Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/mti0yh-lUtVrjc59rxDJVP4_Y7k.roa
File:                     mti0yh-lUtVrjc59rxDJVP4_Y7k.roa (raw, json)
Hash identifier:          rE59P+EkYtF7Rmuzq6T/qwbT264BEcYd0uaVpO46pFk=
Subject key identifier:   9A:D8:B4:CA:1F:A5:52:D5:6B:8D:CE:7D:AF:10:C9:54:FE:3F:63:B9
Certificate issuer:       /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial:       018FA741D6B78B3EEDCCF3D4C5C1DB282265
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/mti0yh-lUtVrjc59rxDJVP4_Y7k.roa
Signing time:             Thu 23 May 2024 21:01:00 +0000
ROA not before:           Thu 23 May 2024 21:01:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        5.180.104.0/24 maxlen: 24
                          5.180.107.0/24 maxlen: 24
                          45.131.0.0/24 maxlen: 24
                          45.131.1.0/24 maxlen: 24
                          45.131.3.0/24 maxlen: 24
                          45.141.148.0/24 maxlen: 24
                          45.141.150.0/24 maxlen: 24
                          45.147.44.0/24 maxlen: 24
                          77.83.200.0/24 maxlen: 24
                          77.83.201.0/24 maxlen: 24
                          77.83.202.0/24 maxlen: 24
                          194.116.228.0/24 maxlen: 24
                          194.116.236.0/24 maxlen: 24
                          194.116.237.0/24 maxlen: 24
                          194.146.26.0/24 maxlen: 24
                          194.146.36.0/24 maxlen: 24
                          194.146.47.0/24 maxlen: 24
                          2a0f:e900::/29 maxlen: 29
                          2a0f:ed00::/29 maxlen: 29
                          2a0f:f900::/29 maxlen: 29
                          2a13:a440::/32 maxlen: 32
                          2a13:a441::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 28 May 2024 17:17:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:a7:41:d6:b7:8b:3e:ed:cc:f3:d4:c5:c1:db:28:22:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
        Validity
            Not Before: May 23 21:01:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9ad8b4ca1fa552d56b8dce7daf10c954fe3f63b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d8:d6:b3:fe:a5:26:35:53:60:47:cc:0b:9e:
                    c6:8d:b9:ee:54:67:1c:19:9e:4b:55:f3:e5:5c:92:
                    03:29:a3:6e:ca:4e:7a:be:8e:e9:1a:10:db:40:94:
                    3d:64:68:80:f1:e6:79:3d:8b:11:ea:cc:fe:4b:d8:
                    e8:15:ba:b3:bc:74:58:08:fd:26:d1:17:bd:7e:25:
                    5e:0c:67:9b:15:cf:5a:91:ff:70:91:d4:d3:9b:5d:
                    2e:01:81:aa:8e:22:b5:69:6e:92:de:ae:07:5c:c2:
                    24:9c:77:da:9d:8e:a7:21:69:f6:03:bc:4d:73:04:
                    a0:78:9d:fa:59:44:76:18:7c:32:37:20:8b:40:92:
                    d7:26:34:f2:e6:48:10:3a:5e:0e:2f:42:9c:d5:f5:
                    04:c4:34:34:f9:fc:91:d6:8b:4e:08:e2:36:a9:3b:
                    37:90:cb:33:5a:dc:7f:02:64:15:44:d8:5c:57:21:
                    d6:75:a8:a9:e6:25:87:33:22:73:ec:cf:b0:da:d1:
                    5e:e1:d5:a8:99:6d:7c:b9:cb:67:fe:de:c3:a5:a0:
                    ec:bf:c3:0a:99:46:f6:92:d8:76:28:cc:45:bb:2a:
                    cb:e7:da:49:c1:d1:53:8a:a0:23:16:2a:09:0f:56:
                    46:24:4e:3c:d7:4b:11:7b:ef:e3:4e:bf:26:c7:73:
                    ec:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:D8:B4:CA:1F:A5:52:D5:6B:8D:CE:7D:AF:10:C9:54:FE:3F:63:B9
            X509v3 Authority Key Identifier:
                keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/mti0yh-lUtVrjc59rxDJVP4_Y7k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.104.0/24
                  5.180.107.0/24
                  45.131.0.0/23
                  45.131.3.0/24
                  45.141.148.0/24
                  45.141.150.0/24
                  45.147.44.0/24
                  77.83.200.0-77.83.202.255
                  194.116.228.0/24
                  194.116.236.0/23
                  194.146.26.0/24
                  194.146.36.0/24
                  194.146.47.0/24
                IPv6:
                  2a0f:e900::/29
                  2a0f:ed00::/29
                  2a0f:f900::/29
                  2a13:a440::/31

    Signature Algorithm: sha256WithRSAEncryption
         57:73:c1:d1:16:e9:c4:2c:a9:ca:ed:ff:2a:de:40:a5:35:94:
         25:ca:6d:40:0d:85:82:53:e2:52:79:10:eb:0a:5a:11:bf:dc:
         98:2e:2e:d0:25:b5:3a:7e:e1:34:a0:be:82:4b:37:9f:44:c9:
         08:5e:47:59:6f:39:aa:61:7a:ce:95:9b:a1:06:94:20:90:85:
         50:64:b7:ef:be:c4:dc:b7:74:a6:fd:32:7e:66:21:01:0a:d8:
         50:4c:a7:af:e8:50:c5:dc:cc:42:53:88:41:3e:b4:a6:fa:33:
         af:23:e1:70:13:77:40:ce:6e:f2:72:51:29:46:62:61:a2:9b:
         88:3c:33:10:32:90:70:51:ad:4f:92:f1:2b:9c:d1:28:a2:4d:
         93:88:66:05:54:08:08:fe:96:96:3b:20:a9:f0:5d:0a:09:4a:
         27:5b:07:46:c0:c1:f3:db:07:cb:47:b0:c3:d9:96:38:e4:f1:
         3e:0d:3e:68:2b:79:fd:23:94:9a:f7:61:72:48:fb:83:6a:89:
         6d:8d:6a:6c:22:83:2e:a7:79:a8:ec:12:ee:e8:17:62:5d:0a:
         ba:ea:b5:02:80:9d:ef:76:bb:47:60:51:ba:7b:db:27:39:c2:
         13:18:63:e3:52:aa:7c:6e:c5:eb:95:3f:49:d2:97:18:cb:78:
         ec:52:74:70
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAY+nQda3iz7tzPPUxcHbKCJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwNTIzMjEwMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQ4YjRjYTFmYTU1MmQ1NmI4ZGNlN2RhZjEwYzk1NGZlM2Y2M2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9jWs/6lJjVTYEfMC57GjbnuVGcc
GZ5LVfPlXJIDKaNuyk56vo7pGhDbQJQ9ZGiA8eZ5PYsR6sz+S9joFbqzvHRYCP0m
0Re9fiVeDGebFc9akf9wkdTTm10uAYGqjiK1aW6S3q4HXMIknHfanY6nIWn2A7xN
cwSgeJ36WUR2GHwyNyCLQJLXJjTy5kgQOl4OL0Kc1fUExDQ0+fyR1otOCOI2qTs3
kMszWtx/AmQVRNhcVyHWdaip5iWHMyJz7M+w2tFe4dWomW18uctn/t7DpaDsv8MK
mUb2kth2KMxFuyrL59pJwdFTiqAjFioJD1ZGJE4810sRe+/jTr8mx3PsHwIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFJrYtMofpVLVa43Ofa8QyVT+P2O5MB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvbXRpMHloLWxVdFZyamM1OXJ4REpWUDRfWTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBcBAIAATBWAwQABbRo
AwQABbRrAwQBLYMAAwQALYMDAwQALY2UAwQALY2WAwQALZMsMAwDBANNU8gDBABN
U8oDBADCdOQDBAHCdOwDBADCkhoDBADCkiQDBADCki8wIgQCAAIwHAMFAyoP6QAD
BQMqD+0AAwUDKg/5AAMFASoTpEAwDQYJKoZIhvcNAQELBQADggEBAFdzwdEW6cQs
qcrt/yreQKU1lCXKbUANhYJT4lJ5EOsKWhG/3JguLtAltTp+4TSgvoJLN59EyQhe
R1lvOaphes6Vm6EGlCCQhVBkt+++xNy3dKb9Mn5mIQEK2FBMp6/oUMXczEJTiEE+
tKb6M68j4XATd0DObvJyUSlGYmGim4g8MxAykHBRrU+S8Suc0SiiTZOIZgVUCAj+
lpY7IKnwXQoJSidbB0bAwfPbB8tHsMPZljjk8T4NPmgref0jlJr3YXJI+4NqiW2N
amwigy6neajsEu7oF2JdCrrqtQKAne92u0dgUbp72yc5whMYY+NSqnxuxeuVP0nS
lxjLeOxSdHA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:11 2024 by rpki-client on console-fra.rpki-client.org