Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/IZMe-kWJNiDI5TQybIsfxkEklLw.roa
File:                     IZMe-kWJNiDI5TQybIsfxkEklLw.roa (raw, json)
Hash identifier:          Oq4cTTtITvgeoblbT8Or1c/SlQ8OTUMVsrCYthGHpjI=
Subject key identifier:   21:93:1E:FA:45:89:36:20:C8:E5:34:32:6C:8B:1F:C6:41:24:94:BC
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       018FCA7887C320CDE58C6B8F61B640886E63
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/IZMe-kWJNiDI5TQybIsfxkEklLw.roa
Signing time:             Thu 30 May 2024 17:07:27 +0000
ROA not before:           Thu 30 May 2024 17:07:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62240
IP address blocks:        2.57.148.0/24 maxlen: 24
                          5.133.110.0/24 maxlen: 24
                          45.88.82.0/24 maxlen: 24
                          45.88.83.0/24 maxlen: 24
                          45.91.161.0/24 maxlen: 24
                          45.132.207.0/24 maxlen: 24
                          45.136.248.0/24 maxlen: 24
                          45.138.145.0/24 maxlen: 24
                          45.143.140.0/24 maxlen: 24
                          45.147.244.0/24 maxlen: 24
                          45.147.245.0/24 maxlen: 24
                          45.147.247.0/24 maxlen: 24
                          80.242.62.0/24 maxlen: 24
                          87.247.143.0/24 maxlen: 24
                          109.94.216.0/24 maxlen: 24
                          109.94.217.0/24 maxlen: 24
                          109.94.218.0/24 maxlen: 24
                          109.94.219.0/24 maxlen: 24
                          192.144.16.0/24 maxlen: 24
                          194.59.12.0/24 maxlen: 24
                          194.156.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Nov 2024 10:33:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:ca:78:87:c3:20:cd:e5:8c:6b:8f:61:b6:40:88:6e:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: May 30 17:07:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=21931efa45893620c8e534326c8b1fc6412494bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:07:ae:eb:14:97:6e:88:87:86:8a:6b:09:d7:
                    44:77:c2:e6:11:af:c8:e4:df:96:f3:da:32:6a:a1:
                    b6:75:4d:d1:83:f8:7f:7f:c1:9e:49:4c:e2:f8:7b:
                    3b:11:8b:25:df:eb:b4:0a:06:71:c4:d5:b5:ee:84:
                    32:57:78:54:c9:f4:bd:1c:db:62:2f:b0:4c:da:09:
                    c2:da:83:e7:4f:a2:37:4f:02:4a:6e:e3:d2:46:77:
                    74:cb:6b:61:cc:b7:94:ee:70:47:f5:c8:13:24:d1:
                    56:a4:c2:59:33:fe:63:d0:65:cc:0e:d9:19:d1:c8:
                    c0:2c:75:90:d5:31:b7:f2:83:fd:81:1e:54:07:7d:
                    27:af:85:5b:b6:57:24:cd:ed:ee:cb:05:96:05:f2:
                    94:c3:e1:03:6c:5a:5a:c4:19:5c:74:b2:51:54:94:
                    88:df:a6:78:22:46:cf:39:76:e7:53:84:0f:d2:57:
                    6e:8b:ee:ef:18:e6:98:20:7c:a3:e0:40:bb:eb:17:
                    26:8c:f1:78:ea:35:b0:68:86:ec:8a:1e:c8:89:84:
                    6d:75:88:f8:ae:1a:30:8b:c8:b6:2e:ae:e6:c0:5c:
                    16:47:b2:70:bd:78:0b:78:7f:f9:72:17:4b:2a:ce:
                    1a:fd:44:62:ab:b7:76:01:3d:48:5b:43:32:d2:82:
                    f4:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:93:1E:FA:45:89:36:20:C8:E5:34:32:6C:8B:1F:C6:41:24:94:BC
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/IZMe-kWJNiDI5TQybIsfxkEklLw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.148.0/24
                  5.133.110.0/24
                  45.88.82.0/23
                  45.91.161.0/24
                  45.132.207.0/24
                  45.136.248.0/24
                  45.138.145.0/24
                  45.143.140.0/24
                  45.147.244.0/23
                  45.147.247.0/24
                  80.242.62.0/24
                  87.247.143.0/24
                  109.94.216.0/22
                  192.144.16.0/24
                  194.59.12.0/24
                  194.156.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:08:82:df:d4:2c:bf:b3:ce:3f:16:9c:c9:82:86:e0:c4:0f:
         7b:db:7c:69:df:7a:b5:2b:4b:06:4a:5e:c3:0c:13:14:8e:43:
         76:f0:4c:9b:c8:9b:f3:39:69:47:73:88:5c:81:0f:f4:ef:5d:
         54:da:38:66:dd:dc:1a:67:e2:68:38:32:c0:36:e7:13:9f:b7:
         8a:44:c7:db:1e:ae:2b:e6:07:82:da:aa:3a:be:c7:ca:de:19:
         35:d3:2a:75:f3:b2:38:aa:49:d2:6b:81:81:f3:f7:5b:fe:d4:
         e1:02:88:dd:72:f2:ef:b9:bd:ef:aa:b4:ac:0a:6d:d4:c4:21:
         99:72:18:5c:ac:2f:f2:36:ea:69:58:6a:60:e8:dc:a2:67:89:
         76:31:7e:c9:a1:c6:77:38:34:21:e0:c1:c1:1b:6c:72:bf:1c:
         da:3e:6a:49:d7:5e:dc:9d:4a:c2:09:6b:a7:54:f3:bc:cb:a9:
         22:91:7c:29:50:39:1c:16:92:83:ed:ee:0d:46:26:d5:c7:d8:
         29:50:fb:25:d1:cb:f4:92:19:da:3f:ed:16:18:58:b6:62:dd:
         f3:07:4a:b8:a4:69:84:22:7d:48:63:c1:12:d1:74:33:f2:5a:
         b0:bf:c1:69:39:68:c8:88:4d:02:35:fd:67:d1:c4:17:ca:93:
         60:71:34:14
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY/KeIfDIM3ljGuPYbZAiG5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwNTMwMTcwNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTkzMWVmYTQ1ODkzNjIwYzhlNTM0MzI2YzhiMWZjNjQxMjQ5NGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgeu6xSXboiHhoprCddEd8LmEa/I
5N+W89oyaqG2dU3Rg/h/f8GeSUzi+Hs7EYsl3+u0CgZxxNW17oQyV3hUyfS9HNti
L7BM2gnC2oPnT6I3TwJKbuPSRnd0y2thzLeU7nBH9cgTJNFWpMJZM/5j0GXMDtkZ
0cjALHWQ1TG38oP9gR5UB30nr4Vbtlckze3uywWWBfKUw+EDbFpaxBlcdLJRVJSI
36Z4IkbPOXbnU4QP0ldui+7vGOaYIHyj4EC76xcmjPF46jWwaIbsih7IiYRtdYj4
rhowi8i2Lq7mwFwWR7JwvXgLeH/5chdLKs4a/URiq7d2AT1IW0My0oL0kwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFCGTHvpFiTYgyOU0MmyLH8ZBJJS8MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvSVpNZS1rV0pOaURJNVRReWJJc2Z4a0VrbEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAAjmUAwQA
BYVuAwQBLVhSAwQALVuhAwQALYTPAwQALYj4AwQALYqRAwQALY+MAwQBLZP0AwQA
LZP3AwQAUPI+AwQAV/ePAwQCbV7YAwQAwJAQAwQAwjsMAwQAwpwBMA0GCSqGSIb3
DQEBCwUAA4IBAQArCILf1Cy/s84/FpzJgobgxA9723xp33q1K0sGSl7DDBMUjkN2
8EybyJvzOWlHc4hcgQ/0711U2jhm3dwaZ+JoODLANucTn7eKRMfbHq4r5geC2qo6
vsfK3hk10yp187I4qknSa4GB8/db/tThAojdcvLvub3vqrSsCm3UxCGZchhcrC/y
NuppWGpg6NyiZ4l2MX7JocZ3ODQh4MHBG2xyvxzaPmpJ117cnUrCCWunVPO8y6ki
kXwpUDkcFpKD7e4NRibVx9gpUPsl0cv0khnaP+0WGFi2Yt3zB0q4pGmEIn1IY8ES
0XQz8lqwv8FpOWjIiE0CNf1n0cQXypNgcTQU
-----END CERTIFICATE-----
Generated at Tue Nov 19 13:17:35 2024 by rpki-client on console-fra.rpki-client.org