Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/pwpUOmWk7KwEWKlYzp1nTvkmxSw.roa
File:                     pwpUOmWk7KwEWKlYzp1nTvkmxSw.roa (raw, json)
Hash identifier:          OD/vNR+9I3z3zrNPTSTjeCzemdQqn0rVZwHmeha6hqE=
Subject key identifier:   A7:0A:54:3A:65:A4:EC:AC:04:58:A9:58:CE:9D:67:4E:F9:26:C5:2C
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018C6F3D6FC5EFE6A968C9BA444BA05669B1
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/pwpUOmWk7KwEWKlYzp1nTvkmxSw.roa
Signing time:             Fri 15 Dec 2023 20:49:06 +0000
ROA not before:           Fri 15 Dec 2023 20:49:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207569
IP address blocks:        139.28.221.0/24 maxlen: 24
                          139.28.220.0/24 maxlen: 24
                          5.180.136.0/24 maxlen: 24
                          5.180.137.0/24 maxlen: 24
                          185.94.167.0/24 maxlen: 24
                          45.133.245.0/24 maxlen: 24
                          185.188.181.0/24 maxlen: 24
                          95.214.8.0/24 maxlen: 24
                          185.17.2.0/24 maxlen: 24
                          194.53.54.0/24 maxlen: 24
                          85.209.0.0/24 maxlen: 24
                          185.105.118.0/24 maxlen: 24
                          195.66.87.0/24 maxlen: 24
                          5.252.116.0/24 maxlen: 24
                          193.109.84.0/24 maxlen: 24
                          45.89.64.0/24 maxlen: 24
                          194.67.200.0/24 maxlen: 24
                          185.104.250.0/24 maxlen: 24
                          46.17.106.0/24 maxlen: 24
                          185.114.75.0/24 maxlen: 24
                          2a0a:9300:1::/48 maxlen: 48
                          2a0a:9300:aaaa::/48 maxlen: 48
                          2a0a:9300::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sat 16 Dec 2023 14:27:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:6f:3d:6f:c5:ef:e6:a9:68:c9:ba:44:4b:a0:56:69:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Dec 15 20:49:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a70a543a65a4ecac0458a958ce9d674ef926c52c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:63:ae:9d:79:33:80:0a:91:f9:12:8f:10:67:
                    97:d8:da:54:1a:cc:60:6b:1e:83:87:d2:95:81:fc:
                    be:67:23:0a:c1:17:ae:00:92:46:b1:7d:81:0f:cc:
                    a7:c2:11:f2:1f:ee:0a:11:51:90:e9:3e:be:c1:bd:
                    b6:17:be:bf:83:07:03:7c:62:a9:68:70:75:ab:76:
                    51:68:32:1a:fb:cb:ca:5f:d0:3a:cb:44:bf:61:df:
                    78:20:2b:98:cd:b4:8c:19:05:31:06:5c:a8:58:a4:
                    ff:af:30:6a:2e:e1:cd:1f:26:e5:32:86:09:39:3a:
                    b0:41:66:8b:fb:64:49:c6:19:65:88:1e:ac:d6:9b:
                    00:1f:ee:f6:12:5c:c6:55:7b:11:b3:3b:6e:28:40:
                    b6:85:52:d8:f8:80:0b:9a:94:1f:58:0b:d2:d8:ad:
                    59:cb:f8:46:f5:62:00:88:da:ef:28:b0:b2:76:4f:
                    13:ad:ec:89:1e:83:9c:d5:63:95:9a:f7:91:37:a4:
                    f0:4b:bc:45:6e:ad:de:6d:52:9b:fc:02:39:2a:47:
                    73:d0:c3:98:40:14:d3:5a:44:9d:80:37:52:86:0a:
                    58:52:fa:f5:b7:f8:38:45:b8:95:2f:a8:c5:47:06:
                    ee:58:6e:de:48:5b:3c:cf:b1:52:99:9e:ed:41:b6:
                    5f:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:0A:54:3A:65:A4:EC:AC:04:58:A9:58:CE:9D:67:4E:F9:26:C5:2C
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/pwpUOmWk7KwEWKlYzp1nTvkmxSw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.136.0/23
                  5.252.116.0/24
                  45.89.64.0/24
                  45.133.245.0/24
                  46.17.106.0/24
                  85.209.0.0/24
                  95.214.8.0/24
                  139.28.220.0/23
                  185.17.2.0/24
                  185.94.167.0/24
                  185.104.250.0/24
                  185.105.118.0/24
                  185.114.75.0/24
                  185.188.181.0/24
                  193.109.84.0/24
                  194.53.54.0/24
                  194.67.200.0/24
                  195.66.87.0/24
                IPv6:
                  2a0a:9300::/32

    Signature Algorithm: sha256WithRSAEncryption
         2d:ee:88:a2:cc:8e:1e:1a:bd:89:61:d4:ce:9f:83:14:95:5f:
         d4:c1:84:92:95:4e:ec:06:e9:cd:98:e3:c5:80:44:dc:e4:d1:
         56:7b:60:23:45:12:7b:8d:45:8b:1b:5a:6f:c0:e7:44:6c:91:
         51:57:7d:1a:81:40:81:86:b6:be:e7:fb:b2:43:83:aa:97:8f:
         7e:41:42:ce:25:6d:61:47:d1:93:56:fd:ca:ed:b2:f3:cd:e5:
         e0:ae:e6:8f:52:4a:96:fb:da:0c:f8:c0:4b:2c:53:be:fa:e4:
         65:d8:65:da:13:e1:60:64:cb:3b:68:d0:a1:b8:7e:a1:a0:54:
         2d:33:14:65:6d:ea:67:06:30:d4:1c:db:e3:b0:81:6d:a4:2e:
         30:79:b4:71:11:93:94:c6:5d:50:8d:b1:5b:de:ab:77:92:c4:
         b6:20:a0:e3:a1:c9:09:b4:72:84:5c:0b:75:d7:bc:99:c7:32:
         84:d6:e9:66:36:2c:4c:09:fb:2a:7f:79:1f:fa:6f:13:09:fe:
         be:57:5a:28:52:01:03:69:96:c8:be:6a:e2:77:5a:78:1c:c2:
         41:60:ad:50:56:e7:76:6b:e8:db:48:0a:1b:eb:17:df:af:78:
         46:dc:c8:af:fa:bb:2a:95:b8:92:71:3a:04:1f:56:09:9f:eb:
         77:7e:da:7f
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYxvPW/F7+apaMm6REugVmmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMjE1MjA0OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzBhNTQzYTY1YTRlY2FjMDQ1OGE5NThjZTlkNjc0ZWY5MjZjNTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGOunXkzgAqR+RKPEGeX2NpUGsxg
ax6Dh9KVgfy+ZyMKwReuAJJGsX2BD8ynwhHyH+4KEVGQ6T6+wb22F76/gwcDfGKp
aHB1q3ZRaDIa+8vKX9A6y0S/Yd94ICuYzbSMGQUxBlyoWKT/rzBqLuHNHyblMoYJ
OTqwQWaL+2RJxhlliB6s1psAH+72ElzGVXsRsztuKEC2hVLY+IALmpQfWAvS2K1Z
y/hG9WIAiNrvKLCydk8TreyJHoOc1WOVmveRN6TwS7xFbq3ebVKb/AI5Kkdz0MOY
QBTTWkSdgDdShgpYUvr1t/g4RbiVL6jFRwbuWG7eSFs8z7FSmZ7tQbZfcwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFKcKVDplpOysBFipWM6dZ075JsUsMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvcHdwVU9tV2s3S3dFV0tsWXpwMW5UdmtteFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQBBbSI
AwQABfx0AwQALVlAAwQALYX1AwQALhFqAwQAVdEAAwQAX9YIAwQBixzcAwQAuREC
AwQAuV6nAwQAuWj6AwQAuWl2AwQAuXJLAwQAuby1AwQAwW1UAwQAwjU2AwQAwkPI
AwQAw0JXMA0EAgACMAcDBQAqCpMAMA0GCSqGSIb3DQEBCwUAA4IBAQAt7oiizI4e
Gr2JYdTOn4MUlV/UwYSSlU7sBunNmOPFgETc5NFWe2AjRRJ7jUWLG1pvwOdEbJFR
V30agUCBhra+5/uyQ4Oql49+QULOJW1hR9GTVv3K7bLzzeXgruaPUkqW+9oM+MBL
LFO++uRl2GXaE+FgZMs7aNChuH6hoFQtMxRlbepnBjDUHNvjsIFtpC4webRxEZOU
xl1QjbFb3qt3ksS2IKDjockJtHKEXAt117yZxzKE1ulmNixMCfsqf3kf+m8TCf6+
V1ooUgEDaZbIvmrid1p4HMJBYK1QVud2a+jbSAob6xffr3hG3Miv+rsqlbiScToE
H1YJn+t3ftp/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org