Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/PriuBkDPSlKVa-DEFkDAoh9LLFM.roa
File:                     PriuBkDPSlKVa-DEFkDAoh9LLFM.roa (raw, json)
Hash identifier:          5g3x8W6vqLSQS0x+8ZAYFyiQTzyygxpoTR6I5JCOBj8=
Subject key identifier:   3E:B8:AE:06:40:CF:4A:52:95:6B:E0:C4:16:40:C0:A2:1F:4B:2C:53
Certificate issuer:       /CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Certificate serial:       01856FA7205679F64AD33610B32F696DB4ED
Authority key identifier: 9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/PriuBkDPSlKVa-DEFkDAoh9LLFM.roa
Signing time:             Sun 01 Jan 2023 23:25:01 +0000
ROA not before:           Sun 01 Jan 2023 23:25:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31638
IP address blocks:        93.115.170.0/23 maxlen: 23
                          89.39.224.0/20 maxlen: 21
                          188.241.190.0/23 maxlen: 24
                          46.255.80.0/21 maxlen: 24
                          89.44.206.0/24 maxlen: 24
                          5.144.184.0/21 maxlen: 24
                          89.45.95.0/24 maxlen: 24
                          37.156.148.0/22 maxlen: 23
                          89.47.32.0/23 maxlen: 24
                          86.105.179.0/24 maxlen: 24
                          188.215.44.0/22 maxlen: 23
                          86.104.6.0/24 maxlen: 24
                          89.45.24.0/21 maxlen: 21
                          89.45.24.0/24 maxlen: 24
                          89.45.26.0/24 maxlen: 24
                          89.45.25.0/24 maxlen: 24
                          89.45.27.0/24 maxlen: 24
                          176.223.164.0/24 maxlen: 24
                          188.215.65.0/24 maxlen: 24
                          37.156.96.0/22 maxlen: 23
                          89.33.232.0/24 maxlen: 24
                          94.177.18.0/23 maxlen: 23
                          93.118.37.0/24 maxlen: 24
                          195.62.160.0/19 maxlen: 20
                          89.34.6.0/24 maxlen: 24
                          89.45.216.0/22 maxlen: 23
                          188.215.248.0/24 maxlen: 24
                          188.212.153.0/24 maxlen: 24
                          188.215.247.0/24 maxlen: 24
                          188.210.239.0/24 maxlen: 24
                          37.156.168.0/22 maxlen: 23
                          185.82.168.0/22 maxlen: 23
                          185.82.170.0/24 maxlen: 24
                          185.82.169.0/24 maxlen: 24
                          185.82.171.0/24 maxlen: 24
                          188.241.4.0/23 maxlen: 24
                          37.156.208.0/22 maxlen: 23
                          94.177.151.0/24 maxlen: 24
                          89.42.230.0/24 maxlen: 24
                          188.209.80.0/20 maxlen: 24
                          86.104.229.0/24 maxlen: 24
                          188.209.88.0/21 maxlen: 21
                          93.113.89.0/24 maxlen: 24
