Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/RIZzDwe_LgjGiC0xo_urGRQ-h0M.roa
File:                     RIZzDwe_LgjGiC0xo_urGRQ-h0M.roa (raw, json)
Hash identifier:          c6dA1IPY/x9sVhQNXRykSQqzV5Otjdln0tibJ8zFx40=
Subject key identifier:   44:86:73:0F:07:BF:2E:08:C6:88:2D:31:A3:FB:AB:19:14:3E:87:43
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       0189654A90B14F3E61618B5ECC59E06D00C6
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/RIZzDwe_LgjGiC0xo_urGRQ-h0M.roa
Signing time:             Mon 17 Jul 2023 19:18:52 +0000
ROA not before:           Mon 17 Jul 2023 19:18:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        194.156.1.0/24 maxlen: 24
                          2.57.148.0/24 maxlen: 24
                          5.133.110.0/24 maxlen: 24
                          45.143.140.0/24 maxlen: 24
                          192.144.16.0/24 maxlen: 24
                          194.59.12.0/24 maxlen: 24
                          45.91.161.0/24 maxlen: 24
                          45.88.83.0/24 maxlen: 24
                          45.88.82.0/24 maxlen: 24
                          87.247.143.0/24 maxlen: 24
                          45.138.145.0/24 maxlen: 24
                          109.94.217.0/24 maxlen: 24
                          109.94.216.0/24 maxlen: 24
                          109.94.219.0/24 maxlen: 24
                          109.94.218.0/24 maxlen: 24
                          45.136.248.0/24 maxlen: 24
                          45.147.244.0/24 maxlen: 24
                          45.147.245.0/24 maxlen: 24
                          45.132.207.0/24 maxlen: 24
                          45.147.247.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 18 Aug 2023 08:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:65:4a:90:b1:4f:3e:61:61:8b:5e:cc:59:e0:6d:00:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Jul 17 19:18:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4486730f07bf2e08c6882d31a3fbab19143e8743
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:27:d3:01:30:98:38:74:68:44:bf:4e:ca:49:
                    0e:96:2f:b7:68:63:33:51:f5:eb:ba:aa:8c:48:82:
                    7a:01:a2:9d:a3:0b:1d:e0:26:3c:09:f4:09:35:91:
                    fe:61:6f:52:cf:cd:51:68:76:3f:16:29:6a:2b:4c:
                    79:97:83:ff:fb:51:03:60:dc:ab:bf:85:c1:0f:6d:
                    62:61:dc:f3:49:6b:9b:5a:50:c4:5f:64:ec:ba:a0:
                    6e:77:10:bf:b3:f0:f7:56:15:4a:8f:b5:f5:07:29:
                    51:0b:09:60:da:d0:db:62:f1:49:2b:7a:f2:aa:5b:
                    0b:8e:45:e9:1e:52:75:38:c9:9a:08:ae:93:ea:0f:
                    f4:a0:d6:9f:b8:a4:a3:2a:a6:8e:b5:92:89:7a:0e:
                    3b:44:2c:36:f0:9c:3d:5f:d2:8b:96:c0:dd:14:02:
                    dd:a0:2b:21:a4:f1:ce:d4:ea:ed:05:92:a0:ea:cf:
                    b3:82:7f:d5:b5:a5:91:68:6d:d3:14:ad:55:dd:73:
                    49:a6:38:51:b2:e7:c0:62:e0:d3:8a:c9:92:03:c5:
                    18:55:a1:5c:67:7e:ea:5c:1c:65:9c:5a:43:fe:29:
                    f7:d9:42:a9:bf:64:73:ec:76:af:17:a0:3b:76:2e:
                    69:ad:47:40:57:71:55:66:27:30:00:fb:6a:a6:29:
                    2d:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:86:73:0F:07:BF:2E:08:C6:88:2D:31:A3:FB:AB:19:14:3E:87:43
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/RIZzDwe_LgjGiC0xo_urGRQ-h0M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.148.0/24
                  5.133.110.0/24
                  45.88.82.0/23
                  45.91.161.0/24
                  45.132.207.0/24
                  45.136.248.0/24
                  45.138.145.0/24
                  45.143.140.0/24
                  45.147.244.0/23
                  45.147.247.0/24
                  87.247.143.0/24
                  109.94.216.0/22
                  192.144.16.0/24
                  194.59.12.0/24
                  194.156.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:1b:f4:de:85:81:63:40:a4:c9:f6:b4:c4:d1:a1:e7:6b:36:
         aa:cb:21:6a:d5:bb:ff:7f:c9:ce:29:2e:ae:b8:5e:49:96:8b:
         4c:7d:0f:e2:13:6b:e3:93:c9:a9:d2:ce:ac:6d:27:25:88:55:
         a9:d5:26:e6:f8:96:bb:e7:d1:5e:95:4d:97:d8:a5:a8:c4:57:
         d6:37:56:97:c6:b2:8e:fc:58:a7:95:89:18:4f:a2:eb:39:24:
         68:f6:7f:4f:52:92:7f:e0:fe:8e:1f:d2:9e:83:e8:4c:cd:5a:
         de:ae:9c:38:56:12:1f:b6:76:f6:dc:c2:a9:57:33:13:28:e0:
         17:96:88:5c:de:2a:3d:27:0d:49:e3:64:f3:69:0d:ff:86:56:
         44:f1:a1:d2:97:3c:7a:1e:76:65:5f:68:3e:b9:2c:c7:8f:f7:
         42:b4:92:00:b8:0f:5c:5b:89:07:d5:65:70:ef:95:6e:d6:9a:
         be:74:a1:f1:8d:61:4c:a6:cb:72:49:45:f6:d3:8c:55:dd:75:
         05:9d:0a:2b:bc:83:bb:84:ed:9f:bd:e3:e9:6f:f5:41:22:e0:
         fb:eb:84:16:4d:0b:c8:33:5f:a4:13:e6:11:72:9d:ba:7c:47:
         65:aa:4b:f1:c1:7a:8e:2c:0b:57:6a:7e:b8:26:94:47:ce:fb:
         e0:55:f0:42
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYllSpCxTz5hYYtezFngbQDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjMwNzE3MTkxODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg2NzMwZjA3YmYyZTA4YzY4ODJkMzFhM2ZiYWIxOTE0M2U4NzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyfTATCYOHRoRL9OykkOli+3aGMz
UfXruqqMSIJ6AaKdowsd4CY8CfQJNZH+YW9Sz81RaHY/FilqK0x5l4P/+1EDYNyr
v4XBD21iYdzzSWubWlDEX2TsuqBudxC/s/D3VhVKj7X1BylRCwlg2tDbYvFJK3ry
qlsLjkXpHlJ1OMmaCK6T6g/0oNafuKSjKqaOtZKJeg47RCw28Jw9X9KLlsDdFALd
oCshpPHO1OrtBZKg6s+zgn/VtaWRaG3TFK1V3XNJpjhRsufAYuDTismSA8UYVaFc
Z37qXBxlnFpD/in32UKpv2Rz7HavF6A7di5prUdAV3FVZicwAPtqpiktoQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFESGcw8Hvy4IxogtMaP7qxkUPodDMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvUklaekR3ZV9MZ2pHaUMweG9fdXJHUlEtaDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAAjmUAwQA
BYVuAwQBLVhSAwQALVuhAwQALYTPAwQALYj4AwQALYqRAwQALY+MAwQBLZP0AwQA
LZP3AwQAV/ePAwQCbV7YAwQAwJAQAwQAwjsMAwQAwpwBMA0GCSqGSIb3DQEBCwUA
A4IBAQBAG/TehYFjQKTJ9rTE0aHnazaqyyFq1bv/f8nOKS6uuF5JlotMfQ/iE2vj
k8mp0s6sbScliFWp1Sbm+Ja759FelU2X2KWoxFfWN1aXxrKO/FinlYkYT6LrOSRo
9n9PUpJ/4P6OH9Keg+hMzVrerpw4VhIftnb23MKpVzMTKOAXlohc3io9Jw1J42Tz
aQ3/hlZE8aHSlzx6HnZlX2g+uSzHj/dCtJIAuA9cW4kH1WVw75Vu1pq+dKHxjWFM
pstySUX204xV3XUFnQorvIO7hO2fvePpb/VBIuD764QWTQvIM1+kE+YRcp26fEdl
qkvxwXqOLAtXan64JpRHzvvgVfBC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:38 2024 by rpki-client on console-ams.rpki-client.org