Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/M5B16CB_sbB3wNC_tdRYf6QN6qc.roa
File:                     M5B16CB_sbB3wNC_tdRYf6QN6qc.roa (raw, json)
Hash identifier:          tevJNk+hRATOMcJOS7x39j215ZPJ0nNRV8n0VNVI4Fk=
Subject key identifier:   33:90:75:E8:20:7F:B1:B0:77:C0:D0:BF:B5:D4:58:7F:A4:0D:EA:A7
Certificate issuer:       /CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
Certificate serial:       0187658BF09CCC191C0D52AADE2DB5F2774D
Authority key identifier: 3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/M5B16CB_sbB3wNC_tdRYf6QN6qc.roa
Signing time:             Sun 09 Apr 2023 10:24:42 +0000
ROA not before:           Sun 09 Apr 2023 10:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39891
IP address blocks:        212.215.208.0/22 maxlen: 22
                          212.215.212.0/22 maxlen: 22
                          212.215.216.0/22 maxlen: 22
                          212.215.232.0/22 maxlen: 22
                          212.215.238.0/24 maxlen: 24
                          212.215.129.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:65:8b:f0:9c:cc:19:1c:0d:52:aa:de:2d:b5:f2:77:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
        Validity
            Not Before: Apr  9 10:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=339075e8207fb1b077c0d0bfb5d4587fa40deaa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:70:89:3a:1b:e1:99:8a:56:74:a6:2e:fd:93:
                    56:92:76:59:e0:dc:25:5b:66:25:71:d1:22:82:36:
                    0c:27:12:25:1a:f4:b7:7d:62:61:73:9d:d3:8a:48:
                    61:d6:68:7c:45:02:68:1b:c8:cb:26:c7:f6:b6:d1:
                    1c:34:fa:9d:fb:a8:5d:b6:15:e7:08:01:ea:30:4e:
                    52:35:c9:7d:a6:21:17:8b:a9:1b:df:d6:0c:1e:a2:
                    44:56:24:67:6c:6a:87:7f:4c:4b:5e:da:09:c0:40:
                    ed:ee:aa:24:b2:08:74:5d:88:3c:30:c6:9c:7f:83:
                    dd:9e:e0:84:62:2c:0f:a6:1a:c3:8a:ee:41:82:31:
                    5b:4c:5d:2f:c3:2f:d2:38:74:93:3a:35:2a:79:f8:
                    22:58:3c:fe:18:c3:23:20:77:d0:1f:4e:47:f7:17:
                    8d:df:34:6a:62:25:19:b7:e8:aa:41:d4:b7:bd:a4:
                    c3:90:ea:6e:8e:1e:86:4f:32:b8:e2:f3:ca:7f:55:
                    ca:78:43:3a:f3:87:07:6b:7a:08:c9:3e:92:bd:42:
                    c7:49:d4:df:67:c3:86:44:e2:92:d0:fa:f1:e1:08:
                    b9:98:e2:16:87:e7:ef:d2:0b:99:ec:cc:40:f0:a8:
                    59:19:08:f3:4e:4e:39:40:13:65:61:c7:56:cd:84:
                    ad:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:90:75:E8:20:7F:B1:B0:77:C0:D0:BF:B5:D4:58:7F:A4:0D:EA:A7
            X509v3 Authority Key Identifier:
                keyid:3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/M5B16CB_sbB3wNC_tdRYf6QN6qc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.215.129.0/24
                  212.215.208.0-212.215.219.255
                  212.215.232.0/22
                  212.215.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:f9:42:d0:c4:70:51:0f:b8:80:c5:2c:94:90:be:7f:d0:cd:
         ae:ba:c3:f3:24:e7:f0:50:7b:ca:af:3c:3f:42:fa:d6:a1:6d:
         2c:bf:82:b2:77:9e:52:c3:b9:6c:50:9f:48:ac:d3:f7:29:a2:
         c9:52:a2:f1:7e:80:7e:03:7a:9a:3f:ba:ac:a1:51:44:fe:9a:
         9a:6e:ae:65:14:47:f1:5d:a0:0e:1d:09:59:27:ee:51:75:c2:
         69:0f:89:64:5b:04:d5:2d:ac:4a:e6:f5:33:47:da:50:68:43:
         8e:65:d3:26:dc:20:fc:77:03:15:9c:63:73:63:f8:51:e8:7c:
         7a:f6:e1:cb:51:b7:e4:e3:9c:fb:de:57:21:56:5a:5b:07:db:
         2a:88:f5:a7:ae:2d:e1:2f:8b:07:9c:0e:12:ba:1a:3c:11:cc:
         e2:04:84:33:2b:11:3d:f5:eb:e8:aa:31:53:06:6f:27:46:82:
         e0:32:04:21:19:58:ef:82:60:0b:bf:dc:e4:5b:c1:36:8e:cf:
         31:ae:67:a0:c7:72:1d:22:15:41:ea:5c:8c:aa:d0:56:70:91:
         1e:c8:e4:5c:00:fe:f5:1f:39:cc:79:ca:ae:ab:d9:68:3d:77:
         92:05:c5:aa:06:c1:35:d3:b2:12:43:f8:8a:00:c5:02:e3:36:
         d4:6f:c9:43
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYdli/CczBkcDVKq3i218ndNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiY2NiYzcwZTE4YjZjNjllNTNlZjUyYTVlOTI1ZTVmNGYw
Y2RjYzEwHhcNMjMwNDA5MTAyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzkwNzVlODIwN2ZiMWIwNzdjMGQwYmZiNWQ0NTg3ZmE0MGRlYWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHCJOhvhmYpWdKYu/ZNWknZZ4Nwl
W2YlcdEigjYMJxIlGvS3fWJhc53Tikhh1mh8RQJoG8jLJsf2ttEcNPqd+6hdthXn
CAHqME5SNcl9piEXi6kb39YMHqJEViRnbGqHf0xLXtoJwEDt7qoksgh0XYg8MMac
f4PdnuCEYiwPphrDiu5BgjFbTF0vwy/SOHSTOjUqefgiWDz+GMMjIHfQH05H9xeN
3zRqYiUZt+iqQdS3vaTDkOpujh6GTzK44vPKf1XKeEM684cHa3oIyT6SvULHSdTf
Z8OGROKS0Prx4Qi5mOIWh+fv0guZ7MxA8KhZGQjzTk45QBNlYcdWzYSt9QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDOQdeggf7Gwd8DQv7XUWH+kDeqnMB8GA1UdIwQY
MBaAFDvMvHDhi2xp5T71Kl6SXl9PDNzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgt
YmJlNjBlYTIyMmM1LzEvTTVCMTZDQl9zYkIzd05DX3RkUllmNlFONnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgtYmJlNjBlYTIyMmM1
LzEvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQA1NeBMAwD
BATU19ADBALU19gDBALU1+gDBADU1+4wDQYJKoZIhvcNAQELBQADggEBAJv5QtDE
cFEPuIDFLJSQvn/Qza66w/Mk5/BQe8qvPD9C+tahbSy/grJ3nlLDuWxQn0is0/cp
oslSovF+gH4Depo/uqyhUUT+mppurmUUR/FdoA4dCVkn7lF1wmkPiWRbBNUtrErm
9TNH2lBoQ45l0ybcIPx3AxWcY3Nj+FHofHr24ctRt+TjnPveVyFWWlsH2yqI9aeu
LeEviwecDhK6GjwRzOIEhDMrET316+iqMVMGbydGguAyBCEZWO+CYAu/3ORbwTaO
zzGuZ6DHch0iFUHqXIyq0FZwkR7I5FwA/vUfOcx5yq6r2Wg9d5IFxaoGwTXTshJD
+IoAxQLjNtRvyUM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:17 2024 by rpki-client on console-fra.rpki-client.org