Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/dkczTGjQpMxNhzHVv3_wITcwRmI.roa
File:                     dkczTGjQpMxNhzHVv3_wITcwRmI.roa (raw, json)
Hash identifier:          NBHv/I4iYey4cQX5i/EfT1INp/L3rp1GrDxP2RzeS0c=
Subject key identifier:   76:47:33:4C:68:D0:A4:CC:4D:87:31:D5:BF:7F:F0:21:37:30:46:62
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018D7E5C9EA168A083CACDABB73ECA4C7139
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/dkczTGjQpMxNhzHVv3_wITcwRmI.roa
Signing time:             Tue 06 Feb 2024 12:20:15 +0000
ROA not before:           Tue 06 Feb 2024 12:20:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12302
IP address blocks:        80.96.1.0/24 maxlen: 24
                          80.96.22.0/24 maxlen: 24
                          80.96.96.0/23 maxlen: 24
                          80.96.104.0/24 maxlen: 24
                          80.96.129.0/24 maxlen: 24
                          80.96.134.0/23 maxlen: 23
                          80.96.150.0/24 maxlen: 24
                          80.96.151.0/24 maxlen: 24
                          80.96.164.0/23 maxlen: 24
                          80.96.177.0/24 maxlen: 24
                          80.96.184.0/24 maxlen: 24
                          80.96.206.0/24 maxlen: 24
                          80.97.64.0/21 maxlen: 24
                          80.97.72.0/21 maxlen: 24
                          80.97.80.0/21 maxlen: 24
                          80.97.88.0/21 maxlen: 24
                          81.181.16.0/22 maxlen: 24
                          81.181.32.0/21 maxlen: 21
                          81.181.40.0/22 maxlen: 22
                          81.181.45.0/24 maxlen: 24
                          81.181.46.0/23 maxlen: 23
                          193.226.3.0/24 maxlen: 24
                          193.226.30.0/24 maxlen: 24
                          193.226.42.0/23 maxlen: 23
                          193.226.47.0/24 maxlen: 24
                          193.226.58.0/24 maxlen: 24
                          193.226.83.0/24 maxlen: 24
                          193.226.100.0/24 maxlen: 24
                          193.226.105.0/24 maxlen: 24
                          193.230.129.0/24 maxlen: 24
                          193.230.160.0/24 maxlen: 24
                          193.230.161.0/24 maxlen: 24
                          193.230.162.0/24 maxlen: 24
                          193.230.163.0/24 maxlen: 24
                          193.230.166.0/24 maxlen: 24
                          193.230.167.0/24 maxlen: 24
                          193.230.168.0/24 maxlen: 24
                          193.230.169.0/24 maxlen: 24
                          193.230.174.0/24 maxlen: 24
                          193.230.177.0/24 maxlen: 24
                          193.230.193.0/24 maxlen: 24
                          193.230.202.0/24 maxlen: 24
                          193.230.203.0/24 maxlen: 24
                          193.230.240.0/24 maxlen: 24
                          193.230.247.0/24 maxlen: 24
                          193.231.82.0/24 maxlen: 24
                          193.231.96.0/24 maxlen: 24
                          193.231.120.0/24 maxlen: 24
                          193.231.121.0/24 maxlen: 24
                          193.231.126.0/24 maxlen: 24
                          193.231.180.0/22 maxlen: 24
                          193.231.208.0/20 maxlen: 24
