Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/83gvizZI65abWXK5Mchl1mbImGg.roa
File:                     83gvizZI65abWXK5Mchl1mbImGg.roa (raw, json)
Hash identifier:          oYli2OP1apeCL92mm5p886UaHYlx0i9KX+18ZDGYngk=
Subject key identifier:   F3:78:2F:8B:36:48:EB:96:9B:59:72:B9:31:C8:65:D6:66:C8:98:68
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018BA8FD54B2F07F65D88922126072A5D9AF
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/83gvizZI65abWXK5Mchl1mbImGg.roa
Signing time:             Tue 07 Nov 2023 08:54:16 +0000
ROA not before:           Tue 07 Nov 2023 08:54:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        45.94.171.0/24 maxlen: 24
                          2.56.108.0/24 maxlen: 24
                          2.56.110.0/24 maxlen: 24
                          45.88.139.0/24 maxlen: 24
                          193.30.241.0/24 maxlen: 24
                          77.83.39.0/24 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          45.132.180.0/24 maxlen: 24
                          195.177.95.0/24 maxlen: 24
                          45.81.114.0/24 maxlen: 24
                          195.62.24.0/24 maxlen: 24
                          45.81.113.0/24 maxlen: 24
                          45.81.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 05:41:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a8:fd:54:b2:f0:7f:65:d8:89:22:12:60:72:a5:d9:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Nov  7 08:54:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f3782f8b3648eb969b5972b931c865d666c89868
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:09:eb:25:f0:26:25:e7:bb:0c:35:a3:1e:39:
                    ed:cb:13:49:34:44:d3:b1:db:97:53:76:51:b7:c1:
                    24:72:e4:13:df:7b:20:0a:99:cd:c2:a4:be:a0:fd:
                    c8:b2:b9:21:37:23:cf:1e:76:55:c7:9b:08:e5:b9:
                    01:87:4d:e9:43:a4:ed:cb:d9:89:87:f6:11:07:94:
                    78:bb:00:58:d2:76:88:92:7d:6b:17:67:f9:10:97:
                    bb:c5:d2:91:6e:6d:64:63:b0:5a:35:ef:76:86:fa:
                    b6:cb:6d:11:5e:e2:17:27:ac:02:22:3c:38:73:12:
                    be:61:c3:00:81:19:90:78:22:98:74:20:9a:9c:db:
                    32:ef:a5:5c:f5:60:93:98:06:22:bd:17:e7:10:47:
                    07:f9:74:f1:ef:af:49:b6:ab:38:1e:d0:4e:5d:a1:
                    ed:18:93:22:d0:17:1a:c1:f2:d0:0e:3b:9c:56:7b:
                    8b:b7:8d:bf:b9:30:fc:df:49:43:de:02:79:0e:98:
                    f9:8c:b1:28:6c:ab:1e:d0:4f:7f:cc:6b:d3:3b:6d:
                    e0:13:d1:84:da:31:9c:b3:2f:83:c6:93:13:2e:57:
                    22:01:12:ba:fc:d7:c5:88:6e:c0:82:67:bd:e8:f5:
                    98:09:dd:02:a4:b2:f7:0e:38:e7:4d:fd:a3:70:3d:
                    ed:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:78:2F:8B:36:48:EB:96:9B:59:72:B9:31:C8:65:D6:66:C8:98:68
