Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/H3NM6L7IZ5WjvxYUBLr2bkwyaBI.roa
File:                     H3NM6L7IZ5WjvxYUBLr2bkwyaBI.roa (raw, json)
Hash identifier:          kdOxlWXyBxpteVwkezy0q0/dz+N0pM3xSbZ7zrVpxZM=
Subject key identifier:   1F:73:4C:E8:BE:C8:67:95:A3:BF:16:14:04:BA:F6:6E:4C:32:68:12
Certificate issuer:       /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial:       018AFF3C8D1F945E315C7A7EEF5F329CC995
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/H3NM6L7IZ5WjvxYUBLr2bkwyaBI.roa
Signing time:             Thu 05 Oct 2023 09:47:52 +0000
ROA not before:           Thu 05 Oct 2023 09:47:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57169
IP address blocks:        37.235.50.0/23 maxlen: 23
                          37.235.48.0/20 maxlen: 20
                          37.235.56.0/24 maxlen: 24
                          37.235.57.0/24 maxlen: 24
                          37.235.58.0/24 maxlen: 24
                          37.235.52.0/24 maxlen: 24
                          37.235.59.0/24 maxlen: 24
                          37.235.60.0/24 maxlen: 24
                          37.235.61.0/24 maxlen: 24
                          37.235.62.0/24 maxlen: 24
                          37.235.63.0/24 maxlen: 24
                          158.255.211.0/24 maxlen: 24
                          158.255.212.0/24 maxlen: 24
                          158.255.209.0/24 maxlen: 24
                          158.255.210.0/24 maxlen: 24
                          185.26.236.0/24 maxlen: 24
                          185.26.237.0/24 maxlen: 24
                          149.154.152.0/24 maxlen: 24
                          149.154.153.0/24 maxlen: 24
                          149.154.154.0/24 maxlen: 24
                          149.154.155.0/24 maxlen: 24
                          149.154.156.0/24 maxlen: 24
                          91.227.204.0/23 maxlen: 23
                          91.227.204.0/24 maxlen: 24
                          91.227.205.0/24 maxlen: 24
                          89.31.123.0/24 maxlen: 24
                          83.243.120.0/24 maxlen: 24
                          83.243.122.0/24 maxlen: 24
                          91.132.94.0/24 maxlen: 24
                          213.183.54.0/24 maxlen: 24
                          213.183.55.0/24 maxlen: 24
                          213.183.56.0/24 maxlen: 24
                          213.183.57.0/24 maxlen: 24
                          151.236.0.0/19 maxlen: 19
                          151.236.0.0/24 maxlen: 24
                          151.236.1.0/24 maxlen: 24
                          151.236.2.0/24 maxlen: 24
                          151.236.3.0/24 maxlen: 24
                          151.236.4.0/24 maxlen: 24
                          151.236.5.0/24 maxlen: 24
                          151.236.6.0/24 maxlen: 24
                          151.236.7.0/24 maxlen: 24
                          151.236.8.0/24 maxlen: 24
                          151.236.9.0/24 maxlen: 24
                          151.236.10.0/24 maxlen: 24
                          151.236.11.0/24 maxlen: 24
                          151.236.12.0/24 maxlen: 24
                          151.236.13.0/24 maxlen: 24
                          151.236.20.0/24 maxlen: 24
                          151.236.26.0/23 maxlen: 23
                          151.236.30.0/24 maxlen: 24
                          103.57.250.0/24 maxlen: 24
                          92.243.66.0/24 maxlen: 24
                          2a03:f80:359::/48 maxlen: 48
                          2a03:f80:56::/48 maxlen: 48
                          2a03:f80:ed16::/48 maxlen: 48
                          2a03:f80:371::/48 maxlen: 48
                          2a03:f80:ed31::/48 maxlen: 48
                          2a03:f87:ffff::/48 maxlen: 48
                          2a03:f80::/29 maxlen: 29
                          2a03:f80:57::/48 maxlen: 48
                          2a03:f80:ed17::/48 maxlen: 48
                          2a03:f80:354::/48 maxlen: 48
                          2a03:f80:3991::/48 maxlen: 48
                          2a03:f80:ed51::/48 maxlen: 48
                          2a03:f80:7::/48 maxlen: 48
                          2a03:f80:ed15::/48 maxlen: 48
                          2a03:f80:ad15::/48 maxlen: 48
                          2a03:f80:70::/48 maxlen: 48
                          2a03:f80:370::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 26 Oct 2023 13:14:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ff:3c:8d:1f:94:5e:31:5c:7a:7e:ef:5f:32:9c:c9:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
