Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/pfufRoFvE8vVMpgH7unXmkfVmEY.roa
File:                     pfufRoFvE8vVMpgH7unXmkfVmEY.roa (raw, json)
Hash identifier:          aS5Ryjq0eWFbDPpfl/tz5VTH33Auinlmrjtq3SDMWGI=
Subject key identifier:   A5:FB:9F:46:81:6F:13:CB:D5:32:98:07:EE:E9:D7:9A:47:D5:98:46
Certificate issuer:       /CN=78a4c4eaef6fe1705698b00e61915677a2fb8d5b
Certificate serial:       018571F11289AE669BA4F8D65F8EB609D45D
Authority key identifier: 78:A4:C4:EA:EF:6F:E1:70:56:98:B0:0E:61:91:56:77:A2:FB:8D:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eKTE6u9v4XBWmLAOYZFWd6L7jVs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/pfufRoFvE8vVMpgH7unXmkfVmEY.roa
Signing time:             Mon 02 Jan 2023 10:05:02 +0000
ROA not before:           Mon 02 Jan 2023 10:05:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51978
IP address blocks:        194.182.192.0/19 maxlen: 19
                          82.180.64.0/18 maxlen: 18
                          185.8.136.0/22 maxlen: 22
                          46.30.112.0/21 maxlen: 21
                          64.190.238.0/23 maxlen: 23
                          130.193.112.0/21 maxlen: 21
                          46.35.32.0/20 maxlen: 20
                          2a03:b580::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 10 Aug 2023 09:59:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:f1:12:89:ae:66:9b:a4:f8:d6:5f:8e:b6:09:d4:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=78a4c4eaef6fe1705698b00e61915677a2fb8d5b
        Validity
            Not Before: Jan  2 10:05:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a5fb9f46816f13cbd5329807eee9d79a47d59846
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:21:46:ff:e2:77:fc:35:2f:2e:9b:c6:45:74:
                    0c:ba:21:5a:0f:57:2b:b1:3e:5c:7d:e9:61:a4:e5:
                    ad:41:ad:a5:15:6d:a1:e4:e6:a0:94:da:fb:cb:ce:
                    ef:61:4d:66:c3:6b:24:c4:c2:f7:c0:c7:8a:59:f5:
                    1e:f3:68:9c:f2:65:99:23:32:d5:a3:af:51:2b:a9:
                    08:9f:b8:71:b1:d9:32:ee:97:9a:31:e9:e5:76:d0:
                    48:fa:27:91:ef:5e:8e:eb:3c:4d:b8:d6:7e:0e:0e:
                    6a:b3:a0:a2:ba:ad:92:5f:d9:c0:d7:bc:bc:f2:74:
                    91:7d:5d:dd:99:48:87:0d:b8:61:e1:1d:2c:88:6f:
                    a9:2c:a1:7f:5e:f4:9f:94:36:01:65:ce:74:4f:a9:
                    df:51:49:66:0a:8f:29:5e:0c:89:91:17:ad:a6:36:
                    d7:7f:11:d5:58:5b:80:af:df:90:ae:85:df:5f:ef:
                    ab:41:68:5f:ea:97:82:c4:29:81:d1:4e:a5:f6:ef:
                    0e:65:02:d7:78:fb:b7:10:5f:54:3e:d3:53:cf:09:
                    6d:31:a0:03:19:51:c6:5b:5a:6b:fc:b6:8a:e2:e8:
                    41:da:3c:53:46:6f:96:2a:34:30:3f:c3:20:7e:3f:
                    b3:a5:82:12:91:0b:42:22:ac:c9:fe:98:18:c3:1d:
                    d2:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:FB:9F:46:81:6F:13:CB:D5:32:98:07:EE:E9:D7:9A:47:D5:98:46
            X509v3 Authority Key Identifier:
                keyid:78:A4:C4:EA:EF:6F:E1:70:56:98:B0:0E:61:91:56:77:A2:FB:8D:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eKTE6u9v4XBWmLAOYZFWd6L7jVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/pfufRoFvE8vVMpgH7unXmkfVmEY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/eKTE6u9v4XBWmLAOYZFWd6L7jVs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.30.112.0/21
