Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/578788-250f-47f2-bd3e-272ccc17dfea/1/5cwq-9-SW4oZjV4gwcOmsaBT2IA.roa
File:                     5cwq-9-SW4oZjV4gwcOmsaBT2IA.roa (raw, json)
Hash identifier:          aM9ntIuCnIY+Tkt7ERhCOl1T86KlqBD5WIaGDlcu+kE=
Subject key identifier:   E5:CC:2A:FB:DF:92:5B:8A:19:8D:5E:20:C1:C3:A6:B1:A0:53:D8:80
Certificate issuer:       /CN=b710b9be1e2db37482e1f8f25b35fda5380d32c6
Certificate serial:       01856B00AE06D984A9C198AD676CBDB894BE
Authority key identifier: B7:10:B9:BE:1E:2D:B3:74:82:E1:F8:F2:5B:35:FD:A5:38:0D:32:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/txC5vh4ts3SC4fjyWzX9pTgNMsY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/578788-250f-47f2-bd3e-272ccc17dfea/1/5cwq-9-SW4oZjV4gwcOmsaBT2IA.roa
Signing time:             Sun 01 Jan 2023 01:44:44 +0000
ROA not before:           Sun 01 Jan 2023 01:44:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206516
IP address blocks:        185.184.98.0/23 maxlen: 24
                          185.184.96.0/23 maxlen: 24
                          185.184.96.0/22 maxlen: 24
                          2a0b:3080:10::/44 maxlen: 44
                          2a0b:3080:8010::/44 maxlen: 44
                          2a0b:3080::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:00:ae:06:d9:84:a9:c1:98:ad:67:6c:bd:b8:94:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b710b9be1e2db37482e1f8f25b35fda5380d32c6
        Validity
            Not Before: Jan  1 01:44:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5cc2afbdf925b8a198d5e20c1c3a6b1a053d880
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6d:dc:76:2a:d7:e2:99:e2:78:39:f3:74:e0:
                    4c:f1:b6:15:55:94:55:8b:e3:d1:f8:52:ba:f0:de:
                    99:9a:88:37:10:c8:b2:61:64:23:59:5f:dc:8d:8d:
                    f6:ed:68:f3:fc:81:59:73:94:86:1c:b3:2d:ae:19:
                    0c:b8:76:14:1d:ba:45:56:86:99:44:a9:99:37:cc:
                    c6:bb:dd:a1:78:dd:5b:fc:68:47:e1:0d:71:c2:a0:
                    81:18:4c:e0:72:8e:d2:1a:0f:00:11:5f:b9:f5:0d:
                    fd:95:b5:91:95:85:e1:f8:a9:75:cd:10:08:28:c8:
                    44:ff:00:2a:0f:b9:e7:3c:b4:d4:51:a1:11:15:1b:
                    2a:08:e9:92:f2:01:7a:d5:f4:8b:cc:ea:02:fc:76:
                    e0:90:f1:f6:27:cc:ac:7e:38:f9:74:9b:73:52:48:
                    18:4a:b2:dc:49:fe:35:2b:e9:eb:73:36:e3:cd:31:
                    c6:8d:0b:fc:15:8a:19:af:19:bd:27:e8:70:c5:11:
                    f0:7d:36:9e:7b:e5:85:36:f4:6e:3e:57:f4:ee:3d:
                    7d:00:af:11:83:43:bc:aa:0b:77:5a:c4:94:fc:af:
                    66:09:63:7d:4e:99:67:04:3a:35:89:17:67:73:3f:
                    bf:19:a6:9f:5b:c0:02:02:e3:98:ec:d3:2f:de:cd:
                    54:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:CC:2A:FB:DF:92:5B:8A:19:8D:5E:20:C1:C3:A6:B1:A0:53:D8:80
            X509v3 Authority Key Identifier:
                keyid:B7:10:B9:BE:1E:2D:B3:74:82:E1:F8:F2:5B:35:FD:A5:38:0D:32:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/txC5vh4ts3SC4fjyWzX9pTgNMsY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/578788-250f-47f2-bd3e-272ccc17dfea/1/5cwq-9-SW4oZjV4gwcOmsaBT2IA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/578788-250f-47f2-bd3e-272ccc17dfea/1/txC5vh4ts3SC4fjyWzX9pTgNMsY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.184.96.0/22
                IPv6:
                  2a0b:3080::/32

    Signature Algorithm: sha256WithRSAEncryption
         5e:a2:fd:2d:50:b3:3c:40:a6:db:17:c3:ab:ec:91:21:17:c8:
         1a:45:ca:1e:0e:20:7d:b4:a7:0f:a3:5a:42:d2:6f:95:c8:94:
         77:31:2c:29:e0:ab:e5:fd:21:79:3a:e5:b5:31:6c:4c:83:b8:
         03:b3:22:1b:09:a9:9a:89:2b:81:8c:01:75:a9:80:80:9f:2b:
         b7:c3:29:1b:21:03:8c:7d:35:ba:ef:bf:0a:6d:b6:3d:1a:42:
         9c:65:9d:8c:71:57:4e:25:e8:d9:6d:2a:fd:ad:06:f1:07:3f:
         40:3d:5a:96:a1:57:26:93:a8:1d:c8:19:ff:fd:44:5e:84:bc:
         b3:09:2a:f1:b0:2b:e9:55:3a:61:ad:39:e5:8e:f8:4e:67:2f:
         24:46:46:5f:c9:98:69:e3:d2:7d:bf:a5:d2:4b:52:fd:0e:c7:
         72:72:0c:b6:a9:c8:fb:8b:d6:e2:74:10:2a:42:2b:05:cc:59:
         5e:cf:d8:45:a2:6e:97:4c:e6:e8:fb:80:f2:b2:ba:d4:78:ee:
         1a:9d:65:14:0c:72:3c:65:b9:cb:15:75:84:64:e8:da:60:c2:
         64:c0:8d:75:be:90:07:1c:a8:6c:5e:b7:5f:e5:17:23:38:27:
         d2:a4:07:8a:65:5c:47:c2:f4:bf:4f:d7:82:d7:00:5d:e6:64:
         a3:9f:2d:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrAK4G2YSpwZitZ2y9uJS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MTBiOWJlMWUyZGIzNzQ4MmUxZjhmMjViMzVmZGE1Mzgw
ZDMyYzYwHhcNMjMwMTAxMDE0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWNjMmFmYmRmOTI1YjhhMTk4ZDVlMjBjMWMzYTZiMWEwNTNkODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG3cdirX4pnieDnzdOBM8bYVVZRV
i+PR+FK68N6Zmog3EMiyYWQjWV/cjY327Wjz/IFZc5SGHLMtrhkMuHYUHbpFVoaZ
RKmZN8zGu92heN1b/GhH4Q1xwqCBGEzgco7SGg8AEV+59Q39lbWRlYXh+Kl1zRAI
KMhE/wAqD7nnPLTUUaERFRsqCOmS8gF61fSLzOoC/HbgkPH2J8ysfjj5dJtzUkgY
SrLcSf41K+nrczbjzTHGjQv8FYoZrxm9J+hwxRHwfTaee+WFNvRuPlf07j19AK8R
g0O8qgt3WsSU/K9mCWN9TplnBDo1iRdncz+/GaafW8ACAuOY7NMv3s1UFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOXMKvvfkluKGY1eIMHDprGgU9iAMB8GA1UdIwQY
MBaAFLcQub4eLbN0guH48ls1/aU4DTLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHhDNXZoNHRzM1NDNGZqeVd6WDlwVGdOTXNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81Nzg3ODgtMjUwZi00N2YyLWJkM2Ut
MjcyY2NjMTdkZmVhLzEvNWN3cS05LVNXNG9aalY0Z3djT21zYUJUMklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81Nzg3ODgtMjUwZi00N2YyLWJkM2UtMjcyY2NjMTdkZmVh
LzEvdHhDNXZoNHRzM1NDNGZqeVd6WDlwVGdOTXNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubhgMA0E
AgACMAcDBQAqCzCAMA0GCSqGSIb3DQEBCwUAA4IBAQBeov0tULM8QKbbF8Or7JEh
F8gaRcoeDiB9tKcPo1pC0m+VyJR3MSwp4Kvl/SF5OuW1MWxMg7gDsyIbCamaiSuB
jAF1qYCAnyu3wykbIQOMfTW6778KbbY9GkKcZZ2McVdOJejZbSr9rQbxBz9APVqW
oVcmk6gdyBn//URehLyzCSrxsCvpVTphrTnljvhOZy8kRkZfyZhp49J9v6XSS1L9
Dsdycgy2qcj7i9bidBAqQisFzFlez9hFom6XTObo+4DysrrUeO4anWUUDHI8ZbnL
FXWEZOjaYMJkwI11vpAHHKhsXrdf5RcjOCfSpAeKZVxHwvS/T9eC1wBd5mSjny04
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:09 2024 by rpki-client on console-fra.rpki-client.org