                          86.105.8.0/24 maxlen: 24
                          2a02:20d8::/29 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a7:20:56:79:f6:4a:d3:36:10:b3:2f:69:6d:b4:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
        Validity
            Not Before: Jan  1 23:25:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3eb8ae0640cf4a52956be0c41640c0a21f4b2c53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:91:af:74:ba:35:d7:75:de:b2:57:fc:b4:ce:
                    74:38:77:b0:21:b5:48:78:cf:ee:94:0a:2d:55:e0:
                    f2:db:15:6f:b9:24:86:9c:1b:e1:96:27:4c:63:a0:
                    4c:d5:71:01:f6:d5:cc:d7:39:05:ba:c2:f9:e6:b1:
                    8d:07:b8:6a:31:b9:a3:82:e5:81:f7:09:a9:ba:54:
                    16:68:7d:cc:69:13:e7:0d:de:c9:8a:cf:5b:90:1e:
                    78:c0:ea:7a:3b:8a:07:88:cd:37:43:1e:8f:8a:2b:
                    5d:68:68:14:9c:c9:99:7f:74:e3:82:c7:ab:64:34:
                    1b:12:0f:db:cc:91:cb:4e:e9:0a:76:f9:5b:fa:38:
                    ed:10:06:4c:d2:26:04:c2:6d:a5:15:4e:5f:4e:f5:
                    52:3a:a2:08:36:fd:9c:f6:b8:75:14:d0:52:fe:6a:
                    4c:4e:00:d5:63:2a:cd:f5:37:91:15:f2:46:29:34:
                    cc:14:2a:77:1b:f0:54:5f:e0:c6:66:45:7f:2c:e6:
                    28:2e:f7:6a:9f:44:5c:b4:d6:f8:91:c8:1e:03:3f:
                    ad:70:82:d4:dd:b7:c5:b8:70:2b:6d:33:27:5e:7c:
                    6c:a2:96:c6:fe:e7:3a:a8:d9:6d:18:8d:8b:13:c0:
                    47:3c:90:3e:2f:ad:cc:69:b2:99:de:d6:bc:f9:12:
                    ea:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:B8:AE:06:40:CF:4A:52:95:6B:E0:C4:16:40:C0:A2:1F:4B:2C:53
            X509v3 Authority Key Identifier:
                keyid:9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/PriuBkDPSlKVa-DEFkDAoh9LLFM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/myANDnrTzvciOLUWTEss3eI6ah4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.184.0/21
                  37.156.96.0/22
                  37.156.148.0/22
                  37.156.168.0/22
                  37.156.208.0/22
                  46.255.80.0/21
                  86.104.6.0/24
                  86.104.229.0/24
                  86.105.8.0/24
                  86.105.179.0/24
                  89.33.232.0/24
                  89.34.6.0/24
                  89.39.224.0/20
                  89.42.230.0/24
                  89.44.206.0/24
                  89.45.24.0/21
                  89.45.95.0/24
                  89.45.216.0/22
                  89.47.32.0/23
                  93.113.89.0/24
                  93.115.170.0/23
                  93.118.37.0/24
                  94.177.18.0/23
                  94.177.151.0/24
                  176.223.164.0/24
                  185.82.168.0/22
                  188.209.80.0/20
                  188.210.239.0/24
                  188.212.153.0/24
                  188.215.44.0/22
                  188.215.65.0/24
                  188.215.247.0-188.215.248.255
