Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/g5z6hJUSUDv2J-b37VfVDoiHXnk.roa
File:                     g5z6hJUSUDv2J-b37VfVDoiHXnk.roa (raw, json)
Hash identifier:          powUo4cf+Lxh8P+LMyX89sg/EOE/ufRdDK7YY4XcI30=
Subject key identifier:   83:9C:FA:84:95:12:50:3B:F6:27:E6:F7:ED:57:D5:0E:88:87:5E:79
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       018F614B5161F28DDC6A68993DB6FA9D7513
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/g5z6hJUSUDv2J-b37VfVDoiHXnk.roa
Signing time:             Fri 10 May 2024 06:57:56 +0000
ROA not before:           Fri 10 May 2024 06:57:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12716
IP address blocks:        37.63.0.0/20 maxlen: 20
                          37.63.16.0/22 maxlen: 22
                          37.63.20.0/22 maxlen: 24
                          37.63.24.0/22 maxlen: 22
                          37.63.28.0/22 maxlen: 24
                          37.63.32.0/22 maxlen: 24
                          37.63.96.0/22 maxlen: 22
                          62.204.154.0/23 maxlen: 23
                          83.97.30.0/24 maxlen: 24
                          84.252.40.0/23 maxlen: 23
                          85.118.64.0/22 maxlen: 22
                          85.118.68.0/23 maxlen: 24
                          85.118.70.0/24 maxlen: 24
                          85.118.71.0/24 maxlen: 24
                          85.118.72.0/23 maxlen: 23
                          85.118.74.0/24 maxlen: 24
                          85.118.76.0/22 maxlen: 22
                          85.118.80.0/22 maxlen: 22
                          85.118.84.0/24 maxlen: 24
                          85.118.92.0/24 maxlen: 24
                          85.118.93.0/24 maxlen: 24
                          89.215.62.0/23 maxlen: 23
                          151.251.44.0/22 maxlen: 22
                          151.251.68.0/22 maxlen: 22
                          151.251.121.0/24 maxlen: 24
                          151.251.126.0/23 maxlen: 23
                          151.251.192.0/22 maxlen: 22
                          151.251.238.0/24 maxlen: 24
                          151.251.239.0/24 maxlen: 24
                          151.251.240.0/20 maxlen: 20
                          176.222.0.0/20 maxlen: 24
                          185.151.156.0/22 maxlen: 22
                          185.224.160.0/23 maxlen: 23
                          212.104.116.0/22 maxlen: 24
                          213.226.17.0/24 maxlen: 24
                          213.226.19.0/24 maxlen: 24
                          213.226.36.0/24 maxlen: 24
                          213.226.40.0/24 maxlen: 24
                          213.226.51.0/24 maxlen: 24
                          213.226.56.0/24 maxlen: 24
                          213.226.57.0/24 maxlen: 24
                          213.226.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 May 2024 07:56:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:61:4b:51:61:f2:8d:dc:6a:68:99:3d:b6:fa:9d:75:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: May 10 06:57:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=839cfa849512503bf627e6f7ed57d50e88875e79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f8:d0:4d:0c:33:da:c4:f5:55:d9:f7:20:3e:
                    46:c0:6c:71:38:df:e3:4e:2a:f0:2e:79:a4:ce:87:
                    27:1e:bd:4b:2c:3d:3d:9b:1e:3c:c4:84:7b:2f:44:
                    35:e4:d5:a5:49:75:29:ba:17:e7:2f:51:bc:7a:23:
                    dc:33:0d:69:b5:4a:d3:c0:83:e3:34:af:09:ba:8b:
                    30:52:33:b3:07:eb:b0:95:5c:bb:5a:30:71:b2:e3:
                    94:b9:4c:4e:1f:f9:06:74:21:39:b3:e8:b5:e1:48:
                    5c:c3:36:a8:5d:72:95:b3:c2:5d:36:2d:2b:6e:3e:
                    ca:19:14:e5:cb:08:27:84:db:74:13:76:d3:9d:11:
                    fc:a0:31:17:72:6e:f8:20:d2:b0:9e:7e:4c:aa:cb:
                    a4:d3:f5:02:8c:48:3c:9d:89:fd:a5:e3:da:20:2d:
                    65:2a:80:57:3e:13:e9:46:7a:b3:d8:33:1b:9e:9b:
                    30:db:b3:e7:a3:8a:e5:c2:bc:2a:91:3a:ef:5f:00:
                    7e:46:57:5f:2b:5c:1b:04:32:4c:6a:f5:61:6c:38:
                    34:ce:72:2d:ad:61:f2:9b:58:0e:9e:4e:1e:91:89:
                    ec:aa:29:cb:25:85:10:3b:84:91:58:19:59:75:de:
                    b5:24:ea:06:96:47:41:1d:99:79:84:9b:04:92:a5:
                    42:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:9C:FA:84:95:12:50:3B:F6:27:E6:F7:ED:57:D5:0E:88:87:5E:79
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/g5z6hJUSUDv2J-b37VfVDoiHXnk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.63.0.0-37.63.35.255
                  37.63.96.0/22
                  62.204.154.0/23
                  83.97.30.0/24
                  84.252.40.0/23
                  85.118.64.0-85.118.74.255
                  85.118.76.0-85.118.84.255
                  85.118.92.0/23
                  89.215.62.0/23
                  151.251.44.0/22
                  151.251.68.0/22
                  151.251.121.0/24
                  151.251.126.0/23
                  151.251.192.0/22
                  151.251.238.0-151.251.255.255
                  176.222.0.0/20
                  185.151.156.0/22
                  185.224.160.0/23
                  212.104.116.0/22
                  213.226.17.0/24
                  213.226.19.0/24
                  213.226.36.0/24
                  213.226.40.0/24
                  213.226.51.0/24
                  213.226.56.0/23
                  213.226.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:e3:78:16:05:6b:20:2b:bf:72:c0:b3:c5:27:c6:05:db:06:
         96:f3:e9:08:74:62:36:c4:36:0b:b5:9a:c4:d7:7d:9f:4a:b5:
         46:cc:f6:67:ab:e5:76:c2:2d:e2:1a:c9:b8:13:c7:c9:b3:f1:
         60:54:4b:6f:23:19:9d:1e:b4:c0:ce:44:b0:af:57:3a:81:2c:
         fc:74:bf:ea:77:1d:a1:4d:82:80:93:25:9c:ba:87:5a:e7:0a:
         1c:6b:73:4a:6f:5e:a3:56:34:6d:e6:97:b8:fc:c1:0a:87:66:
         c1:cc:80:93:29:8d:1d:a7:b8:4a:f3:09:d1:c7:61:c7:fc:81:
         d1:fd:d6:75:1b:a4:ab:1b:db:9f:37:d9:b8:97:02:07:08:d9:
         c6:70:e8:97:e4:0d:fc:98:23:bb:16:d7:44:b0:a4:c4:1f:46:
         63:65:6b:fe:63:10:55:54:93:de:3a:6c:66:af:ec:9e:bc:d5:
         d3:66:be:77:16:c4:9a:ee:75:73:44:98:88:5f:b4:45:24:13:
         1f:46:15:a6:e0:56:4d:d3:06:e6:66:7b:57:1c:ef:75:80:9e:
         06:68:15:b7:df:71:61:d5:66:9f:05:7c:24:bf:ce:09:ed:5d:
         ac:22:52:9e:e7:07:59:6f:f8:2b:cc:e6:98:b2:48:ca:f2:76:
         e5:97:8e:d1
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAY9hS1Fh8o3camiZPbb6nXUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwNTEwMDY1NzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzljZmE4NDk1MTI1MDNiZjYyN2U2ZjdlZDU3ZDUwZTg4ODc1ZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvjQTQwz2sT1Vdn3ID5GwGxxON/j
TirwLnmkzocnHr1LLD09mx48xIR7L0Q15NWlSXUpuhfnL1G8eiPcMw1ptUrTwIPj
NK8JuoswUjOzB+uwlVy7WjBxsuOUuUxOH/kGdCE5s+i14UhcwzaoXXKVs8JdNi0r
bj7KGRTlywgnhNt0E3bTnRH8oDEXcm74INKwnn5Mqsuk0/UCjEg8nYn9pePaIC1l
KoBXPhPpRnqz2DMbnpsw27Pno4rlwrwqkTrvXwB+RldfK1wbBDJMavVhbDg0znIt
rWHym1gOnk4ekYnsqinLJYUQO4SRWBlZdd61JOoGlkdBHZl5hJsEkqVCMQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFIOc+oSVElA79ifm9+1X1Q6Ih155MB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvZzV6NmhKVVNVRHYySi1iMzdWZlZEb2lIWG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgbowCwMD
ACU/AwQCJT8gAwQCJT9gAwQBPsyaAwQAU2EeAwQBVPwoMAwDBAZVdkADBABVdkow
DAMEAlV2TAMEAFV2VAMEAVV2XAMEAVnXPgMEApf7LAMEApf7RAMEAJf7eQMEAZf7
fgMEApf7wDALAwQBl/vuAwMCl/gDBASw3gADBAK5l5wDBAG54KADBALUaHQDBADV
4hEDBADV4hMDBADV4iQDBADV4igDBADV4jMDBAHV4jgDBADV4jswDQYJKoZIhvcN
AQELBQADggEBAFPjeBYFayArv3LAs8UnxgXbBpbz6Qh0YjbENgu1msTXfZ9KtUbM
9mer5XbCLeIaybgTx8mz8WBUS28jGZ0etMDORLCvVzqBLPx0v+p3HaFNgoCTJZy6
h1rnChxrc0pvXqNWNG3ml7j8wQqHZsHMgJMpjR2nuErzCdHHYcf8gdH91nUbpKsb
25832biXAgcI2cZw6JfkDfyYI7sW10SwpMQfRmNla/5jEFVUk946bGav7J681dNm
vncWxJrudXNEmIhftEUkEx9GFabgVk3TBuZme1cc73WAngZoFbffcWHVZp8FfCS/
zgntXawiUp7nB1lv+CvM5piySMryduWXjtE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:52 2024 by rpki-client on console-ams.rpki-client.org