Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h4OyiAdeaij8tCbnAD8wYjTOFdU.roa
File:                     h4OyiAdeaij8tCbnAD8wYjTOFdU.roa (raw, json)
Hash identifier:          hF+uAKaX23GH1yIvhA8YBzx+hIWZYee9J8el/A0aznI=
Subject key identifier:   87:83:B2:88:07:5E:6A:28:FC:B4:26:E7:00:3F:30:62:34:CE:15:D5
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018BD2850EEF5AB744678B11CE2E5234108E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h4OyiAdeaij8tCbnAD8wYjTOFdU.roa
Signing time:             Wed 15 Nov 2023 10:26:57 +0000
ROA not before:           Wed 15 Nov 2023 10:26:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62206
IP address blocks:        5.181.87.0/24 maxlen: 24
                          195.211.188.0/22 maxlen: 24
                          195.211.190.0/24 maxlen: 24
                          2.56.108.0/24 maxlen: 24
                          45.88.138.0/24 maxlen: 24
                          45.88.136.0/24 maxlen: 24
                          185.200.63.0/24 maxlen: 24
                          185.200.62.0/24 maxlen: 24
                          194.242.96.0/22 maxlen: 22
                          194.242.97.0/24 maxlen: 24
                          193.57.43.0/24 maxlen: 24
                          45.144.212.0/24 maxlen: 24
                          45.132.182.0/23 maxlen: 24
                          45.132.181.0/24 maxlen: 24
                          45.132.180.0/24 maxlen: 24
                          45.94.168.0/22 maxlen: 22
                          45.94.170.0/24 maxlen: 24
                          185.43.248.0/24 maxlen: 24
                          185.43.251.0/24 maxlen: 24
                          185.43.249.0/24 maxlen: 24
                          193.30.243.0/24 maxlen: 24
                          193.30.242.0/24 maxlen: 24
                          77.83.39.0/24 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          85.209.120.0/22 maxlen: 24
                          85.209.123.0/24 maxlen: 24
                          85.209.122.0/24 maxlen: 24
                          45.9.29.0/24 maxlen: 24
                          195.177.92.0/24 maxlen: 24
                          195.177.94.0/24 maxlen: 24
                          195.177.93.0/24 maxlen: 24
                          77.83.37.0/24 maxlen: 24
                          45.81.114.0/24 maxlen: 24
                          193.30.240.0/24 maxlen: 24
                          2a10:dfc0::/29 maxlen: 29
                          2a07:9200::/29 maxlen: 29
                          2a11:580::/29 maxlen: 29
                          2a0c:a580::/29 maxlen: 29
                          2a01:7120::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 15 Nov 2023 10:56:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d2:85:0e:ef:5a:b7:44:67:8b:11:ce:2e:52:34:10:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Nov 15 10:26:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8783b288075e6a28fcb426e7003f306234ce15d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:26:1b:29:d7:f3:00:2b:95:54:28:0e:40:06:
                    0b:96:ac:d0:c4:5c:da:e2:ac:33:36:8b:44:cd:8e:
                    2b:e0:81:87:f2:06:8b:bc:c0:63:5f:04:dd:9d:74:
                    4d:50:06:01:02:f5:44:8a:e6:fe:d8:32:7a:0a:30:
                    0b:9c:31:13:1b:22:45:cb:66:1e:06:2b:41:ac:dc:
                    af:6a:18:a3:0f:1a:97:91:68:31:d9:2b:d1:91:7e:
                    e3:af:09:88:f1:f1:c4:a3:51:bd:e5:34:4d:74:d9:
                    1b:6b:04:9a:06:18:3e:a4:3f:24:a5:92:5c:98:36:
                    7f:d3:1f:d1:a6:61:a0:0b:b0:87:fa:16:a9:08:0e:
                    78:56:3f:a8:b9:20:1b:9e:4e:2d:b3:26:2d:da:e2:
                    ae:28:4c:79:a2:0b:23:16:fb:5e:65:cf:e7:48:bc:
                    c8:eb:50:00:62:14:d8:12:8e:67:ed:97:d2:61:dd:
                    d1:74:fd:13:22:05:e2:57:8f:db:ca:1f:d4:2f:ab:
                    5a:c3:e5:bb:f1:91:09:a0:bc:d5:6b:5f:e8:6a:3f:
                    25:37:0c:71:02:9f:ae:38:12:ce:58:32:04:46:d0:
                    fb:55:2d:5f:b4:9d:ec:b8:da:d8:af:e5:b5:9c:2f:
                    3f:9a:1a:ec:f1:b7:c8:37:e3:9e:14:52:91:c5:ea:
                    de:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:83:B2:88:07:5E:6A:28:FC:B4:26:E7:00:3F:30:62:34:CE:15:D5
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h4OyiAdeaij8tCbnAD8wYjTOFdU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.108.0/24
                  5.181.87.0/24
                  45.9.29.0/24
                  45.81.114.0/24
                  45.88.136.0/24
                  45.88.138.0/24
                  45.94.168.0/22
                  45.132.180.0/22
                  45.144.212.0/24
                  77.83.37.0/24
                  77.83.39.0/24
                  85.209.120.0/22
                  185.43.248.0/23
                  185.43.251.0/24
                  185.200.62.0/23
                  193.30.240.0/24
                  193.30.242.0/23
                  193.57.43.0/24
                  194.242.96.0/22
                  195.177.92.0-195.177.94.255
                  195.211.188.0/22
                IPv6:
                  2a01:7120::/32
                  2a07:9200::/29
                  2a0c:a580::/29
                  2a10:dfc0::/29
                  2a11:580::/29

    Signature Algorithm: sha256WithRSAEncryption
         7e:1a:c7:36:13:fc:a7:f5:18:f1:ba:e9:e1:c1:7d:a1:0a:e3:
         e4:e8:9c:d5:b4:97:10:ef:a1:fe:29:f2:7f:46:cc:df:ab:5c:
         5e:91:0d:34:17:c4:15:dd:62:59:38:5a:f6:25:f2:98:56:5b:
         d4:49:74:a2:f9:5e:77:53:1b:f3:ae:f1:7b:f0:1a:fa:79:ce:
         c8:b8:f2:a4:8e:be:a0:ab:93:9f:ba:ea:e6:ba:22:88:2e:dc:
         30:2e:4d:c5:49:46:52:6b:b5:41:83:bd:3d:d2:39:d4:62:a8:
         84:82:20:af:f1:43:60:b2:03:8d:57:e1:42:3a:39:ca:89:27:
         3d:4c:0c:bd:11:bb:2f:dc:9b:e8:21:95:cd:32:eb:07:b4:be:
         e3:5c:bf:32:9f:17:7c:3b:08:04:c0:ce:4a:f3:37:5d:90:ea:
         eb:35:8e:03:04:d0:69:c0:55:ca:7a:e7:5c:65:7d:de:3a:c7:
         cf:54:f4:21:99:1f:15:15:a0:c2:b2:66:37:56:1c:76:fd:90:
         03:e4:c9:3f:d7:fd:fd:fa:e1:fe:45:e6:6c:2e:d1:fb:3a:12:
         6d:1a:7b:72:7e:f6:03:14:e1:d9:97:ae:79:bb:15:a9:28:fd:
         34:d9:a0:e4:70:22:8f:87:9c:df:58:52:8b:9c:95:ef:40:5a:
         61:95:c7:d9
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYvShQ7vWrdEZ4sRzi5SNBCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTE1MTAyNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzgzYjI4ODA3NWU2YTI4ZmNiNDI2ZTcwMDNmMzA2MjM0Y2UxNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCYbKdfzACuVVCgOQAYLlqzQxFza
4qwzNotEzY4r4IGH8gaLvMBjXwTdnXRNUAYBAvVEiub+2DJ6CjALnDETGyJFy2Ye
BitBrNyvahijDxqXkWgx2SvRkX7jrwmI8fHEo1G95TRNdNkbawSaBhg+pD8kpZJc
mDZ/0x/RpmGgC7CH+hapCA54Vj+ouSAbnk4tsyYt2uKuKEx5ogsjFvteZc/nSLzI
61AAYhTYEo5n7ZfSYd3RdP0TIgXiV4/byh/UL6taw+W78ZEJoLzVa1/oaj8lNwxx
Ap+uOBLOWDIERtD7VS1ftJ3suNrYr+W1nC8/mhrs8bfIN+OeFFKRxereywIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFIeDsogHXmoo/LQm5wA/MGI0zhXVMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaDRPeWlBZGVhaWo4dENibkFEOHdZalRPRmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAAC
OGwDBAAFtVcDBAAtCR0DBAAtUXIDBAAtWIgDBAAtWIoDBAItXqgDBAIthLQDBAAt
kNQDBABNUyUDBABNUycDBAJV0XgDBAG5K/gDBAC5K/sDBAG5yD4DBADBHvADBAHB
HvIDBADBOSsDBALC8mAwDAMEAsOxXAMEAMOxXgMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
AH4axzYT/Kf1GPG66eHBfaEK4+TonNW0lxDvof4p8n9GzN+rXF6RDTQXxBXdYlk4
WvYl8phWW9RJdKL5XndTG/Ou8XvwGvp5zsi48qSOvqCrk5+66ua6Iogu3DAuTcVJ
RlJrtUGDvT3SOdRiqISCIK/xQ2CyA41X4UI6OcqJJz1MDL0Ruy/cm+ghlc0y6we0
vuNcvzKfF3w7CATAzkrzN12Q6us1jgME0GnAVcp651xlfd46x89U9CGZHxUVoMKy
ZjdWHHb9kAPkyT/X/f364f5F5mwu0fs6Em0ae3J+9gMU4dmXrnm7Fako/TTZoORw
Io+HnN9YUoucle9AWmGVx9k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org