Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/oBygOGnww8ZXsQivoN5_cwIMGAw.roa
File:                     oBygOGnww8ZXsQivoN5_cwIMGAw.roa (raw, json)
Hash identifier:          CD8BS4ARxoaEQ/cJ338Rwj3jnO0uslEJk/GImSvDego=
Subject key identifier:   A0:1C:A0:38:69:F0:C3:C6:57:B1:08:AF:A0:DE:7F:73:02:0C:18:0C
Certificate issuer:       /CN=e58024b729d99f05133ec6d14390c73eb36db99e
Certificate serial:       018B1609FF02363B5FE753CFCD25B29475C2
Authority key identifier: E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/oBygOGnww8ZXsQivoN5_cwIMGAw.roa
Signing time:             Mon 09 Oct 2023 20:03:55 +0000
ROA not before:           Mon 09 Oct 2023 20:03:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206119
IP address blocks:        82.129.32.0/22 maxlen: 24
                          212.20.136.0/21 maxlen: 24
                          82.138.108.0/22 maxlen: 24
                          212.20.144.0/22 maxlen: 24
                          82.138.120.0/21 maxlen: 24
                          80.91.92.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:16:09:ff:02:36:3b:5f:e7:53:cf:cd:25:b2:94:75:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e58024b729d99f05133ec6d14390c73eb36db99e
        Validity
            Not Before: Oct  9 20:03:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a01ca03869f0c3c657b108afa0de7f73020c180c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ca:92:49:bb:8d:dd:cb:fa:68:c7:02:5a:fb:
                    45:aa:ba:fd:fd:75:92:4d:c5:5e:40:51:00:6e:e5:
                    a2:14:5c:12:46:c5:16:37:94:aa:60:4a:0f:24:8d:
                    11:0b:ea:6c:d4:0f:f1:a9:36:77:e7:9e:7a:25:52:
                    f4:a2:7f:3e:83:1b:db:55:e3:07:25:76:7a:66:91:
                    98:6b:c1:ec:dc:c2:b4:03:df:20:79:36:bb:03:10:
                    41:02:82:d3:9e:dc:de:b4:2e:75:05:5b:6c:ba:95:
                    fa:6f:82:37:f1:0f:45:61:bc:ca:ee:51:d5:da:6c:
                    1b:8f:c9:74:b9:03:13:78:f9:70:1c:b8:10:1e:6e:
                    1e:56:13:c3:9b:36:ab:2d:de:b0:36:67:e3:89:36:
                    6a:c2:89:91:d4:f1:0f:a2:e1:c1:31:a4:48:58:de:
                    ad:46:b9:84:b7:c9:57:4c:47:6b:aa:b1:8d:08:1c:
                    cc:a4:e2:00:c2:0b:37:7b:33:02:5f:c3:51:e8:a1:
                    1e:96:cc:5e:1b:7d:63:c6:86:ea:bf:c3:a3:d8:00:
                    c7:f9:23:5c:40:18:98:bb:57:db:39:c0:f5:84:bd:
                    41:4f:54:a8:43:5e:34:74:df:64:34:47:d4:31:2e:
                    4b:e0:ad:49:d6:c9:22:13:9e:fa:55:de:ad:82:0c:
                    2a:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:1C:A0:38:69:F0:C3:C6:57:B1:08:AF:A0:DE:7F:73:02:0C:18:0C
            X509v3 Authority Key Identifier:
                keyid:E5:80:24:B7:29:D9:9F:05:13:3E:C6:D1:43:90:C7:3E:B3:6D:B9:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YAktynZnwUTPsbRQ5DHPrNtuZ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/oBygOGnww8ZXsQivoN5_cwIMGAw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d5628a-d9b1-4da9-a744-956f6b5c6170/1/5YAktynZnwUTPsbRQ5DHPrNtuZ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.91.92.0/22
