Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/5keaPJQcSdPb6iA5upmIiOuihU4.roa
File:                     5keaPJQcSdPb6iA5upmIiOuihU4.roa (raw, json)
Hash identifier:          0P8eksvHlhHvndrxmXDIagwTPdICQSgKEu4oJrq89dQ=
Subject key identifier:   E6:47:9A:3C:94:1C:49:D3:DB:EA:20:39:BA:99:88:88:EB:A2:85:4E
Certificate issuer:       /CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
Certificate serial:       0189B160295C11E1E3A5D9EB493376AEDABA
Authority key identifier: 1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/5keaPJQcSdPb6iA5upmIiOuihU4.roa
Signing time:             Tue 01 Aug 2023 13:53:36 +0000
ROA not before:           Tue 01 Aug 2023 13:53:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39657
IP address blocks:        185.63.12.0/22 maxlen: 24
                          81.93.32.0/20 maxlen: 24
                          81.93.32.0/22 maxlen: 22
                          81.93.32.0/21 maxlen: 21
                          81.93.36.0/22 maxlen: 22
                          81.93.40.0/21 maxlen: 21
                          81.93.40.0/22 maxlen: 22
                          81.93.44.0/22 maxlen: 22
                          93.88.32.0/22 maxlen: 22
                          93.88.32.0/20 maxlen: 24
                          93.88.36.0/22 maxlen: 24
                          93.88.40.0/22 maxlen: 22
                          81.30.16.0/20 maxlen: 20
                          93.88.44.0/22 maxlen: 22
                          81.30.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 03 Aug 2023 12:56:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b1:60:29:5c:11:e1:e3:a5:d9:eb:49:33:76:ae:da:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
        Validity
            Not Before: Aug  1 13:53:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e6479a3c941c49d3dbea2039ba998888eba2854e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c6:0e:c8:77:d6:9c:b9:cf:8c:67:43:44:bc:
                    1f:f6:2a:3c:5c:f4:87:7c:a2:b1:2e:d9:c3:44:4a:
                    24:86:07:20:ed:70:21:e1:b9:30:eb:d3:da:bd:64:
                    d9:ac:d4:ae:b1:33:cc:f3:1d:c9:ac:bc:a9:9d:d5:
                    cc:8f:b5:7d:28:5b:5d:c0:08:e5:6e:9d:0d:fd:d1:
                    94:88:27:63:b1:6f:ee:25:7a:33:fc:af:6d:36:f5:
                    58:bb:cc:95:48:12:d4:47:00:50:f6:4f:ed:65:b9:
                    df:e5:4a:9e:33:8b:13:92:3c:18:9a:f8:f8:77:c5:
                    62:4e:ca:fd:75:92:f1:f0:8f:f1:e2:25:19:8a:63:
                    94:7d:5f:9c:c7:0a:f2:4e:a5:ed:76:38:82:86:ea:
                    fa:bf:4c:dd:f5:58:23:a7:b9:2f:41:db:c1:93:1a:
                    a1:d0:8e:50:22:34:63:d5:9a:61:4e:15:19:9b:27:
                    a0:b2:a9:a1:f1:d4:6b:29:71:1d:cb:59:4a:56:37:
                    e5:6f:5d:15:2e:32:94:50:24:0a:22:72:6b:73:48:
                    af:f3:6d:5b:c5:44:6b:60:43:91:4a:f9:b6:9a:63:
                    bb:66:6d:04:ea:fc:a0:2e:87:96:e3:89:70:84:36:
                    80:de:70:68:bd:d6:ef:0c:97:78:a7:c2:e1:76:19:
                    34:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:47:9A:3C:94:1C:49:D3:DB:EA:20:39:BA:99:88:88:EB:A2:85:4E
