Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/SkN4GrgSnfwp5jKIfWo08Av42Tc.roa
File:                     SkN4GrgSnfwp5jKIfWo08Av42Tc.roa (raw, json)
Hash identifier:          PPyLJBDtwjYMXU8Loer1abRv2S2lkCtahRHuu2VN6SY=
Subject key identifier:   4A:43:78:1A:B8:12:9D:FC:29:E6:32:88:7D:6A:34:F0:0B:F8:D9:37
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018D6BA958F86592D67D35CE78AE4BB9EBE1
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/SkN4GrgSnfwp5jKIfWo08Av42Tc.roa
Signing time:             Fri 02 Feb 2024 21:11:16 +0000
ROA not before:           Fri 02 Feb 2024 21:11:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12302
IP address blocks:        80.96.1.0/24 maxlen: 24
                          80.96.22.0/24 maxlen: 24
                          80.96.96.0/23 maxlen: 24
                          80.96.104.0/24 maxlen: 24
                          80.96.129.0/24 maxlen: 24
                          80.96.134.0/23 maxlen: 23
                          80.96.150.0/24 maxlen: 24
                          80.96.151.0/24 maxlen: 24
                          80.96.164.0/23 maxlen: 24
                          80.96.177.0/24 maxlen: 24
                          80.96.184.0/24 maxlen: 24
                          80.96.206.0/24 maxlen: 24
                          80.97.64.0/21 maxlen: 24
                          80.97.72.0/21 maxlen: 24
                          80.97.80.0/21 maxlen: 24
                          80.97.88.0/21 maxlen: 24
                          81.181.16.0/22 maxlen: 24
                          81.181.32.0/21 maxlen: 21
                          81.181.40.0/22 maxlen: 22
                          81.181.45.0/24 maxlen: 24
                          81.181.46.0/23 maxlen: 23
                          193.226.3.0/24 maxlen: 24
                          193.226.30.0/24 maxlen: 24
                          193.226.42.0/23 maxlen: 23
                          193.226.47.0/24 maxlen: 24
                          193.226.58.0/24 maxlen: 24
                          193.226.83.0/24 maxlen: 24
                          193.226.100.0/24 maxlen: 24
                          193.226.105.0/24 maxlen: 24
                          193.230.129.0/24 maxlen: 24
                          193.230.160.0/24 maxlen: 24
                          193.230.161.0/24 maxlen: 24
                          193.230.162.0/24 maxlen: 24
                          193.230.163.0/24 maxlen: 24
                          193.230.166.0/24 maxlen: 24
                          193.230.167.0/24 maxlen: 24
                          193.230.168.0/24 maxlen: 24
                          193.230.169.0/24 maxlen: 24
                          193.230.174.0/24 maxlen: 24
                          193.230.177.0/24 maxlen: 24
                          193.230.193.0/24 maxlen: 24
                          193.230.202.0/24 maxlen: 24
                          193.230.203.0/24 maxlen: 24
                          193.230.240.0/24 maxlen: 24
                          193.230.247.0/24 maxlen: 24
                          193.231.82.0/24 maxlen: 24
                          193.231.120.0/24 maxlen: 24
                          193.231.121.0/24 maxlen: 24
                          193.231.126.0/24 maxlen: 24
                          193.231.180.0/22 maxlen: 24
                          193.231.208.0/20 maxlen: 24
                          193.231.255.0/24 maxlen: 24