                  82.129.32.0/22
                  82.138.108.0/22
                  82.138.120.0/21
                  212.20.136.0-212.20.147.255

    Signature Algorithm: sha256WithRSAEncryption
         58:3e:2b:1d:44:e5:19:56:b3:f1:29:a0:dd:ea:f9:72:77:c5:
         5c:bf:7b:ad:0e:3f:48:78:f6:b3:57:87:7b:02:bc:3a:a4:cd:
         52:4d:4b:b8:8b:0b:45:54:4f:f2:86:ea:bc:45:56:d1:fd:d2:
         3e:55:08:02:59:20:60:c8:44:35:42:80:4a:c6:79:38:ae:0b:
         b1:fa:3a:4a:c9:92:ec:c6:d5:58:05:61:e7:f7:c1:81:99:b9:
         58:e7:a1:bf:f6:8e:a9:fd:ab:b5:7f:6a:c5:b8:9d:f5:ea:c7:
         ac:f9:43:77:9d:77:fb:89:46:4a:02:b9:92:36:9a:92:f0:1d:
         68:a3:05:4c:db:92:c7:b9:53:e3:3a:82:97:eb:0d:89:bf:4f:
         2f:66:ae:0c:39:96:8e:4d:cd:9c:43:6c:84:af:9c:42:e0:89:
         63:2a:1e:79:31:b6:bc:91:6e:c5:ba:f5:c9:71:cb:bf:c9:6a:
         a3:0d:30:d3:32:4c:df:c4:da:ea:8a:d7:1f:b5:3b:f2:e6:5d:
         2c:a4:f3:be:8c:8c:25:52:7b:21:ec:17:b5:35:c0:99:85:ba:
         c0:79:af:f2:83:80:d8:dd:11:e5:ef:f6:65:d7:84:c3:6f:05:
         44:31:c6:15:f0:cf:ee:b3:cc:7a:6c:f5:4b:07:fa:a8:a2:dc:
         49:ba:b8:8f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYsWCf8CNjtf51PPzSWylHXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODAyNGI3MjlkOTlmMDUxMzNlYzZkMTQzOTBjNzNlYjM2
ZGI5OWUwHhcNMjMxMDA5MjAwMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDFjYTAzODY5ZjBjM2M2NTdiMTA4YWZhMGRlN2Y3MzAyMGMxODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8qSSbuN3cv6aMcCWvtFqrr9/XWS
TcVeQFEAbuWiFFwSRsUWN5SqYEoPJI0RC+ps1A/xqTZ35556JVL0on8+gxvbVeMH
JXZ6ZpGYa8Hs3MK0A98geTa7AxBBAoLTntzetC51BVtsupX6b4I38Q9FYbzK7lHV
2mwbj8l0uQMTePlwHLgQHm4eVhPDmzarLd6wNmfjiTZqwomR1PEPouHBMaRIWN6t
RrmEt8lXTEdrqrGNCBzMpOIAwgs3ezMCX8NR6KEelsxeG31jxobqv8Oj2ADH+SNc
QBiYu1fbOcD1hL1BT1SoQ140dN9kNEfUMS5L4K1J1skiE576Vd6tggwq5QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKAcoDhp8MPGV7EIr6Def3MCDBgMMB8GA1UdIwQY
MBaAFOWAJLcp2Z8FEz7G0UOQxz6zbbmeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQt
OTU2ZjZiNWM2MTcwLzEvb0J5Z09Hbnd3OFpYc1Fpdm9ONV9jd0lNR0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNTYyOGEtZDliMS00ZGE5LWE3NDQtOTU2ZjZiNWM2MTcw
LzEvNVlBa3R5blpud1VUUHNiUlE1REhQck50dVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCUFtcAwQC
UoEgAwQCUopsAwQDUop4MAwDBAPUFIgDBALUFJAwDQYJKoZIhvcNAQELBQADggEB
AFg+Kx1E5RlWs/EpoN3q+XJ3xVy/e60OP0h49rNXh3sCvDqkzVJNS7iLC0VUT/KG
6rxFVtH90j5VCAJZIGDIRDVCgErGeTiuC7H6OkrJkuzG1VgFYef3wYGZuVjnob/2
jqn9q7V/asW4nfXqx6z5Q3edd/uJRkoCuZI2mpLwHWijBUzbkse5U+M6gpfrDYm/
Ty9mrgw5lo5NzZxDbISvnELgiWMqHnkxtryRbsW69clxy7/JaqMNMNMyTN/E2uqK
1x+1O/LmXSyk876MjCVSeyHsF7U1wJmFusB5r/KDgNjdEeXv9mXXhMNvBUQxxhXw
z+6zzHps9UsH+qii3Em6uI8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:39 2024 by rpki-client on console-ams.rpki-client.org