Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Lc3i9YO1PAtEkB086twhT7KdGJ8.roa
File:                     Lc3i9YO1PAtEkB086twhT7KdGJ8.roa (raw, json)
Hash identifier:          pcrI+zElTnTJ4mdVuV7+bZtBvWmUAVb9FHwRU3xR7GI=
Subject key identifier:   2D:CD:E2:F5:83:B5:3C:0B:44:90:1D:3C:EA:DC:21:4F:B2:9D:18:9F
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018E6F3D7F625159C5FBADE547C9F3A66DB8
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Lc3i9YO1PAtEkB086twhT7KdGJ8.roa
Signing time:             Sun 24 Mar 2024 06:54:45 +0000
ROA not before:           Sun 24 Mar 2024 06:54:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     41111
IP address blocks:        5.180.20.0/24 maxlen: 24
                          5.180.21.0/24 maxlen: 24
                          5.180.22.0/23 maxlen: 24
                          5.180.24.0/24 maxlen: 24
                          5.180.30.0/24 maxlen: 24
                          5.180.40.0/24 maxlen: 24
                          5.180.42.0/24 maxlen: 24
                          5.180.43.0/24 maxlen: 24
                          5.180.45.0/24 maxlen: 24
                          5.180.46.0/24 maxlen: 24
                          5.180.47.0/24 maxlen: 24
                          5.180.52.0/24 maxlen: 24
                          5.180.54.0/24 maxlen: 24
                          5.180.55.0/24 maxlen: 24
                          5.180.145.0/24 maxlen: 24
                          5.180.147.0/24 maxlen: 24
                          5.253.28.0/24 maxlen: 24
                          5.253.29.0/24 maxlen: 24
                          5.253.30.0/24 maxlen: 24
                          5.253.31.0/24 maxlen: 24
                          5.253.40.0/23 maxlen: 24
                          5.253.42.0/24 maxlen: 24
                          5.253.43.0/24 maxlen: 24
                          45.66.160.0/22 maxlen: 24
                          45.66.164.0/22 maxlen: 24
                          45.86.66.0/24 maxlen: 24
                          45.128.60.0/24 maxlen: 24
                          45.136.116.0/24 maxlen: 24
                          45.136.117.0/24 maxlen: 24
                          45.136.124.0/22 maxlen: 24
                          45.136.128.0/23 maxlen: 24
                          45.136.149.0/24 maxlen: 24
                          45.149.112.0/24 maxlen: 24
                          85.208.108.0/23 maxlen: 24
                          85.208.110.0/24 maxlen: 24
                          85.208.119.0/24 maxlen: 24
                          85.209.153.0/24 maxlen: 24
                          85.209.154.0/24 maxlen: 24
                          85.209.155.0/24 maxlen: 24
                          85.209.156.0/22 maxlen: 24
                          85.209.194.0/24 maxlen: 24
                          85.209.195.0/24 maxlen: 24
                          88.218.92.0/24 maxlen: 24
                          88.218.93.0/24 maxlen: 24
                          88.218.94.0/24 maxlen: 24
                          88.218.95.0/24 maxlen: 24
                          141.98.188.0/22 maxlen: 24
                          194.36.36.0/22 maxlen: 24
                          194.55.136.0/23 maxlen: 24
                          194.55.188.0/24 maxlen: 24
                          194.55.189.0/24 maxlen: 24
                          194.59.221.0/24 maxlen: 24
                          194.59.244.0/24 maxlen: 24
                          194.59.245.0/24 maxlen: 24
                          194.76.146.0/24 maxlen: 24
                          194.76.147.0/24 maxlen: 24
                          194.76.154.0/23 maxlen: 24
                          194.124.250.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 11:10:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:6f:3d:7f:62:51:59:c5:fb:ad:e5:47:c9:f3:a6:6d:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Mar 24 06:54:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2dcde2f583b53c0b44901d3ceadc214fb29d189f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f1:7f:39:92:a6:cf:99:be:05:d9:70:1a:c4:
                    f2:5f:a3:fe:da:a4:95:18:a2:ad:3c:a1:f8:54:cb:
                    bc:64:b2:e9:75:85:4b:0c:90:bf:d6:b9:dd:97:27:
                    5c:88:cd:77:6d:17:f8:51:16:ec:0c:74:45:4d:90:
                    a1:ce:5f:66:05:f1:40:c4:58:1a:95:d7:5a:d4:a8:
                    4b:79:a5:61:6f:9f:45:1a:cd:26:62:68:98:b5:25:
                    f3:61:5b:be:2a:73:98:da:7c:28:4a:33:e5:98:8d:
                    56:c0:3c:27:34:93:ff:66:c6:6d:0f:d8:83:86:32:
                    db:c0:85:72:0f:be:1c:82:4d:78:14:13:60:b1:2e:
                    e7:bb:1e:3e:b5:93:cd:ef:a0:82:71:98:d4:25:69:
                    ce:c8:55:0d:c8:7e:ea:15:c8:de:45:e7:b1:64:57:
                    66:c0:e9:17:5e:f1:f6:07:da:95:59:23:af:cf:eb:
                    e0:92:b3:1e:b4:13:26:4b:61:b4:d3:ad:80:38:57:
                    c8:9c:7d:db:63:8b:fd:35:13:dd:4a:d5:0a:bc:3b:
                    f5:7b:ed:38:3a:a0:ae:aa:8e:34:54:53:50:6b:64:
                    d3:1f:a4:eb:89:92:fa:8f:4f:7a:0a:90:6d:f9:eb:
                    95:c5:32:d3:60:ec:94:24:a9:12:b0:c4:95:2f:53:
                    a1:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:CD:E2:F5:83:B5:3C:0B:44:90:1D:3C:EA:DC:21:4F:B2:9D:18:9F
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Lc3i9YO1PAtEkB086twhT7KdGJ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.20.0-5.180.24.255
                  5.180.30.0/24
                  5.180.40.0/24
                  5.180.42.0/23
                  5.180.45.0-5.180.47.255
                  5.180.52.0/24
                  5.180.54.0/23
                  5.180.145.0/24
                  5.180.147.0/24
                  5.253.28.0/22
                  5.253.40.0/22
                  45.66.160.0/21
                  45.86.66.0/24
                  45.128.60.0/24
                  45.136.116.0/23
                  45.136.124.0-45.136.129.255
                  45.136.149.0/24
                  45.149.112.0/24
                  85.208.108.0-85.208.110.255
                  85.208.119.0/24
                  85.209.153.0-85.209.159.255
                  85.209.194.0/23
                  88.218.92.0/22
                  141.98.188.0/22
                  194.36.36.0/22
                  194.55.136.0/23
                  194.55.188.0/23
                  194.59.221.0/24
                  194.59.244.0/23
                  194.76.146.0/23
                  194.76.154.0/23
                  194.124.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a6:14:38:bc:35:dd:11:ee:af:d6:f8:d1:61:63:92:66:41:d2:
         8a:3a:73:33:2d:e3:13:a9:b0:92:09:7b:05:15:6c:a5:96:8e:
         4e:e8:65:ec:79:c0:8e:9d:92:c7:e0:df:ed:1e:9e:fb:85:54:
         80:69:f4:33:42:fe:a2:27:aa:f9:fe:03:91:dd:a1:7f:1c:df:
         de:7d:f3:9e:ae:fd:1a:67:9d:53:f2:84:95:66:5c:98:5d:d4:
         60:52:2c:73:f5:e0:91:76:80:85:c9:8f:2e:db:ac:ae:56:8e:
         7d:d6:0e:1b:9c:04:21:47:8a:27:2c:92:db:41:3d:03:cb:29:
         0d:d4:4b:f0:9e:47:38:db:86:fc:49:6b:e3:e8:f2:8b:a7:59:
         4e:7e:4b:a9:c0:f9:cd:69:67:15:c1:5d:76:14:88:a4:3e:12:
         64:a4:f7:88:ee:85:f0:bd:02:78:82:53:fb:2b:8f:91:5f:2f:
         e8:28:eb:16:3b:55:6e:9b:26:67:a7:14:dd:02:71:d4:bb:37:
         10:94:2e:23:54:a4:82:83:a4:35:d9:17:4b:a0:ef:3f:08:9d:
         1f:04:ef:6e:31:25:27:97:8b:b8:a6:d4:af:a7:95:75:bf:ef:
         0d:e7:2e:c7:76:ca:53:c4:b5:e9:2b:1b:c9:5e:ea:b5:b5:e9:
         6a:cd:cc:7d
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAY5vPX9iUVnF+63lR8nzpm24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMzI0MDY1NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGNkZTJmNTgzYjUzYzBiNDQ5MDFkM2NlYWRjMjE0ZmIyOWQxODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfF/OZKmz5m+BdlwGsTyX6P+2qSV
GKKtPKH4VMu8ZLLpdYVLDJC/1rndlydciM13bRf4URbsDHRFTZChzl9mBfFAxFga
ldda1KhLeaVhb59FGs0mYmiYtSXzYVu+KnOY2nwoSjPlmI1WwDwnNJP/ZsZtD9iD
hjLbwIVyD74cgk14FBNgsS7nux4+tZPN76CCcZjUJWnOyFUNyH7qFcjeReexZFdm
wOkXXvH2B9qVWSOvz+vgkrMetBMmS2G0062AOFfInH3bY4v9NRPdStUKvDv1e+04
OqCuqo40VFNQa2TTH6TriZL6j096CpBt+euVxTLTYOyUJKkSsMSVL1OhUQIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFC3N4vWDtTwLRJAdPOrcIU+ynRifMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTGMzaTlZTzFQQXRFa0IwODZ0d2hUN0tkR0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoMAwD
BAIFtBQDBAAFtBgDBAAFtB4DBAAFtCgDBAEFtCowDAMEAAW0LQMEBAW0IAMEAAW0
NAMEAQW0NgMEAAW0kQMEAAW0kwMEAgX9HAMEAgX9KAMEAy1CoAMEAC1WQgMEAC2A
PAMEAS2IdDAMAwQCLYh8AwQBLYiAAwQALYiVAwQALZVwMAwDBAJV0GwDBABV0G4D
BABV0HcwDAMEAFXRmQMEBVXRgAMEAVXRwgMEAljaXAMEAo1ivAMEAsIkJAMEAcI3
iAMEAcI3vAMEAMI73QMEAcI79AMEAcJMkgMEAcJMmgMEAcJ8+jANBgkqhkiG9w0B
AQsFAAOCAQEAphQ4vDXdEe6v1vjRYWOSZkHSijpzMy3jE6mwkgl7BRVspZaOTuhl
7HnAjp2Sx+Df7R6e+4VUgGn0M0L+oieq+f4Dkd2hfxzf3n3znq79GmedU/KElWZc
mF3UYFIsc/XgkXaAhcmPLtusrlaOfdYOG5wEIUeKJyyS20E9A8spDdRL8J5HONuG
/Elr4+jyi6dZTn5LqcD5zWlnFcFddhSIpD4SZKT3iO6F8L0CeIJT+yuPkV8v6Cjr
FjtVbpsmZ6cU3QJx1Ls3EJQuI1SkgoOkNdkXS6DvPwidHwTvbjElJ5eLuKbUr6eV
db/vDecux3bKU8S16SsbyV7qtbXpas3MfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:24 2024 by rpki-client on console-fra.rpki-client.org