Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/BGhAggURcjU8Ybr2-rBXuxNnJpk.roa
File:                     BGhAggURcjU8Ybr2-rBXuxNnJpk.roa (raw, json)
Hash identifier:          4uqEWJQP0YKxYeCmTvsomD7qdT9d09HGebnMTyE8kaE=
Subject key identifier:   04:68:40:82:05:11:72:35:3C:61:BA:F6:FA:B0:57:BB:13:67:26:99
Certificate issuer:       /CN=acb54bcc49291a1f32b7cead4f296882d0531492
Certificate serial:       01856FD503885F5E17D150903210A602CE67
Authority key identifier: AC:B5:4B:CC:49:29:1A:1F:32:B7:CE:AD:4F:29:68:82:D0:53:14:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rLVLzEkpGh8yt86tTylogtBTFJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/BGhAggURcjU8Ybr2-rBXuxNnJpk.roa
Signing time:             Mon 02 Jan 2023 00:15:09 +0000
ROA not before:           Mon 02 Jan 2023 00:15:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59554
IP address blocks:        5.178.112.0/21 maxlen: 21
                          185.105.76.0/22 maxlen: 22
                          2a01:9b40::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 31 Jul 2023 14:14:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d5:03:88:5f:5e:17:d1:50:90:32:10:a6:02:ce:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=acb54bcc49291a1f32b7cead4f296882d0531492
        Validity
            Not Before: Jan  2 00:15:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04684082051172353c61baf6fab057bb13672699
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e5:d3:48:0b:3b:56:c4:e3:06:9c:56:f7:68:
                    5c:51:c1:84:88:16:8a:63:f3:52:b6:74:65:07:e4:
                    de:10:56:e6:a4:4a:c6:05:ea:e0:36:7a:d0:8d:df:
                    3c:6f:9c:ef:1c:16:5e:74:84:29:8c:d7:ff:9c:d8:
                    bd:1a:66:64:b5:8e:bc:c9:25:b6:fb:f2:2e:b9:06:
                    eb:59:b2:44:dd:7c:35:b5:02:32:5e:23:46:10:81:
                    da:d9:23:e4:23:7d:e9:fb:e9:24:2a:21:04:43:95:
                    4b:66:10:06:70:1e:b2:76:67:01:8c:c0:85:ce:59:
                    c3:1e:ea:9e:0f:8c:30:c7:c8:e4:e4:0d:34:86:45:
                    f7:e4:84:75:3e:5f:a6:73:4b:4b:0b:76:64:20:7b:
                    1b:19:e1:c0:5e:4d:a1:98:d3:a6:90:d0:62:88:2c:
                    6d:2d:38:bf:b8:e9:80:b1:e9:59:f5:6b:da:be:d4:
                    a7:9d:68:c3:34:46:69:0f:ee:cf:19:e6:ee:47:f1:
                    be:6a:e5:55:94:fc:60:13:86:3f:ce:3a:17:e9:4c:
                    f0:1b:93:0c:bf:16:2b:8c:fe:e4:be:2b:48:c0:8c:
                    d2:73:5e:0b:31:1e:ec:f6:b3:d8:86:d6:f6:a1:a7:
                    86:3d:21:9a:7f:bc:ca:96:28:60:9e:3e:8e:82:5f:
                    2b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:68:40:82:05:11:72:35:3C:61:BA:F6:FA:B0:57:BB:13:67:26:99
            X509v3 Authority Key Identifier:
                keyid:AC:B5:4B:CC:49:29:1A:1F:32:B7:CE:AD:4F:29:68:82:D0:53:14:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rLVLzEkpGh8yt86tTylogtBTFJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/BGhAggURcjU8Ybr2-rBXuxNnJpk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/rLVLzEkpGh8yt86tTylogtBTFJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.178.112.0/21
