Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/LWgUzXpqRtED8WRZmzcNp2itL7g.roa
File:                     LWgUzXpqRtED8WRZmzcNp2itL7g.roa (raw, json)
Hash identifier:          1UyoHKi7d+l08utmtIZQALE6E2LHTE1pu0BhBQUkKXY=
Subject key identifier:   2D:68:14:CD:7A:6A:46:D1:03:F1:64:59:9B:37:0D:A7:68:AD:2F:B8
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       018B228BEAD78A7BB358FA84650EEAF82C52
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/LWgUzXpqRtED8WRZmzcNp2itL7g.roa
Signing time:             Thu 12 Oct 2023 06:21:16 +0000
ROA not before:           Thu 12 Oct 2023 06:21:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12716
IP address blocks:        37.63.97.0/24 maxlen: 24
                          37.63.98.0/24 maxlen: 24
                          151.251.254.0/24 maxlen: 24
                          37.63.96.0/24 maxlen: 24
                          151.251.255.0/24 maxlen: 24
                          37.63.99.0/24 maxlen: 24
                          83.97.30.0/24 maxlen: 24
                          84.252.40.0/23 maxlen: 23
                          151.251.240.0/24 maxlen: 24
                          151.251.238.0/24 maxlen: 24
                          151.251.239.0/24 maxlen: 24
                          151.251.245.0/24 maxlen: 24
                          151.251.240.0/20 maxlen: 20
                          151.251.243.0/24 maxlen: 24
                          151.251.246.0/24 maxlen: 24
                          151.251.241.0/24 maxlen: 24
                          151.251.244.0/24 maxlen: 24
                          151.251.242.0/24 maxlen: 24
                          151.251.253.0/24 maxlen: 24
                          151.251.248.0/24 maxlen: 24
                          151.251.251.0/24 maxlen: 24
                          151.251.249.0/24 maxlen: 24
                          151.251.252.0/24 maxlen: 24
                          151.251.247.0/24 maxlen: 24
                          151.251.250.0/24 maxlen: 24
                          89.215.62.0/23 maxlen: 23
                          151.251.44.0/22 maxlen: 22
                          151.251.68.0/22 maxlen: 22
                          185.224.160.0/23 maxlen: 23
                          37.63.0.0/20 maxlen: 20
                          37.63.16.0/22 maxlen: 22
                          37.63.20.0/22 maxlen: 24
                          37.63.24.0/22 maxlen: 22
                          151.251.192.0/22 maxlen: 22
                          37.63.28.0/22 maxlen: 24
                          62.204.154.0/23 maxlen: 23
                          151.251.121.0/24 maxlen: 24
                          151.251.126.0/23 maxlen: 23
                          85.118.64.0/22 maxlen: 22
                          85.118.71.0/24 maxlen: 24
                          85.118.68.0/23 maxlen: 24
                          213.226.17.0/24 maxlen: 24
                          85.118.70.0/24 maxlen: 24
                          85.118.76.0/22 maxlen: 22
                          85.118.74.0/24 maxlen: 24
                          85.118.72.0/23 maxlen: 23
                          213.226.19.0/24 maxlen: 24
                          185.151.156.0/22 maxlen: 22
                          85.118.80.0/22 maxlen: 22
                          213.226.36.0/24 maxlen: 24
                          85.118.92.0/24 maxlen: 24
                          85.118.93.0/24 maxlen: 24
                          213.226.40.0/24 maxlen: 24
                          213.226.51.0/24 maxlen: 24
                          213.226.57.0/24 maxlen: 24
                          213.226.56.0/24 maxlen: 24
                          213.226.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:22:8b:ea:d7:8a:7b:b3:58:fa:84:65:0e:ea:f8:2c:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Oct 12 06:21:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2d6814cd7a6a46d103f164599b370da768ad2fb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:eb:06:d7:da:e1:1b:ce:21:16:4f:ab:55:bc:
                    6d:d6:fa:81:4a:e2:a8:ce:4c:ba:87:50:ff:53:40:
                    9f:8b:af:65:72:1e:14:69:56:24:d0:d0:d1:bd:c2:
                    d6:c8:3e:90:75:ed:fa:67:f1:71:ef:70:05:0c:cb:
                    a4:78:4c:35:2a:d3:0a:39:bb:55:b6:26:01:0e:b4:
                    10:37:36:32:43:99:e4:e2:ee:26:f0:ce:b0:a2:49:
                    4f:9f:a8:79:c4:9e:ea:ab:9a:aa:af:76:ef:79:e3:
                    e5:29:7d:09:de:b9:07:0e:71:4e:d1:78:17:2b:a7:
                    e2:c8:80:c2:18:84:5b:cb:a7:d5:85:64:37:16:7e:
                    86:6c:9d:93:94:08:3e:74:47:36:a5:f4:a1:98:a1:
                    97:26:a7:dc:7f:ff:56:1c:12:bd:c5:f8:5b:ca:73:
                    e5:b0:57:36:66:e5:c5:79:88:11:a4:60:07:ed:51:
                    a6:21:c4:66:69:08:e9:84:87:32:7b:0d:05:b4:62:
                    76:31:59:2d:49:e5:c0:1c:c6:c3:dd:49:37:0e:05:
                    ee:3b:df:40:ce:ae:2b:27:b9:cc:0c:eb:51:55:ff:
                    af:5b:a3:e8:5f:4a:55:db:9e:2b:fa:53:36:c3:b2:
                    9d:8d:b4:af:f2:b6:ee:2c:89:e6:fc:3c:68:37:3a:
                    de:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:68:14:CD:7A:6A:46:D1:03:F1:64:59:9B:37:0D:A7:68:AD:2F:B8
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/LWgUzXpqRtED8WRZmzcNp2itL7g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.63.0.0/19
                  37.63.96.0/22
                  62.204.154.0/23
                  83.97.30.0/24
                  84.252.40.0/23
                  85.118.64.0-85.118.74.255
                  85.118.76.0-85.118.83.255
                  85.118.92.0/23
                  89.215.62.0/23
                  151.251.44.0/22
                  151.251.68.0/22
                  151.251.121.0/24
                  151.251.126.0/23
                  151.251.192.0/22
                  151.251.238.0-151.251.255.255
                  185.151.156.0/22
                  185.224.160.0/23
                  213.226.17.0/24
                  213.226.19.0/24
                  213.226.36.0/24
                  213.226.40.0/24
                  213.226.51.0/24
                  213.226.56.0/23
                  213.226.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:41:3b:e1:ae:45:63:20:df:84:2d:c5:6e:fa:de:53:c9:8f:
         3d:27:de:c4:84:f5:8e:03:24:56:b5:1b:27:18:21:d1:32:87:
         99:cb:01:0f:88:3d:02:a6:3d:2a:b7:4c:03:9e:85:49:80:6e:
         93:a2:2e:ad:fe:3f:1a:d8:4a:0d:e5:39:ef:1a:a6:5f:a0:23:
         04:49:f6:61:b9:94:b5:0d:31:a6:59:c3:7f:88:e2:31:cc:84:
         17:96:70:56:27:3c:0a:64:e1:2e:53:71:94:fd:75:2f:8d:7c:
         00:c1:cc:ce:7c:1c:30:d9:83:78:06:12:16:ec:2a:bb:f8:45:
         6d:84:3f:c8:90:5f:91:af:6a:98:da:f9:3c:79:df:37:59:60:
         fa:09:68:e7:77:57:97:13:86:f0:60:1a:56:f2:ac:bb:49:59:
         f4:16:ee:86:85:6a:f1:61:4d:d8:ea:e5:9d:f1:5f:ca:fe:99:
         b1:f4:b4:53:ba:7e:cc:87:c5:c3:16:a4:3b:53:5c:b8:4a:06:
         a4:0d:dc:50:82:98:a2:37:00:fd:c0:e1:15:2c:8e:26:75:75:
         ec:86:d4:ff:02:3a:02:d2:ae:05:72:4d:89:3b:77:47:d3:db:
         9f:85:dc:6a:99:01:26:78:fa:6c:6a:df:1d:e1:ae:60:26:b1:
         05:7a:12:cc
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYsii+rXinuzWPqEZQ7q+CxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjMxMDEyMDYyMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDY4MTRjZDdhNmE0NmQxMDNmMTY0NTk5YjM3MGRhNzY4YWQyZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkesG19rhG84hFk+rVbxt1vqBSuKo
zky6h1D/U0Cfi69lch4UaVYk0NDRvcLWyD6Qde36Z/Fx73AFDMukeEw1KtMKObtV
tiYBDrQQNzYyQ5nk4u4m8M6woklPn6h5xJ7qq5qqr3bveePlKX0J3rkHDnFO0XgX
K6fiyIDCGIRby6fVhWQ3Fn6GbJ2TlAg+dEc2pfShmKGXJqfcf/9WHBK9xfhbynPl
sFc2ZuXFeYgRpGAH7VGmIcRmaQjphIcyew0FtGJ2MVktSeXAHMbD3Uk3DgXuO99A
zq4rJ7nMDOtRVf+vW6PoX0pV254r+lM2w7KdjbSv8rbuLInm/DxoNzredQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFC1oFM16akbRA/FkWZs3DadorS+4MB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvTFdnVXpYcHFSdEVEOFdSWm16Y05wMml0TDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBrgQCAAEwgacDBAUl
PwADBAIlP2ADBAE+zJoDBABTYR4DBAFU/CgwDAMEBlV2QAMEAFV2SjAMAwQCVXZM
AwQCVXZQAwQBVXZcAwQBWdc+AwQCl/ssAwQCl/tEAwQAl/t5AwQBl/t+AwQCl/vA
MAsDBAGX++4DAwKX+AMEArmXnAMEAbngoAMEANXiEQMEANXiEwMEANXiJAMEANXi
KAMEANXiMwMEAdXiOAMEANXiOzANBgkqhkiG9w0BAQsFAAOCAQEAE0E74a5FYyDf
hC3FbvreU8mPPSfexIT1jgMkVrUbJxgh0TKHmcsBD4g9AqY9KrdMA56FSYBuk6Iu
rf4/GthKDeU57xqmX6AjBEn2YbmUtQ0xplnDf4jiMcyEF5ZwVic8CmThLlNxlP11
L418AMHMznwcMNmDeAYSFuwqu/hFbYQ/yJBfka9qmNr5PHnfN1lg+glo53dXlxOG
8GAaVvKsu0lZ9BbuhoVq8WFN2OrlnfFfyv6ZsfS0U7p+zIfFwxakO1NcuEoGpA3c
UIKYojcA/cDhFSyOJnV17IbU/wI6AtKuBXJNiTt3R9Pbn4XcapkBJnj6bGrfHeGu
YCaxBXoSzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:06 2024 by rpki-client on console-fra.rpki-client.org