Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/xGw0xukixZtXsjCwi3h5DpZr61U.roa
File:                     xGw0xukixZtXsjCwi3h5DpZr61U.roa (raw, json)
Hash identifier:          ObEQ9e11pZRfQJu/IjnsWpIavpM+tJYqRF8yg6C3qNA=
Subject key identifier:   C4:6C:34:C6:E9:22:C5:9B:57:B2:30:B0:8B:78:79:0E:96:6B:EB:55
Certificate issuer:       /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial:       018F5F6AA98501365B9964DA272C785B9AEE
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/xGw0xukixZtXsjCwi3h5DpZr61U.roa
Signing time:             Thu 09 May 2024 22:12:56 +0000
ROA not before:           Thu 09 May 2024 22:12:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60976
IP address blocks:        31.214.168.0/21 maxlen: 21
                          31.214.168.0/24 maxlen: 24
                          31.214.169.0/24 maxlen: 24
                          31.214.170.0/24 maxlen: 24
                          31.214.171.0/24 maxlen: 24
                          31.214.172.0/24 maxlen: 24
                          31.214.173.0/24 maxlen: 24
                          31.214.174.0/24 maxlen: 24
                          31.214.175.0/24 maxlen: 24
                          31.214.248.0/21 maxlen: 21
                          31.214.248.0/24 maxlen: 24
                          31.214.249.0/24 maxlen: 24
                          31.214.250.0/24 maxlen: 24
                          31.214.251.0/24 maxlen: 24
                          31.214.252.0/24 maxlen: 24
                          31.214.253.0/24 maxlen: 24
                          31.214.254.0/24 maxlen: 24
                          31.214.255.0/24 maxlen: 24
                          37.10.109.0/24 maxlen: 24
                          37.228.136.0/22 maxlen: 22
                          37.228.136.0/24 maxlen: 24
                          37.228.137.0/24 maxlen: 24
                          37.228.138.0/24 maxlen: 24
                          37.228.139.0/24 maxlen: 24
                          82.99.215.0/24 maxlen: 24
                          82.99.216.0/22 maxlen: 22
                          82.99.216.0/24 maxlen: 24
                          82.99.217.0/24 maxlen: 24
                          82.99.218.0/24 maxlen: 24
                          82.99.219.0/24 maxlen: 24
                          82.99.238.0/24 maxlen: 24
                          82.99.242.0/24 maxlen: 24
                          82.99.243.0/24 maxlen: 24
                          82.99.244.0/24 maxlen: 24
                          95.156.236.0/24 maxlen: 24
                          95.156.237.0/24 maxlen: 24
                          95.156.252.0/22 maxlen: 22
                          95.156.252.0/24 maxlen: 24
                          95.156.253.0/24 maxlen: 24
                          95.156.254.0/24 maxlen: 24
                          95.156.255.0/24 maxlen: 24
                          109.230.200.0/24 maxlen: 24
                          109.230.204.0/22 maxlen: 22
                          109.230.204.0/24 maxlen: 24
                          109.230.205.0/24 maxlen: 24
                          109.230.206.0/24 maxlen: 24
                          109.230.207.0/24 maxlen: 24
                          109.230.221.0/24 maxlen: 24
                          109.230.223.0/24 maxlen: 24
                          109.230.242.0/24 maxlen: 24
                          134.255.200.0/21 maxlen: 21
                          134.255.200.0/24 maxlen: 24
                          134.255.201.0/24 maxlen: 24
                          134.255.202.0/24 maxlen: 24
                          134.255.203.0/24 maxlen: 24
                          134.255.204.0/24 maxlen: 24
                          134.255.205.0/24 maxlen: 24
                          134.255.206.0/24 maxlen: 24
                          134.255.207.0/24 maxlen: 24
                          185.13.228.0/22 maxlen: 22
                          185.13.228.0/24 maxlen: 24
                          185.13.229.0/24 maxlen: 24
                          185.13.230.0/24 maxlen: 24
                          185.13.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Jul 2024 11:05:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:5f:6a:a9:85:01:36:5b:99:64:da:27:2c:78:5b:9a:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
        Validity
            Not Before: May  9 22:12:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c46c34c6e922c59b57b230b08b78790e966beb55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:f5:e9:db:b2:44:31:ee:95:93:60:ca:f1:da:
                    dd:10:ef:a2:cf:e0:bb:be:d5:54:2e:ea:de:a7:c4:
                    dc:d2:c6:4e:21:07:a8:d5:4f:77:22:d7:9e:c5:ae:
                    f3:2f:39:fa:aa:eb:0f:d9:e9:2e:e1:fb:c8:78:18:
                    de:40:a6:1e:ab:6f:a2:d5:d9:9e:5f:06:19:95:c5:
                    a8:15:88:f1:96:6d:e7:81:f9:5e:9d:9b:91:2e:85:
                    d0:13:4a:9c:67:a3:95:12:26:ec:aa:89:e9:2f:d4:
                    7a:56:1b:f7:80:28:58:16:39:3d:c3:69:eb:67:b4:
                    0b:86:d1:38:e2:f8:c8:3c:8c:c1:ed:6d:ab:b4:eb:
                    ad:23:b5:43:3e:e8:6e:d0:df:da:17:89:95:a5:5c:
                    1c:ea:05:1e:bc:34:f1:e2:f8:f1:08:d1:9c:af:84:
                    46:f8:fb:c1:17:2c:15:33:65:85:45:c6:6e:1f:a0:
                    7d:fa:0a:c6:a7:9b:56:46:53:c3:5b:90:7d:48:28:
                    ab:32:74:51:3e:04:b2:57:5a:92:2a:b5:21:25:a0:
                    31:e3:4e:eb:b6:8a:de:ae:ce:de:d6:13:95:e9:be:
                    61:bf:28:b0:78:ab:bc:db:03:7a:6f:f2:e7:dc:8e:
                    a3:d9:4f:a3:d0:fd:d6:f4:8a:d5:da:d5:3b:f7:91:
                    bd:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:6C:34:C6:E9:22:C5:9B:57:B2:30:B0:8B:78:79:0E:96:6B:EB:55
            X509v3 Authority Key Identifier:
                keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/xGw0xukixZtXsjCwi3h5DpZr61U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.214.168.0/21
                  31.214.248.0/21
                  37.10.109.0/24
                  37.228.136.0/22
                  82.99.215.0-82.99.219.255
                  82.99.238.0/24
                  82.99.242.0-82.99.244.255
                  95.156.236.0/23
                  95.156.252.0/22
                  109.230.200.0/24
                  109.230.204.0/22
                  109.230.221.0/24
                  109.230.223.0/24
                  109.230.242.0/24
                  134.255.200.0/21
                  185.13.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3e:6f:87:49:81:5d:c6:db:54:51:b9:e2:0e:b3:31:44:64:10:
         45:06:d7:24:99:1d:62:24:ec:9c:23:c4:96:98:a4:7c:da:1d:
         36:90:c2:b9:2b:af:aa:66:55:b6:43:6d:ec:ae:1b:8f:c6:31:
         4e:b4:1a:08:5a:33:68:27:d3:d9:7f:71:9d:68:02:95:a3:01:
         0b:70:1c:67:8b:9d:60:72:4a:14:3b:af:ee:90:02:f8:f3:02:
         54:8f:b7:01:a4:b7:0b:5a:f4:e3:0f:3a:99:0c:67:bf:8b:59:
         9f:64:2a:d3:4f:76:18:b0:4d:90:f9:93:dd:17:0d:a4:ff:c7:
         68:b8:80:58:70:f3:f5:d3:ea:44:b6:2f:19:a9:b8:c0:ab:41:
         7f:89:91:f4:13:c6:ec:15:9a:c1:5c:ac:b1:2b:ae:b0:9e:ba:
         96:14:9f:03:bb:80:0a:52:71:23:05:1f:f9:d0:e4:4a:01:4a:
         82:0e:75:ae:af:27:99:34:fc:f6:78:f2:4d:0c:b9:fe:4d:1c:
         c8:ba:c1:5a:cf:62:2a:8f:63:92:08:06:11:67:65:8a:01:09:
         3c:1d:95:a5:68:7f:51:c8:0c:45:89:8e:2e:0b:b2:0e:f9:22:
         20:42:18:9e:da:ed:d2:4c:a2:69:5e:d1:3c:30:45:e6:dd:a4:
         f5:e7:e2:e1
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAY9faqmFATZbmWTaJyx4W5ruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjQwNTA5MjIxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDZjMzRjNmU5MjJjNTliNTdiMjMwYjA4Yjc4NzkwZTk2NmJlYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofXp27JEMe6Vk2DK8drdEO+iz+C7
vtVULurep8Tc0sZOIQeo1U93Iteexa7zLzn6qusP2eku4fvIeBjeQKYeq2+i1dme
XwYZlcWoFYjxlm3ngflenZuRLoXQE0qcZ6OVEibsqonpL9R6Vhv3gChYFjk9w2nr
Z7QLhtE44vjIPIzB7W2rtOutI7VDPuhu0N/aF4mVpVwc6gUevDTx4vjxCNGcr4RG
+PvBFywVM2WFRcZuH6B9+grGp5tWRlPDW5B9SCirMnRRPgSyV1qSKrUhJaAx407r
torers7e1hOV6b5hvyiweKu82wN6b/Ln3I6j2U+j0P3W9IrV2tU795G9qwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFMRsNMbpIsWbV7IwsIt4eQ6Wa+tVMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEveEd3MHh1a2l4WnRYc2pDd2kzaDVEcFpyNjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAx/WqAME
Ax/W+AMEACUKbQMEAiXkiDAMAwQAUmPXAwQCUmPYAwQAUmPuMAwDBAFSY/IDBABS
Y/QDBAFfnOwDBAJfnPwDBABt5sgDBAJt5swDBABt5t0DBABt5t8DBABt5vIDBAOG
/8gDBAK5DeQwDQYJKoZIhvcNAQELBQADggEBAD5vh0mBXcbbVFG54g6zMURkEEUG
1ySZHWIk7JwjxJaYpHzaHTaQwrkrr6pmVbZDbeyuG4/GMU60GghaM2gn09l/cZ1o
ApWjAQtwHGeLnWByShQ7r+6QAvjzAlSPtwGktwta9OMPOpkMZ7+LWZ9kKtNPdhiw
TZD5k90XDaT/x2i4gFhw8/XT6kS2LxmpuMCrQX+JkfQTxuwVmsFcrLErrrCeupYU
nwO7gApScSMFH/nQ5EoBSoIOda6vJ5k0/PZ48k0Muf5NHMi6wVrPYiqPY5IIBhFn
ZYoBCTwdlaVof1HIDEWJji4Lsg75IiBCGJ7a7dJMomle0TwwRebdpPXn4uE=
-----END CERTIFICATE-----
Generated at Sat Jul 6 12:08:29 2024 by rpki-client on console-fra.rpki-client.org