                  185.105.76.0/22
                IPv6:
                  2a01:9b40::/32

    Signature Algorithm: sha256WithRSAEncryption
         1a:a7:83:e9:dd:7d:15:bd:95:91:8e:e1:43:b7:a0:b6:c9:11:
         29:84:58:05:36:51:f4:f9:cd:7f:7b:2f:97:68:75:77:2c:cd:
         26:25:70:66:f6:70:b6:05:d5:df:22:cb:4f:83:0f:6b:c4:3c:
         13:5a:40:42:8e:1c:75:09:2c:d6:f4:b4:1c:1f:14:e8:b0:1f:
         fd:79:fc:38:99:9f:68:ba:bb:ce:7a:26:1c:ce:28:98:26:28:
         0c:93:35:67:fb:0e:39:6d:d0:d6:8b:af:d2:73:48:54:01:73:
         ff:94:2c:d2:1b:0d:39:95:53:6e:ea:93:fc:97:cd:00:05:c1:
         48:9a:11:fa:85:5f:42:86:d6:99:82:8f:ba:7a:ce:70:70:c9:
         19:8f:e4:3b:1d:19:30:1b:8e:f8:44:ab:0b:a5:fe:4d:95:1c:
         61:e0:18:c8:d6:b1:0a:20:f3:2b:2a:ed:db:ee:ba:92:41:fc:
         96:95:7f:41:a4:d0:59:a2:8a:20:d8:b7:84:15:ed:7f:12:ba:
         ca:89:fe:28:32:93:80:18:fb:f4:86:59:ae:54:06:d0:64:64:
         a3:a9:1e:a5:7a:aa:e9:a6:e6:7d:01:6d:68:32:3f:4f:99:90:
         32:5e:f9:cd:87:9c:db:5c:b9:8d:2d:01:4e:e8:90:da:b5:df:
         78:2e:33:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVv1QOIX14X0VCQMhCmAs5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYjU0YmNjNDkyOTFhMWYzMmI3Y2VhZDRmMjk2ODgyZDA1
MzE0OTIwHhcNMjMwMTAyMDAxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDY4NDA4MjA1MTE3MjM1M2M2MWJhZjZmYWIwNTdiYjEzNjcyNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOXTSAs7VsTjBpxW92hcUcGEiBaK
Y/NStnRlB+TeEFbmpErGBergNnrQjd88b5zvHBZedIQpjNf/nNi9GmZktY68ySW2
+/IuuQbrWbJE3Xw1tQIyXiNGEIHa2SPkI33p++kkKiEEQ5VLZhAGcB6ydmcBjMCF
zlnDHuqeD4wwx8jk5A00hkX35IR1Pl+mc0tLC3ZkIHsbGeHAXk2hmNOmkNBiiCxt
LTi/uOmAselZ9WvavtSnnWjDNEZpD+7PGebuR/G+auVVlPxgE4Y/zjoX6UzwG5MM
vxYrjP7kvitIwIzSc14LMR7s9rPYhtb2oaeGPSGaf7zKlihgnj6Ogl8rowIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFARoQIIFEXI1PGG69vqwV7sTZyaZMB8GA1UdIwQY
MBaAFKy1S8xJKRofMrfOrU8paILQUxSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckxWTHpFa3BHaDh5dDg2dFR5bG9ndEJURkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jZDJiZGQtZDNjNC00ZDYwLWIwOTYt
YWYzYTY4NWQ1NzlmLzEvQkdoQWdnVVJjalU4WWJyMi1yQlh1eE5uSnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jZDJiZGQtZDNjNC00ZDYwLWIwOTYtYWYzYTY4NWQ1Nzlm
LzEvckxWTHpFa3BHaDh5dDg2dFR5bG9ndEJURkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBbJwAwQC
uWlMMA0EAgACMAcDBQAqAZtAMA0GCSqGSIb3DQEBCwUAA4IBAQAap4Pp3X0VvZWR
juFDt6C2yREphFgFNlH0+c1/ey+XaHV3LM0mJXBm9nC2BdXfIstPgw9rxDwTWkBC
jhx1CSzW9LQcHxTosB/9efw4mZ9ourvOeiYcziiYJigMkzVn+w45bdDWi6/Sc0hU
AXP/lCzSGw05lVNu6pP8l80ABcFImhH6hV9ChtaZgo+6es5wcMkZj+Q7HRkwG474
RKsLpf5NlRxh4BjI1rEKIPMrKu3b7rqSQfyWlX9BpNBZooog2LeEFe1/ErrKif4o
MpOAGPv0hlmuVAbQZGSjqR6leqrppuZ9AW1oMj9PmZAyXvnNh5zbXLmNLQFO6JDa
td94LjN7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:36 2024 by rpki-client on console-fra.rpki-client.org