Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ll2YZnfmjZu1AKOtfa48_dOG9GM.roa
File:                     ll2YZnfmjZu1AKOtfa48_dOG9GM.roa (raw, json)
Hash identifier:          oKRhhKbDnX/FF1SLdaQMnxnbLLJOl59sd1J9vgS1bhQ=
Subject key identifier:   96:5D:98:66:77:E6:8D:9B:B5:00:A3:AD:7D:AE:3C:FD:D3:86:F4:63
Certificate issuer:       /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial:       018B5C072DE58A93B8CCF638DEDF3CB0B44B
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ll2YZnfmjZu1AKOtfa48_dOG9GM.roa
Signing time:             Mon 23 Oct 2023 10:14:16 +0000
ROA not before:           Mon 23 Oct 2023 10:14:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34927
IP address blocks:        45.134.88.0/24 maxlen: 24
                          45.134.91.0/24 maxlen: 24
                          45.134.89.0/24 maxlen: 24
                          193.148.251.0/24 maxlen: 24
                          193.148.250.0/24 maxlen: 24
                          193.148.249.0/24 maxlen: 24
                          193.148.248.0/24 maxlen: 24
                          193.37.139.0/24 maxlen: 24
                          2a0c:9a40:1024::/48 maxlen: 48
                          2a0c:9a40:1002::/48 maxlen: 48
                          2a0c:9a44::/48 maxlen: 48
                          2a0c:9a40:1000::/44 maxlen: 48
                          2a0c:9a40:1080::/44 maxlen: 48
                          2a0c:9a40:1058::/48 maxlen: 48
                          2a0c:9a40:1::/48 maxlen: 48
                          2a0c:9a40:1001::/48 maxlen: 48
                          2a0c:9a40:1055::/48 maxlen: 48
                          2a0c:9a40:1070::/48 maxlen: 48
                          2a0c:9a40:1050::/48 maxlen: 48
                          2a0c:9a40:1054::/48 maxlen: 48
                          2a0c:9a40:1057::/48 maxlen: 48
                          2a0c:9a40:1072::/48 maxlen: 48
                          2a0c:9a40:1070::/44 maxlen: 48
                          2a0c:9a40:1090::/44 maxlen: 48
                          2a0c:9a40:1030::/44 maxlen: 48
                          2a0c:9a40:2328::/48 maxlen: 48
                          2a0c:9a40:1051::/48 maxlen: 48
                          2a0c:9a40:2d00::/40 maxlen: 48
                          2a0c:9a40:2c00::/40 maxlen: 48
                          2a0c:9a40:2500::/40 maxlen: 48
                          2a0c:9a40:2600::/40 maxlen: 48
                          2a0c:9a40:2700::/40 maxlen: 48
                          2a0c:9a40:2400::/40 maxlen: 40
                          2a0c:9a40:2100::/40 maxlen: 40
                          2a0c:9a40:2b00::/40 maxlen: 48
                          2a0c:9a40:2200::/40 maxlen: 48
                          2a0c:9a40:2800::/40 maxlen: 48
                          2a0c:9a40:2a00::/40 maxlen: 40
                          2a0c:9a40:1080::/48 maxlen: 48
                          2a0c:9a40:1060::/48 maxlen: 48
                          2a0c:9a40:2900::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 07 Dec 2023 10:54:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:5c:07:2d:e5:8a:93:b8:cc:f6:38:de:df:3c:b0:b4:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
        Validity
            Not Before: Oct 23 10:14:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=965d986677e68d9bb500a3ad7dae3cfdd386f463
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:50:55:5e:b9:2a:2e:0d:4e:b8:7d:80:58:30:
                    38:ed:79:49:55:9d:58:3d:db:ea:d0:c6:3d:a4:20:
                    bd:08:c8:3e:2c:69:3a:a2:96:85:9c:c2:81:79:86:
                    eb:61:ad:ef:4e:49:4e:24:c7:58:9d:16:df:71:54:
                    6c:a6:b5:3a:66:fa:a0:8a:47:04:db:09:18:3c:7a:
                    58:70:03:08:c4:05:1e:87:bc:ac:64:58:3c:1b:ce:
                    07:0f:2e:4d:10:71:74:52:61:dd:b7:c2:47:ab:9b:
                    7e:53:17:94:40:60:6d:f1:cc:22:09:6b:0f:78:ba:
                    f5:ce:16:93:ff:a3:4b:36:a2:f6:cc:f5:10:85:ed:
                    bf:52:f7:74:7c:59:01:0a:60:45:a6:9c:ca:60:7a:
                    fa:99:5a:ab:0d:d0:95:c5:26:92:34:81:b6:61:db:
                    0e:2c:04:f1:ea:28:40:7b:15:2f:69:b5:ff:55:13:
                    45:6a:6b:34:4c:3b:07:85:0e:9c:a6:74:51:59:e7:
                    f0:d4:da:10:65:a4:3a:e3:9f:d7:6a:ae:86:64:a7:
                    26:c2:cf:fa:29:c9:4b:a5:5a:28:59:5d:2f:82:bb:
                    1d:fe:ae:9e:b4:e9:c0:27:f2:6e:e5:48:77:84:73:
                    12:a9:98:3e:d4:28:44:d8:74:44:10:aa:33:ba:11:
                    0b:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:5D:98:66:77:E6:8D:9B:B5:00:A3:AD:7D:AE:3C:FD:D3:86:F4:63
            X509v3 Authority Key Identifier:
                keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ll2YZnfmjZu1AKOtfa48_dOG9GM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.134.88.0/23
                  45.134.91.0/24
                  193.37.139.0/24
                  193.148.248.0/22
                IPv6:
                  2a0c:9a40:1::/48
                  2a0c:9a40:1000::/44
                  2a0c:9a40:1024::/48
                  2a0c:9a40:1030::/44
                  2a0c:9a40:1050::/47
                  2a0c:9a40:1054::/47
                  2a0c:9a40:1057::-2a0c:9a40:1058:ffff:ffff:ffff:ffff:ffff
                  2a0c:9a40:1060::/48
                  2a0c:9a40:1070::-2a0c:9a40:109f:ffff:ffff:ffff:ffff:ffff
                  2a0c:9a40:2100::-2a0c:9a40:22ff:ffff:ffff:ffff:ffff:ffff
                  2a0c:9a40:2328::/48
                  2a0c:9a40:2400::-2a0c:9a40:2900:ffff:ffff:ffff:ffff:ffff
                  2a0c:9a40:2a00::-2a0c:9a40:2dff:ffff:ffff:ffff:ffff:ffff
                  2a0c:9a44::/48

    Signature Algorithm: sha256WithRSAEncryption
         6e:d0:2e:5d:57:df:08:3c:7f:e8:a6:9b:01:54:49:34:24:c5:
         f2:8d:16:88:fa:80:25:54:35:11:c9:58:8d:ed:6e:c9:ed:9e:
         10:a4:36:06:34:f0:74:22:b2:7f:14:a8:1e:03:ee:d5:61:6f:
         b4:64:1b:3b:c3:f8:4e:7b:ef:ff:dd:68:da:93:2f:5c:dc:02:
         2c:20:04:ed:d7:44:ac:42:44:91:cd:fe:51:9f:f6:52:d1:10:
         e3:b5:59:68:81:13:04:01:2b:d1:4a:f3:80:2a:6a:10:28:d1:
         bf:ea:ff:ba:10:5d:a8:8c:fe:1f:1a:09:49:f7:00:4d:18:f9:
         24:77:ce:50:f5:dc:6f:ee:ac:a6:de:f2:26:af:32:7a:87:44:
         41:84:67:68:fd:c6:6f:6c:bb:3f:69:64:ea:d8:41:6f:87:ec:
         c9:19:cc:41:d4:4a:a0:4d:63:3f:45:8f:38:99:1c:57:99:16:
         c2:35:8e:f6:80:8f:b5:d3:a9:31:62:24:59:7d:db:5f:bf:3a:
         8f:23:3a:03:06:6c:43:37:80:e8:db:65:2a:f3:bb:43:29:88:
         08:21:91:5d:b8:19:2c:24:a1:a5:5b:6f:03:1e:1a:c2:ae:77:
         b5:ec:57:55:3b:3c:00:ff:5e:5c:f6:ef:00:8e:71:e7:72:58:
         17:26:e1:bb
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAYtcBy3lipO4zPY43t88sLRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMxMDIzMTAxNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjVkOTg2Njc3ZTY4ZDliYjUwMGEzYWQ3ZGFlM2NmZGQzODZmNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FBVXrkqLg1OuH2AWDA47XlJVZ1Y
Pdvq0MY9pCC9CMg+LGk6opaFnMKBeYbrYa3vTklOJMdYnRbfcVRsprU6ZvqgikcE
2wkYPHpYcAMIxAUeh7ysZFg8G84HDy5NEHF0UmHdt8JHq5t+UxeUQGBt8cwiCWsP
eLr1zhaT/6NLNqL2zPUQhe2/Uvd0fFkBCmBFppzKYHr6mVqrDdCVxSaSNIG2YdsO
LATx6ihAexUvabX/VRNFams0TDsHhQ6cpnRRWefw1NoQZaQ645/Xaq6GZKcmws/6
KclLpVooWV0vgrsd/q6etOnAJ/Ju5Uh3hHMSqZg+1ChE2HREEKozuhELRwIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFJZdmGZ35o2btQCjrX2uPP3ThvRjMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvbGwyWVpuZm1qWnUxQUtPdGZhNDhfZE9HOUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jAeBAIAATAYAwQBLYZY
AwQALYZbAwQAwSWLAwQCwZT4MIG3BAIAAjCBsAMHACoMmkAAAQMHBCoMmkAQAAMH
ACoMmkAQJAMHBCoMmkAQMAMHASoMmkAQUAMHASoMmkAQVDASAwcAKgyaQBBXAwcA
KgyaQBBYAwcAKgyaQBBgMBIDBwQqDJpAEHADBwUqDJpAEIAwEAMGACoMmkAhAwYA
KgyaQCIDBwAqDJpAIygwEQMGAioMmkAkAwcAKgyaQCkAMBADBgEqDJpAKgMGASoM
mkAsAwcAKgyaRAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBu0C5dV98IPH/oppsBVEk0
JMXyjRaI+oAlVDURyViN7W7J7Z4QpDYGNPB0IrJ/FKgeA+7VYW+0ZBs7w/hOe+//
3Wjaky9c3AIsIATt10SsQkSRzf5Rn/ZS0RDjtVlogRMEASvRSvOAKmoQKNG/6v+6
EF2ojP4fGglJ9wBNGPkkd85Q9dxv7qym3vImrzJ6h0RBhGdo/cZvbLs/aWTq2EFv
h+zJGcxB1EqgTWM/RY84mRxXmRbCNY72gI+106kxYiRZfdtfvzqPIzoDBmxDN4Do
22Uq87tDKYgIIZFduBksJKGlW28DHhrCrne17FdVOzwA/15c9u8AjnHnclgXJuG7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:50 2024 by rpki-client on console-fra.rpki-client.org