Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/FwtzTFqo55SN7laLhgqeXqkJ5LI.roa
File:                     FwtzTFqo55SN7laLhgqeXqkJ5LI.roa (raw, json)
Hash identifier:          6Nr3Viv5dvry3Adw5BESVBNdQx9DbofUlpdVs0MBEuc=
Subject key identifier:   17:0B:73:4C:5A:A8:E7:94:8D:EE:56:8B:86:0A:9E:5E:A9:09:E4:B2
Certificate issuer:       /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial:       019113BA09E59159D3A76EED10300A847482
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/FwtzTFqo55SN7laLhgqeXqkJ5LI.roa
Signing time:             Fri 02 Aug 2024 15:34:04 +0000
ROA not before:           Fri 02 Aug 2024 15:34:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208555
IP address blocks:        45.129.36.0/22 maxlen: 22
                          45.129.36.0/24 maxlen: 24
                          45.129.37.0/24 maxlen: 24
                          45.129.38.0/23 maxlen: 23
                          45.129.38.0/24 maxlen: 24
                          45.129.39.0/24 maxlen: 24
                          185.53.140.0/22 maxlen: 24
                          185.53.140.0/23 maxlen: 23
                          185.53.140.0/24 maxlen: 24
                          185.53.141.0/24 maxlen: 24
                          185.53.142.0/23 maxlen: 23
                          185.53.142.0/24 maxlen: 24
                          185.53.143.0/24 maxlen: 24
                          185.126.202.0/24 maxlen: 24
                          185.126.203.0/24 maxlen: 24
                          2a0a:2fc4::/64 maxlen: 64
                          2a0e:4a40::/29 maxlen: 29
Validation:               Failed, certificate revoked on Fri 02 Aug 2024 15:56:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:13:ba:09:e5:91:59:d3:a7:6e:ed:10:30:0a:84:74:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
        Validity
            Not Before: Aug  2 15:34:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=170b734c5aa8e7948dee568b860a9e5ea909e4b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:63:aa:08:42:40:23:88:29:17:54:d2:8e:b1:
                    ef:cc:c9:ad:40:ca:53:89:85:c6:7c:1d:ca:20:6c:
                    db:a3:4e:86:c0:54:16:63:52:bd:ff:97:3a:ef:df:
                    c4:89:55:12:27:e2:fc:91:96:ea:26:5a:b2:c8:eb:
                    5d:92:00:8e:00:a0:92:32:18:73:cf:82:b0:77:6c:
                    7e:73:8e:4f:4e:f6:1c:bf:81:7a:a8:af:91:13:ff:
                    b7:5e:9c:75:a9:2c:6f:c7:0e:4a:d8:33:1d:a2:18:
                    f5:d9:e5:b2:8f:f1:43:81:00:83:c2:1e:8a:4f:2b:
                    89:b8:43:6b:48:b5:ed:9b:c8:2a:7d:87:3d:ce:ba:
                    73:55:2f:5c:6d:f5:00:ba:1e:90:95:00:16:06:77:
                    6d:15:81:85:d6:df:9b:83:e1:8f:dc:1d:ce:a0:f6:
                    61:4c:e5:dc:0e:90:df:4c:9e:22:e5:f4:50:f8:97:
                    a0:07:ff:4e:c2:33:64:5a:02:8d:8e:e5:d2:aa:50:
                    79:5a:4f:94:5a:1c:33:ee:3f:a8:cd:33:77:84:5b:
                    b9:82:98:98:2a:44:cf:eb:74:98:23:e9:18:cc:a7:
                    5f:2b:98:db:1a:43:41:a9:63:1b:6e:a8:14:83:88:
                    73:99:11:d9:35:fc:39:ac:83:69:12:77:ca:e6:9d:
                    90:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:0B:73:4C:5A:A8:E7:94:8D:EE:56:8B:86:0A:9E:5E:A9:09:E4:B2
            X509v3 Authority Key Identifier:
                keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/FwtzTFqo55SN7laLhgqeXqkJ5LI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.129.36.0/22
                  185.53.140.0/22
                  185.126.202.0/23
                IPv6:
                  2a0a:2fc4::/64
                  2a0e:4a40::/29

    Signature Algorithm: sha256WithRSAEncryption
         43:2f:01:18:61:7e:97:5b:80:95:69:7d:9b:8a:b3:41:5d:73:
         7f:26:f0:4e:eb:7e:bf:f0:d4:1b:87:61:50:eb:c6:6f:a5:46:
         bb:8e:ae:6b:36:46:e0:27:7c:74:88:63:88:df:f0:33:3e:84:
         00:cf:79:ae:0d:b0:3b:f5:be:9f:af:00:7e:94:58:67:48:7c:
         24:c7:53:3e:2c:a4:6c:0f:1e:61:a9:f9:57:8b:7b:a2:bd:be:
         74:d9:7f:11:f3:7f:fb:a7:ac:29:2b:a5:51:6f:a7:40:9f:a8:
         ce:0a:b5:54:46:fe:16:8e:8f:8c:52:cc:f7:20:83:0c:33:90:
         87:c7:00:95:09:89:39:ae:d3:f0:27:50:df:a1:74:3b:e9:03:
         ef:a9:20:f7:54:eb:98:39:55:11:51:4a:d7:be:bd:b7:17:23:
         fd:60:5e:41:ff:95:93:9a:6c:50:14:bd:8f:5d:e4:ae:2c:db:
         32:c8:dc:2c:f1:b7:96:48:89:8a:21:0b:8b:b2:f7:38:67:33:
         0e:8f:25:ad:60:b9:6a:65:5c:62:f4:01:5a:73:7c:fe:88:9e:
         f2:24:5e:87:0f:ed:70:58:3f:74:e3:3f:4d:7d:cb:58:e1:a3:
         bb:6f:bd:35:c3:19:6b:da:52:ab:de:7e:2d:db:51:ae:19:85:
         50:1a:15:25
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZETugnlkVnTp27tEDAKhHSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjQwODAyMTUzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzBiNzM0YzVhYThlNzk0OGRlZTU2OGI4NjBhOWU1ZWE5MDllNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GOqCEJAI4gpF1TSjrHvzMmtQMpT
iYXGfB3KIGzbo06GwFQWY1K9/5c679/EiVUSJ+L8kZbqJlqyyOtdkgCOAKCSMhhz
z4Kwd2x+c45PTvYcv4F6qK+RE/+3Xpx1qSxvxw5K2DMdohj12eWyj/FDgQCDwh6K
TyuJuENrSLXtm8gqfYc9zrpzVS9cbfUAuh6QlQAWBndtFYGF1t+bg+GP3B3OoPZh
TOXcDpDfTJ4i5fRQ+JegB/9OwjNkWgKNjuXSqlB5Wk+UWhwz7j+ozTN3hFu5gpiY
KkTP63SYI+kYzKdfK5jbGkNBqWMbbqgUg4hzmRHZNfw5rINpEnfK5p2QswIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBcLc0xaqOeUje5Wi4YKnl6pCeSyMB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvRnd0elRGcW81NVNON2xhTGhncWVYcWtKNUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCLYEkAwQC
uTWMAwQBuX7KMBgEAgACMBIDCQAqCi/EAAAAAAMFAyoOSkAwDQYJKoZIhvcNAQEL
BQADggEBAEMvARhhfpdbgJVpfZuKs0Fdc38m8E7rfr/w1BuHYVDrxm+lRruOrms2
RuAnfHSIY4jf8DM+hADPea4NsDv1vp+vAH6UWGdIfCTHUz4spGwPHmGp+VeLe6K9
vnTZfxHzf/unrCkrpVFvp0CfqM4KtVRG/haOj4xSzPcggwwzkIfHAJUJiTmu0/An
UN+hdDvpA++pIPdU65g5VRFRSte+vbcXI/1gXkH/lZOabFAUvY9d5K4s2zLI3Czx
t5ZIiYohC4uy9zhnMw6PJa1guWplXGL0AVpzfP6InvIkXocP7XBYP3TjP019y1jh
o7tvvTXDGWvaUqvefi3bUa4ZhVAaFSU=
-----END CERTIFICATE-----