Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/AV8qx5-ctSBhGeLu7hcDqpN2f90.roa
File:                     AV8qx5-ctSBhGeLu7hcDqpN2f90.roa (raw, json)
Hash identifier:          PS4wQx23HfWKCaj4GsrmKhDyPw5peG9YREdWXR44YxY=
Subject key identifier:   01:5F:2A:C7:9F:9C:B5:20:61:19:E2:EE:EE:17:03:AA:93:76:7F:DD
Certificate issuer:       /CN=1ef3cb098d5285020c3be754f8c4ff777aa8a174
Certificate serial:       01879F942EBD552F4B1AAB7D7EA65F84B0F1
Authority key identifier: 1E:F3:CB:09:8D:52:85:02:0C:3B:E7:54:F8:C4:FF:77:7A:A8:A1:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HvPLCY1ShQIMO-dU-MT_d3qooXQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/AV8qx5-ctSBhGeLu7hcDqpN2f90.roa
Signing time:             Thu 20 Apr 2023 16:51:41 +0000
ROA not before:           Thu 20 Apr 2023 16:51:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42013
IP address blocks:        2.58.132.0/24 maxlen: 24
                          2.58.132.0/23 maxlen: 23
                          2.58.132.0/22 maxlen: 22
                          194.5.235.0/24 maxlen: 24
                          91.229.247.0/24 maxlen: 24
                          185.99.44.0/24 maxlen: 24
                          185.99.44.0/22 maxlen: 22
                          185.99.44.0/23 maxlen: 23
                          185.99.47.0/24 maxlen: 24
                          185.99.46.0/24 maxlen: 24
                          185.99.45.0/24 maxlen: 24
                          185.99.46.0/23 maxlen: 23
                          2.58.133.0/24 maxlen: 24
                          2.58.135.0/24 maxlen: 24
                          2.58.134.0/23 maxlen: 23
                          2.58.134.0/24 maxlen: 24
                          185.61.22.0/23 maxlen: 23
                          185.61.23.0/24 maxlen: 24
                          185.61.22.0/24 maxlen: 24
                          185.61.20.0/22 maxlen: 22
                          185.61.21.0/24 maxlen: 24
                          185.61.20.0/23 maxlen: 23
                          185.61.20.0/24 maxlen: 24
                          185.209.111.0/24 maxlen: 24
                          185.209.110.0/24 maxlen: 24
                          185.209.110.0/23 maxlen: 23
                          185.209.109.0/24 maxlen: 24
                          185.209.108.0/24 maxlen: 24
                          185.209.108.0/22 maxlen: 22
                          185.209.108.0/23 maxlen: 23
                          2a0b:4d40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 05 Dec 2023 19:02:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9f:94:2e:bd:55:2f:4b:1a:ab:7d:7e:a6:5f:84:b0:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ef3cb098d5285020c3be754f8c4ff777aa8a174
        Validity
            Not Before: Apr 20 16:51:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=015f2ac79f9cb5206119e2eeee1703aa93767fdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:be:95:82:f4:59:9a:97:0c:0e:14:d8:48:7f:
                    72:f6:f2:2a:85:42:a3:76:37:d8:e9:13:b1:48:fb:
                    86:52:0c:12:76:ed:0a:33:e7:1c:ad:96:fc:b0:a8:
                    df:35:30:ef:6d:27:e8:b9:b1:c6:ab:8d:ef:26:e8:
                    da:ca:c0:aa:6a:e5:71:78:f6:ae:99:69:ba:7d:4a:
                    da:6a:58:2b:5f:49:d0:ec:ed:9d:c6:f8:68:82:9d:
                    d0:21:9f:10:97:57:30:5a:34:4f:4d:9a:c4:36:09:
                    44:03:a7:6f:53:97:6c:3a:6c:44:e1:c3:74:95:c4:
                    67:3a:2a:b7:ad:c2:b8:80:f3:fe:f9:95:13:5e:17:
                    33:ee:ac:07:98:34:72:3f:a0:20:cf:26:77:4b:e1:
                    85:e9:10:6a:56:6e:03:87:ec:0f:51:b9:8d:0d:09:
                    a8:ea:d6:6d:76:5e:86:db:03:cc:3f:78:de:59:da:
                    16:7a:2b:34:f4:81:56:b3:16:8d:54:01:17:52:0a:
                    2c:11:ac:bf:48:29:7d:41:44:4b:7e:ca:2e:d0:71:
                    ce:9e:cd:be:69:4e:6a:24:76:14:20:d1:9a:3d:1c:
                    5a:b2:f3:b6:24:b6:ac:0b:51:8a:88:e6:15:dc:de:
                    5b:0d:62:e8:77:c3:a0:a3:94:fa:9d:be:67:e6:1b:
                    a9:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:5F:2A:C7:9F:9C:B5:20:61:19:E2:EE:EE:17:03:AA:93:76:7F:DD
            X509v3 Authority Key Identifier:
                keyid:1E:F3:CB:09:8D:52:85:02:0C:3B:E7:54:F8:C4:FF:77:7A:A8:A1:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvPLCY1ShQIMO-dU-MT_d3qooXQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/AV8qx5-ctSBhGeLu7hcDqpN2f90.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/HvPLCY1ShQIMO-dU-MT_d3qooXQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.132.0/22
                  91.229.247.0/24
                  185.61.20.0/22
                  185.99.44.0/22
                  185.209.108.0/22
                  194.5.235.0/24
                IPv6:
                  2a0b:4d40::/29

    Signature Algorithm: sha256WithRSAEncryption
         61:2b:a8:b0:82:34:af:b6:bf:e3:4d:b1:9a:46:08:f1:9b:fb:
         6e:f0:b9:65:15:fe:bf:2f:c3:b6:41:b4:01:dd:35:7c:e0:4c:
         95:97:a8:dc:af:05:61:37:3e:df:d8:93:c9:32:7a:90:3e:9d:
         2d:ba:c8:36:a1:f6:b1:ff:a6:15:2a:8d:31:f5:28:59:39:ed:
         34:87:f4:c3:e0:7d:95:39:b4:45:07:4a:90:1d:c8:38:40:f5:
         26:c9:f7:d4:b6:d7:10:4e:fe:0c:d8:8d:1b:a3:df:18:c3:42:
         5c:e8:5b:a2:5b:12:37:22:4e:d0:6a:b3:a0:6f:7c:8c:1b:5a:
         3b:42:4b:08:6c:f3:bd:6b:68:d6:cb:f3:d0:17:c6:bd:db:3d:
         07:c9:d6:fe:38:5d:a9:c8:24:eb:b8:0f:22:41:ff:7b:06:6f:
         c4:06:32:83:b3:64:c9:b2:37:40:7b:ef:c3:d9:0b:b8:48:31:
         6c:b3:f7:44:90:0a:b4:f3:84:b5:5b:49:68:68:af:5d:e5:33:
         65:c2:32:9c:ff:af:27:7b:bc:ed:b6:30:47:e0:60:2f:c4:fc:
         d9:af:06:d8:e4:d7:b8:5b:2b:62:06:17:76:45:95:59:c3:56:
         1c:57:63:0e:cc:44:75:21:4d:87:63:fd:99:5c:13:d1:4c:0e:
         2a:a5:01:89
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYeflC69VS9LGqt9fqZfhLDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZjNjYjA5OGQ1Mjg1MDIwYzNiZTc1NGY4YzRmZjc3N2Fh
OGExNzQwHhcNMjMwNDIwMTY1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTVmMmFjNzlmOWNiNTIwNjExOWUyZWVlZTE3MDNhYTkzNzY3ZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh76VgvRZmpcMDhTYSH9y9vIqhUKj
djfY6ROxSPuGUgwSdu0KM+ccrZb8sKjfNTDvbSfoubHGq43vJujaysCqauVxePau
mWm6fUraalgrX0nQ7O2dxvhogp3QIZ8Ql1cwWjRPTZrENglEA6dvU5dsOmxE4cN0
lcRnOiq3rcK4gPP++ZUTXhcz7qwHmDRyP6AgzyZ3S+GF6RBqVm4Dh+wPUbmNDQmo
6tZtdl6G2wPMP3jeWdoWeis09IFWsxaNVAEXUgosEay/SCl9QURLfsou0HHOns2+
aU5qJHYUINGaPRxasvO2JLasC1GKiOYV3N5bDWLod8Ogo5T6nb5n5hupXwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAFfKsefnLUgYRni7u4XA6qTdn/dMB8GA1UdIwQY
MBaAFB7zywmNUoUCDDvnVPjE/3d6qKF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZQTENZMVNoUUlNTy1kVS1NVF9kM3Fvb1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85MzM4MTgtYTViYi00ZDE2LWI1NTEt
Zjk5MmIwN2YzMjNmLzEvQVY4cXg1LWN0U0JoR2VMdTdoY0RxcE4yZjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85MzM4MTgtYTViYi00ZDE2LWI1NTEtZjk5MmIwN2YzMjNm
LzEvSHZQTENZMVNoUUlNTy1kVS1NVF9kM3Fvb1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCAjqEAwQA
W+X3AwQCuT0UAwQCuWMsAwQCudFsAwQAwgXrMA0EAgACMAcDBQMqC01AMA0GCSqG
SIb3DQEBCwUAA4IBAQBhK6iwgjSvtr/jTbGaRgjxm/tu8LllFf6/L8O2QbQB3TV8
4EyVl6jcrwVhNz7f2JPJMnqQPp0tusg2ofax/6YVKo0x9ShZOe00h/TD4H2VObRF
B0qQHcg4QPUmyffUttcQTv4M2I0bo98Yw0Jc6FuiWxI3Ik7QarOgb3yMG1o7QksI
bPO9a2jWy/PQF8a92z0Hydb+OF2pyCTruA8iQf97Bm/EBjKDs2TJsjdAe+/D2Qu4
SDFss/dEkAq084S1W0loaK9d5TNlwjKc/68ne7zttjBH4GAvxPzZrwbY5Ne4Wyti
Bhd2RZVZw1YcV2MOzER1IU2HY/2ZXBPRTA4qpQGJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:38 2024 by rpki-client on console-ams.rpki-client.org