Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/A39eb_OrFwUzsYHlIbISbEgGyhc.roa
File:                     A39eb_OrFwUzsYHlIbISbEgGyhc.roa (raw, json)
Hash identifier:          vGPa6p/o2c5Fhe0MO6BaQA+UJOHwHBlVq5fOaoIJwxE=
Subject key identifier:   03:7F:5E:6F:F3:AB:17:05:33:B1:81:E5:21:B2:12:6C:48:06:CA:17
Certificate issuer:       /CN=14e282cf616284b58f85ec43e54c90bf9594e49c
Certificate serial:       0185729ED948F3A2E2794B74053C68932EAB
Authority key identifier: 14:E2:82:CF:61:62:84:B5:8F:85:EC:43:E5:4C:90:BF:95:94:E4:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FOKCz2FihLWPhexD5UyQv5WU5Jw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/A39eb_OrFwUzsYHlIbISbEgGyhc.roa
Signing time:             Mon 02 Jan 2023 13:14:50 +0000
ROA not before:           Mon 02 Jan 2023 13:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21396
IP address blocks:        141.0.208.0/20 maxlen: 24
                          80.249.96.0/20 maxlen: 24
                          5.182.220.0/22 maxlen: 24
                          5.182.220.0/24 maxlen: 24
                          2a02:68::/29 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:9e:d9:48:f3:a2:e2:79:4b:74:05:3c:68:93:2e:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14e282cf616284b58f85ec43e54c90bf9594e49c
        Validity
            Not Before: Jan  2 13:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=037f5e6ff3ab170533b181e521b2126c4806ca17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:dd:f7:59:ff:cc:6e:7f:01:59:a4:93:50:75:
                    d5:21:3b:4a:7a:67:a3:f4:22:37:d9:bf:07:53:e5:
                    06:f5:e2:47:d4:21:8d:6c:55:c2:0b:cc:5d:9f:be:
                    01:47:72:cf:33:72:8d:56:d6:52:97:4e:2f:c4:60:
                    91:00:83:45:4a:10:8a:18:2c:02:6b:43:7e:c5:9e:
                    c3:70:97:f5:b1:8b:0b:33:6f:e3:bb:26:d2:fb:01:
                    05:07:ae:07:dd:e9:ae:56:56:9b:8b:b2:26:fd:86:
                    31:c6:e1:86:82:10:a4:d5:39:94:10:b4:8a:fc:c8:
                    f5:cb:2b:72:d5:a7:5f:e1:16:ee:45:2c:63:56:d7:
                    d2:9e:44:3c:6e:7b:9a:12:9d:ee:d8:63:db:1c:ed:
                    62:d4:e2:c5:dc:37:e5:76:77:e5:03:e4:b6:a1:a3:
                    f4:a5:a5:07:62:04:10:d4:9a:80:e0:ed:02:d6:b3:
                    41:24:16:56:42:e3:9a:ed:c2:0a:e2:d3:2e:fb:7b:
                    10:c1:f1:fc:f7:fa:35:7f:ce:9b:83:29:68:ef:60:
                    2c:29:d3:d0:f5:bc:bf:58:8c:08:c8:07:48:7c:01:
                    e4:88:be:2e:29:ae:56:cc:27:69:69:8d:01:10:59:
                    9a:ae:33:01:27:3f:8d:a8:8d:d9:5d:70:c9:1c:3d:
                    4f:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:7F:5E:6F:F3:AB:17:05:33:B1:81:E5:21:B2:12:6C:48:06:CA:17
            X509v3 Authority Key Identifier:
                keyid:14:E2:82:CF:61:62:84:B5:8F:85:EC:43:E5:4C:90:BF:95:94:E4:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FOKCz2FihLWPhexD5UyQv5WU5Jw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/A39eb_OrFwUzsYHlIbISbEgGyhc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/FOKCz2FihLWPhexD5UyQv5WU5Jw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.220.0/22
