Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/v-MQaX_3T1J1mfoxZ-RJmz-k6hU.roa
File:                     v-MQaX_3T1J1mfoxZ-RJmz-k6hU.roa (raw, json)
Hash identifier:          7LinL31XxznE0W4ORhCKlkIR3ODQP/VXLkQqExN+h58=
Subject key identifier:   BF:E3:10:69:7F:F7:4F:52:75:99:FA:31:67:E4:49:9B:3F:A4:EA:15
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       0190EF786B33AED291679643D72EC1622EE4
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/v-MQaX_3T1J1mfoxZ-RJmz-k6hU.roa
Signing time:             Fri 26 Jul 2024 14:36:04 +0000
ROA not before:           Fri 26 Jul 2024 14:36:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12541
IP address blocks:        45.10.104.0/22 maxlen: 22
                          80.66.112.0/23 maxlen: 23
                          80.66.115.0/24 maxlen: 24
                          80.66.120.0/23 maxlen: 23
                          91.132.31.0/24 maxlen: 24
                          94.198.46.0/24 maxlen: 24
                          178.19.45.0/24 maxlen: 24
                          178.19.46.0/24 maxlen: 24
                          194.15.140.0/24 maxlen: 24
                          194.15.146.0/24 maxlen: 24
                          194.15.182.0/24 maxlen: 24
                          194.15.195.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Fri 26 Jul 2024 14:38:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:ef:78:6b:33:ae:d2:91:67:96:43:d7:2e:c1:62:2e:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jul 26 14:36:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bfe310697ff74f527599fa3167e4499b3fa4ea15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:4b:c6:4d:de:7f:15:8e:69:f6:75:98:e1:88:
                    eb:b0:84:bb:3d:23:29:d5:7e:55:86:65:fa:12:06:
                    65:22:92:65:c9:0e:37:8d:74:15:d9:8f:6e:05:48:
                    5a:f4:26:b2:db:b1:47:e8:79:d1:c2:1b:43:76:27:
                    08:1f:e8:7b:74:51:ff:20:81:b7:b5:e1:b6:c1:b1:
                    52:ba:89:91:00:be:05:cf:f7:bc:b5:b1:a4:e1:32:
                    3e:54:be:d1:1f:ff:48:ac:5a:46:3c:96:33:2f:50:
                    41:8c:ca:6e:65:36:0d:07:cd:d4:ea:23:70:0d:f5:
                    3e:e9:cb:ba:81:22:61:72:2b:27:6b:cc:cb:b4:00:
                    43:3b:45:3f:63:70:c0:62:2e:21:ef:8f:a9:33:41:
                    6e:63:36:91:8c:b0:85:ad:0f:44:21:4f:ef:04:4f:
                    3e:fd:ec:3c:f3:01:dc:da:8c:c7:75:ce:72:31:81:
                    07:6a:49:2c:1e:48:31:3d:5f:a8:53:81:6c:bb:be:
                    72:9b:a0:4e:9d:45:c9:fd:d7:d2:d4:67:f3:e4:9e:
                    ce:e8:e1:01:30:41:1e:70:c3:d5:c4:f3:bc:82:fe:
                    61:10:79:98:d1:b5:c5:9e:58:05:b1:a4:9c:4a:ac:
                    6c:db:27:0f:ec:95:58:04:5c:35:57:7b:f3:34:af:
                    64:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:E3:10:69:7F:F7:4F:52:75:99:FA:31:67:E4:49:9B:3F:A4:EA:15
