Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/RRZ5vh3TG0x1s3uluIro1X0eYAY.roa
File:                     RRZ5vh3TG0x1s3uluIro1X0eYAY.roa (raw, json)
Hash identifier:          chYxDTuZuKT44seqUfNxGugdTP4Wwl3DBKGUdZyP2tk=
Subject key identifier:   45:16:79:BE:1D:D3:1B:4C:75:B3:7B:A5:B8:8A:E8:D5:7D:1E:60:06
Certificate issuer:       /CN=759d6afb8ddf8f8c0dd660790edcba1f3b370c63
Certificate serial:       018570CBF67C6776CEFF411039BB26F13E33
Authority key identifier: 75:9D:6A:FB:8D:DF:8F:8C:0D:D6:60:79:0E:DC:BA:1F:3B:37:0C:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/RRZ5vh3TG0x1s3uluIro1X0eYAY.roa
Signing time:             Mon 02 Jan 2023 04:44:53 +0000
ROA not before:           Mon 02 Jan 2023 04:44:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60631
IP address blocks:        185.8.172.0/24 maxlen: 24
                          185.8.174.0/24 maxlen: 24
                          185.8.173.0/24 maxlen: 24
                          185.8.175.0/24 maxlen: 24
                          130.185.75.0/24 maxlen: 24
                          130.185.74.0/24 maxlen: 24
                          130.185.76.0/24 maxlen: 24
                          130.185.78.0/23 maxlen: 23
                          130.185.78.0/24 maxlen: 24
                          130.185.77.0/24 maxlen: 24
                          130.185.73.0/24 maxlen: 24
                          130.185.72.0/24 maxlen: 24
                          130.185.79.0/24 maxlen: 24
                          185.208.174.0/24 maxlen: 24
                          185.208.175.0/24 maxlen: 24
                          2a03:2dc0::/36 maxlen: 36
                          2a03:2dc0:1000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Sat 09 Dec 2023 11:43:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:cb:f6:7c:67:76:ce:ff:41:10:39:bb:26:f1:3e:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=759d6afb8ddf8f8c0dd660790edcba1f3b370c63
        Validity
            Not Before: Jan  2 04:44:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=451679be1dd31b4c75b37ba5b88ae8d57d1e6006
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:29:13:e4:4f:47:d3:0b:e9:6c:76:03:f1:a4:
                    27:1a:04:49:d2:33:50:09:98:cf:a7:ae:15:e5:25:
                    9b:60:f3:01:d6:b7:dc:11:a6:2b:3a:1c:22:f0:c0:
                    ad:89:0d:0e:7f:03:64:b7:45:bd:53:15:e8:4d:49:
                    1c:fd:4d:34:55:36:61:ea:fa:7d:53:8c:a5:3f:2f:
                    d7:f3:49:59:ba:f6:d1:ff:5a:a7:32:34:4d:e1:cc:
                    a7:b3:19:66:17:7c:31:e1:46:9f:ce:ca:2d:37:92:
                    87:37:2b:34:6d:97:a4:2b:68:c7:26:aa:e6:e1:2b:
                    0c:a1:29:9a:c0:78:29:a2:1e:ef:5a:c1:af:3d:67:
                    63:1d:a3:9c:aa:9d:5d:07:b3:c8:66:04:ea:e2:18:
                    aa:54:52:51:68:5a:ac:f0:c6:f0:cf:42:c5:35:63:
                    35:5c:27:36:47:ae:32:a6:d4:f0:20:eb:69:d9:97:
                    a0:61:87:68:56:4d:6e:ce:a1:94:db:e4:85:cd:e3:
                    46:eb:4d:82:33:50:a6:b3:7f:08:74:a8:a8:a7:2b:
                    ac:11:32:0a:5a:b4:1e:55:22:cb:82:a6:10:00:4a:
                    53:e5:bd:65:e9:86:e6:69:fa:24:a3:65:1e:8d:ac:
                    5b:e2:89:39:21:c0:c5:b9:ac:06:1b:99:c2:25:6d:
                    14:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:16:79:BE:1D:D3:1B:4C:75:B3:7B:A5:B8:8A:E8:D5:7D:1E:60:06
            X509v3 Authority Key Identifier:
                keyid:75:9D:6A:FB:8D:DF:8F:8C:0D:D6:60:79:0E:DC:BA:1F:3B:37:0C:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/RRZ5vh3TG0x1s3uluIro1X0eYAY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.185.72.0/21
                  185.8.172.0/22
                  185.208.174.0/23
                IPv6:
                  2a03:2dc0::/35

    Signature Algorithm: sha256WithRSAEncryption
         23:68:7f:04:ff:fe:df:dd:9b:cc:08:38:3d:70:a6:e7:d6:09:
         80:d6:71:35:66:96:15:13:67:ae:4c:25:29:10:02:b6:99:30:
         3e:52:ad:5a:5b:c4:db:a8:02:64:6b:34:ec:84:a9:88:7f:12:
         bc:e4:2b:93:f8:47:b5:a4:d4:ef:d6:44:3b:84:a9:74:78:93:
         b9:21:e2:d8:b7:1d:38:2b:d5:66:19:b2:5c:a7:65:db:ed:04:
         b6:b2:bb:ea:b3:d2:18:93:d5:a1:a5:64:67:e4:e4:54:d8:c9:
         e8:01:11:09:6e:53:92:72:4a:07:3e:8e:56:63:ed:c5:98:fe:
         54:3d:6d:ab:06:23:7a:54:82:ad:c4:c1:0d:64:f8:6c:b4:91:
         0d:c9:ea:94:ed:b1:33:67:5a:cc:b3:15:4d:d0:af:88:90:d2:
         a2:5b:51:da:23:b5:b1:6e:5c:f0:4f:ca:fa:f3:57:67:eb:8c:
         88:ca:19:9d:db:af:57:f4:18:b7:ba:6f:eb:01:fb:90:03:b7:
         2b:31:5d:08:10:74:6c:26:1e:6b:10:4e:f1:7b:75:1c:6f:3d:
         e8:53:7f:90:da:c1:2a:21:51:23:61:69:be:f6:a8:9f:14:cf:
         57:83:b6:55:a7:f6:b6:42:ca:84:4b:50:28:1d:5d:ed:b0:f7:
         5a:04:1d:45
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVwy/Z8Z3bO/0EQObsm8T4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWQ2YWZiOGRkZjhmOGMwZGQ2NjA3OTBlZGNiYTFmM2Iz
NzBjNjMwHhcNMjMwMTAyMDQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTE2NzliZTFkZDMxYjRjNzViMzdiYTViODhhZThkNTdkMWU2MDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmikT5E9H0wvpbHYD8aQnGgRJ0jNQ
CZjPp64V5SWbYPMB1rfcEaYrOhwi8MCtiQ0OfwNkt0W9UxXoTUkc/U00VTZh6vp9
U4ylPy/X80lZuvbR/1qnMjRN4cynsxlmF3wx4UafzsotN5KHNys0bZekK2jHJqrm
4SsMoSmawHgpoh7vWsGvPWdjHaOcqp1dB7PIZgTq4hiqVFJRaFqs8Mbwz0LFNWM1
XCc2R64yptTwIOtp2ZegYYdoVk1uzqGU2+SFzeNG602CM1Cms38IdKiopyusETIK
WrQeVSLLgqYQAEpT5b1l6Ybmafoko2Uejaxb4ok5IcDFuawGG5nCJW0UJwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEUWeb4d0xtMdbN7pbiK6NV9HmAGMB8GA1UdIwQY
MBaAFHWdavuN34+MDdZgeQ7cuh87NwxjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFoxcS00M2ZqNHdOMW1CNUR0eTZIenMzREdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xNmI3ZjQtZmExNS00N2E2LTlmYzUt
MjU0YmNiY2VjMDM3LzEvUlJaNXZoM1RHMHgxczN1bHVJcm8xWDBlWUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xNmI3ZjQtZmExNS00N2E2LTlmYzUtMjU0YmNiY2VjMDM3
LzEvZFoxcS00M2ZqNHdOMW1CNUR0eTZIenMzREdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQDgrlIAwQC
uQisAwQBudCuMA4EAgACMAgDBgUqAy3AADANBgkqhkiG9w0BAQsFAAOCAQEAI2h/
BP/+392bzAg4PXCm59YJgNZxNWaWFRNnrkwlKRACtpkwPlKtWlvE26gCZGs07ISp
iH8SvOQrk/hHtaTU79ZEO4SpdHiTuSHi2LcdOCvVZhmyXKdl2+0EtrK76rPSGJPV
oaVkZ+TkVNjJ6AERCW5TknJKBz6OVmPtxZj+VD1tqwYjelSCrcTBDWT4bLSRDcnq
lO2xM2dazLMVTdCviJDSoltR2iO1sW5c8E/K+vNXZ+uMiMoZnduvV/QYt7pv6wH7
kAO3KzFdCBB0bCYeaxBO8Xt1HG896FN/kNrBKiFRI2FpvvaonxTPV4O2Vaf2tkLK
hEtQKB1d7bD3WgQdRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org