        Validity
            Not Before: Oct  5 09:47:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f734ce8bec86795a3bf161404baf66e4c326812
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:a5:c1:d6:d6:d2:0f:01:17:1e:41:36:83:92:
                    65:ff:58:45:e5:de:0a:cb:55:db:e7:a4:ed:10:05:
                    52:91:60:b6:87:8b:18:05:b8:36:5d:5a:27:51:43:
                    d5:fe:03:b1:d5:d8:fd:eb:2c:eb:19:00:24:00:bd:
                    ae:74:df:1f:4e:64:5b:0a:67:ff:bb:9c:45:42:81:
                    fe:45:09:27:53:b6:0c:df:36:a0:a7:8c:37:29:e3:
                    fc:73:1e:21:5d:a5:1e:41:2e:b6:43:d3:74:61:32:
                    cd:7f:61:5f:65:e1:45:01:b2:c5:5a:e3:92:48:38:
                    c1:c2:89:dc:f8:46:7f:d7:a5:d1:97:07:0e:fb:99:
                    96:6e:48:73:4c:8a:42:ad:19:df:02:f3:6a:31:c7:
                    ff:71:db:7c:f7:22:f8:da:d8:46:71:94:22:39:c8:
                    43:8a:84:91:f2:b8:44:c8:7f:90:5a:b4:ca:86:a5:
                    a0:9b:47:35:9a:1b:c5:d0:97:9b:71:78:cc:8c:47:
                    9e:ba:4b:e0:b8:e4:0b:62:10:c9:1c:b9:15:66:6c:
                    2d:17:00:26:7a:73:84:e1:73:5a:ec:43:bb:37:b3:
                    94:0f:4f:9f:ad:2e:f9:85:b9:3d:02:e1:65:b6:79:
                    7b:fd:e3:b7:05:d2:65:0c:cd:71:37:ea:3b:d5:ca:
                    c0:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:73:4C:E8:BE:C8:67:95:A3:BF:16:14:04:BA:F6:6E:4C:32:68:12
            X509v3 Authority Key Identifier:
                keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/H3NM6L7IZ5WjvxYUBLr2bkwyaBI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.235.48.0/20
                  83.243.120.0/24
                  83.243.122.0/24
                  89.31.123.0/24
                  91.132.94.0/24
                  91.227.204.0/23
                  92.243.66.0/24
                  103.57.250.0/24
                  149.154.152.0-149.154.156.255
                  151.236.0.0/19
                  158.255.209.0-158.255.212.255
                  185.26.236.0/23
                  213.183.54.0-213.183.57.255
                IPv6:
                  2a03:f80::/29

    Signature Algorithm: sha256WithRSAEncryption
         0b:a9:b1:3d:be:0c:77:6b:19:9e:58:ca:48:f0:da:eb:9d:a9:
         4d:3d:eb:9d:b1:c7:9a:5d:d4:83:27:76:84:e2:0d:db:08:06:
         38:53:b5:ee:59:62:d8:54:0f:e4:7d:4b:fd:50:46:8e:80:22:
         e4:84:0b:15:7d:99:f9:69:52:e3:0f:41:e8:ad:7f:e9:4d:0f:
         2e:c0:0d:e5:b3:68:88:47:90:e5:f2:71:be:16:64:fc:05:2b:
         90:64:35:10:2d:89:b1:8a:3a:87:82:30:a9:07:a2:dd:19:68:
         15:6c:4a:e0:b7:f1:1d:3f:66:09:64:43:15:d4:61:e0:7b:eb:
         31:ca:7c:aa:fb:13:82:d6:4f:d8:e4:03:52:fd:dd:f5:05:11:
         ab:95:3e:72:22:b2:9b:0b:ac:30:06:0d:7a:fe:ec:27:9d:31:
         83:09:e8:23:b0:e9:bc:6e:5e:a8:ab:87:c0:2b:07:0a:20:37:
         7c:c5:95:02:33:21:5b:e0:98:06:2b:78:48:aa:e9:8c:7b:7d:
         4c:3f:f8:f4:06:08:32:c8:fc:a9:b2:61:a4:35:3f:df:c8:cb:
         20:b5:c1:5f:d7:0f:c0:72:b4:85:75:9e:dd:88:b3:4e:21:f8:
         cb:d2:02:ec:1d:de:a8:96:6a:b3:5c:63:de:d9:15:73:73:24:
         64:fb:a3:0c
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYr/PI0flF4xXHp+718ynMmVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMxMDA1MDk0NzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjczNGNlOGJlYzg2Nzk1YTNiZjE2MTQwNGJhZjY2ZTRjMzI2ODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4aXB1tbSDwEXHkE2g5Jl/1hF5d4K
y1Xb56TtEAVSkWC2h4sYBbg2XVonUUPV/gOx1dj96yzrGQAkAL2udN8fTmRbCmf/
u5xFQoH+RQknU7YM3zagp4w3KeP8cx4hXaUeQS62Q9N0YTLNf2FfZeFFAbLFWuOS
SDjBwonc+EZ/16XRlwcO+5mWbkhzTIpCrRnfAvNqMcf/cdt89yL42thGcZQiOchD
ioSR8rhEyH+QWrTKhqWgm0c1mhvF0JebcXjMjEeeukvguOQLYhDJHLkVZmwtFwAm
enOE4XNa7EO7N7OUD0+frS75hbk9AuFltnl7/eO3BdJlDM1xN+o71crAsQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFB9zTOi+yGeVo78WFAS69m5MMmgSMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvSDNOTTZMN0laNVdqdnhZVUJMcjJia3d5YUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEBCXrMAME
AFPzeAMEAFPzegMEAFkfewMEAFuEXgMEAVvjzAMEAFzzQgMEAGc5+jAMAwQDlZqY
AwQAlZqcAwQFl+wAMAwDBACe/9EDBACe/9QDBAG5GuwwDAMEAdW3NgMEAdW3ODAN
BAIAAjAHAwUDKgMPgDANBgkqhkiG9w0BAQsFAAOCAQEAC6mxPb4Md2sZnljKSPDa
652pTT3rnbHHml3Ugyd2hOIN2wgGOFO17lli2FQP5H1L/VBGjoAi5IQLFX2Z+WlS
4w9B6K1/6U0PLsAN5bNoiEeQ5fJxvhZk/AUrkGQ1EC2JsYo6h4IwqQei3RloFWxK
4LfxHT9mCWRDFdRh4HvrMcp8qvsTgtZP2OQDUv3d9QURq5U+ciKymwusMAYNev7s
J50xgwnoI7DpvG5eqKuHwCsHCiA3fMWVAjMhW+CYBit4SKrpjHt9TD/49AYIMsj8
qbJhpDU/38jLILXBX9cPwHK0hXWe3YizTiH4y9IC7B3eqJZqs1xj3tkVc3MkZPuj
DA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:51 2024 by rpki-client on console-ams.rpki-client.org