Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/iW7ZPPboPFdFUDLK69FPC3VOKnc.roa
File:                     iW7ZPPboPFdFUDLK69FPC3VOKnc.roa (raw, json)
Hash identifier:          nuI0/uQE1zTO5poXiDCWEEahLeABKpfOVcl87wiwhXI=
Subject key identifier:   89:6E:D9:3C:F6:E8:3C:57:45:50:32:CA:EB:D1:4F:0B:75:4E:2A:77
Certificate issuer:       /CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Certificate serial:       018A3C54544865FADF03398477E00FAE251A
Authority key identifier: 70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/iW7ZPPboPFdFUDLK69FPC3VOKnc.roa
Signing time:             Mon 28 Aug 2023 13:27:54 +0000
ROA not before:           Mon 28 Aug 2023 13:27:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31721
IP address blocks:        5.191.104.0/24 maxlen: 24
                          5.191.105.0/24 maxlen: 24
                          5.191.102.0/24 maxlen: 24
                          5.191.103.0/24 maxlen: 24
                          5.191.101.0/24 maxlen: 24
                          5.191.100.0/24 maxlen: 24
                          5.191.109.0/24 maxlen: 24
                          5.191.110.0/24 maxlen: 24
                          5.191.108.0/24 maxlen: 24
                          5.191.106.0/24 maxlen: 24
                          5.191.107.0/24 maxlen: 24
                          5.191.111.0/24 maxlen: 24
                          5.191.112.0/24 maxlen: 24
                          5.191.116.0/24 maxlen: 24
                          5.191.115.0/24 maxlen: 24
                          5.191.113.0/24 maxlen: 24
                          5.191.114.0/24 maxlen: 24
                          5.191.44.0/24 maxlen: 24
                          5.191.50.0/24 maxlen: 24
                          5.191.51.0/24 maxlen: 24
                          5.191.49.0/24 maxlen: 24
                          5.191.47.0/24 maxlen: 24
                          5.191.48.0/24 maxlen: 24
                          5.191.45.0/24 maxlen: 24
                          5.191.46.0/24 maxlen: 24
                          5.191.54.0/24 maxlen: 24
                          5.191.55.0/24 maxlen: 24
                          5.191.52.0/24 maxlen: 24
                          5.191.53.0/24 maxlen: 24
                          5.191.57.0/24 maxlen: 24
                          5.191.58.0/24 maxlen: 24
                          5.191.56.0/24 maxlen: 24
                          5.191.64.0/24 maxlen: 24
                          5.191.62.0/24 maxlen: 24
                          5.191.63.0/24 maxlen: 24
                          5.191.61.0/24 maxlen: 24
                          5.191.59.0/24 maxlen: 24
                          5.191.60.0/24 maxlen: 24
                          5.191.69.0/24 maxlen: 24
                          5.191.68.0/24 maxlen: 24
                          5.191.66.0/24 maxlen: 24
                          5.191.67.0/24 maxlen: 24
                          5.191.65.0/24 maxlen: 24
                          5.191.90.0/24 maxlen: 24
                          5.191.3.0/24 maxlen: 24
                          5.191.17.0/24 maxlen: 24
                          5.191.16.0/24 maxlen: 24
                          5.191.15.0/24 maxlen: 24
                          5.191.24.0/24 maxlen: 24
                          5.191.22.0/24 maxlen: 24
                          5.191.19.0/24 maxlen: 24
                          5.191.18.0/24 maxlen: 24
                          5.191.26.0/24 maxlen: 24
                          5.191.27.0/24 maxlen: 24
                          5.191.25.0/24 maxlen: 24
                          5.191.31.0/24 maxlen: 24
                          5.191.29.0/24 maxlen: 24
                          5.191.30.0/24 maxlen: 24
                          5.191.28.0/24 maxlen: 24
                          5.191.33.0/24 maxlen: 24
                          5.191.34.0/24 maxlen: 24
                          5.191.32.0/24 maxlen: 24
                          217.168.176.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Wed 30 Aug 2023 12:10:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:3c:54:54:48:65:fa:df:03:39:84:77:e0:0f:ae:25:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
        Validity
            Not Before: Aug 28 13:27:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=896ed93cf6e83c57455032caebd14f0b754e2a77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:9a:7d:67:f9:9c:5c:00:52:ef:df:04:6c:f8:
                    e6:e8:f6:21:cd:11:5d:03:02:be:c4:13:4d:1a:18:
                    80:6e:ff:a2:bb:7e:e1:f0:c8:e2:df:4c:0a:ff:5e:
                    df:af:1a:13:c1:63:06:3f:01:28:d4:b1:9b:f6:ec:
                    2a:cf:bb:29:dd:98:66:47:92:4f:d6:ed:e7:8a:e6:
                    3d:cd:3c:ad:be:88:25:43:8d:f6:28:30:26:fa:70:
                    fb:7b:c2:d7:ea:42:95:02:a0:7e:25:61:52:9e:a6:
                    21:6c:22:a5:20:d7:11:1c:93:bb:17:9e:c3:f2:ca:
                    ff:e7:58:62:9d:7a:19:17:73:47:ca:ae:9c:9e:99:
                    a4:9a:ad:13:57:7a:41:9f:34:8f:b7:72:a1:0c:7e:
                    32:89:55:1d:12:71:bb:2c:a6:ea:55:ac:ad:8d:31:
                    2e:0a:e6:f4:89:04:02:4b:35:05:c9:40:81:8e:bb:
                    4b:10:b9:89:26:a0:11:2f:51:14:d3:d2:fb:9c:ce:
                    92:16:f0:6a:bd:a9:46:cf:81:7c:e2:27:4b:6d:ac:
                    19:35:8e:c5:24:93:91:43:69:ba:c8:b8:26:7e:6c:
                    67:09:75:e5:29:fc:ee:bf:b6:1b:09:9b:10:cc:04:
                    fc:da:e8:e9:f0:d0:eb:ab:63:90:83:e5:48:ca:06:
                    42:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:6E:D9:3C:F6:E8:3C:57:45:50:32:CA:EB:D1:4F:0B:75:4E:2A:77
            X509v3 Authority Key Identifier:
                keyid:70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/iW7ZPPboPFdFUDLK69FPC3VOKnc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cCjsnM1thh9fGv2tAEbzPJEDugY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.191.3.0/24
                  5.191.15.0-5.191.19.255
                  5.191.22.0/24
                  5.191.24.0-5.191.34.255
                  5.191.44.0-5.191.69.255
                  5.191.90.0/24
                  5.191.100.0-5.191.116.255
                  217.168.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         7d:80:bd:45:1b:82:fa:74:7f:ba:79:d4:9b:22:ab:2d:f6:e8:
         a6:c2:38:13:fa:57:e1:a0:27:82:c0:51:99:62:8f:eb:6b:4a:
         d6:5b:26:e3:b9:dc:27:02:71:43:8c:f8:ca:3e:0c:f4:5e:64:
         74:98:d7:f0:09:ed:ab:ba:9d:d8:40:3a:ab:ee:42:c2:a7:4e:
         eb:5e:e3:93:cb:ee:27:d7:70:48:80:df:1c:e2:a6:fe:08:9a:
         0e:6c:58:2f:26:47:6d:9d:78:18:11:f3:55:37:06:b9:0e:87:
         b1:b7:03:38:c1:c4:39:fc:9c:f4:90:8f:e3:d1:68:09:80:74:
         b9:69:9a:8a:11:91:37:d9:12:f7:22:e7:aa:76:8d:e2:d3:ab:
         b7:f0:f0:4e:fd:e9:fd:0b:e1:77:1c:5c:36:3f:ea:45:a1:53:
         32:64:76:36:b8:71:50:69:3f:cd:e0:8d:ef:ad:22:cd:7b:1f:
         76:61:a9:a7:61:00:55:b8:e2:60:f8:55:98:88:05:dc:e9:08:
         02:87:97:cd:e4:af:2c:44:e9:f4:f4:ba:f0:3b:74:a7:1f:09:
         cb:35:da:56:a6:21:29:b5:90:30:2d:a9:b5:e1:cd:6d:3f:05:
         7a:ea:67:88:4d:d6:3f:56:e3:ea:f3:8c:6d:d6:b9:c3:13:f7:
         dc:43:03:c6
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYo8VFRIZfrfAzmEd+APriUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjhlYzljY2Q2ZDg2MWY1ZjFhZmRhZDAwNDZmMzNjOTEw
M2JhMDYwHhcNMjMwODI4MTMyNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTZlZDkzY2Y2ZTgzYzU3NDU1MDMyY2FlYmQxNGYwYjc1NGUyYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5p9Z/mcXABS798EbPjm6PYhzRFd
AwK+xBNNGhiAbv+iu37h8Mji30wK/17frxoTwWMGPwEo1LGb9uwqz7sp3ZhmR5JP
1u3niuY9zTytvoglQ432KDAm+nD7e8LX6kKVAqB+JWFSnqYhbCKlINcRHJO7F57D
8sr/51hinXoZF3NHyq6cnpmkmq0TV3pBnzSPt3KhDH4yiVUdEnG7LKbqVaytjTEu
Cub0iQQCSzUFyUCBjrtLELmJJqARL1EU09L7nM6SFvBqvalGz4F84idLbawZNY7F
JJORQ2m6yLgmfmxnCXXlKfzuv7YbCZsQzAT82ujp8NDrq2OQg+VIygZCTwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFIlu2Tz26DxXRVAyyuvRTwt1Tip3MB8GA1UdIwQY
MBaAFHAo7JzNbYYfXxr9rQBG8zyRA7oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAt
Y2NkZDA2NTYzYTVmLzEvaVc3WlBQYm9QRmRGVURMSzY5RlBDM1ZPS25jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAtY2NkZDA2NTYzYTVm
LzEvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQABb8DMAwD
BAAFvw8DBAIFvxADBAAFvxYwDAMEAwW/GAMEAAW/IjAMAwQCBb8sAwQBBb9EAwQA
Bb9aMAwDBAIFv2QDBAAFv3QDBATZqLAwDQYJKoZIhvcNAQELBQADggEBAH2AvUUb
gvp0f7p51Jsiqy326KbCOBP6V+GgJ4LAUZlij+trStZbJuO53CcCcUOM+Mo+DPRe
ZHSY1/AJ7au6ndhAOqvuQsKnTute45PL7ifXcEiA3xzipv4Img5sWC8mR22deBgR
81U3BrkOh7G3AzjBxDn8nPSQj+PRaAmAdLlpmooRkTfZEvci56p2jeLTq7fw8E79
6f0L4XccXDY/6kWhUzJkdja4cVBpP83gje+tIs17H3ZhqadhAFW44mD4VZiIBdzp
CAKHl83kryxE6fT0uvA7dKcfCcs12lamISm1kDAtqbXhzW0/BXrqZ4hN1j9W4+rz
jG3WucMT99xDA8Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:36 2024 by rpki-client on console-fra.rpki-client.org