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/v-MQaX_3T1J1mfoxZ-RJmz-k6hU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.10.104.0/22
                  80.66.112.0/23
                  80.66.115.0/24
                  80.66.120.0/23
                  91.132.31.0/24
                  94.198.46.0/24
                  178.19.45.0-178.19.46.255
                  194.15.140.0/24
                  194.15.146.0/24
                  194.15.182.0/24
                  194.15.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:f7:c9:05:f6:d4:a2:e3:bf:50:8b:d2:5c:37:a4:9e:fe:80:
         49:64:13:3a:ed:cb:66:23:5b:f7:f1:44:fe:1a:8d:d2:03:4f:
         0f:88:7b:2c:47:1b:03:8a:06:be:92:db:07:c6:a1:f7:cb:c9:
         1c:c0:02:b6:c0:97:dd:3e:fb:c4:89:a1:0e:05:ff:15:5c:b9:
         7b:fb:0c:9d:57:75:19:99:32:87:f2:9e:45:8d:ef:84:96:1f:
         fc:56:ec:7e:0b:fb:87:b0:e8:3e:57:01:63:74:3d:04:fd:f9:
         85:1c:3f:49:fc:53:58:97:d6:b4:dc:8b:e2:5b:b7:01:82:28:
         ea:b5:2e:1b:e6:88:8a:f2:fa:ed:89:b6:51:2b:de:7d:df:cf:
         47:87:8e:72:d5:c7:c6:47:3f:e5:7e:3f:74:54:f7:c4:8f:e4:
         fa:99:19:e2:1f:55:9a:80:48:8c:27:7b:f4:b1:e5:47:19:18:
         d6:95:13:cf:11:7d:70:2f:fa:e0:12:00:dc:9a:0a:d2:a3:cc:
         3d:ed:49:ee:3c:b4:c2:2a:20:6d:3b:63:5a:58:76:d6:16:0f:
         cd:b3:ae:b7:07:47:8c:04:f7:c3:15:b9:5a:82:a6:ca:32:4a:
         f9:ce:b4:94:20:29:e7:90:49:46:2c:07:85:fc:63:f4:f8:52:
         47:fd:37:ba
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZDveGszrtKRZ5ZD1y7BYi7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNzI2MTQzNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmUzMTA2OTdmZjc0ZjUyNzU5OWZhMzE2N2U0NDk5YjNmYTRlYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkvGTd5/FY5p9nWY4YjrsIS7PSMp
1X5VhmX6EgZlIpJlyQ43jXQV2Y9uBUha9Cay27FH6HnRwhtDdicIH+h7dFH/IIG3
teG2wbFSuomRAL4Fz/e8tbGk4TI+VL7RH/9IrFpGPJYzL1BBjMpuZTYNB83U6iNw
DfU+6cu6gSJhcisna8zLtABDO0U/Y3DAYi4h74+pM0FuYzaRjLCFrQ9EIU/vBE8+
/ew88wHc2ozHdc5yMYEHakksHkgxPV+oU4Fsu75ym6BOnUXJ/dfS1Gfz5J7O6OEB
MEEecMPVxPO8gv5hEHmY0bXFnlgFsaScSqxs2ycP7JVYBFw1V3vzNK9kaQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFL/jEGl/909SdZn6MWfkSZs/pOoVMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvdi1NUWFYXzNUMUoxbWZveFotUkptei1rNmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQCLQpoAwQB
UEJwAwQAUEJzAwQBUEJ4AwQAW4QfAwQAXsYuMAwDBACyEy0DBACyEy4DBADCD4wD
BADCD5IDBADCD7YDBADCD8MwDQYJKoZIhvcNAQELBQADggEBAJX3yQX21KLjv1CL
0lw3pJ7+gElkEzrty2YjW/fxRP4ajdIDTw+IeyxHGwOKBr6S2wfGoffLyRzAArbA
l90++8SJoQ4F/xVcuXv7DJ1XdRmZMofynkWN74SWH/xW7H4L+4ew6D5XAWN0PQT9
+YUcP0n8U1iX1rTci+JbtwGCKOq1LhvmiIry+u2JtlEr3n3fz0eHjnLVx8ZHP+V+
P3RU98SP5PqZGeIfVZqASIwne/Sx5UcZGNaVE88RfXAv+uASANyaCtKjzD3tSe48
tMIqIG07Y1pYdtYWD82zrrcHR4wE98MVuVqCpsoySvnOtJQgKeeQSUYsB4X8Y/T4
Ukf9N7o=
-----END CERTIFICATE-----