                          193.231.255.0/24 maxlen: 24
                          194.102.87.0/24 maxlen: 24
                          194.102.90.0/24 maxlen: 24
                          217.156.10.0/24 maxlen: 24
                          217.156.34.0/24 maxlen: 24
                          217.156.43.0/24 maxlen: 24
                          217.156.63.0/24 maxlen: 24
                          217.156.73.0/24 maxlen: 24
                          217.156.98.0/24 maxlen: 24
                          217.156.110.0/24 maxlen: 24
                          217.156.116.0/24 maxlen: 24
                          217.156.117.0/24 maxlen: 24
                          217.156.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 18:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7e:5c:9e:a1:68:a0:83:ca:cd:ab:b7:3e:ca:4c:71:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Feb  6 12:20:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7647334c68d0a4cc4d8731d5bf7ff02137304662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:56:00:c1:e4:53:fd:4c:62:ab:62:ad:cb:64:
                    28:6f:02:e9:35:4b:e9:b8:77:20:71:d4:a3:4f:25:
                    f3:24:3a:83:0f:ec:23:e0:46:34:3c:1b:ef:20:cc:
                    3b:c0:f6:96:34:84:a1:70:e4:16:b9:df:3a:6d:cb:
                    c6:e5:81:fc:fb:0e:52:2a:b1:59:a4:3f:6b:ba:15:
                    6a:92:ba:0a:c0:06:ad:31:2f:1f:3c:f6:c0:37:b5:
                    eb:52:69:bc:35:8b:7d:7b:bf:c4:bf:73:6c:96:3d:
                    30:a1:2b:ff:d9:8f:44:fa:2e:41:56:f7:01:1f:80:
                    6d:eb:86:97:7d:23:da:24:f7:73:41:8a:4b:71:f7:
                    98:e0:3d:44:a4:f2:2b:3f:8c:b8:01:c1:1b:10:96:
                    fe:f3:f3:13:f6:fc:89:3b:aa:a2:80:d1:c9:3d:d8:
                    56:4e:d1:62:64:5f:12:f0:fe:94:d1:ac:09:ad:3c:
                    da:c2:9a:86:4b:a2:6b:6f:2d:d5:37:08:70:a8:d1:
                    8e:b6:4b:51:a8:ba:42:b5:c5:32:bb:e9:a4:ed:ea:
                    6f:85:10:94:67:e2:78:f3:f8:07:76:4f:45:1d:62:
                    a1:40:a1:a2:4b:11:4d:c3:d6:c0:d6:d3:ba:00:f5:
                    08:ae:c7:bb:be:a9:63:f5:2e:59:7b:ee:fb:32:12:
                    94:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:47:33:4C:68:D0:A4:CC:4D:87:31:D5:BF:7F:F0:21:37:30:46:62
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/dkczTGjQpMxNhzHVv3_wITcwRmI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.1.0/24
                  80.96.22.0/24
                  80.96.96.0/23
                  80.96.104.0/24
                  80.96.129.0/24
                  80.96.134.0/23
                  80.96.150.0/23
                  80.96.164.0/23
                  80.96.177.0/24
                  80.96.184.0/24
                  80.96.206.0/24
                  80.97.64.0/19
                  81.181.16.0/22
                  81.181.32.0-81.181.43.255
                  81.181.45.0-81.181.47.255
                  193.226.3.0/24
                  193.226.30.0/24
                  193.226.42.0/23
                  193.226.47.0/24
                  193.226.58.0/24
                  193.226.83.0/24
                  193.226.100.0/24
                  193.226.105.0/24
                  193.230.129.0/24
                  193.230.160.0/22
                  193.230.166.0-193.230.169.255
                  193.230.174.0/24
                  193.230.177.0/24
                  193.230.193.0/24
                  193.230.202.0/23
