Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5BE2XPO70LhQgdoZmDJX6sD7bqk.roa
File:                     5BE2XPO70LhQgdoZmDJX6sD7bqk.roa (raw, json)
Hash identifier:          ksQzw4ekd4ViQ23fIrN3Aqtf7WhYuG/TL45dKkCI0KU=
Subject key identifier:   E4:11:36:5C:F3:BB:D0:B8:50:81:DA:19:98:32:57:EA:C0:FB:6E:A9
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018C000698C693B63FC48FCDD4075B2D779E
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5BE2XPO70LhQgdoZmDJX6sD7bqk.roa
Signing time:             Fri 24 Nov 2023 06:31:21 +0000
ROA not before:           Fri 24 Nov 2023 06:31:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        91.186.204.0/22 maxlen: 24
                          91.186.216.0/22 maxlen: 24
                          94.241.164.0/23 maxlen: 24
                          94.241.160.0/22 maxlen: 24
                          178.253.26.0/23 maxlen: 24
                          178.253.44.0/23 maxlen: 24
                          83.147.232.0/22 maxlen: 24
                          83.147.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Nov 2023 16:16:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:00:06:98:c6:93:b6:3f:c4:8f:cd:d4:07:5b:2d:77:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Nov 24 06:31:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e411365cf3bbd0b85081da19983257eac0fb6ea9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:e0:37:ea:b1:32:82:1a:04:89:76:df:ab:6a:
                    eb:ed:31:5e:d6:9c:f6:8b:b7:a0:db:b2:94:ec:d4:
                    1e:9b:39:b1:1b:48:af:58:42:61:5b:50:05:e1:59:
                    42:a4:fc:e0:e7:3b:a1:6e:96:8f:8a:0d:72:dc:37:
                    59:d9:20:59:be:c6:e9:88:37:4e:14:8a:19:5d:22:
                    d3:02:ca:5b:2f:eb:71:37:a3:10:85:ee:8a:d9:57:
                    08:88:97:67:46:05:3f:81:38:72:0c:90:7a:90:da:
                    cc:33:3a:71:67:7f:29:34:2c:1f:25:96:a8:30:c7:
                    54:7e:86:7d:9d:71:fe:56:e5:e2:07:c5:43:16:30:
                    7b:7a:e1:be:92:2a:04:8f:fd:ad:a5:0f:8c:9b:1f:
                    cb:97:31:ec:2d:69:48:7a:08:38:7f:fb:bc:d2:1f:
                    ca:19:03:10:6a:af:e6:f1:d1:b7:ed:e7:6a:6c:e5:
                    0e:bf:e1:8b:34:50:72:26:d4:e7:9f:1f:6a:27:b7:
                    05:36:0f:54:ce:7e:b0:39:78:be:0e:ea:a2:32:bf:
                    36:63:e3:40:e4:0e:99:43:e2:59:07:d2:c6:6f:34:
                    16:3b:77:14:26:cf:9b:d3:e6:45:9e:88:72:bb:c0:
                    e1:0d:06:94:f8:33:62:a0:03:c4:af:3d:1b:0c:f5:
                    da:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:11:36:5C:F3:BB:D0:B8:50:81:DA:19:98:32:57:EA:C0:FB:6E:A9
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/5BE2XPO70LhQgdoZmDJX6sD7bqk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.232.0/22
                  83.147.252.0/22
                  91.186.204.0/22
                  91.186.216.0/22
                  94.241.160.0-94.241.165.255
                  178.253.26.0/23
                  178.253.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         34:3a:cb:83:6a:5e:ac:94:2f:c9:e9:67:9e:78:25:18:73:b4:
         5c:d2:dc:e1:fd:c0:81:f1:4c:da:cd:63:a0:a1:06:c4:c9:43:
         b7:0a:b2:e1:92:ce:10:77:09:0e:85:84:26:74:cb:20:de:b0:
         21:86:5f:b8:e6:f4:9c:cb:ea:a6:04:0d:5a:2f:ba:90:80:a4:
         80:62:79:ac:bb:04:f6:13:b4:ee:a7:01:2b:27:f1:0d:87:0d:
         e7:f3:99:ab:9d:20:60:19:d4:97:be:58:13:e9:ae:d2:28:ee:
         87:f3:42:0e:e6:9e:71:99:ac:aa:40:1d:91:d3:e8:38:cf:da:
         fc:00:1f:cb:3e:05:54:1e:03:19:23:6b:80:29:49:e4:c1:f5:
         66:7a:57:a7:fc:3a:fd:eb:af:8e:7e:ab:b1:56:ad:f7:18:36:
         68:48:fe:1e:fe:5b:41:58:9d:27:bc:5c:a0:33:c1:43:89:65:
         36:d9:80:ca:9c:fa:ee:d4:8d:65:f4:f2:bc:df:ca:e6:0c:29:
         eb:c6:9c:1a:95:63:b0:df:94:7e:89:63:83:97:8b:a4:ea:f4:
         b1:cc:c9:e5:a3:d1:32:d9:6f:c1:f1:8d:bc:46:1f:8d:b4:de:
         d8:3f:34:56:35:99:eb:af:61:15:68:47:e6:ca:8c:35:24:17:
         04:34:bd:49
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYwABpjGk7Y/xI/N1AdbLXeeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMTI0MDYzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDExMzY1Y2YzYmJkMGI4NTA4MWRhMTk5ODMyNTdlYWMwZmI2ZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOA36rEyghoEiXbfq2rr7TFe1pz2
i7eg27KU7NQemzmxG0ivWEJhW1AF4VlCpPzg5zuhbpaPig1y3DdZ2SBZvsbpiDdO
FIoZXSLTAspbL+txN6MQhe6K2VcIiJdnRgU/gThyDJB6kNrMMzpxZ38pNCwfJZao
MMdUfoZ9nXH+VuXiB8VDFjB7euG+kioEj/2tpQ+Mmx/LlzHsLWlIegg4f/u80h/K
GQMQaq/m8dG37edqbOUOv+GLNFByJtTnnx9qJ7cFNg9Uzn6wOXi+DuqiMr82Y+NA
5A6ZQ+JZB9LGbzQWO3cUJs+b0+ZFnohyu8DhDQaU+DNioAPErz0bDPXaFwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOQRNlzzu9C4UIHaGZgyV+rA+26pMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvNUJFMlhQTzcwTGhRZ2RvWm1ESlg2c0Q3YnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCU5PoAwQC
U5P8AwQCW7rMAwQCW7rYMAwDBAVe8aADBAFe8aQDBAGy/RoDBAGy/SwwDQYJKoZI
hvcNAQELBQADggEBADQ6y4NqXqyUL8npZ554JRhztFzS3OH9wIHxTNrNY6ChBsTJ
Q7cKsuGSzhB3CQ6FhCZ0yyDesCGGX7jm9JzL6qYEDVovupCApIBieay7BPYTtO6n
ASsn8Q2HDefzmaudIGAZ1Je+WBPprtIo7ofzQg7mnnGZrKpAHZHT6DjP2vwAH8s+
BVQeAxkja4ApSeTB9WZ6V6f8Ov3rr45+q7FWrfcYNmhI/h7+W0FYnSe8XKAzwUOJ
ZTbZgMqc+u7UjWX08rzfyuYMKevGnBqVY7DflH6JY4OXi6Tq9LHMyeWj0TLZb8Hx
jbxGH4203tg/NFY1meuvYRVoR+bKjDUkFwQ0vUk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org