Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/x5j6ZjJx-0GRpej7jj_3wXYZFSY.roa
File:                     x5j6ZjJx-0GRpej7jj_3wXYZFSY.roa (raw, json)
Hash identifier:          HY9hJJ/P2XdztH/ViqT2vAnLMKF1gqbuD12defzontY=
Subject key identifier:   C7:98:FA:66:32:71:FB:41:91:A5:E8:FB:8E:3F:F7:C1:76:19:15:26
Certificate issuer:       /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial:       0188BF9971D337B2E07B3B448D5D71440529
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/x5j6ZjJx-0GRpej7jj_3wXYZFSY.roa
Signing time:             Thu 15 Jun 2023 15:08:04 +0000
ROA not before:           Thu 15 Jun 2023 15:08:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13213
IP address blocks:        162.218.89.0/24 maxlen: 24
                          162.218.88.0/24 maxlen: 24
                          162.218.91.0/24 maxlen: 24
                          162.218.94.0/24 maxlen: 24
                          162.218.93.0/24 maxlen: 24
                          162.218.92.0/24 maxlen: 24
                          212.60.14.0/24 maxlen: 24
                          185.187.213.0/24 maxlen: 24
                          185.187.215.0/24 maxlen: 24
                          185.187.214.0/24 maxlen: 24
                          79.98.182.0/24 maxlen: 24
                          78.31.206.0/24 maxlen: 24
                          78.31.207.0/24 maxlen: 24
                          185.171.126.0/24 maxlen: 24
                          185.208.152.0/24 maxlen: 24
                          185.230.123.0/24 maxlen: 24
                          185.230.121.0/24 maxlen: 24
                          185.230.120.0/24 maxlen: 24
                          185.208.153.0/24 maxlen: 24
                          185.208.154.0/24 maxlen: 24
                          45.67.146.0/24 maxlen: 24
                          185.205.206.0/24 maxlen: 24
                          185.52.137.0/24 maxlen: 24
                          185.52.136.0/24 maxlen: 24
                          185.52.138.0/24 maxlen: 24
                          185.205.207.0/24 maxlen: 24
                          185.161.191.0/24 maxlen: 24
                          185.201.40.0/24 maxlen: 24
                          5.182.184.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Jun 2023 16:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:bf:99:71:d3:37:b2:e0:7b:3b:44:8d:5d:71:44:05:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
        Validity
            Not Before: Jun 15 15:08:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c798fa663271fb4191a5e8fb8e3ff7c176191526
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:0a:96:bf:67:33:c9:d2:13:68:5b:98:f0:34:
                    fe:30:8a:0e:17:03:23:52:c9:ba:67:a1:3c:30:c3:
                    25:b1:ea:66:4d:47:06:a4:92:a5:a8:96:e4:1b:f5:
                    fe:2b:72:54:63:05:3a:ff:ea:b6:b1:40:e5:a7:47:
                    55:a9:6d:90:e7:cc:f6:ca:aa:a3:dd:c9:4e:74:7d:
                    57:61:8e:ef:fb:f3:8c:ee:7b:8c:6d:07:bd:72:39:
                    d8:84:d3:4b:fb:d0:31:b9:8a:67:65:f1:84:c5:53:
                    d9:3f:eb:d0:df:b1:c2:be:6d:87:f8:d0:12:07:f7:
                    3e:08:d6:79:fd:c0:b7:87:24:94:7f:c8:18:1c:28:
                    a9:f5:55:8e:45:6f:f9:cd:03:c0:ce:06:65:12:15:
                    51:59:8b:99:17:89:f3:b9:59:13:d3:82:f8:c5:b7:
                    36:1f:4c:1d:96:db:bf:44:22:56:e3:60:17:ad:c1:
                    8e:3b:73:da:94:61:68:64:67:0f:d1:a1:98:89:c2:
                    4b:00:eb:c9:43:b6:2a:2a:22:5e:6e:84:eb:12:95:
                    9d:23:03:07:ba:d1:f0:8f:40:35:da:24:11:e0:cb:
                    8a:2d:a5:36:2e:d8:3b:bb:08:02:13:65:50:3e:dc:
                    c1:f4:68:50:c1:95:5e:53:bf:76:9e:d8:36:e1:2f:
                    57:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:98:FA:66:32:71:FB:41:91:A5:E8:FB:8E:3F:F7:C1:76:19:15:26
            X509v3 Authority Key Identifier:
                keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/x5j6ZjJx-0GRpej7jj_3wXYZFSY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.184.0/24
                  45.67.146.0/24
                  78.31.206.0/23
                  79.98.182.0/24
                  162.218.88.0/23
                  162.218.91.0-162.218.94.255
                  185.52.136.0-185.52.138.255
                  185.161.191.0/24
                  185.171.126.0/24
                  185.187.213.0-185.187.215.255
                  185.201.40.0/24
                  185.205.206.0/23
                  185.208.152.0-185.208.154.255
                  185.230.120.0/23
                  185.230.123.0/24
                  212.60.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:6d:7e:bc:b7:7f:c1:14:5f:42:fa:75:6e:44:4c:8a:f2:70:
         5a:a0:a6:61:bd:39:09:2c:cf:d5:ad:da:44:d5:46:52:a9:1e:
         f9:83:40:29:db:80:c1:2d:be:65:6f:86:86:f8:ea:aa:e5:01:
         91:18:5c:c9:70:a3:42:3a:d4:83:85:22:1f:8f:52:8e:f4:08:
         60:18:93:be:e7:ba:0e:09:04:80:dc:50:43:fd:fa:f0:f5:e9:
         15:05:52:31:12:c5:2a:c6:e0:7e:b4:29:d5:fc:2a:3c:65:29:
         d8:32:77:fc:63:1f:3d:89:ad:8d:50:7d:a5:b4:f4:48:54:35:
         2a:1f:29:0b:88:c5:1c:05:a0:88:9d:eb:64:60:84:4a:c3:f5:
         56:b0:19:97:13:81:53:d2:df:ff:3b:37:fd:60:84:c6:1f:6f:
         72:ce:34:25:58:53:72:81:1b:57:dd:4f:23:e7:b3:b9:55:e9:
         a8:87:a4:24:fe:1a:03:d1:99:ac:8a:2a:01:ea:21:c3:7a:e3:
         38:45:86:6d:80:7c:8b:a8:25:62:53:29:fb:dc:31:d7:1c:07:
         8f:17:c2:7e:d3:13:e6:d7:f5:e4:41:6f:85:87:57:df:cd:9d:
         48:eb:39:df:30:37:f4:ec:8a:b6:28:e9:3d:0e:0d:dd:c6:c5:
         5a:40:49:a1
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYi/mXHTN7LgeztEjV1xRAUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwNjE1MTUwODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzk4ZmE2NjMyNzFmYjQxOTFhNWU4ZmI4ZTNmZjdjMTc2MTkxNTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwqWv2czydITaFuY8DT+MIoOFwMj
Usm6Z6E8MMMlsepmTUcGpJKlqJbkG/X+K3JUYwU6/+q2sUDlp0dVqW2Q58z2yqqj
3clOdH1XYY7v+/OM7nuMbQe9cjnYhNNL+9AxuYpnZfGExVPZP+vQ37HCvm2H+NAS
B/c+CNZ5/cC3hySUf8gYHCip9VWORW/5zQPAzgZlEhVRWYuZF4nzuVkT04L4xbc2
H0wdltu/RCJW42AXrcGOO3PalGFoZGcP0aGYicJLAOvJQ7YqKiJeboTrEpWdIwMH
utHwj0A12iQR4MuKLaU2Ltg7uwgCE2VQPtzB9GhQwZVeU792ntg24S9XpQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFMeY+mYycftBkaXo+44/98F2GRUmMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEveDVqNlpqSngtMEdScGVqN2pqXzN3WFlaRlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAAF
trgDBAAtQ5IDBAFOH84DBABPYrYDBAGi2lgwDAMEAKLaWwMEAKLaXjAMAwQDuTSI
AwQAuTSKAwQAuaG/AwQAuat+MAwDBAC5u9UDBAO5u9ADBAC5ySgDBAG5zc4wDAME
A7nQmAMEALnQmgMEAbnmeAMEALnmewMEANQ8DjANBgkqhkiG9w0BAQsFAAOCAQEA
d21+vLd/wRRfQvp1bkRMivJwWqCmYb05CSzP1a3aRNVGUqke+YNAKduAwS2+ZW+G
hvjqquUBkRhcyXCjQjrUg4UiH49SjvQIYBiTvue6DgkEgNxQQ/368PXpFQVSMRLF
KsbgfrQp1fwqPGUp2DJ3/GMfPYmtjVB9pbT0SFQ1Kh8pC4jFHAWgiJ3rZGCESsP1
VrAZlxOBU9Lf/zs3/WCExh9vcs40JVhTcoEbV91PI+ezuVXpqIekJP4aA9GZrIoq
Aeohw3rjOEWGbYB8i6glYlMp+9wx1xwHjxfCftMT5tf15EFvhYdX382dSOs53zA3
9OyKtijpPQ4N3cbFWkBJoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:55 2024 by rpki-client on console-fra.rpki-client.org