Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/B4u-efWE3RoWko_8KmEvT_qxIfY.roa
File:                     B4u-efWE3RoWko_8KmEvT_qxIfY.roa (raw, json)
Hash identifier:          +iSJW0PDtV8DbLEDuAEPxJm3j4PbD1oATLjiTE4FPg8=
Subject key identifier:   07:8B:BE:79:F5:84:DD:1A:16:92:8F:FC:2A:61:2F:4F:FA:B1:21:F6
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       018EA4CF2EDE4A1B3116BEFFBB9513865B9E
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/B4u-efWE3RoWko_8KmEvT_qxIfY.roa
Signing time:             Wed 03 Apr 2024 16:33:45 +0000
ROA not before:           Wed 03 Apr 2024 16:33:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9123
IP address blocks:        80.242.56.0/24 maxlen: 24
                          80.242.57.0/24 maxlen: 24
                          80.242.58.0/24 maxlen: 24
                          92.63.176.0/22 maxlen: 22
                          92.63.176.0/24 maxlen: 24
                          92.63.177.0/24 maxlen: 24
                          92.63.178.0/24 maxlen: 24
                          92.63.179.0/24 maxlen: 24
                          217.78.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 16 Aug 2024 10:39:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a4:cf:2e:de:4a:1b:31:16:be:ff:bb:95:13:86:5b:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Apr  3 16:33:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=078bbe79f584dd1a16928ffc2a612f4ffab121f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a3:b9:18:fe:5d:6e:4a:bb:51:b9:06:de:a0:
                    11:93:96:b2:40:f7:e2:9d:23:7e:43:08:13:43:ca:
                    ae:2e:5d:a5:78:20:d9:b3:74:f1:94:e8:87:6a:b4:
                    b9:08:cd:b8:92:0d:fd:6e:43:cc:6d:ff:d7:07:d3:
                    d0:12:66:d0:4c:ce:3d:08:ed:5e:3e:24:51:4f:36:
                    de:e6:2e:a9:81:b4:bb:8b:23:15:49:3a:ed:9e:e3:
                    98:60:ea:55:e9:87:71:f9:0e:a7:fb:75:66:b4:59:
                    7b:ee:d5:4b:12:41:46:76:5c:c9:f1:a1:c8:36:ef:
                    bb:22:f3:1d:24:29:f5:ca:e6:b6:91:c5:77:4f:63:
                    b9:a7:81:91:76:9d:76:a7:d0:71:93:5e:49:1e:09:
                    70:70:a5:b0:da:27:87:b0:00:46:7c:a0:a6:e8:3d:
                    7b:f0:e7:82:9a:c0:45:c2:2d:67:9a:b6:ce:cb:88:
                    21:0f:29:57:2a:19:ab:8a:e7:62:26:95:fb:22:c1:
                    a5:35:85:61:83:8b:a8:ae:06:6c:6e:8a:1e:53:48:
                    ce:7b:19:52:29:3e:1a:43:87:1a:c6:3f:e4:0d:70:
                    80:0a:0d:b9:6d:93:33:17:d8:f5:cc:08:ca:2b:f4:
                    39:fe:f8:16:f9:17:0f:92:a5:98:56:ec:0c:4d:1f:
                    87:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:8B:BE:79:F5:84:DD:1A:16:92:8F:FC:2A:61:2F:4F:FA:B1:21:F6
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/B4u-efWE3RoWko_8KmEvT_qxIfY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.242.56.0-80.242.58.255
                  92.63.176.0/22
                  217.78.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:30:e6:25:19:4e:57:8b:52:f6:87:95:06:53:85:e8:39:bc:
         ad:82:7e:64:c1:a6:47:ac:29:6b:e1:c0:48:6b:37:d7:f6:ae:
         4e:d7:0b:ca:3a:98:8f:18:9b:87:5d:1d:32:b2:e1:b7:19:59:
         57:77:ac:cc:9a:6d:53:26:d6:25:f5:e4:bf:c5:b0:70:42:28:
         d4:41:4a:76:dc:cf:b3:c8:bc:28:19:69:90:ce:5c:8b:e6:1d:
         7b:1a:18:6c:17:3d:db:f7:3e:c9:a2:c5:11:d4:74:72:ce:34:
         7f:e1:b1:31:48:14:0d:22:98:b2:66:09:9a:35:d5:14:49:47:
         dd:37:4f:26:a5:30:99:29:c1:25:e7:86:29:96:8a:75:94:2d:
         97:b5:b6:83:bb:d9:dc:7e:3e:e5:fc:bb:21:68:18:e5:4c:01:
         7e:25:9f:f0:91:81:a7:18:8f:53:b6:10:4b:7b:a0:30:1f:2e:
         12:44:bc:4e:3b:70:56:25:01:a7:2e:82:9b:36:a9:3b:8c:0c:
         3e:7f:55:0c:05:ec:11:16:8e:f4:0e:56:d6:86:ae:09:9f:fc:
         8f:a1:93:10:c3:07:c7:28:a3:c7:fe:68:a4:31:47:63:62:a0:
         06:f9:45:c0:ba:da:1b:2f:cd:23:6b:77:0d:0f:75:0f:34:0a:
         df:51:99:e3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY6kzy7eShsxFr7/u5UThlueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwNDAzMTYzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzhiYmU3OWY1ODRkZDFhMTY5MjhmZmMyYTYxMmY0ZmZhYjEyMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKO5GP5dbkq7UbkG3qARk5ayQPfi
nSN+QwgTQ8quLl2leCDZs3TxlOiHarS5CM24kg39bkPMbf/XB9PQEmbQTM49CO1e
PiRRTzbe5i6pgbS7iyMVSTrtnuOYYOpV6Ydx+Q6n+3VmtFl77tVLEkFGdlzJ8aHI
Nu+7IvMdJCn1yua2kcV3T2O5p4GRdp12p9Bxk15JHglwcKWw2ieHsABGfKCm6D17
8OeCmsBFwi1nmrbOy4ghDylXKhmriudiJpX7IsGlNYVhg4uorgZsbooeU0jOexlS
KT4aQ4caxj/kDXCACg25bZMzF9j1zAjKK/Q5/vgW+RcPkqWYVuwMTR+HNQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAeLvnn1hN0aFpKP/CphL0/6sSH2MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvQjR1LWVmV0UzUm9Xa29fOEttRXZUX3F4SWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBANQ8jgD
BABQ8joDBAJcP7ADBADZTuowDQYJKoZIhvcNAQELBQADggEBADAw5iUZTleLUvaH
lQZTheg5vK2CfmTBpkesKWvhwEhrN9f2rk7XC8o6mI8Ym4ddHTKy4bcZWVd3rMya
bVMm1iX15L/FsHBCKNRBSnbcz7PIvCgZaZDOXIvmHXsaGGwXPdv3PsmixRHUdHLO
NH/hsTFIFA0imLJmCZo11RRJR903TyalMJkpwSXnhimWinWULZe1toO72dx+PuX8
uyFoGOVMAX4ln/CRgacYj1O2EEt7oDAfLhJEvE47cFYlAacugps2qTuMDD5/VQwF
7BEWjvQOVtaGrgmf/I+hkxDDB8coo8f+aKQxR2NioAb5RcC62hsvzSNrdw0PdQ80
Ct9RmeM=
-----END CERTIFICATE-----
Generated at Fri Aug 16 15:30:37 2024 by rpki-client on console-ams.rpki-client.org