                  193.230.240.0/24
                  193.230.247.0/24
                  193.231.82.0/24
                  193.231.96.0/24
                  193.231.120.0/23
                  193.231.126.0/24
                  193.231.180.0/22
                  193.231.208.0/20
                  193.231.255.0/24
                  194.102.87.0/24
                  194.102.90.0/24
                  217.156.10.0/24
                  217.156.34.0/24
                  217.156.43.0/24
                  217.156.63.0/24
                  217.156.73.0/24
                  217.156.98.0/24
                  217.156.110.0/24
                  217.156.116.0/23
                  217.156.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:7b:9f:cd:1d:71:2c:f1:ae:73:95:97:98:eb:4e:fd:d5:1b:
         7e:18:0f:ea:58:35:4f:76:48:f3:6a:f7:49:9d:7f:ed:7f:39:
         30:83:e6:ab:5c:62:44:d3:0b:12:90:9b:d9:05:b9:c1:11:65:
         b0:93:29:19:68:e1:92:57:9f:d6:38:3b:48:cf:20:13:c8:10:
         d5:91:80:1a:82:3f:3a:46:84:7d:17:d5:dd:ef:13:80:5c:fa:
         7d:e4:54:68:6c:6a:0b:a4:97:9b:c0:05:4d:11:fc:8a:b8:0d:
         6c:66:3b:57:c8:11:78:90:d6:2e:f6:d4:55:12:4d:bc:96:e6:
         42:c9:af:c4:e2:c7:08:c6:f3:03:f7:d5:c1:6a:8f:26:d0:19:
         8b:e4:9f:cb:1f:de:3c:69:b1:1b:b8:0f:5b:2a:0f:a9:dc:ff:
         04:47:4d:4c:b0:09:72:ff:9e:e3:4b:bf:0a:ec:45:09:96:37:
         28:06:98:8c:7b:7c:0a:cb:cc:e5:7a:0c:ac:61:bf:08:0c:42:
         12:d3:2a:d7:42:2b:a4:19:a7:ba:38:90:7c:1f:8f:05:24:85:
         f9:82:19:64:de:ab:c9:49:76:ea:75:ba:ab:3d:7e:2c:81:60:
         3f:91:81:b8:dd:6e:dc:0d:80:b5:2b:68:b0:c2:39:ec:41:be:
         e2:1c:3d:0a
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAY1+XJ6haKCDys2rtz7KTHE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMjA2MTIyMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjQ3MzM0YzY4ZDBhNGNjNGQ4NzMxZDViZjdmZjAyMTM3MzA0NjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlYAweRT/Uxiq2Kty2QobwLpNUvp
uHcgcdSjTyXzJDqDD+wj4EY0PBvvIMw7wPaWNIShcOQWud86bcvG5YH8+w5SKrFZ
pD9ruhVqkroKwAatMS8fPPbAN7XrUmm8NYt9e7/Ev3Nslj0woSv/2Y9E+i5BVvcB
H4Bt64aXfSPaJPdzQYpLcfeY4D1EpPIrP4y4AcEbEJb+8/MT9vyJO6qigNHJPdhW
TtFiZF8S8P6U0awJrTzawpqGS6Jrby3VNwhwqNGOtktRqLpCtcUyu+mk7epvhRCU
Z+J48/gHdk9FHWKhQKGiSxFNw9bA1tO6APUIrse7vqlj9S5Ze+77MhKUHQIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFHZHM0xo0KTMTYcx1b9/8CE3MEZiMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvZGtjelRHalFwTXhOaHpIVnYzX3dJVGN3Um1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZQYIKwYBBQUHAQcBAf8EggFUMIIBUDCCAUwEAgABMIIB
RAMEAFBgAQMEAFBgFgMEAVBgYAMEAFBgaAMEAFBggQMEAVBghgMEAVBglgMEAVBg
pAMEAFBgsQMEAFBguAMEAFBgzgMEBVBhQAMEAlG1EDAMAwQFUbUgAwQCUbUoMAwD
BABRtS0DBARRtSADBADB4gMDBADB4h4DBAHB4ioDBADB4i8DBADB4joDBADB4lMD
BADB4mQDBADB4mkDBADB5oEDBALB5qAwDAMEAcHmpgMEAcHmqAMEAMHmrgMEAMHm
sQMEAMHmwQMEAcHmygMEAMHm8AMEAMHm9wMEAMHnUgMEAMHnYAMEAcHneAMEAMHn
fgMEAsHntAMEBMHn0AMEAMHn/wMEAMJmVwMEAMJmWgMEANmcCgMEANmcIgMEANmc
KwMEANmcPwMEANmcSQMEANmcYgMEANmcbgMEAdmcdAMEANmceDANBgkqhkiG9w0B
AQsFAAOCAQEAnHufzR1xLPGuc5WXmOtO/dUbfhgP6lg1T3ZI82r3SZ1/7X85MIPm
q1xiRNMLEpCb2QW5wRFlsJMpGWjhklef1jg7SM8gE8gQ1ZGAGoI/OkaEfRfV3e8T
gFz6feRUaGxqC6SXm8AFTRH8irgNbGY7V8gReJDWLvbUVRJNvJbmQsmvxOLHCMbz
A/fVwWqPJtAZi+Sfyx/ePGmxG7gPWyoPqdz/BEdNTLAJcv+e40u/CuxFCZY3KAaY
jHt8CsvM5XoMrGG/CAxCEtMq10IrpBmnujiQfB+PBSSF+YIZZN6ryUl26nW6qz1+
LIFgP5GBuN1u3A2AtStosMI57EG+4hw9Cg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org