Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tLxjGtm68tqVaDpo9-6sZgjnZvE.roa
File:                     tLxjGtm68tqVaDpo9-6sZgjnZvE.roa (raw, json)
Hash identifier:          tkstrTknLQPB1xDbvzMciabmjd2KzqNHrtUvxeO0ZX0=
Subject key identifier:   B4:BC:63:1A:D9:BA:F2:DA:95:68:3A:68:F7:EE:AC:66:08:E7:66:F1
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       0185A754B6300D6B902330E400C3E5B28DDA
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tLxjGtm68tqVaDpo9-6sZgjnZvE.roa
Signing time:             Thu 12 Jan 2023 18:53:44 +0000
ROA not before:           Thu 12 Jan 2023 18:53:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     64200
IP address blocks:        31.132.53.0/24 maxlen: 24
                          31.132.54.0/23 maxlen: 23
                          5.182.198.0/24 maxlen: 24
                          5.182.195.0/24 maxlen: 24
                          5.182.194.0/24 maxlen: 24
                          5.182.193.0/24 maxlen: 24
                          78.31.204.0/24 maxlen: 24
                          185.171.125.0/24 maxlen: 24
                          185.171.124.0/24 maxlen: 24
                          94.154.170.0/24 maxlen: 24
                          185.171.127.0/24 maxlen: 24
                          45.67.147.0/24 maxlen: 24
                          185.205.206.0/24 maxlen: 24
                          63.246.133.0/24 maxlen: 24
                          63.246.139.0/24 maxlen: 24
                          63.246.136.0/24 maxlen: 24
                          63.246.137.0/24 maxlen: 24
                          63.246.145.0/24 maxlen: 24
                          63.246.142.0/24 maxlen: 24
                          63.246.146.0/23 maxlen: 23
                          63.246.148.0/24 maxlen: 24
                          63.246.152.0/24 maxlen: 24
                          63.246.149.0/24 maxlen: 24
                          63.246.151.0/24 maxlen: 24
                          63.246.158.0/23 maxlen: 23
                          185.201.41.0/24 maxlen: 24
                          185.201.43.0/24 maxlen: 24
                          5.182.186.0/23 maxlen: 23
                          192.145.68.0/24 maxlen: 24
                          63.246.132.0/24 maxlen: 24
                          63.246.129.0/24 maxlen: 24
                          63.246.131.0/24 maxlen: 24
                          63.246.130.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a7:54:b6:30:0d:6b:90:23:30:e4:00:c3:e5:b2:8d:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jan 12 18:53:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b4bc631ad9baf2da95683a68f7eeac6608e766f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ad:5f:8b:7d:86:1c:c5:b1:f4:ed:be:31:b7:
                    cb:41:73:28:fc:f3:ea:1a:82:02:c4:75:f7:7f:9c:
                    46:48:f3:67:44:57:f0:2f:ac:a0:5b:b6:e6:82:3d:
                    36:c7:30:f4:61:ec:06:12:a8:a0:58:19:9e:bc:e6:
                    b1:8a:ee:53:c6:3b:f3:90:76:33:6a:e8:d7:e3:c2:
                    18:f6:31:6e:89:15:f2:8e:1d:fb:49:f8:e7:da:3f:
                    bc:c6:5e:b8:4d:cd:90:03:71:e1:c7:35:be:00:b2:
                    5c:ea:ae:69:e1:c5:8a:cd:35:13:bb:c1:c3:e2:8f:
                    69:3b:0f:e4:6b:6d:66:4e:f0:7d:f0:d7:f0:6e:32:
                    f5:d9:3c:06:33:cc:2f:ff:9a:1b:63:6d:1d:04:ab:
                    fb:3a:65:f2:91:1e:f3:f0:12:6f:1d:1d:9f:f3:a1:
                    3e:fd:8c:db:72:af:3b:34:de:12:f9:85:09:76:4d:
                    9f:15:10:75:3e:07:92:55:e1:79:79:d0:0f:67:65:
                    19:b2:a2:a9:f3:3f:24:a6:36:dc:88:e9:ff:86:76:
                    09:2b:13:5d:f6:9a:cd:f5:c9:7e:97:17:32:f2:3f:
                    1b:3e:9e:f3:6b:ac:58:f9:28:a8:ef:87:14:7a:ae:
                    82:fc:de:1e:e2:92:28:6a:e6:dc:70:c2:c4:02:05:
                    d5:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:BC:63:1A:D9:BA:F2:DA:95:68:3A:68:F7:EE:AC:66:08:E7:66:F1
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tLxjGtm68tqVaDpo9-6sZgjnZvE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.186.0/23
                  5.182.193.0-5.182.195.255
                  5.182.198.0/24
                  31.132.53.0-31.132.55.255
                  45.67.147.0/24
                  63.246.129.0-63.246.133.255
                  63.246.136.0/23
                  63.246.139.0/24
                  63.246.142.0/24
                  63.246.145.0-63.246.149.255
                  63.246.151.0-63.246.152.255
                  63.246.158.0/23
                  78.31.204.0/24
                  94.154.170.0/24
                  185.171.124.0/23
                  185.171.127.0/24
                  185.201.41.0/24
                  185.201.43.0/24
                  185.205.206.0/24
                  192.145.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:1a:63:bf:31:db:e8:bc:69:e6:94:3b:0b:ab:81:f5:22:c4:
         ed:ee:ba:da:55:ff:e9:15:14:56:76:0f:7b:87:44:81:7d:b0:
         87:a7:94:20:5d:9a:02:91:10:8b:c4:33:0c:4b:75:87:74:3f:
         66:14:bc:cf:1b:9c:09:7f:30:7a:f5:f1:e1:67:eb:58:29:3a:
         e8:ee:b7:d6:cd:fe:c8:18:29:c1:71:70:99:d8:a3:62:37:9f:
         94:ae:54:97:c8:f1:f8:d6:e9:e4:3b:ed:76:1b:38:54:d2:45:
         6d:2c:e8:af:cc:84:fb:9e:83:fb:05:71:15:64:ae:e2:05:be:
         8c:97:be:d0:05:5e:5f:f9:bd:bb:ea:35:48:89:7f:1f:7d:3f:
         91:fb:02:01:b5:66:27:d6:bb:08:7c:db:c6:3d:c6:ad:81:94:
         eb:b2:54:4a:b6:6c:41:15:f7:d7:7e:76:ec:bc:52:9a:3e:f7:
         44:20:7a:32:d4:d8:a5:c6:ad:67:78:70:ed:d3:a4:a7:8f:f7:
         42:82:6c:ec:48:77:c9:11:46:3e:70:c6:43:78:de:df:44:e1:
         f4:bb:bf:6e:fe:3f:8d:32:72:56:60:2c:57:76:e6:b6:f4:7a:
         3e:33:da:3f:d1:5e:32:52:95:1b:40:3b:e7:a0:91:ea:4d:cd:
         7e:38:ad:d7
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYWnVLYwDWuQIzDkAMPlso3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTEyMTg1MzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJjNjMxYWQ5YmFmMmRhOTU2ODNhNjhmN2VlYWM2NjA4ZTc2NmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl61fi32GHMWx9O2+MbfLQXMo/PPq
GoICxHX3f5xGSPNnRFfwL6ygW7bmgj02xzD0YewGEqigWBmevOaxiu5TxjvzkHYz
aujX48IY9jFuiRXyjh37Sfjn2j+8xl64Tc2QA3HhxzW+ALJc6q5p4cWKzTUTu8HD
4o9pOw/ka21mTvB98NfwbjL12TwGM8wv/5obY20dBKv7OmXykR7z8BJvHR2f86E+
/Yzbcq87NN4S+YUJdk2fFRB1PgeSVeF5edAPZ2UZsqKp8z8kpjbciOn/hnYJKxNd
9prN9cl+lxcy8j8bPp7za6xY+Sio74cUeq6C/N4e4pIoaubccMLEAgXVOQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFLS8YxrZuvLalWg6aPfurGYI52bxMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvdEx4akd0bTY4dHFWYURwbzktNnNaZ2puWnZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAEF
trowDAMEAAW2wQMEAgW2wAMEAAW2xjAMAwQAH4Q1AwQDH4QwAwQALUOTMAwDBAA/
9oEDBAE/9oQDBAE/9ogDBAA/9osDBAA/9o4wDAMEAD/2kQMEAT/2lDAMAwQAP/aX
AwQAP/aYAwQBP/aeAwQATh/MAwQAXpqqAwQBuat8AwQAuat/AwQAuckpAwQAuckr
AwQAuc3OAwQAwJFEMA0GCSqGSIb3DQEBCwUAA4IBAQByGmO/MdvovGnmlDsLq4H1
IsTt7rraVf/pFRRWdg97h0SBfbCHp5QgXZoCkRCLxDMMS3WHdD9mFLzPG5wJfzB6
9fHhZ+tYKTro7rfWzf7IGCnBcXCZ2KNiN5+UrlSXyPH41unkO+12GzhU0kVtLOiv
zIT7noP7BXEVZK7iBb6Ml77QBV5f+b276jVIiX8ffT+R+wIBtWYn1rsIfNvGPcat
gZTrslRKtmxBFffXfnbsvFKaPvdEIHoy1Nilxq1neHDt06Snj/dCgmzsSHfJEUY+
cMZDeN7fROH0u79u/j+NMnJWYCxXdua29Ho+M9o/0V4yUpUbQDvnoJHqTc1+OK3X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:55 2024 by rpki-client on console-fra.rpki-client.org