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/83gvizZI65abWXK5Mchl1mbImGg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.108.0/24
                  2.56.110.0/24
                  45.81.113.0-45.81.115.255
                  45.88.139.0/24
                  45.94.171.0/24
                  45.132.180.0/24
                  77.83.39.0/24
                  85.209.120.0/23
                  193.30.241.0/24
                  195.62.24.0/24
                  195.177.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:23:d0:15:80:5b:9f:6f:0b:7f:2c:36:60:e5:c3:fc:4b:0f:
         f4:2c:9f:04:14:58:55:dd:21:1e:d5:d8:23:32:62:80:a3:04:
         9d:fd:bb:50:0a:83:06:cc:c3:1c:9c:52:a2:95:26:3c:b3:a3:
         42:f8:e9:4c:d3:b3:ee:d5:03:c4:0d:f5:84:ca:d1:52:3b:8d:
         3c:41:ec:84:8f:d2:a4:bc:8e:13:c8:6e:63:d3:e3:b7:64:14:
         66:6f:78:56:7b:44:d2:66:61:ae:2c:28:e0:23:90:25:74:a5:
         6c:18:eb:ce:08:d2:74:10:9f:a3:6d:f7:2d:9d:ce:b0:87:0d:
         11:cf:b6:c0:fc:2b:0f:a7:a4:4d:1e:fa:80:ba:90:a0:69:d1:
         1f:57:35:5b:6d:36:c5:00:bc:2e:e8:91:cb:85:62:a3:0b:e2:
         ee:b0:58:c0:08:5e:aa:0c:37:53:22:3b:4c:41:cf:07:66:76:
         7d:d3:d5:1e:7a:b7:36:d7:03:02:8a:46:5f:20:75:6e:2d:41:
         7e:7d:17:f2:58:20:d9:84:92:b6:f4:10:70:49:6d:e6:d5:51:
         84:c1:59:2f:ee:da:de:34:7d:d4:1f:9a:0a:12:9e:73:7f:dd:
         6a:6e:ec:e3:ab:5c:57:bb:9c:91:be:57:f2:2d:b5:8a:9f:d2:
         44:6a:3e:32
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYuo/VSy8H9l2IkiEmBypdmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTA3MDg1NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzc4MmY4YjM2NDhlYjk2OWI1OTcyYjkzMWM4NjVkNjY2Yzg5ODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwnrJfAmJee7DDWjHjntyxNJNETT
sduXU3ZRt8EkcuQT33sgCpnNwqS+oP3IsrkhNyPPHnZVx5sI5bkBh03pQ6Tty9mJ
h/YRB5R4uwBY0naIkn1rF2f5EJe7xdKRbm1kY7BaNe92hvq2y20RXuIXJ6wCIjw4
cxK+YcMAgRmQeCKYdCCanNsy76Vc9WCTmAYivRfnEEcH+XTx769Jtqs4HtBOXaHt
GJMi0BcawfLQDjucVnuLt42/uTD830lD3gJ5Dpj5jLEobKse0E9/zGvTO23gE9GE
2jGcsy+DxpMTLlciARK6/NfFiG7Agme96PWYCd0CpLL3DjjnTf2jcD3t7QIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFPN4L4s2SOuWm1lyuTHIZdZmyJhoMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvODNndml6Wkk2NWFiV1hLNU1jaGwxbWJJbUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAAjhsAwQA
AjhuMAwDBAAtUXEDBAItUXADBAAtWIsDBAAtXqsDBAAthLQDBABNUycDBAFV0XgD
BADBHvEDBADDPhgDBADDsV8wDQYJKoZIhvcNAQELBQADggEBAJAj0BWAW59vC38s
NmDlw/xLD/QsnwQUWFXdIR7V2CMyYoCjBJ39u1AKgwbMwxycUqKVJjyzo0L46UzT
s+7VA8QN9YTK0VI7jTxB7ISP0qS8jhPIbmPT47dkFGZveFZ7RNJmYa4sKOAjkCV0
pWwY684I0nQQn6Nt9y2dzrCHDRHPtsD8Kw+npE0e+oC6kKBp0R9XNVttNsUAvC7o
kcuFYqML4u6wWMAIXqoMN1MiO0xBzwdmdn3T1R56tzbXAwKKRl8gdW4tQX59F/JY
INmEkrb0EHBJbebVUYTBWS/u2t40fdQfmgoSnnN/3Wpu7OOrXFe7nJG+V/IttYqf
0kRqPjI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org