                  46.35.32.0/20
                  64.190.238.0/23
                  82.180.64.0/18
                  130.193.112.0/21
                  185.8.136.0/22
                  194.182.192.0/19
                IPv6:
                  2a03:b580::/32

    Signature Algorithm: sha256WithRSAEncryption
         5e:03:3c:6c:16:32:65:7b:68:28:92:e0:ff:7f:ca:5b:fb:29:
         4e:e4:0d:55:bb:7f:33:4a:69:e0:e7:ce:63:73:f8:b4:e3:c0:
         03:c2:6e:4b:b1:8e:b8:4c:3d:49:68:56:0d:8a:a6:b8:5c:fe:
         9a:16:7a:dd:e7:4c:e1:13:21:38:9a:4a:c2:43:7d:97:81:a2:
         84:29:1b:4b:98:5b:96:b9:0d:1e:64:3a:86:c1:0e:5e:1e:49:
         78:14:11:df:e7:db:e3:e2:35:6c:c4:b5:66:74:5c:72:82:81:
         0e:81:15:dd:1f:49:ec:7e:8f:1c:d8:fd:f5:f3:28:a9:df:ae:
         53:bf:3a:54:a7:1e:39:b1:9a:70:a7:cd:1f:99:b0:cc:1a:16:
         f2:88:94:72:7f:49:d7:a7:ce:10:d3:83:02:13:f9:02:d6:33:
         84:65:02:46:a7:ec:86:93:a2:e1:d1:01:c4:0c:73:69:3a:95:
         fe:f3:3f:85:93:1b:9c:40:37:8d:b9:39:9c:05:fd:e4:81:b6:
         86:01:85:57:ff:e2:43:dc:d5:18:d5:bd:47:54:39:43:1e:9a:
         16:b3:1a:2e:77:08:2a:c7:92:d8:c3:90:ff:88:72:c3:05:15:
         85:7c:14:ec:42:ed:8b:3f:34:af:27:84:d3:78:03:1d:4d:d6:
         f4:0e:3a:b0
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVx8RKJrmabpPjWX462CdRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4YTRjNGVhZWY2ZmUxNzA1Njk4YjAwZTYxOTE1Njc3YTJm
YjhkNWIwHhcNMjMwMTAyMTAwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWZiOWY0NjgxNmYxM2NiZDUzMjk4MDdlZWU5ZDc5YTQ3ZDU5ODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiFG/+J3/DUvLpvGRXQMuiFaD1cr
sT5cfelhpOWtQa2lFW2h5OaglNr7y87vYU1mw2skxML3wMeKWfUe82ic8mWZIzLV
o69RK6kIn7hxsdky7peaMenldtBI+ieR716O6zxNuNZ+Dg5qs6Ciuq2SX9nA17y8
8nSRfV3dmUiHDbhh4R0siG+pLKF/XvSflDYBZc50T6nfUUlmCo8pXgyJkRetpjbX
fxHVWFuAr9+QroXfX++rQWhf6peCxCmB0U6l9u8OZQLXePu3EF9UPtNTzwltMaAD
GVHGW1pr/LaK4uhB2jxTRm+WKjQwP8Mgfj+zpYISkQtCIqzJ/pgYwx3SjwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKX7n0aBbxPL1TKYB+7p15pH1ZhGMB8GA1UdIwQY
MBaAFHikxOrvb+FwVpiwDmGRVnei+41bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUtURTZ1OXY0WEJXbUxBT1laRldkNkw3alZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81MWJhMGItNjljNi00ZWQ5LTgyYzct
NDI5MzA3ZjI0MzIwLzEvcGZ1ZlJvRnZFOHZWTXBnSDd1blhta2ZWbUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81MWJhMGItNjljNi00ZWQ5LTgyYzctNDI5MzA3ZjI0MzIw
LzEvZUtURTZ1OXY0WEJXbUxBT1laRldkNkw3alZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLh5wAwQE
LiMgAwQBQL7uAwQGUrRAAwQDgsFwAwQCuQiIAwQFwrbAMA0EAgACMAcDBQAqA7WA
MA0GCSqGSIb3DQEBCwUAA4IBAQBeAzxsFjJle2gokuD/f8pb+ylO5A1Vu38zSmng
585jc/i048ADwm5LsY64TD1JaFYNiqa4XP6aFnrd50zhEyE4mkrCQ32XgaKEKRtL
mFuWuQ0eZDqGwQ5eHkl4FBHf59vj4jVsxLVmdFxygoEOgRXdH0nsfo8c2P318yip
365TvzpUpx45sZpwp80fmbDMGhbyiJRyf0nXp84Q04MCE/kC1jOEZQJGp+yGk6Lh
0QHEDHNpOpX+8z+FkxucQDeNuTmcBf3kgbaGAYVX/+JD3NUY1b1HVDlDHpoWsxou
dwgqx5LYw5D/iHLDBRWFfBTsQu2LPzSvJ4TTeAMdTdb0Djqw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:33 2024 by rpki-client on console-ams.rpki-client.org