                  80.249.96.0/20
                  141.0.208.0/20
                IPv6:
                  2a02:68::/29

    Signature Algorithm: sha256WithRSAEncryption
         3f:d2:06:f1:29:87:fc:5b:99:43:13:69:41:d6:e5:30:d2:09:
         fe:fe:5b:51:95:18:5d:9f:5f:4e:a3:22:26:e8:5e:d2:f3:30:
         3b:b9:7b:c3:8c:e0:af:5d:48:e3:e2:79:01:70:03:71:d7:5e:
         74:cb:db:16:36:d5:a5:81:e5:30:2d:5c:1f:d7:ce:3e:8f:1a:
         b5:ac:bb:be:50:3d:d2:8a:ed:4b:b8:4c:4e:06:68:8d:06:f9:
         f0:24:3a:68:bc:e3:f9:43:db:da:e1:b8:53:7a:d8:9e:0a:54:
         e7:0b:72:2a:82:31:9c:93:ec:24:ee:e0:40:67:47:c5:03:8c:
         26:db:58:1a:43:fd:e7:26:37:c0:9d:f6:17:9f:1a:7b:4d:7f:
         08:c5:60:a5:ce:88:03:07:fa:41:7d:f7:4f:b6:30:8d:43:3f:
         40:ac:7c:bc:b7:80:a6:df:fe:71:98:a7:4e:1a:1e:e9:72:e4:
         62:ad:96:90:81:25:ab:9b:9c:82:a8:7d:99:ef:3d:39:f2:c2:
         21:9b:10:1d:4c:99:5d:2f:ef:18:84:90:34:f1:cd:83:ec:98:
         8b:70:7b:cc:3c:d4:e9:6e:76:af:6e:cb:45:bd:00:f7:b2:64:
         33:b7:2e:48:b2:d5:5b:82:54:c0:b0:f4:bc:27:21:d3:57:c4:
         22:05:e8:3f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVyntlI86LieUt0BTxoky6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZTI4MmNmNjE2Mjg0YjU4Zjg1ZWM0M2U1NGM5MGJmOTU5
NGU0OWMwHhcNMjMwMTAyMTMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzdmNWU2ZmYzYWIxNzA1MzNiMTgxZTUyMWIyMTI2YzQ4MDZjYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd33Wf/Mbn8BWaSTUHXVITtKemej
9CI32b8HU+UG9eJH1CGNbFXCC8xdn74BR3LPM3KNVtZSl04vxGCRAINFShCKGCwC
a0N+xZ7DcJf1sYsLM2/juybS+wEFB64H3emuVlabi7Im/YYxxuGGghCk1TmUELSK
/Mj1yyty1adf4RbuRSxjVtfSnkQ8bnuaEp3u2GPbHO1i1OLF3DfldnflA+S2oaP0
paUHYgQQ1JqA4O0C1rNBJBZWQuOa7cIK4tMu+3sQwfH89/o1f86bgylo72AsKdPQ
9by/WIwIyAdIfAHkiL4uKa5WzCdpaY0BEFmarjMBJz+NqI3ZXXDJHD1PbwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAN/Xm/zqxcFM7GB5SGyEmxIBsoXMB8GA1UdIwQY
MBaAFBTigs9hYoS1j4XsQ+VMkL+VlOScMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk9LQ3oyRmloTFdQaGV4RDVVeVF2NVdVNUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jOGQ4YWQtY2Q3Mi00MTliLTk3M2Yt
NTYwOTRmZDZjYzZjLzEvQTM5ZWJfT3JGd1V6c1lIbEliSVNiRWdHeWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jOGQ4YWQtY2Q3Mi00MTliLTk3M2YtNTYwOTRmZDZjYzZj
LzEvRk9LQ3oyRmloTFdQaGV4RDVVeVF2NVdVNUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBbbcAwQE
UPlgAwQEjQDQMA0EAgACMAcDBQMqAgBoMA0GCSqGSIb3DQEBCwUAA4IBAQA/0gbx
KYf8W5lDE2lB1uUw0gn+/ltRlRhdn19OoyIm6F7S8zA7uXvDjOCvXUjj4nkBcANx
1150y9sWNtWlgeUwLVwf184+jxq1rLu+UD3Siu1LuExOBmiNBvnwJDpovOP5Q9va
4bhTetieClTnC3IqgjGck+wk7uBAZ0fFA4wm21gaQ/3nJjfAnfYXnxp7TX8IxWCl
zogDB/pBffdPtjCNQz9ArHy8t4Cm3/5xmKdOGh7pcuRirZaQgSWrm5yCqH2Z7z05
8sIhmxAdTJldL+8YhJA08c2D7JiLcHvMPNTpbnavbstFvQD3smQzty5IstVbglTA
sPS8JyHTV8QiBeg/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:58 2024 by rpki-client on console-fra.rpki-client.org