                          194.102.87.0/24 maxlen: 24
                          194.102.90.0/24 maxlen: 24
                          217.156.10.0/24 maxlen: 24
                          217.156.34.0/24 maxlen: 24
                          217.156.43.0/24 maxlen: 24
                          217.156.63.0/24 maxlen: 24
                          217.156.73.0/24 maxlen: 24
                          217.156.98.0/24 maxlen: 24
                          217.156.110.0/24 maxlen: 24
                          217.156.116.0/24 maxlen: 24
                          217.156.117.0/24 maxlen: 24
                          217.156.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 12:20:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:6b:a9:58:f8:65:92:d6:7d:35:ce:78:ae:4b:b9:eb:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Feb  2 21:11:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4a43781ab8129dfc29e632887d6a34f00bf8d937
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:ca:f7:f8:6b:9e:fc:a1:7d:b8:4a:d3:48:5b:
                    2d:1e:16:db:87:3e:a7:62:98:c2:22:fb:4e:a9:3f:
                    2b:b0:cc:89:32:0f:a5:fd:d9:73:0a:13:45:73:2f:
                    2d:04:57:41:92:0a:a3:ff:60:95:5b:0a:35:66:33:
                    f2:03:e0:93:42:40:0f:77:c0:b8:57:b8:b1:5f:45:
                    f0:72:c8:ed:21:19:54:73:e2:3a:9a:42:b7:3a:aa:
                    43:16:80:cf:de:73:de:ed:3b:90:e2:91:16:46:fc:
                    84:0b:a9:4a:4a:39:41:f1:9a:ae:0a:06:0c:69:e7:
                    e0:5e:18:0a:9e:9b:81:57:f9:fa:42:2c:ae:bd:52:
                    cb:3c:d3:c1:80:45:c3:cf:13:0a:27:90:a1:d0:b3:
                    49:95:85:8f:4b:a7:a7:a2:32:79:1e:b0:99:77:b8:
                    4f:bf:1b:9a:90:9c:5b:85:0d:5e:5c:04:85:cb:2e:
                    b3:d7:aa:32:15:69:4b:ba:3a:af:75:1f:b0:00:bf:
                    30:a2:e9:70:6c:6d:cb:04:89:c9:66:8a:43:ca:e7:
                    81:f9:a3:70:c7:16:a3:ff:a0:de:d2:b9:46:e0:2c:
                    55:64:6f:8d:ad:bf:d4:61:54:ed:d1:8e:b8:d2:ec:
                    6c:90:1e:19:cd:53:67:48:3d:71:b7:b5:41:52:7e:
                    2a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:43:78:1A:B8:12:9D:FC:29:E6:32:88:7D:6A:34:F0:0B:F8:D9:37
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/SkN4GrgSnfwp5jKIfWo08Av42Tc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.1.0/24
                  80.96.22.0/24
                  80.96.96.0/23
                  80.96.104.0/24
                  80.96.129.0/24
                  80.96.134.0/23
                  80.96.150.0/23
                  80.96.164.0/23
                  80.96.177.0/24
                  80.96.184.0/24
                  80.96.206.0/24
                  80.97.64.0/19
                  81.181.16.0/22
                  81.181.32.0-81.181.43.255
                  81.181.45.0-81.181.47.255
                  193.226.3.0/24
                  193.226.30.0/24
                  193.226.42.0/23
                  193.226.47.0/24
                  193.226.58.0/24
                  193.226.83.0/24
                  193.226.100.0/24
                  193.226.105.0/24
                  193.230.129.0/24
                  193.230.160.0/22
                  193.230.166.0-193.230.169.255
                  193.230.174.0/24
                  193.230.177.0/24
                  193.230.193.0/24
                  193.230.202.0/23
