Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dylWE48s9YrgcTuQ-_bTL2e9fpY.roa
File:                     dylWE48s9YrgcTuQ-_bTL2e9fpY.roa (raw, json)
Hash identifier:          Bmx880bBGhWCcleDa9MkG4a/tqvbnrVjMpK34Du5xHQ=
Subject key identifier:   77:29:56:13:8F:2C:F5:8A:E0:71:3B:90:FB:F6:D3:2F:67:BD:7E:96
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018A75EF9DF004AAB53ADF86B75C4F9177A4
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dylWE48s9YrgcTuQ-_bTL2e9fpY.roa
Signing time:             Fri 08 Sep 2023 17:55:52 +0000
ROA not before:           Fri 08 Sep 2023 17:55:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62206
IP address blocks:        91.223.110.0/24 maxlen: 24
                          5.181.87.0/24 maxlen: 24
                          195.211.188.0/22 maxlen: 24
                          195.211.190.0/24 maxlen: 24
                          45.88.138.0/24 maxlen: 24
                          45.88.136.0/24 maxlen: 24
                          185.200.63.0/24 maxlen: 24
                          185.200.62.0/24 maxlen: 24
                          194.242.96.0/22 maxlen: 22
                          194.242.97.0/24 maxlen: 24
                          193.57.43.0/24 maxlen: 24
                          193.57.41.0/24 maxlen: 24
                          45.144.213.0/24 maxlen: 24
                          45.144.212.0/24 maxlen: 24
                          45.132.182.0/23 maxlen: 24
                          45.132.181.0/24 maxlen: 24
                          45.94.168.0/22 maxlen: 22
                          45.94.170.0/24 maxlen: 24
                          185.43.248.0/24 maxlen: 24
                          185.43.251.0/24 maxlen: 24
                          185.43.249.0/24 maxlen: 24
                          193.30.243.0/24 maxlen: 24
                          193.30.242.0/24 maxlen: 24
                          77.83.39.0/24 maxlen: 24
                          85.209.120.0/22 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          85.209.123.0/24 maxlen: 24
                          85.209.122.0/24 maxlen: 24
                          45.9.29.0/24 maxlen: 24
                          195.177.92.0/24 maxlen: 24
                          195.177.94.0/24 maxlen: 24
                          195.177.93.0/24 maxlen: 24
                          45.81.112.0/22 maxlen: 24
                          77.83.37.0/24 maxlen: 24
                          45.81.114.0/24 maxlen: 24
                          193.30.240.0/24 maxlen: 24
                          2a10:dfc0::/29 maxlen: 29
                          2a07:9200::/29 maxlen: 29
                          2a11:580::/29 maxlen: 29
                          2a0c:a580::/29 maxlen: 29
                          2a01:7120::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sun 10 Sep 2023 17:04:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:75:ef:9d:f0:04:aa:b5:3a:df:86:b7:5c:4f:91:77:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Sep  8 17:55:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=772956138f2cf58ae0713b90fbf6d32f67bd7e96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2e:7b:7d:a3:c6:3d:54:bc:5a:a6:c0:14:0e:
                    55:da:0d:d3:b6:86:de:fa:46:f9:0a:8e:25:e7:46:
                    26:c2:97:99:6d:1d:f8:6b:06:be:a6:7a:9a:a9:f2:
                    41:9d:94:66:9c:a9:59:4e:aa:0f:a4:d1:0f:c5:bb:
                    f2:5f:13:f6:19:84:e9:76:f2:56:39:22:5e:99:48:
                    c4:a3:52:99:ce:b5:7e:97:a2:5b:41:4e:ee:55:b2:
                    30:9d:31:9f:c6:d4:d9:57:91:4d:b4:71:7c:0c:4c:
                    80:95:57:fb:19:c1:43:5d:8f:97:d6:e4:89:d4:25:
                    1a:de:3a:de:40:18:4d:f6:5e:46:0f:f7:79:35:a9:
                    2e:73:08:71:9c:16:37:06:7c:23:f1:6d:19:26:2b:
                    79:ca:25:49:c9:6b:48:9b:9c:27:1d:4e:03:f5:9a:
                    05:1d:bc:a0:ab:b5:30:b6:35:34:13:40:c5:68:77:
                    16:74:bb:4f:28:89:80:b8:f6:9f:41:87:74:cb:93:
                    9e:6d:de:db:de:e0:dd:25:cc:6a:38:0f:50:62:9e:
                    ea:6b:22:5c:e7:d5:bc:a5:51:62:c0:bb:23:bb:40:
                    65:86:48:3a:65:99:a5:9e:ba:a1:d6:0f:fd:e0:72:
                    7f:df:e1:96:c7:cc:95:fe:c2:f5:1b:a4:db:3d:7d:
                    23:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:29:56:13:8F:2C:F5:8A:E0:71:3B:90:FB:F6:D3:2F:67:BD:7E:96
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/dylWE48s9YrgcTuQ-_bTL2e9fpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.87.0/24
                  45.9.29.0/24
                  45.81.112.0/22
                  45.88.136.0/24
                  45.88.138.0/24
                  45.94.168.0/22
                  45.132.181.0-45.132.183.255
                  45.144.212.0/23
                  77.83.37.0/24
                  77.83.39.0/24
                  85.209.120.0/22
                  91.223.110.0/24
                  185.43.248.0/23
                  185.43.251.0/24
                  185.200.62.0/23
                  193.30.240.0/24
                  193.30.242.0/23
                  193.57.41.0/24
                  193.57.43.0/24
                  194.242.96.0/22
                  195.177.92.0-195.177.94.255
                  195.211.188.0/22
                IPv6:
                  2a01:7120::/32
                  2a07:9200::/29
                  2a0c:a580::/29
                  2a10:dfc0::/29
                  2a11:580::/29

    Signature Algorithm: sha256WithRSAEncryption
         08:10:08:7d:01:b0:22:ea:89:5e:ef:e8:8d:34:f5:ae:85:0e:
         a8:10:41:60:a4:a4:5a:c1:e8:fc:83:80:db:04:35:b1:8c:d6:
         dd:92:c7:69:f3:6f:73:81:a8:d3:41:6f:cf:9d:ab:4b:f8:c8:
         f3:3a:77:4a:8f:68:a8:d3:5f:3c:83:23:fa:97:b5:0c:60:41:
         f8:ec:cb:dd:10:ce:e5:01:1b:cf:3f:a3:f9:67:c4:3e:d0:5b:
         45:5a:53:39:f0:6e:8f:9f:a7:06:f4:10:20:b7:15:27:f6:24:
         51:c9:92:e0:31:53:e0:ff:b2:50:8d:07:cc:bd:48:0c:5c:d8:
         3f:66:22:3a:09:3d:b6:a5:0b:f4:fc:2e:04:19:04:9a:d6:25:
         4c:b3:95:ec:e4:dd:59:d2:05:f4:6e:36:da:6b:99:17:0f:9e:
         60:b8:d0:3a:ff:72:af:75:84:b4:ac:09:16:22:49:7c:9b:62:
         5b:ba:24:8a:c5:04:1b:ea:e4:d7:2d:a3:58:d5:bf:b4:92:bf:
         06:36:30:e6:8d:fc:3e:91:81:4b:b6:9d:03:09:6c:be:25:87:
         29:47:6f:ad:80:67:28:4b:56:fa:c4:d1:86:26:00:c4:e8:49:
         c6:7f:21:e6:6e:95:30:99:06:f4:ea:d9:93:15:7e:70:4c:44:
         8e:0f:27:2f
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYp1753wBKq1Ot+Gt1xPkXekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTA4MTc1NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzI5NTYxMzhmMmNmNThhZTA3MTNiOTBmYmY2ZDMyZjY3YmQ3ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC57faPGPVS8WqbAFA5V2g3Ttobe
+kb5Co4l50YmwpeZbR34awa+pnqaqfJBnZRmnKlZTqoPpNEPxbvyXxP2GYTpdvJW
OSJemUjEo1KZzrV+l6JbQU7uVbIwnTGfxtTZV5FNtHF8DEyAlVf7GcFDXY+X1uSJ
1CUa3jreQBhN9l5GD/d5NakucwhxnBY3Bnwj8W0ZJit5yiVJyWtIm5wnHU4D9ZoF
Hbygq7UwtjU0E0DFaHcWdLtPKImAuPafQYd0y5Oebd7b3uDdJcxqOA9QYp7qayJc
59W8pVFiwLsju0Blhkg6ZZmlnrqh1g/94HJ/3+GWx8yV/sL1G6TbPX0jKwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFHcpVhOPLPWK4HE7kPv20y9nvX6WMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZHlsV0U0OHM5WXJnY1R1US1fYlRMMmU5ZnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBmwQCAAEwgZQDBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AS2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KQMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8
MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkq
hkiG9w0BAQsFAAOCAQEACBAIfQGwIuqJXu/ojTT1roUOqBBBYKSkWsHo/IOA2wQ1
sYzW3ZLHafNvc4Go00Fvz52rS/jI8zp3So9oqNNfPIMj+pe1DGBB+OzL3RDO5QEb
zz+j+WfEPtBbRVpTOfBuj5+nBvQQILcVJ/YkUcmS4DFT4P+yUI0HzL1IDFzYP2Yi
Ogk9tqUL9PwuBBkEmtYlTLOV7OTdWdIF9G422muZFw+eYLjQOv9yr3WEtKwJFiJJ
fJtiW7okisUEG+rk1y2jWNW/tJK/BjYw5o38PpGBS7adAwlsviWHKUdvrYBnKEtW
+sTRhiYAxOhJxn8h5m6VMJkG9OrZkxV+cExEjg8nLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org