Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/lu5mpoOgbIL4SVdiPHN6EidcMv0.roa
File:                     lu5mpoOgbIL4SVdiPHN6EidcMv0.roa (raw, json)
Hash identifier:          bGjy9otora9assd2EKmR/NQUbjDoX37JasXirKBzKmw=
Subject key identifier:   96:EE:66:A6:83:A0:6C:82:F8:49:57:62:3C:73:7A:12:27:5C:32:FD
Certificate issuer:       /CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
Certificate serial:       018B6C1256E1905F75F98E81E292D974613B
Authority key identifier: 71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/lu5mpoOgbIL4SVdiPHN6EidcMv0.roa
Signing time:             Thu 26 Oct 2023 13:00:23 +0000
ROA not before:           Thu 26 Oct 2023 13:00:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     19905
IP address blocks:        185.65.58.0/24 maxlen: 24
                          185.65.56.0/24 maxlen: 24
                          152.89.172.0/24 maxlen: 24
                          81.92.84.0/24 maxlen: 24
                          81.92.85.0/24 maxlen: 24
                          81.92.80.0/24 maxlen: 24
                          81.92.81.0/24 maxlen: 24
                          81.92.86.0/24 maxlen: 24
                          81.92.87.0/24 maxlen: 24
                          81.92.88.0/24 maxlen: 24
                          81.92.89.0/24 maxlen: 24
                          81.92.90.0/24 maxlen: 24
                          81.92.94.0/24 maxlen: 24
                          81.92.95.0/24 maxlen: 24
                          2a01:c8:ff00::/48 maxlen: 48
                          2a01:c8:300::/48 maxlen: 48
                          2a01:c8:200::/48 maxlen: 48
                          2a01:c8:100::/48 maxlen: 48
                          2a01:c8::/48 maxlen: 48
                          2a09:35c0:102::/48 maxlen: 48
                          2a01:c8:101::/48 maxlen: 48
                          2a01:c8:1::/48 maxlen: 48
                          2a01:c8:2::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:6c:12:56:e1:90:5f:75:f9:8e:81:e2:92:d9:74:61:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
        Validity
            Not Before: Oct 26 13:00:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=96ee66a683a06c82f84957623c737a12275c32fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:89:2a:b5:2b:9b:c0:40:70:5c:07:f7:54:a1:
                    13:e8:b2:fe:8e:3c:a0:6a:cd:36:95:53:a2:f2:86:
                    f5:ac:ff:26:30:f1:15:c2:ef:f0:aa:6a:04:c7:6b:
                    81:ef:bb:d1:8e:bb:9e:b0:cc:73:38:fa:1c:c7:85:
                    4e:8f:fb:82:4d:6b:7d:bf:c3:ad:69:b1:44:fc:6f:
                    6b:b5:0a:94:63:86:37:ac:d8:1c:f9:aa:06:a6:50:
                    c3:52:7d:b6:e9:d9:78:6a:00:d8:03:25:4c:eb:97:
                    bf:4b:43:ad:a4:12:fb:4e:c4:aa:73:fd:d0:b5:2a:
                    1e:d4:58:ed:e0:16:61:b1:43:d3:f9:a7:48:31:c2:
                    72:37:69:32:2a:33:3c:e2:33:f1:a1:c0:00:b7:5f:
                    ec:69:42:63:25:24:82:ba:44:4b:5d:29:90:a0:f1:
                    20:a1:27:c3:e2:d4:a6:20:af:06:2f:eb:88:d3:63:
                    c8:2d:a0:f3:b7:dc:35:01:6d:ff:17:a8:3b:f1:0d:
                    08:00:d4:6b:9e:da:f5:91:2f:35:19:92:da:e0:d9:
                    e7:2e:09:f4:05:25:fb:17:8f:20:0c:5a:72:ce:c0:
                    29:7e:2f:9a:d6:9b:b7:95:f9:c6:0f:e5:17:73:38:
                    05:42:9a:39:20:bd:fd:e0:c9:2b:06:c2:29:b1:b9:
                    d3:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:EE:66:A6:83:A0:6C:82:F8:49:57:62:3C:73:7A:12:27:5C:32:FD
            X509v3 Authority Key Identifier:
                keyid:71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/lu5mpoOgbIL4SVdiPHN6EidcMv0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/cQUbDizppMnmEh6YPRZf6rh-w1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.92.80.0/23
                  81.92.84.0-81.92.90.255
                  81.92.94.0/23
                  152.89.172.0/24
                  185.65.56.0/24
                  185.65.58.0/24
                IPv6:
                  2a01:c8::-2a01:c8:2:ffff:ffff:ffff:ffff:ffff
                  2a01:c8:100::/47
                  2a01:c8:200::/48
                  2a01:c8:300::/48
                  2a01:c8:ff00::/48
                  2a09:35c0:102::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:be:cb:ca:cd:6b:c1:6d:21:56:64:9a:1a:df:c5:18:3c:06:
         9c:b5:02:0f:8c:85:42:f3:df:e6:10:c8:04:5a:8a:a5:cd:e7:
         2b:c0:8b:f1:fa:2f:c5:8e:13:c7:bf:09:87:47:97:09:37:b5:
         ba:42:75:48:cf:30:32:7a:c2:0d:c1:43:c7:03:2b:78:e8:fa:
         a1:f2:5a:53:1e:4b:81:7d:13:00:42:37:64:6c:6b:e0:07:18:
         f6:04:d0:34:c8:9d:cb:99:8a:86:ab:54:11:0d:21:f5:90:ed:
         14:a8:3a:2c:c8:49:ac:d3:b8:e4:d2:dc:cb:49:95:cb:55:a6:
         95:d7:5f:5c:f0:b1:0d:0e:c9:a3:24:de:ac:21:a8:0e:18:17:
         2a:3f:de:43:f0:58:08:f4:ff:02:31:72:0d:0c:61:82:67:78:
         6a:2b:8d:b7:c2:6a:83:fd:56:62:9e:7b:d6:e4:12:74:60:c2:
         e6:ca:e8:41:12:0d:09:b5:d8:5b:12:db:40:b7:17:ec:96:34:
         86:7b:75:7e:ef:21:68:5e:41:8d:89:ba:40:af:05:88:6c:00:
         a4:8a:f1:0e:b9:6d:6a:16:72:68:99:d1:9e:c3:f1:d6:fd:81:
         3e:2c:b5:7b:28:93:ae:d6:c1:14:dc:49:ae:aa:db:54:35:d2:
         c3:a9:da:7e
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAYtsElbhkF91+Y6B4pLZdGE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMDUxYjBlMmNlOWE0YzllNjEyMWU5ODNkMTY1ZmVhYjg3
ZWMzNTQwHhcNMjMxMDI2MTMwMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmVlNjZhNjgzYTA2YzgyZjg0OTU3NjIzYzczN2ExMjI3NWMzMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYkqtSubwEBwXAf3VKET6LL+jjyg
as02lVOi8ob1rP8mMPEVwu/wqmoEx2uB77vRjruesMxzOPocx4VOj/uCTWt9v8Ot
abFE/G9rtQqUY4Y3rNgc+aoGplDDUn226dl4agDYAyVM65e/S0OtpBL7TsSqc/3Q
tSoe1Fjt4BZhsUPT+adIMcJyN2kyKjM84jPxocAAt1/saUJjJSSCukRLXSmQoPEg
oSfD4tSmIK8GL+uI02PILaDzt9w1AW3/F6g78Q0IANRrntr1kS81GZLa4NnnLgn0
BSX7F48gDFpyzsApfi+a1pu3lfnGD+UXczgFQpo5IL394MkrBsIpsbnTWQIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFJbuZqaDoGyC+ElXYjxzehInXDL9MB8GA1UdIwQY
MBaAFHEFGw4s6aTJ5hIemD0WX+q4fsNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1FVYkRpenBwTW5tRWg2WVBSWmY2cmgtdzFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9lNTE1ODMtZjU1Yy00OTNiLWI5NTAt
NzM2YWI4MzQ5NGFjLzEvbHU1bXBvT2diSUw0U1ZkaVBITjZFaWRjTXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9lNTE1ODMtZjU1Yy00OTNiLWI5NTAtNzM2YWI4MzQ5NGFj
LzEvY1FVYkRpenBwTW5tRWg2WVBSWmY2cmgtdzFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswMgQCAAEwLAMEAVFcUDAM
AwQCUVxUAwQAUVxaAwQBUVxeAwQAmFmsAwQAuUE4AwQAuUE6MEUEAgACMD8wEAMF
AyoBAMgDBwAqAQDIAAIDBwEqAQDIAQADBwAqAQDIAgADBwAqAQDIAwADBwAqAQDI
/wADBwAqCTXAAQIwDQYJKoZIhvcNAQELBQADggEBADO+y8rNa8FtIVZkmhrfxRg8
Bpy1Ag+MhULz3+YQyARaiqXN5yvAi/H6L8WOE8e/CYdHlwk3tbpCdUjPMDJ6wg3B
Q8cDK3jo+qHyWlMeS4F9EwBCN2Rsa+AHGPYE0DTIncuZioarVBENIfWQ7RSoOizI
SazTuOTS3MtJlctVppXXX1zwsQ0OyaMk3qwhqA4YFyo/3kPwWAj0/wIxcg0MYYJn
eGorjbfCaoP9VmKee9bkEnRgwubK6EESDQm12FsS20C3F+yWNIZ7dX7vIWheQY2J
ukCvBYhsAKSK8Q65bWoWcmiZ0Z7D8db9gT4stXsok67WwRTcSa6q21Q10sOp2n4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:54 2024 by rpki-client on console-ams.rpki-client.org