Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/LEq8udb9rGJZbTwkEyPlHlIr3b8.roa
File:                     LEq8udb9rGJZbTwkEyPlHlIr3b8.roa (raw, json)
Hash identifier:          F7T0GRoB+apmcHe4NfkX5hVPoXHYY8/andHh8nC5pEM=
Subject key identifier:   2C:4A:BC:B9:D6:FD:AC:62:59:6D:3C:24:13:23:E5:1E:52:2B:DD:BF
Certificate issuer:       /CN=d055e0b86f3f5125054863cf9264e6346e09bbb7
Certificate serial:       01860C5303C0AFCF3B1D270C59CEB920BC8D
Authority key identifier: D0:55:E0:B8:6F:3F:51:25:05:48:63:CF:92:64:E6:34:6E:09:BB:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0FXguG8_USUFSGPPkmTmNG4Ju7c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/LEq8udb9rGJZbTwkEyPlHlIr3b8.roa
Signing time:             Wed 01 Feb 2023 09:33:32 +0000
ROA not before:           Wed 01 Feb 2023 09:33:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203053
IP address blocks:        86.107.43.0/24 maxlen: 24
                          89.39.209.0/24 maxlen: 24
                          86.107.78.0/24 maxlen: 24
                          86.107.79.0/24 maxlen: 24
                          188.214.214.0/24 maxlen: 24
                          86.105.228.0/24 maxlen: 24
                          185.146.85.0/24 maxlen: 24
                          185.146.84.0/22 maxlen: 22
                          185.146.87.0/24 maxlen: 24
                          185.146.86.0/24 maxlen: 24
                          93.119.122.0/24 maxlen: 24
                          89.42.13.0/24 maxlen: 24
                          89.40.33.0/24 maxlen: 24
                          89.40.32.0/24 maxlen: 24
                          188.212.127.0/24 maxlen: 24
                          176.126.172.0/24 maxlen: 24
                          93.113.55.0/24 maxlen: 24
                          93.113.54.0/24 maxlen: 24
                          89.37.29.0/24 maxlen: 24
                          37.156.181.0/24 maxlen: 24
                          37.156.180.0/24 maxlen: 24
                          31.14.56.0/24 maxlen: 24
                          188.212.252.0/24 maxlen: 24
                          188.212.255.0/24 maxlen: 24
                          93.114.248.0/24 maxlen: 24
                          85.204.69.0/24 maxlen: 24
                          89.44.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:0c:53:03:c0:af:cf:3b:1d:27:0c:59:ce:b9:20:bc:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d055e0b86f3f5125054863cf9264e6346e09bbb7
        Validity
            Not Before: Feb  1 09:33:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2c4abcb9d6fdac62596d3c241323e51e522bddbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:10:0e:db:cb:35:09:14:e6:b7:37:17:5a:a7:
                    36:68:6e:60:e9:72:99:14:31:51:e2:e1:aa:71:30:
                    c4:ee:61:63:9a:0c:a6:48:74:59:f9:87:01:3c:fd:
                    43:ff:37:a2:90:cf:32:28:81:11:73:ab:90:92:f3:
                    7c:fb:6e:d4:1e:a8:89:9e:22:bb:a2:e3:9e:d4:09:
                    73:06:d8:ef:21:c4:17:d8:20:0e:7c:16:d4:cc:d7:
                    68:55:dc:fd:3d:ea:65:1f:bb:de:fd:24:ff:37:7a:
                    ed:bb:9c:df:fd:23:b5:9c:32:87:99:8b:14:9a:c4:
                    6b:d9:28:b9:35:08:0e:ec:73:52:37:0e:e5:99:58:
                    38:1a:c7:a4:83:34:f1:e0:aa:5c:c0:c8:9b:f1:5d:
                    b4:50:e6:e0:c3:ae:79:7e:f6:c8:d5:a1:a7:e0:9d:
                    74:6c:0f:47:fe:73:9e:99:85:36:f7:3f:ff:5f:29:
                    53:f6:c0:00:54:d6:6a:45:e0:0d:f2:de:18:dc:28:
                    ab:25:3b:19:cc:5f:6e:aa:3c:b4:ef:82:fb:00:0d:
                    8f:c8:db:bc:d8:25:39:64:62:b2:1a:ff:7e:e9:32:
                    37:f7:e6:cd:00:7a:30:bf:9e:4a:97:fd:96:7f:79:
                    28:b1:79:d5:a2:50:20:dc:17:38:fd:f9:62:4a:e1:
                    0d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:4A:BC:B9:D6:FD:AC:62:59:6D:3C:24:13:23:E5:1E:52:2B:DD:BF
            X509v3 Authority Key Identifier:
                keyid:D0:55:E0:B8:6F:3F:51:25:05:48:63:CF:92:64:E6:34:6E:09:BB:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0FXguG8_USUFSGPPkmTmNG4Ju7c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/LEq8udb9rGJZbTwkEyPlHlIr3b8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/1cba9f-cd6e-4d12-a78d-f98c7fec194e/1/0FXguG8_USUFSGPPkmTmNG4Ju7c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.14.56.0/24
                  37.156.180.0/23
                  85.204.69.0/24
                  86.105.228.0/24
                  86.107.43.0/24
                  86.107.78.0/23
                  89.37.29.0/24
                  89.39.209.0/24
                  89.40.32.0/23
                  89.42.13.0/24
                  89.44.105.0/24
                  93.113.54.0/23
                  93.114.248.0/24
                  93.119.122.0/24
                  176.126.172.0/24
                  185.146.84.0/22
                  188.212.127.0/24
                  188.212.252.0/24
                  188.212.255.0/24
                  188.214.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:fb:f3:f5:e0:3a:e2:cb:15:ba:8e:58:4b:34:34:66:8a:81:
         4d:e9:e2:71:d5:f2:c4:d5:f1:b9:48:dc:02:95:59:3f:1c:b6:
         1f:0a:ba:5f:1f:0e:d8:c6:b0:6e:28:0b:ae:e8:7a:cd:21:cb:
         82:57:45:4f:22:06:f1:e3:e8:18:85:b2:5f:05:62:92:60:b8:
         5f:c6:a4:bf:10:0b:ec:a0:30:bd:1c:43:b7:1a:3e:b6:d9:82:
         32:8b:d1:be:eb:cd:a3:9f:90:f9:48:04:41:31:7a:1a:a3:ca:
         94:d3:c9:47:71:3b:1d:fe:f1:52:bc:c9:b4:8a:06:2e:36:f9:
         6f:28:86:c7:7d:1f:bb:4f:95:b2:5b:1b:6c:bd:07:02:72:b8:
         2b:49:07:91:c2:6c:ca:0d:b6:95:6f:41:7c:66:7a:64:d9:9e:
         4f:54:83:8f:30:35:7d:8c:a4:e7:8d:d6:06:b1:2e:0b:40:b9:
         48:8e:13:98:28:b3:3f:b2:ca:5e:72:ae:31:a6:b8:ec:67:e4:
         6d:3a:2c:cd:26:66:b1:86:3f:87:aa:11:0b:e5:f4:0e:b6:50:
         06:2f:98:e9:2e:fd:1b:a1:bf:22:04:c7:3b:27:9b:14:1d:03:
         c6:2b:06:d2:03:9e:84:b9:95:78:a0:1b:54:aa:b8:8f:b5:5a:
         11:83:a8:3e
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYYMUwPAr887HScMWc65ILyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNTVlMGI4NmYzZjUxMjUwNTQ4NjNjZjkyNjRlNjM0NmUw
OWJiYjcwHhcNMjMwMjAxMDkzMzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzRhYmNiOWQ2ZmRhYzYyNTk2ZDNjMjQxMzIzZTUxZTUyMmJkZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBAO28s1CRTmtzcXWqc2aG5g6XKZ
FDFR4uGqcTDE7mFjmgymSHRZ+YcBPP1D/zeikM8yKIERc6uQkvN8+27UHqiJniK7
ouOe1AlzBtjvIcQX2CAOfBbUzNdoVdz9PeplH7ve/ST/N3rtu5zf/SO1nDKHmYsU
msRr2Si5NQgO7HNSNw7lmVg4GsekgzTx4KpcwMib8V20UObgw655fvbI1aGn4J10
bA9H/nOemYU29z//XylT9sAAVNZqReAN8t4Y3CirJTsZzF9uqjy074L7AA2PyNu8
2CU5ZGKyGv9+6TI39+bNAHowv55Kl/2Wf3kosXnVolAg3Bc4/fliSuENPQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFCxKvLnW/axiWW08JBMj5R5SK92/MB8GA1UdIwQY
MBaAFNBV4LhvP1ElBUhjz5Jk5jRuCbu3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEZYZ3VHOF9VU1VGU0dQUGttVG1ORzRKdTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xY2JhOWYtY2Q2ZS00ZDEyLWE3OGQt
Zjk4YzdmZWMxOTRlLzEvTEVxOHVkYjlyR0paYlR3a0V5UGxIbElyM2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8xY2JhOWYtY2Q2ZS00ZDEyLWE3OGQtZjk4YzdmZWMxOTRl
LzEvMEZYZ3VHOF9VU1VGU0dQUGttVG1ORzRKdTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAHw44
AwQBJZy0AwQAVcxFAwQAVmnkAwQAVmsrAwQBVmtOAwQAWSUdAwQAWSfRAwQBWSgg
AwQAWSoNAwQAWSxpAwQBXXE2AwQAXXL4AwQAXXd6AwQAsH6sAwQCuZJUAwQAvNR/
AwQAvNT8AwQAvNT/AwQAvNbWMA0GCSqGSIb3DQEBCwUAA4IBAQCm+/P14DriyxW6
jlhLNDRmioFN6eJx1fLE1fG5SNwClVk/HLYfCrpfHw7YxrBuKAuu6HrNIcuCV0VP
Igbx4+gYhbJfBWKSYLhfxqS/EAvsoDC9HEO3Gj622YIyi9G+682jn5D5SARBMXoa
o8qU08lHcTsd/vFSvMm0igYuNvlvKIbHfR+7T5WyWxtsvQcCcrgrSQeRwmzKDbaV
b0F8Znpk2Z5PVIOPMDV9jKTnjdYGsS4LQLlIjhOYKLM/sspecq4xprjsZ+RtOizN
Jmaxhj+HqhEL5fQOtlAGL5jpLv0bob8iBMc7J5sUHQPGKwbSA56EuZV4oBtUqriP
tVoRg6g+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:33 2024 by rpki-client on console-fra.rpki-client.org