                  188.241.4.0/23
                  188.241.190.0/23
                  195.62.160.0/19
                IPv6:
                  2a02:20d8::/29

    Signature Algorithm: sha256WithRSAEncryption
         79:35:f9:ee:68:60:c6:21:05:38:8c:01:de:9a:4d:ce:b1:8f:
         a4:04:9c:f9:10:5e:c6:3a:02:6d:c3:b7:2c:f1:ce:7f:c2:a5:
         82:0c:08:ac:62:18:cc:9c:72:ba:a6:56:dc:01:e3:f5:2b:9a:
         76:f8:ed:74:88:3a:89:a4:16:38:df:29:88:db:48:d1:14:b9:
         ca:0f:8b:70:9b:d2:44:18:13:95:de:e7:bd:33:6d:93:0b:76:
         46:c8:0d:74:c7:2a:d9:dc:df:95:fc:4c:79:c6:ce:0c:89:96:
         65:cc:bd:1a:6b:8e:34:3c:49:5f:48:c3:45:77:fb:06:ce:14:
         6f:06:a0:5f:b4:79:d5:6e:14:8c:ec:5d:a9:9e:c7:1b:2e:21:
         1e:24:cd:18:66:54:3d:ed:41:c0:ef:f6:5e:14:5f:ea:32:d5:
         b9:0f:af:1b:c2:1a:42:08:07:e6:09:49:0e:4f:b4:e9:d8:15:
         61:be:ba:3c:80:37:be:e5:8f:27:19:21:1d:39:62:e9:1d:15:
         d9:63:10:42:11:e4:be:0d:55:29:a1:23:26:af:2a:dd:a9:a6:
         14:2a:d2:fb:d6:22:bf:9b:ea:cf:14:b7:ba:66:0f:77:e8:dd:
         37:af:44:ca:3f:5a:b6:45:75:27:30:ac:93:87:4d:a6:e0:ac:
         64:ab:b2:c8
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYVvpyBWefZK0zYQsy9pbbTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMjAwZDBlN2FkM2NlZjcyMjM4YjUxNjRjNGIyY2RkZTIz
YTZhMWUwHhcNMjMwMTAxMjMyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI4YWUwNjQwY2Y0YTUyOTU2YmUwYzQxNjQwYzBhMjFmNGIyYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpGvdLo113Xeslf8tM50OHewIbVI
eM/ulAotVeDy2xVvuSSGnBvhlidMY6BM1XEB9tXM1zkFusL55rGNB7hqMbmjguWB
9wmpulQWaH3MaRPnDd7Jis9bkB54wOp6O4oHiM03Qx6PiitdaGgUnMmZf3Tjgser
ZDQbEg/bzJHLTukKdvlb+jjtEAZM0iYEwm2lFU5fTvVSOqIINv2c9rh1FNBS/mpM
TgDVYyrN9TeRFfJGKTTMFCp3G/BUX+DGZkV/LOYoLvdqn0RctNb4kcgeAz+tcILU
3bfFuHArbTMnXnxsopbG/uc6qNltGI2LE8BHPJA+L63MabKZ3ta8+RLqvQIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFD64rgZAz0pSlWvgxBZAwKIfSyxTMB8GA1UdIwQY
MBaAFJsgDQ560873Iji1FkxLLN3iOmoeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2Mt
YTRmMDhkYmI4NWE1LzEvUHJpdUJrRFBTbEtWYS1ERUZrREFvaDlMTEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2MtYTRmMDhkYmI4NWE1
LzEvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgeEEAgABMIHaAwQD
BZC4AwQCJZxgAwQCJZyUAwQCJZyoAwQCJZzQAwQDLv9QAwQAVmgGAwQAVmjlAwQA
VmkIAwQAVmmzAwQAWSHoAwQAWSIGAwQEWSfgAwQAWSrmAwQAWSzOAwQDWS0YAwQA
WS1fAwQCWS3YAwQBWS8gAwQAXXFZAwQBXXOqAwQAXXYlAwQBXrESAwQAXrGXAwQA
sN+kAwQCuVKoAwQEvNFQAwQAvNLvAwQAvNSZAwQCvNcsAwQAvNdBMAwDBAC81/cD
BAC81/gDBAG88QQDBAG88b4DBAXDPqAwDQQCAAIwBwMFAyoCINgwDQYJKoZIhvcN
AQELBQADggEBAHk1+e5oYMYhBTiMAd6aTc6xj6QEnPkQXsY6Am3Dtyzxzn/CpYIM
CKxiGMyccrqmVtwB4/Urmnb47XSIOomkFjjfKYjbSNEUucoPi3Cb0kQYE5Xe570z
bZMLdkbIDXTHKtnc35X8THnGzgyJlmXMvRprjjQ8SV9Iw0V3+wbOFG8GoF+0edVu
FIzsXamexxsuIR4kzRhmVD3tQcDv9l4UX+oy1bkPrxvCGkIIB+YJSQ5PtOnYFWG+
ujyAN77ljycZIR05YukdFdljEEIR5L4NVSmhIyavKt2pphQq0vvWIr+b6s8Ut7pm
D3fo3TevRMo/WrZFdScwrJOHTabgrGSrssg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:36 2024 by rpki-client on console-ams.rpki-client.org