Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/v9NxTuzx53acB8GGbWuNFQ2WNOY.roa
File:                     v9NxTuzx53acB8GGbWuNFQ2WNOY.roa (raw, json)
Hash identifier:          I4xZNys7i2z5zHWMLlPjTMP6kqcqZoDew6XOtrY6ew4=
Subject key identifier:   BF:D3:71:4E:EC:F1:E7:76:9C:07:C1:86:6D:6B:8D:15:0D:96:34:E6
Certificate issuer:       /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial:       018981B7B295614A6159D04C474894EBA66E
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/v9NxTuzx53acB8GGbWuNFQ2WNOY.roa
Signing time:             Sun 23 Jul 2023 07:47:26 +0000
ROA not before:           Sun 23 Jul 2023 07:47:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39386
IP address blocks:        84.235.56.0/23 maxlen: 23
                          178.86.50.0/24 maxlen: 24
                          84.235.0.0/17 maxlen: 17
                          84.235.0.0/24 maxlen: 24
                          84.235.14.0/24 maxlen: 24
                          37.224.192.0/24 maxlen: 24
                          84.235.95.0/24 maxlen: 24
                          84.235.110.0/24 maxlen: 24
                          84.235.108.0/24 maxlen: 24
                          84.235.111.0/24 maxlen: 24
                          84.235.109.0/24 maxlen: 24
                          84.235.120.0/22 maxlen: 22
                          193.19.244.0/24 maxlen: 24
                          2001:16a0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 09 Oct 2023 05:28:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:81:b7:b2:95:61:4a:61:59:d0:4c:47:48:94:eb:a6:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
        Validity
            Not Before: Jul 23 07:47:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bfd3714eecf1e7769c07c1866d6b8d150d9634e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:98:f2:80:3e:8c:f3:dd:07:a5:e9:4e:20:21:
                    4d:c1:5c:42:5a:a1:f6:5d:d3:31:ef:7f:4c:3e:bf:
                    6b:14:3a:d5:58:33:03:e4:f8:bd:5c:0a:07:5e:59:
                    62:20:45:b0:10:3c:34:79:8a:fa:f3:5f:04:83:66:
                    15:f8:31:fe:51:88:e7:51:de:d3:02:66:7f:9c:88:
                    f4:21:a1:c7:ce:50:3e:83:8f:5f:a3:72:f0:78:6a:
                    d5:e7:a6:24:ea:e6:c6:c7:77:89:be:4f:b9:8a:49:
                    6d:17:45:16:99:25:12:3d:cd:1c:94:aa:35:b7:4e:
                    b3:a9:2c:b4:e0:6d:e3:3a:a5:94:d2:5d:31:00:fa:
                    b1:e7:34:c4:66:80:20:e5:5e:46:03:5c:00:48:78:
                    07:99:a2:92:d3:c2:c0:bc:61:be:71:2e:15:67:11:
                    67:0b:ca:a4:66:95:b9:e9:20:0a:2b:bf:93:f5:5f:
                    8a:78:31:d9:df:0f:61:1a:52:3f:69:d1:54:e6:27:
                    a4:40:eb:38:f5:be:94:db:40:8d:71:5c:32:92:fb:
                    5e:02:31:6d:6d:12:49:38:3e:a2:37:27:8c:de:84:
                    a2:fc:89:5f:d5:f8:00:92:ea:4d:76:10:d2:81:8c:
                    f0:87:65:74:6c:96:cf:8f:8f:51:d3:73:2c:fb:8d:
                    e2:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:D3:71:4E:EC:F1:E7:76:9C:07:C1:86:6D:6B:8D:15:0D:96:34:E6
            X509v3 Authority Key Identifier:
                keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/v9NxTuzx53acB8GGbWuNFQ2WNOY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.224.192.0/24
                  84.235.0.0/17
                  178.86.50.0/24
                  193.19.244.0/24
                IPv6:
                  2001:16a0::/29

    Signature Algorithm: sha256WithRSAEncryption
         47:df:6f:90:28:b7:7d:8b:dd:0b:a1:78:08:5e:5f:0f:49:ee:
         0c:4b:b4:70:e6:fb:04:cd:77:0b:8d:ae:78:7d:ca:99:6d:6c:
         27:a7:77:8e:cb:60:13:8a:91:8a:a1:5b:f3:95:fc:04:4a:3e:
         62:6d:af:fe:c9:79:d3:68:3a:a0:83:28:6f:2c:4b:06:16:d8:
         79:0b:31:c7:58:dd:85:9d:6a:d6:e0:0d:61:49:7c:ce:ee:76:
         6e:5f:b5:7c:b9:df:e6:26:db:5d:52:e5:58:19:7c:d2:04:9f:
         d0:5c:93:d0:a3:38:d0:f6:8e:55:0c:99:8d:90:e7:28:89:21:
         99:a0:23:48:a7:fb:d4:d0:a7:e0:c1:b4:eb:49:69:df:d9:a3:
         03:bc:e1:e5:d2:16:43:58:aa:34:9d:a3:d8:fa:90:db:83:69:
         18:97:66:17:b2:5c:73:28:22:55:d4:7e:93:26:d0:45:7c:b8:
         ef:53:85:0e:8a:ca:66:11:ff:96:9e:97:8b:6b:c0:9c:54:c9:
         8a:91:8f:26:4f:56:b7:12:72:5e:47:ea:b3:41:17:f1:53:de:
         1a:01:89:54:00:42:74:2b:42:4e:34:55:a8:67:6f:2a:1e:5e:
         7b:07:af:20:8c:51:2e:84:49:7c:f9:b6:06:3c:eb:76:30:1d:
         ae:bf:41:4d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYmBt7KVYUphWdBMR0iU66ZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjMwNzIzMDc0NzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmQzNzE0ZWVjZjFlNzc2OWMwN2MxODY2ZDZiOGQxNTBkOTYzNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZjygD6M890HpelOICFNwVxCWqH2
XdMx739MPr9rFDrVWDMD5Pi9XAoHXlliIEWwEDw0eYr6818Eg2YV+DH+UYjnUd7T
AmZ/nIj0IaHHzlA+g49fo3LweGrV56Yk6ubGx3eJvk+5ikltF0UWmSUSPc0clKo1
t06zqSy04G3jOqWU0l0xAPqx5zTEZoAg5V5GA1wASHgHmaKS08LAvGG+cS4VZxFn
C8qkZpW56SAKK7+T9V+KeDHZ3w9hGlI/adFU5iekQOs49b6U20CNcVwykvteAjFt
bRJJOD6iNyeM3oSi/Ilf1fgAkupNdhDSgYzwh2V0bJbPj49R03Ms+43ijQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFL/TcU7s8ed2nAfBhm1rjRUNljTmMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvdjlOeFR1eng1M2FjQjhHR2JXdU5GUTJXTk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1
LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAJeDAAwQH
VOsAAwQAslYyAwQAwRP0MA0EAgACMAcDBQMgARagMA0GCSqGSIb3DQEBCwUAA4IB
AQBH32+QKLd9i90LoXgIXl8PSe4MS7Rw5vsEzXcLja54fcqZbWwnp3eOy2ATipGK
oVvzlfwESj5iba/+yXnTaDqggyhvLEsGFth5CzHHWN2FnWrW4A1hSXzO7nZuX7V8
ud/mJttdUuVYGXzSBJ/QXJPQozjQ9o5VDJmNkOcoiSGZoCNIp/vU0KfgwbTrSWnf
2aMDvOHl0hZDWKo0naPY+pDbg2kYl2YXslxzKCJV1H6TJtBFfLjvU4UOispmEf+W
npeLa8CcVMmKkY8mT1a3EnJeR+qzQRfxU94aAYlUAEJ0K0JONFWoZ28qHl57B68g
jFEuhEl8+bYGPOt2MB2uv0FN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:11 2024 by rpki-client on console-fra.rpki-client.org