            X509v3 Authority Key Identifier:
                keyid:1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/5keaPJQcSdPb6iA5upmIiOuihU4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/GuHHqgs5XgYS7EI_4H-wOJqqQAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.30.16.0/20
                  81.93.32.0/20
                  93.88.32.0/20
                  185.63.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ac:7f:8e:52:c6:b9:06:66:e7:a8:62:00:1a:83:ea:c7:5f:dc:
         06:81:2c:1a:99:da:80:09:ed:6d:af:8e:1e:11:a3:be:6e:b1:
         68:15:0d:9c:ec:9a:35:d9:0b:6a:1f:58:2a:ca:5e:7c:c1:b8:
         7d:cb:92:43:c6:07:1d:32:41:79:15:12:9e:a7:04:9d:2e:bf:
         e0:38:0c:11:78:80:09:bd:8d:eb:d6:d6:dc:06:1f:a1:0b:d6:
         1b:e1:31:7c:b3:56:5c:a4:16:ac:b6:a8:e4:cd:85:9c:1b:40:
         35:19:86:b6:cb:80:48:43:b3:3b:2a:0e:00:bb:96:bc:41:69:
         c6:a6:a6:6d:23:f4:d1:0e:1d:f0:d6:5e:7c:51:6a:a5:ef:10:
         1f:18:36:44:fb:37:32:a5:00:24:0f:bd:04:7f:07:6c:be:d5:
         e4:53:9c:28:0e:84:2c:18:e0:0b:9a:7a:fd:86:25:54:01:57:
         d9:1e:09:fc:5f:04:1b:9b:2f:cb:b7:8d:cb:dd:44:11:65:e8:
         18:e0:92:1e:02:30:74:a3:7a:2b:7a:84:59:2f:62:ea:2a:e4:
         d9:52:72:44:cd:ee:2a:c2:74:99:47:12:36:99:ca:81:0c:51:
         41:3c:0f:48:d3:10:5b:99:e5:69:53:7f:23:62:49:42:2d:c6:
         3b:ae:10:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmxYClcEeHjpdnrSTN2rtq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZTFjN2FhMGIzOTVlMDYxMmVjNDIzZmUwN2ZiMDM4OWFh
YTQwMDMwHhcNMjMwODAxMTM1MzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ3OWEzYzk0MWM0OWQzZGJlYTIwMzliYTk5ODg4OGViYTI4NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncYOyHfWnLnPjGdDRLwf9io8XPSH
fKKxLtnDREokhgcg7XAh4bkw69PavWTZrNSusTPM8x3JrLypndXMj7V9KFtdwAjl
bp0N/dGUiCdjsW/uJXoz/K9tNvVYu8yVSBLURwBQ9k/tZbnf5UqeM4sTkjwYmvj4
d8ViTsr9dZLx8I/x4iUZimOUfV+cxwryTqXtdjiChur6v0zd9Vgjp7kvQdvBkxqh
0I5QIjRj1ZphThUZmyegsqmh8dRrKXEdy1lKVjflb10VLjKUUCQKInJrc0iv821b
xURrYEORSvm2mmO7Zm0E6vygLoeW44lwhDaA3nBovdbvDJd4p8Lhdhk0OQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOZHmjyUHEnT2+ogObqZiIjrooVOMB8GA1UdIwQY
MBaAFBrhx6oLOV4GEuxCP+B/sDiaqkADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3VISHFnczVYZ1lTN0VJXzRILXdPSnFxUUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9hYmU2MjgtZmNlNy00NDdlLTg1M2Ut
OTRmZGM5ZmJkY2FjLzEvNWtlYVBKUWNTZFBiNmlBNXVwbUlpT3VpaFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9hYmU2MjgtZmNlNy00NDdlLTg1M2UtOTRmZGM5ZmJkY2Fj
LzEvR3VISHFnczVYZ1lTN0VJXzRILXdPSnFxUUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEUR4QAwQE
UV0gAwQEXVggAwQCuT8MMA0GCSqGSIb3DQEBCwUAA4IBAQCsf45SxrkGZueoYgAa
g+rHX9wGgSwamdqACe1tr44eEaO+brFoFQ2c7Jo12QtqH1gqyl58wbh9y5JDxgcd
MkF5FRKepwSdLr/gOAwReIAJvY3r1tbcBh+hC9Yb4TF8s1ZcpBastqjkzYWcG0A1
GYa2y4BIQ7M7Kg4Au5a8QWnGpqZtI/TRDh3w1l58UWql7xAfGDZE+zcypQAkD70E
fwdsvtXkU5woDoQsGOALmnr9hiVUAVfZHgn8XwQbmy/Lt43L3UQRZegY4JIeAjB0
o3oreoRZL2LqKuTZUnJEze4qwnSZRxI2mcqBDFFBPA9I0xBbmeVpU38jYklCLcY7
rhCk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:16 2024 by rpki-client on console-ams.rpki-client.org