Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/lnJghHVs2G3gjxR9IIWwWM0KlSw.roa
File:                     lnJghHVs2G3gjxR9IIWwWM0KlSw.roa (raw, json)
Hash identifier:          vNFlpmWyVoc0FJf1150Gn7LlddLMPJitq0GV4OeZA10=
Subject key identifier:   96:72:60:84:75:6C:D8:6D:E0:8F:14:7D:20:85:B0:58:CD:0A:95:2C
Certificate issuer:       /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial:       0186EB4D2613842AEED3A206C800844F2FDF
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/lnJghHVs2G3gjxR9IIWwWM0KlSw.roa
Signing time:             Thu 16 Mar 2023 16:42:27 +0000
ROA not before:           Thu 16 Mar 2023 16:42:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41436
IP address blocks:        83.229.83.0/24 maxlen: 24
                          83.229.82.0/24 maxlen: 24
                          63.250.56.0/24 maxlen: 24
                          63.250.57.0/24 maxlen: 24
                          185.220.204.0/24 maxlen: 24
                          185.220.205.0/24 maxlen: 24
                          195.238.121.0/24 maxlen: 24
                          45.91.168.0/24 maxlen: 24
                          45.91.169.0/24 maxlen: 24
                          194.146.38.0/24 maxlen: 24
                          194.146.39.0/24 maxlen: 24
                          5.180.180.0/24 maxlen: 24
                          103.45.247.0/24 maxlen: 24
                          5.180.182.0/24 maxlen: 24
                          5.180.183.0/24 maxlen: 24
                          5.180.181.0/24 maxlen: 24
                          2a06:c5c0:200::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 13 Jun 2023 09:07:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:eb:4d:26:13:84:2a:ee:d3:a2:06:c8:00:84:4f:2f:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
        Validity
            Not Before: Mar 16 16:42:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=96726084756cd86de08f147d2085b058cd0a952c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:9d:01:77:e2:8c:a9:ad:be:1b:19:61:8e:e9:
                    10:5a:07:16:3a:fc:aa:37:8a:e1:b0:c6:a2:fa:4d:
                    4d:9b:7e:c4:c4:05:f2:90:bc:da:a9:ec:cf:b0:16:
                    d4:8c:54:71:b3:88:36:e6:d1:83:5f:87:66:9e:38:
                    aa:13:2f:29:95:99:bd:2f:49:1c:9d:db:e1:73:15:
                    5d:d9:0e:2f:76:65:9a:c3:31:57:a2:1a:e5:a4:c8:
                    46:5c:3b:22:2d:15:e1:64:91:db:2e:97:a1:2f:38:
                    b0:15:0a:d5:1a:ee:a0:dd:bc:28:b1:c8:4b:d6:75:
                    81:d6:5f:d1:75:cb:16:fa:62:ae:02:a1:0b:ac:43:
                    6e:5e:cb:36:ff:d5:0a:75:5c:98:d0:e4:f8:62:26:
                    e4:ed:bd:76:a7:91:4d:49:2e:e3:11:b3:f7:97:43:
                    1d:19:57:d6:84:8b:b1:b3:b3:62:dc:40:5d:b3:e3:
                    85:e8:ce:15:d5:24:64:49:2e:35:d6:8a:44:85:44:
                    ed:38:88:96:65:85:34:41:bd:38:6e:ed:5d:01:6a:
                    a4:3f:4f:c7:65:a4:b9:92:7b:ee:5b:fc:d6:a3:db:
                    d9:a8:b4:0f:1f:35:97:a6:33:23:28:29:2b:f4:e6:
                    8f:f0:64:c8:c5:24:f2:65:2f:65:67:e9:41:53:74:
                    1e:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:72:60:84:75:6C:D8:6D:E0:8F:14:7D:20:85:B0:58:CD:0A:95:2C
            X509v3 Authority Key Identifier:
                keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/lnJghHVs2G3gjxR9IIWwWM0KlSw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.180.0/22
                  45.91.168.0/23
                  63.250.56.0/23
                  83.229.82.0/23
                  103.45.247.0/24
                  185.220.204.0/23
                  194.146.38.0/23
                  195.238.121.0/24
                IPv6:
                  2a06:c5c0:200::/48

    Signature Algorithm: sha256WithRSAEncryption
         9f:3b:78:2d:aa:91:01:b8:0f:34:7f:b3:ff:d7:f0:ca:d7:03:
         e0:78:05:75:07:4f:7d:6d:99:c1:bd:a7:a1:82:8e:d5:28:b1:
         8f:e5:ad:6e:e2:78:bf:b0:13:34:2b:42:a4:66:8a:bf:2c:56:
         32:65:5a:f9:fa:90:91:72:b3:d4:5b:f6:c3:3a:0d:7c:3b:80:
         06:86:87:db:02:93:66:ab:2d:a2:ac:a2:a8:11:ba:54:54:08:
         89:26:4c:96:60:72:ac:97:7d:b8:9f:fe:ab:5b:aa:33:fd:0d:
         50:88:84:81:07:76:a7:75:fb:8c:33:20:5c:61:ed:e2:67:c0:
         23:d0:9c:27:d6:c5:2f:b1:2f:04:a0:75:11:95:76:c3:6d:96:
         9e:41:d8:2f:09:b5:af:00:5a:d0:47:be:78:0e:1d:50:8d:e1:
         14:ec:b9:b4:8d:12:8b:98:ec:1d:46:da:fa:09:13:87:65:84:
         00:ae:55:40:41:52:8c:f0:62:92:64:48:ac:fa:89:2d:1d:09:
         51:78:19:e0:3f:96:5f:56:ee:46:49:9d:a1:25:b4:c3:90:93:
         7d:5b:b1:4e:a8:e8:46:12:cf:74:82:2c:af:d6:77:2d:b7:fa:
         f3:8b:f7:16:d8:72:30:a3:d4:48:81:fe:45:0c:14:11:9a:75:
         b3:9e:72:a0
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYbrTSYThCru06IGyACETy/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjMwMzE2MTY0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjcyNjA4NDc1NmNkODZkZTA4ZjE0N2QyMDg1YjA1OGNkMGE5NTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu50Bd+KMqa2+GxlhjukQWgcWOvyq
N4rhsMai+k1Nm37ExAXykLzaqezPsBbUjFRxs4g25tGDX4dmnjiqEy8plZm9L0kc
ndvhcxVd2Q4vdmWawzFXohrlpMhGXDsiLRXhZJHbLpehLziwFQrVGu6g3bwoschL
1nWB1l/RdcsW+mKuAqELrENuXss2/9UKdVyY0OT4Yibk7b12p5FNSS7jEbP3l0Md
GVfWhIuxs7Ni3EBds+OF6M4V1SRkSS411opEhUTtOIiWZYU0Qb04bu1dAWqkP0/H
ZaS5knvuW/zWo9vZqLQPHzWXpjMjKCkr9OaP8GTIxSTyZS9lZ+lBU3QeHwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFJZyYIR1bNht4I8UfSCFsFjNCpUsMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvbG5KZ2hIVnMyRzNnanhSOUlJV3dXTTBLbFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQCBbS0AwQB
LVuoAwQBP/o4AwQBU+VSAwQAZy33AwQBudzMAwQBwpImAwQAw+55MA8EAgACMAkD
BwAqBsXAAgAwDQYJKoZIhvcNAQELBQADggEBAJ87eC2qkQG4DzR/s//X8MrXA+B4
BXUHT31tmcG9p6GCjtUosY/lrW7ieL+wEzQrQqRmir8sVjJlWvn6kJFys9Rb9sM6
DXw7gAaGh9sCk2arLaKsoqgRulRUCIkmTJZgcqyXfbif/qtbqjP9DVCIhIEHdqd1
+4wzIFxh7eJnwCPQnCfWxS+xLwSgdRGVdsNtlp5B2C8Jta8AWtBHvngOHVCN4RTs
ubSNEouY7B1G2voJE4dlhACuVUBBUozwYpJkSKz6iS0dCVF4GeA/ll9W7kZJnaEl
tMOQk31bsU6o6EYSz3SCLK/Wdy23+vOL9xbYcjCj1EiB/kUMFBGadbOecqA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:36 2024 by rpki-client on console-ams.rpki-client.org