 24
                          80.246.232.0/24 maxlen: 24
                          80.246.236.0/24 maxlen: 24
                          80.246.236.0/22 maxlen: 24
                          80.246.237.0/24 maxlen: 24
                          80.246.238.0/24 maxlen: 24
                          80.246.239.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 15 Aug 2023 08:23:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d2:2c:cd:d4:a8:14:48:8b:90:7e:9f:b4:68:07:6a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
        Validity
            Not Before: Aug  7 22:44:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e4117f17fe3bd0290da25d3046199d6fcfdee919
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:fa:f9:f0:24:ea:0e:0b:d0:83:3d:7d:05:2e:
                    d4:da:38:71:42:dc:c9:07:00:1f:ff:1d:c6:40:c5:
                    a8:f9:f9:4c:a3:31:68:a5:e0:ca:c3:91:ed:a0:78:
                    2f:30:ef:ee:f5:40:b7:ec:5c:66:d9:3e:13:d1:c0:
                    48:a7:6d:11:73:97:4e:16:9b:92:f3:59:a1:2d:0a:
                    a2:ed:65:a3:1f:4e:b0:74:b1:50:82:50:2d:ca:97:
                    aa:9c:1f:a8:4d:31:73:1e:be:d4:6e:e6:8a:bd:c7:
                    53:5b:7a:6c:58:4e:fa:f1:90:f2:35:01:18:69:2c:
                    1f:77:91:be:50:4f:da:19:50:e7:be:ae:ec:92:68:
                    ac:b4:af:ce:14:18:16:eb:6c:18:ee:b3:b5:89:0c:
                    7d:d6:9b:19:32:e8:4e:44:b1:be:7e:eb:bd:1b:fd:
                    3f:56:dc:6a:2a:58:83:8e:ee:c4:ad:6f:1e:5a:9d:
                    7a:14:7d:f1:67:d9:c1:43:0e:d8:b7:e8:e4:d0:07:
                    fd:20:5c:0b:6d:47:e8:3f:fe:ce:db:11:75:97:23:
                    09:d5:2b:3d:f0:58:bc:3c:3a:d6:cc:7c:f0:33:89:
                    45:14:5d:f0:18:5f:da:3c:22:8f:36:47:17:73:5c:
                    97:f4:b8:5b:bc:c2:73:9a:f9:05:de:de:52:e1:c0:
                    d6:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:11:7F:17:FE:3B:D0:29:0D:A2:5D:30:46:19:9D:6F:CF:DE:E9:19
            X509v3 Authority Key Identifier:
                keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/5BF_F_470CkNol0wRhmdb8_e6Rk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.94.0/24
                  80.246.225.0/24
                  80.246.232.0/24
                  80.246.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:fc:72:0e:56:b9:5c:d7:c2:8e:5c:5e:9d:5d:d2:20:b6:9d:
         bb:3a:fe:23:98:d6:7a:34:a7:c1:33:f5:75:b4:2b:f0:77:00:
         56:5e:dc:4b:91:66:2f:a2:82:bb:00:c0:9c:63:2f:31:6e:72:
         f6:0c:d6:43:b2:e2:ff:5e:1e:09:ab:03:1b:d2:a4:1e:e0:59:
         6a:ba:75:b4:f0:3f:06:a1:da:0a:76:0c:81:14:c9:f2:1a:18:
         4d:be:dc:23:69:c5:fb:73:77:a0:4b:14:52:34:77:f7:9b:2f:
         48:e2:85:6b:2a:36:25:be:45:01:2a:a5:b6:07:3e:07:78:37:
         c3:3b:b0:6f:b4:c9:dd:43:f1:0f:38:6a:f3:c7:b5:41:dd:3a:
         21:e7:b8:27:91:41:a5:1f:8a:0b:ce:b6:03:ea:37:5a:9d:74:
         cb:50:3a:05:ed:12:90:29:a0:aa:eb:9c:19:72:bc:ff:80:21:
         da:9c:e8:8e:61:90:1f:2a:1d:26:45:39:a7:12:44:d7:db:c4:
         00:07:ee:d4:96:58:6b:bd:17:b6:5d:6a:c5:47:5e:4c:6d:94:
         a4:18:bc:94:26:23:56:3d:f8:ca:44:a9:0b:90:18:d9:4f:9f:
         c7:bc:aa:d0:e6:23:0e:ab:1f:6f:34:6a:46:71:ab:cd:6f:53:
         8e:c7:04:ab
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYnSLM3UqBRIi5B+n7RoB2pCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwODA3MjI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDExN2YxN2ZlM2JkMDI5MGRhMjVkMzA0NjE5OWQ2ZmNmZGVlOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/r58CTqDgvQgz19BS7U2jhxQtzJ
BwAf/x3GQMWo+flMozFopeDKw5HtoHgvMO/u9UC37Fxm2T4T0cBIp20Rc5dOFpuS
81mhLQqi7WWjH06wdLFQglAtypeqnB+oTTFzHr7UbuaKvcdTW3psWE768ZDyNQEY
aSwfd5G+UE/aGVDnvq7skmistK/OFBgW62wY7rO1iQx91psZMuhORLG+fuu9G/0/
VtxqKliDju7ErW8eWp16FH3xZ9nBQw7Yt+jk0Af9IFwLbUfoP/7O2xF1lyMJ1Ss9
8Fi8PDrWzHzwM4lFFF3wGF/aPCKPNkcXc1yX9LhbvMJzmvkF3t5S4cDW2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOQRfxf+O9ApDaJdMEYZnW/P3ukZMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvNUJGX0ZfNDcwQ2tOb2wwd1JobWRiOF9lNlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZVeAwQA
UPbhAwQAUPboAwQCUPbsMA0GCSqGSIb3DQEBCwUAA4IBAQAn/HIOVrlc18KOXF6d
XdIgtp27Ov4jmNZ6NKfBM/V1tCvwdwBWXtxLkWYvooK7AMCcYy8xbnL2DNZDsuL/
Xh4JqwMb0qQe4FlqunW08D8GodoKdgyBFMnyGhhNvtwjacX7c3egSxRSNHf3my9I
4oVrKjYlvkUBKqW2Bz4HeDfDO7BvtMndQ/EPOGrzx7VB3Toh57gnkUGlH4oLzrYD
6jdanXTLUDoF7RKQKaCq65wZcrz/gCHanOiOYZAfKh0mRTmnEkTX28QAB+7Ullhr
vRe2XWrFR15MbZSkGLyUJiNWPfjKRKkLkBjZT5/HvKrQ5iMOqx9vNGpGcavNb1OO
xwSr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:52 2024 by rpki-client on console-fra.rpki-client.org