Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/er8GdSLFnVPR89ENYZWxwPKTtss.roa
File:                     er8GdSLFnVPR89ENYZWxwPKTtss.roa (raw, json)
Hash identifier:          n0J9bBiHKmnJUCrL/0eM4zfXyE2cQkdwtcwabnnlW6c=
Subject key identifier:   7A:BF:06:75:22:C5:9D:53:D1:F3:D1:0D:61:95:B1:C0:F2:93:B6:CB
Certificate issuer:       /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial:       018E18AF3D883984B5402EF666C44C598ACC
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/er8GdSLFnVPR89ENYZWxwPKTtss.roa
Signing time:             Thu 07 Mar 2024 11:32:01 +0000
ROA not before:           Thu 07 Mar 2024 11:32:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200462
IP address blocks:        2.58.52.0/23 maxlen: 32
                          5.180.192.0/23 maxlen: 24
                          45.86.124.0/22 maxlen: 24
                          94.247.43.0/24 maxlen: 32
                          2a00:f826:8::/48 maxlen: 48
                          2a07:6fc0:10::/44 maxlen: 48
                          2a09:e1c0::/32 maxlen: 128
                          2a0c:8900::/29 maxlen: 128
                          2a0e:de80::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 15 Apr 2024 09:18:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:18:af:3d:88:39:84:b5:40:2e:f6:66:c4:4c:59:8a:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
        Validity
            Not Before: Mar  7 11:32:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7abf067522c59d53d1f3d10d6195b1c0f293b6cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:03:15:8b:3b:d0:da:d4:f0:0e:b7:be:e3:80:
                    09:9e:42:21:10:76:a9:af:a0:14:83:41:a0:89:89:
                    80:c6:ff:ba:5e:6a:2a:21:d5:4a:fb:47:c6:4a:26:
                    60:8e:b5:7a:21:26:4d:67:69:92:67:b4:91:63:a0:
                    f0:20:13:02:97:f8:10:d3:6b:66:bd:c1:33:50:b4:
                    b3:e9:e7:4d:fb:f1:96:f9:80:e8:de:d5:42:c6:a8:
                    09:f9:85:83:76:48:03:22:b0:68:2f:f2:42:0e:7d:
                    f5:49:2b:9e:b5:ca:31:5e:5c:d7:5f:65:ee:7d:63:
                    81:2a:5f:24:0e:8a:3c:2c:70:ce:23:38:d6:57:97:
                    98:a2:3e:8b:d6:d7:a8:9a:a0:84:52:61:5d:50:42:
                    c2:a5:cb:77:04:0b:c2:3a:29:8e:66:07:b1:bd:3b:
                    9d:17:06:a8:d1:2b:be:f9:1a:dc:3d:d2:69:e5:86:
                    12:0e:55:cc:f3:94:3e:93:95:19:05:0f:df:cd:cb:
                    7b:0c:12:a6:bc:5a:ee:32:00:25:93:c3:f9:3b:d5:
                    a5:46:c2:6b:9f:ef:d0:54:7e:65:4c:f0:59:57:78:
                    a9:47:de:2c:55:4a:22:85:f4:bf:a3:9b:96:cf:9d:
                    bb:4c:53:bb:bf:e5:ed:ab:fa:80:a7:71:c9:48:50:
                    a2:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:BF:06:75:22:C5:9D:53:D1:F3:D1:0D:61:95:B1:C0:F2:93:B6:CB
            X509v3 Authority Key Identifier:
                keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/er8GdSLFnVPR89ENYZWxwPKTtss.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.52.0/23
                  5.180.192.0/23
                  45.86.124.0/22
                  94.247.43.0/24
                IPv6:
                  2a00:f826:8::/48
                  2a07:6fc0:10::/44
                  2a09:e1c0::/32
                  2a0c:8900::/29
                  2a0e:de80::/29

    Signature Algorithm: sha256WithRSAEncryption
         42:e3:2b:51:4b:14:4f:6c:e6:a0:bd:a6:09:0a:c5:b3:d8:93:
         53:85:bf:13:b7:1a:c8:6a:29:59:ec:52:e0:f2:bc:e5:3d:93:
         e6:51:8d:33:c3:39:63:17:83:b6:f3:db:d7:87:69:fa:c6:85:
         a0:a5:36:aa:a1:0c:bc:34:4d:f7:ea:38:e2:80:5b:73:9a:0d:
         c7:a2:2b:01:b2:4b:78:1d:a2:1e:7c:ee:0a:f7:6c:10:45:e6:
         d1:ff:58:b3:68:2f:9b:33:42:26:f3:ca:69:18:43:59:d0:d5:
         3f:81:d5:d9:0a:cd:0a:8b:35:ac:6c:fb:f3:77:26:2e:8d:51:
         da:79:4b:2d:65:57:70:a3:aa:a3:c1:07:64:8d:30:cc:15:38:
         ae:43:a4:2c:79:80:2d:26:48:66:f4:c4:2d:3f:aa:cf:cc:f3:
         f2:ee:c4:d6:93:d8:02:3f:ea:ff:cd:62:48:2d:4c:11:f3:b6:
         57:f2:91:9b:95:fa:c8:39:a6:37:ae:e3:80:3a:dc:e6:75:27:
         a7:6d:dc:df:f6:87:c7:a0:93:e2:7a:0f:a5:6e:5a:57:42:8a:
         83:57:ac:ac:f1:37:57:67:d6:d7:a6:4c:95:f9:8a:f3:c4:b5:
         0f:2f:12:2d:08:30:84:49:0c:40:f9:92:00:88:64:c8:bd:c4:
         aa:9b:ee:f2
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAY4Yrz2IOYS1QC72ZsRMWYrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMzA3MTEzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJmMDY3NTIyYzU5ZDUzZDFmM2QxMGQ2MTk1YjFjMGYyOTNiNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAMVizvQ2tTwDre+44AJnkIhEHap
r6AUg0GgiYmAxv+6XmoqIdVK+0fGSiZgjrV6ISZNZ2mSZ7SRY6DwIBMCl/gQ02tm
vcEzULSz6edN+/GW+YDo3tVCxqgJ+YWDdkgDIrBoL/JCDn31SSuetcoxXlzXX2Xu
fWOBKl8kDoo8LHDOIzjWV5eYoj6L1teomqCEUmFdUELCpct3BAvCOimOZgexvTud
Fwao0Su++RrcPdJp5YYSDlXM85Q+k5UZBQ/fzct7DBKmvFruMgAlk8P5O9WlRsJr
n+/QVH5lTPBZV3ipR94sVUoihfS/o5uWz527TFO7v+Xtq/qAp3HJSFCiYQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHq/BnUixZ1T0fPRDWGVscDyk7bLMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvZXI4R2RTTEZuVlBSODlFTllaV3h3UEtUdHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAeBAIAATAYAwQBAjo0AwQB
BbTAAwQCLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABADBQAqCeHA
AwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAELjK1FLFE9s5qC9pgkK
xbPYk1OFvxO3GshqKVnsUuDyvOU9k+ZRjTPDOWMXg7bz29eHafrGhaClNqqhDLw0
TffqOOKAW3OaDceiKwGyS3gdoh587gr3bBBF5tH/WLNoL5szQibzymkYQ1nQ1T+B
1dkKzQqLNaxs+/N3Ji6NUdp5Sy1lV3CjqqPBB2SNMMwVOK5DpCx5gC0mSGb0xC0/
qs/M8/LuxNaT2AI/6v/NYkgtTBHztlfykZuV+sg5pjeu44A63OZ1J6dt3N/2h8eg
k+J6D6VuWldCioNXrKzxN1dn1temTJX5ivPEtQ8vEi0IMIRJDED5kgCIZMi9xKqb
7vI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org