                  193.230.240.0/24
                  193.230.247.0/24
                  193.231.82.0/24
                  193.231.120.0/23
                  193.231.126.0/24
                  193.231.180.0/22
                  193.231.208.0/20
                  193.231.255.0/24
                  194.102.87.0/24
                  194.102.90.0/24
                  217.156.10.0/24
                  217.156.34.0/24
                  217.156.43.0/24
                  217.156.63.0/24
                  217.156.73.0/24
                  217.156.98.0/24
                  217.156.110.0/24
                  217.156.116.0/23
                  217.156.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:9f:3a:6e:83:fd:c4:2e:c8:9c:5a:8c:21:7f:27:99:e3:b7:
         92:d6:87:4c:ec:12:1b:70:d3:3a:18:2b:4d:00:6a:de:ec:9e:
         30:ad:c7:f6:96:ab:6e:74:88:34:be:7d:bb:87:46:1c:a0:ac:
         4b:ef:4d:9a:c6:fd:19:32:3d:f3:55:29:2b:78:71:6c:e0:99:
         84:ad:4b:e6:15:64:f1:70:a3:6a:f3:f9:25:c8:71:4e:2c:96:
         c7:dc:04:5e:08:f2:ad:18:27:ba:72:d8:89:ed:85:70:2a:eb:
         8b:79:a5:55:3c:0b:41:56:b9:9d:fd:b5:ee:84:0b:81:c3:0d:
         1f:36:43:7e:eb:80:2f:1e:28:25:45:1f:fa:4b:87:05:3a:f9:
         61:4a:13:08:33:52:f2:ba:3c:50:56:a2:43:56:d0:ec:bc:aa:
         94:45:98:99:ad:2a:c4:b9:4a:53:e1:ff:21:03:54:87:3c:72:
         83:b5:26:0d:f4:74:bc:f5:27:8e:1c:c9:80:28:66:4c:db:29:
         14:6f:7e:a5:88:87:67:c3:46:ad:48:28:a7:f8:4d:d7:97:2b:
         0f:a3:7d:88:b4:70:df:85:29:7e:cd:a8:c1:b3:01:6b:cc:1c:
         12:7e:c4:ef:4c:aa:b3:a4:54:3b:f0:f2:f1:0d:53:f6:1b:fc:
         40:05:9b:13
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAY1rqVj4ZZLWfTXOeK5LuevhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMjAyMjExMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTQzNzgxYWI4MTI5ZGZjMjllNjMyODg3ZDZhMzRmMDBiZjhkOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncr3+Gue/KF9uErTSFstHhbbhz6n
YpjCIvtOqT8rsMyJMg+l/dlzChNFcy8tBFdBkgqj/2CVWwo1ZjPyA+CTQkAPd8C4
V7ixX0XwcsjtIRlUc+I6mkK3OqpDFoDP3nPe7TuQ4pEWRvyEC6lKSjlB8ZquCgYM
aefgXhgKnpuBV/n6QiyuvVLLPNPBgEXDzxMKJ5Ch0LNJlYWPS6enojJ5HrCZd7hP
vxuakJxbhQ1eXASFyy6z16oyFWlLujqvdR+wAL8woulwbG3LBInJZopDyueB+aNw
xxaj/6De0rlG4CxVZG+Nrb/UYVTt0Y640uxskB4ZzVNnSD1xt7VBUn4qYwIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFEpDeBq4Ep38KeYyiH1qNPAL+Nk3MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvU2tONEdyZ1NuZndwNWpLSWZXbzA4QXY0MlRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjCCAUYEAgABMIIB
PgMEAFBgAQMEAFBgFgMEAVBgYAMEAFBgaAMEAFBggQMEAVBghgMEAVBglgMEAVBg
pAMEAFBgsQMEAFBguAMEAFBgzgMEBVBhQAMEAlG1EDAMAwQFUbUgAwQCUbUoMAwD
BABRtS0DBARRtSADBADB4gMDBADB4h4DBAHB4ioDBADB4i8DBADB4joDBADB4lMD
BADB4mQDBADB4mkDBADB5oEDBALB5qAwDAMEAcHmpgMEAcHmqAMEAMHmrgMEAMHm
sQMEAMHmwQMEAcHmygMEAMHm8AMEAMHm9wMEAMHnUgMEAcHneAMEAMHnfgMEAsHn
tAMEBMHn0AMEAMHn/wMEAMJmVwMEAMJmWgMEANmcCgMEANmcIgMEANmcKwMEANmc
PwMEANmcSQMEANmcYgMEANmcbgMEAdmcdAMEANmceDANBgkqhkiG9w0BAQsFAAOC
AQEAmZ86boP9xC7InFqMIX8nmeO3ktaHTOwSG3DTOhgrTQBq3uyeMK3H9parbnSI
NL59u4dGHKCsS+9Nmsb9GTI981UpK3hxbOCZhK1L5hVk8XCjavP5JchxTiyWx9wE
XgjyrRgnunLYie2FcCrri3mlVTwLQVa5nf217oQLgcMNHzZDfuuALx4oJUUf+kuH
BTr5YUoTCDNS8ro8UFaiQ1bQ7LyqlEWYma0qxLlKU+H/IQNUhzxyg7UmDfR0vPUn
jhzJgChmTNspFG9+pYiHZ8NGrUgop/hN15crD6N9iLRw34Upfs2owbMBa8wcEn7E
70yqs6RUO/Dy8Q1T9hv8QAWbEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:05 2024 by rpki-client on console-ams.rpki-client.org