Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-b34C2lD5YBf_q1nz3BGpZqW_mk.roa
File:                     1-b34C2lD5YBf_q1nz3BGpZqW_mk.roa (raw, json)
Hash identifier:          NJY72hnDKaMrJLEtLYBcWfz3X0NVLpvudJ41UZeaaNM=
Subject key identifier:   F9:BD:F8:0B:69:43:E5:80:5F:FE:AD:67:CF:70:46:A5:9A:96:FE:69
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018809DFEAAC1113C6CF52156D4999A2521D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-b34C2lD5YBf_q1nz3BGpZqW_mk.roa
Signing time:             Thu 11 May 2023 08:14:09 +0000
ROA not before:           Thu 11 May 2023 08:14:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28753
IP address blocks:        185.172.130.0/24 maxlen: 24
                          185.172.131.0/24 maxlen: 24
                          185.94.166.0/24 maxlen: 24
                          45.133.246.0/24 maxlen: 24
                          185.125.51.0/24 maxlen: 24
                          45.138.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Sep 2023 14:08:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:09:df:ea:ac:11:13:c6:cf:52:15:6d:49:99:a2:52:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: May 11 08:14:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f9bdf80b6943e5805ffead67cf7046a59a96fe69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:f6:e5:a7:c8:3e:00:3c:21:ab:fa:82:8e:fd:
                    fe:f7:2d:2c:84:bd:da:ee:38:8d:db:f6:c2:6f:0f:
                    dd:ef:ad:3a:73:c2:3a:08:ba:54:72:0f:15:fb:7d:
                    d7:7a:fa:68:16:4a:73:d4:9c:19:ca:21:01:f5:03:
                    b1:99:df:8f:9f:84:81:09:a7:98:79:ae:f7:a6:89:
                    87:c7:7a:c3:80:7e:58:dc:95:f4:3e:23:d8:04:f1:
                    c6:bf:9d:52:b4:46:6c:94:a7:19:28:05:d5:44:fa:
                    30:9a:60:47:10:47:29:85:4b:fc:2b:65:37:b4:b6:
                    f4:bc:2c:d4:25:53:de:85:ad:bd:37:46:d7:e9:e0:
                    ac:a1:e5:67:c8:42:3c:b8:22:9a:61:cb:f9:65:5b:
                    70:f5:ed:16:81:21:df:34:9d:00:c7:90:5f:11:52:
                    fc:01:3c:0a:5e:6d:ca:89:5d:47:91:ab:af:70:be:
                    7c:4f:c1:48:a3:9f:e2:4f:11:6b:25:9d:47:78:89:
                    f5:73:b0:28:9d:2f:2b:3f:f5:3a:ae:cf:7c:aa:65:
                    a4:dd:25:e1:b1:31:57:c3:5b:ee:88:8a:87:2a:55:
                    78:9e:33:df:78:3b:9d:2e:ce:ac:de:21:b6:22:f7:
                    b6:ab:df:94:f0:48:67:51:2f:14:7b:a7:40:c3:32:
                    b7:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:BD:F8:0B:69:43:E5:80:5F:FE:AD:67:CF:70:46:A5:9A:96:FE:69
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-b34C2lD5YBf_q1nz3BGpZqW_mk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.133.246.0/24
                  45.138.72.0/24
                  185.94.166.0/24
                  185.125.51.0/24
                  185.172.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ab:63:6e:a1:ae:b9:00:c8:bb:e0:7c:8a:83:17:00:96:cc:1a:
         ee:c2:06:37:c5:87:69:b5:45:0e:97:ef:9f:00:dd:20:ac:a6:
         56:6c:26:fd:20:78:2b:e8:6a:bd:a8:d8:c5:9b:2b:b0:f3:20:
         d3:6d:fe:63:23:2c:58:c6:06:c7:b8:98:8e:1a:5d:ab:18:ca:
         86:a5:4e:f5:77:d3:53:18:b6:0b:dd:eb:f9:cd:c5:f0:ce:3e:
         cb:8b:15:ad:60:fb:a5:92:7f:32:18:e0:2d:61:19:d3:01:ed:
         8b:fa:84:68:e2:86:19:49:96:7b:c4:66:d6:e4:fe:8f:5f:4f:
         fe:dd:69:13:28:09:e0:bd:99:a0:0b:6b:3f:8b:f2:98:89:c6:
         c7:91:f9:a9:7f:4f:25:83:c1:f7:2b:e5:86:df:3c:59:6e:db:
         dd:79:6d:6a:6f:ca:93:e6:86:99:83:cf:c7:39:fc:44:93:d5:
         03:b6:af:fd:f8:a8:c5:d7:44:e2:25:80:3d:09:1a:62:be:7b:
         6b:5c:df:25:a0:6d:3c:ad:c5:31:d9:1a:b5:7a:2d:43:0f:76:
         e9:13:38:ba:54:90:52:3e:be:30:90:fc:8b:5c:c2:26:26:61:
         78:71:57:7e:a4:5a:0c:73:c2:3b:76:d9:ca:be:7d:01:79:37:
         71:3b:38:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYgJ3+qsERPGz1IVbUmZolIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwNTExMDgxNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWJkZjgwYjY5NDNlNTgwNWZmZWFkNjdjZjcwNDZhNTlhOTZmZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPblp8g+ADwhq/qCjv3+9y0shL3a
7jiN2/bCbw/d7606c8I6CLpUcg8V+33XevpoFkpz1JwZyiEB9QOxmd+Pn4SBCaeY
ea73pomHx3rDgH5Y3JX0PiPYBPHGv51StEZslKcZKAXVRPowmmBHEEcphUv8K2U3
tLb0vCzUJVPeha29N0bX6eCsoeVnyEI8uCKaYcv5ZVtw9e0WgSHfNJ0Ax5BfEVL8
ATwKXm3KiV1HkauvcL58T8FIo5/iTxFrJZ1HeIn1c7AonS8rP/U6rs98qmWk3SXh
sTFXw1vuiIqHKlV4njPfeDudLs6s3iG2Ive2q9+U8EhnUS8Ue6dAwzK3lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPm9+AtpQ+WAX/6tZ89wRqWalv5pMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMS1iMzRDMmxENVlCZl9xMW56M0JHcFpxV19tay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2Nk
Mi8xL3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC2F9gME
AC2KSAMEALlepgMEALl9MwMEAbmsgjANBgkqhkiG9w0BAQsFAAOCAQEAq2Nuoa65
AMi74HyKgxcAlswa7sIGN8WHabVFDpfvnwDdIKymVmwm/SB4K+hqvajYxZsrsPMg
023+YyMsWMYGx7iYjhpdqxjKhqVO9XfTUxi2C93r+c3F8M4+y4sVrWD7pZJ/Mhjg
LWEZ0wHti/qEaOKGGUmWe8Rm1uT+j19P/t1pEygJ4L2ZoAtrP4vymInGx5H5qX9P
JYPB9yvlht88WW7b3Xltam/Kk+aGmYPPxzn8RJPVA7av/fioxddE4iWAPQkaYr57
a1zfJaBtPK3FMdkatXotQw926RM4ulSQUj6+MJD8i1zCJiZheHFXfqRaDHPCO3bZ
yr59AXk3cTs4kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org