Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/uv_C4r_JeVcHMSSZZ9gB62S-Cf4.roa
File:                     uv_C4r_JeVcHMSSZZ9gB62S-Cf4.roa (raw, json)
Hash identifier:          l8JdoGOOKjXt3bAWYlc4vlq0a48xnuHwJOK9ktipN0Y=
Subject key identifier:   BA:FF:C2:E2:BF:C9:79:57:07:31:24:99:67:D8:01:EB:64:BE:09:FE
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       018DAF57C7CFD3D3A498B6D4403D0D0177C1
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/uv_C4r_JeVcHMSSZZ9gB62S-Cf4.roa
Signing time:             Fri 16 Feb 2024 00:36:22 +0000
ROA not before:           Fri 16 Feb 2024 00:36:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     13213
IP address blocks:        5.182.184.0/24 maxlen: 24
                          45.67.146.0/24 maxlen: 24
                          78.31.206.0/24 maxlen: 24
                          78.31.207.0/24 maxlen: 24
                          79.98.182.0/24 maxlen: 24
                          162.218.88.0/24 maxlen: 24
                          162.218.89.0/24 maxlen: 24
                          162.218.91.0/24 maxlen: 24
                          162.218.92.0/24 maxlen: 24
                          162.218.93.0/24 maxlen: 24
                          162.218.94.0/24 maxlen: 24
                          185.52.136.0/24 maxlen: 24
                          185.52.137.0/24 maxlen: 24
                          185.52.139.0/24 maxlen: 24
                          185.161.191.0/24 maxlen: 24
                          185.171.126.0/24 maxlen: 24
                          185.187.213.0/24 maxlen: 24
                          185.187.214.0/24 maxlen: 24
                          185.187.215.0/24 maxlen: 24
                          185.198.91.0/24 maxlen: 24
                          185.201.40.0/24 maxlen: 24
                          185.205.206.0/24 maxlen: 24
                          185.205.207.0/24 maxlen: 24
                          185.208.152.0/24 maxlen: 24
                          185.208.153.0/24 maxlen: 24
                          185.208.154.0/24 maxlen: 24
                          185.230.120.0/24 maxlen: 24
                          185.230.121.0/24 maxlen: 24
                          185.230.123.0/24 maxlen: 24
                          212.60.14.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Feb 2024 14:23:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:af:57:c7:cf:d3:d3:a4:98:b6:d4:40:3d:0d:01:77:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Feb 16 00:36:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=baffc2e2bfc979570731249967d801eb64be09fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:0a:79:40:2e:29:13:c6:4d:87:42:02:92:84:
                    e8:8e:cf:ec:9f:d3:7a:a1:d6:10:f2:35:1d:03:5e:
                    84:19:9a:71:8c:de:67:8d:16:d4:c2:de:2b:5f:aa:
                    aa:ed:21:4d:fa:a8:37:03:10:f7:50:4e:14:f8:cd:
                    e2:f6:91:5b:9e:c9:e7:4c:6f:98:6c:c7:7a:44:5a:
                    1e:7f:3d:aa:70:12:34:1b:63:5a:be:87:64:e7:9a:
                    6f:26:53:3c:16:12:10:be:2d:c7:b5:c4:53:01:4c:
                    d1:fc:d2:3d:93:e5:72:40:c6:0a:32:db:55:20:ea:
                    84:5e:49:6d:9d:00:b8:66:5c:65:27:5a:f3:83:da:
                    86:98:cb:96:9c:f3:b9:e2:7e:76:a5:ba:83:3d:d6:
                    b2:b8:96:ef:d3:e2:d3:2c:0e:2b:73:52:f9:a6:66:
                    f7:79:f6:6d:f5:89:44:e5:47:14:47:8d:a7:10:75:
                    5d:07:05:6a:0d:34:b2:72:6e:c0:0a:77:75:30:57:
                    3b:ea:57:f4:c6:9b:12:90:78:a8:ea:d5:7e:96:1b:
                    4e:86:df:67:a4:1f:3f:87:b8:a8:cc:99:71:15:93:
                    65:00:ae:1c:eb:4b:03:68:de:2f:fb:d1:ab:ba:70:
                    a5:2d:77:9b:a1:7f:66:b4:6a:47:56:99:da:6e:d9:
                    31:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:FF:C2:E2:BF:C9:79:57:07:31:24:99:67:D8:01:EB:64:BE:09:FE
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/uv_C4r_JeVcHMSSZZ9gB62S-Cf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.184.0/24
                  45.67.146.0/24
                  78.31.206.0/23
                  79.98.182.0/24
                  162.218.88.0/23
                  162.218.91.0-162.218.94.255
                  185.52.136.0/23
                  185.52.139.0/24
                  185.161.191.0/24
                  185.171.126.0/24
                  185.187.213.0-185.187.215.255
                  185.198.91.0/24
                  185.201.40.0/24
                  185.205.206.0/23
                  185.208.152.0-185.208.154.255
                  185.230.120.0/23
                  185.230.123.0/24
                  212.60.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:d0:af:86:e8:54:8b:97:68:27:6a:00:3c:31:d9:46:b0:d2:
         5d:10:25:da:d7:c7:cd:c8:14:32:4d:89:61:3a:b9:63:31:d4:
         dc:aa:02:dc:19:06:ec:e3:3f:a3:a0:b5:85:d5:51:8c:2b:0e:
         5b:27:27:94:b2:59:91:01:97:41:9a:94:f4:01:60:da:b9:5d:
         c7:8a:41:e6:69:4d:11:92:84:9b:b7:e1:2b:0c:70:93:37:ff:
         c9:9f:5c:ad:14:4c:2e:01:c5:dd:a6:b8:32:e5:4d:bd:30:c9:
         c7:0b:ff:f3:9f:8f:b3:ea:31:b9:51:cc:6b:78:b5:cd:87:ae:
         21:53:0e:c5:09:be:e1:8d:f8:9e:2e:18:48:d7:59:8d:19:78:
         08:da:ce:09:cb:5a:63:08:7f:f2:d7:54:8b:d1:53:07:cc:60:
         86:60:68:9b:d2:cd:eb:63:ff:8a:22:c7:51:19:82:8a:21:ad:
         53:6d:30:e5:e6:94:d2:20:f3:ba:f7:81:f1:46:16:78:54:7b:
         04:29:14:68:c5:5e:1e:8a:63:64:93:41:42:5f:08:86:bc:8d:
         f3:81:7c:16:7d:91:f7:54:cb:53:60:ef:39:20:e2:74:72:68:
         99:b8:45:63:42:54:56:19:39:c7:98:9c:5a:13:af:c5:3c:4d:
         f5:05:b8:dd
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY2vV8fP09OkmLbUQD0NAXfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMjE2MDAzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWZmYzJlMmJmYzk3OTU3MDczMTI0OTk2N2Q4MDFlYjY0YmUwOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgp5QC4pE8ZNh0ICkoTojs/sn9N6
odYQ8jUdA16EGZpxjN5njRbUwt4rX6qq7SFN+qg3AxD3UE4U+M3i9pFbnsnnTG+Y
bMd6RFoefz2qcBI0G2Navodk55pvJlM8FhIQvi3HtcRTAUzR/NI9k+VyQMYKMttV
IOqEXkltnQC4ZlxlJ1rzg9qGmMuWnPO54n52pbqDPdayuJbv0+LTLA4rc1L5pmb3
efZt9YlE5UcUR42nEHVdBwVqDTSycm7ACnd1MFc76lf0xpsSkHio6tV+lhtOht9n
pB8/h7iozJlxFZNlAK4c60sDaN4v+9GrunClLXeboX9mtGpHVpnabtkx+wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFLr/wuK/yXlXBzEkmWfYAetkvgn+MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvdXZfQzRyX0plVmNITVNTWlo5Z0I2MlMtQ2Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAF
trgDBAAtQ5IDBAFOH84DBABPYrYDBAGi2lgwDAMEAKLaWwMEAKLaXgMEAbk0iAME
ALk0iwMEALmhvwMEALmrfjAMAwQAubvVAwQDubvQAwQAucZbAwQAuckoAwQBuc3O
MAwDBAO50JgDBAC50JoDBAG55ngDBAC55nsDBADUPA4wDQYJKoZIhvcNAQELBQAD
ggEBAJ3Qr4boVIuXaCdqADwx2Uaw0l0QJdrXx83IFDJNiWE6uWMx1NyqAtwZBuzj
P6OgtYXVUYwrDlsnJ5SyWZEBl0GalPQBYNq5XceKQeZpTRGShJu34SsMcJM3/8mf
XK0UTC4Bxd2muDLlTb0wyccL//Ofj7PqMblRzGt4tc2HriFTDsUJvuGN+J4uGEjX
WY0ZeAjazgnLWmMIf/LXVIvRUwfMYIZgaJvSzetj/4oix1EZgoohrVNtMOXmlNIg
87r3gfFGFnhUewQpFGjFXh6KY2STQUJfCIa8jfOBfBZ9kfdUy1Ng7zkg4nRyaJm4
RWNCVFYZOceYnFoTr8U8TfUFuN0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:55 2024 by rpki-client on console-fra.rpki-client.org