Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/M5FLckflc-I9IIWQEZZ5Wu1dFsQ.roa
File:                     M5FLckflc-I9IIWQEZZ5Wu1dFsQ.roa (raw, json)
Hash identifier:          IqN5K0NvDoSjkwAXYZV8Hu4m1gu1vTzpTwXSXLMXfT0=
Subject key identifier:   33:91:4B:72:47:E5:73:E2:3D:20:85:90:11:96:79:5A:ED:5D:16:C4
Certificate issuer:       /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial:       018BA9F3A078739F98AA48C904E1612F12D3
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/M5FLckflc-I9IIWQEZZ5Wu1dFsQ.roa
Signing time:             Tue 07 Nov 2023 13:23:17 +0000
ROA not before:           Tue 07 Nov 2023 13:23:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49223
IP address blocks:        185.145.233.0/24 maxlen: 24
                          193.228.127.0/24 maxlen: 24
                          5.44.250.0/24 maxlen: 24
                          212.6.63.0/24 maxlen: 24
                          194.126.176.0/24 maxlen: 24
                          195.234.29.0/24 maxlen: 24
                          193.56.147.0/24 maxlen: 24
                          194.56.149.0/24 maxlen: 24
                          178.23.191.0/24 maxlen: 24
                          185.252.209.0/24 maxlen: 24
                          185.249.54.0/24 maxlen: 24
                          193.163.6.0/24 maxlen: 24
                          185.197.151.0/24 maxlen: 24
                          195.69.149.0/24 maxlen: 24
                          185.99.23.0/24 maxlen: 24
                          91.224.141.0/24 maxlen: 24
                          109.205.59.0/24 maxlen: 24
                          185.218.186.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Nov 2023 15:12:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a9:f3:a0:78:73:9f:98:aa:48:c9:04:e1:61:2f:12:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
        Validity
            Not Before: Nov  7 13:23:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=33914b7247e573e23d2085901196795aed5d16c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:0b:1e:76:87:ec:a4:81:0a:8e:31:f3:57:03:
                    d9:00:51:24:1c:2d:db:af:5c:a9:a9:88:7e:d1:f1:
                    54:20:93:cd:d8:6b:0b:86:7b:69:18:f5:c7:05:36:
                    6e:32:8e:03:39:db:f1:93:01:38:d2:52:75:05:93:
                    b7:6e:a2:fa:94:33:c8:a3:56:bd:f1:be:42:94:15:
                    6a:8d:d3:f1:f3:9c:d2:90:be:0e:52:3d:78:0e:cf:
                    e9:ca:80:b8:ab:1d:1c:36:71:63:61:a2:ce:12:2f:
                    6c:5f:11:41:44:c9:cd:92:84:08:9b:38:a9:c4:b1:
                    2d:bc:e4:07:0b:ff:97:59:51:b8:0e:68:62:4f:70:
                    d3:b5:5d:ac:a4:a7:e7:ac:01:79:19:84:29:c2:8a:
                    7d:5a:64:db:db:5b:ef:01:7b:7b:01:d9:c9:d4:88:
                    1c:f5:b0:95:59:23:b2:6c:91:c8:af:90:9f:a7:5b:
                    2f:36:ea:b1:ac:fe:b9:aa:b9:9d:bf:34:81:14:13:
                    7c:0f:9b:3e:5e:f5:bc:4e:42:9a:6f:57:28:4a:ce:
                    ec:c8:18:f3:ec:d3:5a:df:10:80:d2:5f:5c:a1:8b:
                    00:b4:e9:b3:d8:6e:31:6a:40:65:67:7a:fe:62:2f:
                    6a:42:eb:95:9c:2a:20:ce:1b:7a:88:f7:f0:00:fb:
                    3f:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:91:4B:72:47:E5:73:E2:3D:20:85:90:11:96:79:5A:ED:5D:16:C4
            X509v3 Authority Key Identifier:
                keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/M5FLckflc-I9IIWQEZZ5Wu1dFsQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.44.250.0/24
                  91.224.141.0/24
                  109.205.59.0/24
                  178.23.191.0/24
                  185.99.23.0/24
                  185.145.233.0/24
                  185.197.151.0/24
                  185.218.186.0/24
                  185.249.54.0/24
                  185.252.209.0/24
                  193.56.147.0/24
                  193.163.6.0/24
                  193.228.127.0/24
                  194.56.149.0/24
                  194.126.176.0/24
                  195.69.149.0/24
                  195.234.29.0/24
                  212.6.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:96:9b:26:ba:bb:10:53:5d:cc:cf:d9:35:e7:04:50:75:7c:
         2d:9e:e8:ee:8c:be:68:81:7d:1c:bd:c6:eb:e4:d8:7a:69:68:
         1c:b4:9b:ab:3e:8b:80:97:e5:73:36:80:61:5c:09:9a:0e:f2:
         4f:ae:ef:d2:e3:41:db:86:56:bb:1e:e1:8e:9e:73:31:b7:a0:
         23:16:05:e5:57:cf:b8:0d:db:fc:6e:18:44:50:ff:f9:55:89:
         fe:d3:7c:9a:20:12:af:3e:02:f9:6e:3b:fa:e7:05:63:9c:dd:
         52:11:e4:cc:4d:b0:dd:21:85:54:1d:e9:2b:8f:d2:56:2f:c6:
         80:e2:fd:71:b8:df:f0:92:ae:9a:a4:69:e7:a5:70:4e:75:89:
         19:d2:e3:5c:36:a3:0f:9c:38:ad:9d:09:1f:e9:89:9b:8d:71:
         d8:0e:fa:85:8a:7c:16:50:8c:2d:b7:aa:85:61:0f:b6:29:45:
         84:8f:f3:a5:64:2a:fc:2e:b7:eb:b8:a2:c0:a3:d8:13:33:27:
         de:8d:64:c9:ce:35:f7:b2:5f:89:bf:68:62:e9:0f:9e:88:53:
         2d:d1:54:8a:5d:18:3a:21:9e:a1:80:8a:98:00:c6:e6:d7:2f:
         b1:73:e9:a5:b9:9d:a0:bb:5b:84:fc:2e:7b:61:19:3d:57:3f:
         35:ae:a0:9a
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYup86B4c5+YqkjJBOFhLxLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjA3NmYyN2UxM2QxODAwZTc3ZDE2ZTRiNjBiMjNiNmY1
OGM4MjAwHhcNMjMxMTA3MTMyMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzkxNGI3MjQ3ZTU3M2UyM2QyMDg1OTAxMTk2Nzk1YWVkNWQxNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQsedofspIEKjjHzVwPZAFEkHC3b
r1ypqYh+0fFUIJPN2GsLhntpGPXHBTZuMo4DOdvxkwE40lJ1BZO3bqL6lDPIo1a9
8b5ClBVqjdPx85zSkL4OUj14Ds/pyoC4qx0cNnFjYaLOEi9sXxFBRMnNkoQImzip
xLEtvOQHC/+XWVG4DmhiT3DTtV2spKfnrAF5GYQpwop9WmTb21vvAXt7AdnJ1Igc
9bCVWSOybJHIr5Cfp1svNuqxrP65qrmdvzSBFBN8D5s+XvW8TkKab1coSs7syBjz
7NNa3xCA0l9coYsAtOmz2G4xakBlZ3r+Yi9qQuuVnCogzht6iPfwAPs/3wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFDORS3JH5XPiPSCFkBGWeVrtXRbEMB8GA1UdIwQY
MBaAFOVgdvJ+E9GADnfRbktgsjtvWMggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgt
NThjZjg5ODg4ZTJhLzEvTTVGTGNrZmxjLUk5SUlXUUVaWjVXdTFkRnNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgtNThjZjg5ODg4ZTJh
LzEvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAAUs+gME
AFvgjQMEAG3NOwMEALIXvwMEALljFwMEALmR6QMEALnFlwMEALnaugMEALn5NgME
ALn80QMEAME4kwMEAMGjBgMEAMHkfwMEAMI4lQMEAMJ+sAMEAMNFlQMEAMPqHQME
ANQGPzANBgkqhkiG9w0BAQsFAAOCAQEAi5abJrq7EFNdzM/ZNecEUHV8LZ7o7oy+
aIF9HL3G6+TYemloHLSbqz6LgJflczaAYVwJmg7yT67v0uNB24ZWux7hjp5zMbeg
IxYF5VfPuA3b/G4YRFD/+VWJ/tN8miASrz4C+W47+ucFY5zdUhHkzE2w3SGFVB3p
K4/SVi/GgOL9cbjf8JKumqRp56VwTnWJGdLjXDajD5w4rZ0JH+mJm41x2A76hYp8
FlCMLbeqhWEPtilFhI/zpWQq/C6367iiwKPYEzMn3o1kyc4197Jfib9oYukPnohT
LdFUil0YOiGeoYCKmADG5tcvsXPppbmdoLtbhPwue2EZPVc/Na6gmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:49 2024 by rpki-client on console-fra.rpki-client.org