Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zb24oMKVxZafsfepdacv9Fl6nes.roa
File:                     zb24oMKVxZafsfepdacv9Fl6nes.roa (raw, json)
Hash identifier:          Pcd/cm4olWHMmo7oRd8Y2oZLe25YtPWj0DbkAnJrKVc=
Subject key identifier:   CD:BD:B8:A0:C2:95:C5:96:9F:B1:F7:A9:75:A7:2F:F4:59:7A:9D:EB
Certificate issuer:       /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial:       018E6A4EFD2A05DA2967BA2C34AFC062ED1D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zb24oMKVxZafsfepdacv9Fl6nes.roa
Signing time:             Sat 23 Mar 2024 07:55:45 +0000
ROA not before:           Sat 23 Mar 2024 07:55:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        5.181.84.0/24 maxlen: 24
                          5.181.85.0/24 maxlen: 24
                          5.181.87.0/24 maxlen: 24
                          45.88.139.0/24 maxlen: 24
                          45.94.170.0/24 maxlen: 24
                          45.132.181.0/24 maxlen: 24
                          85.209.120.0/23 maxlen: 24
                          146.19.125.0/24 maxlen: 24
                          193.30.241.0/24 maxlen: 24
                          193.57.41.0/24 maxlen: 24
                          195.177.93.0/24 maxlen: 24
                          195.177.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Mar 2024 07:26:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:6a:4e:fd:2a:05:da:29:67:ba:2c:34:af:c0:62:ed:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
        Validity
            Not Before: Mar 23 07:55:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cdbdb8a0c295c5969fb1f7a975a72ff4597a9deb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1a:2e:e1:c8:ce:5f:e8:da:13:91:61:2f:28:
                    18:28:39:56:9a:4e:2a:65:1d:49:06:3c:f0:2f:bb:
                    42:67:24:d3:18:5a:aa:65:ee:68:33:21:d0:a4:40:
                    0f:12:29:c6:7c:7a:a7:aa:e6:a0:9f:87:24:1a:55:
                    55:66:69:2c:38:f7:60:0b:51:ab:b1:94:2e:e0:23:
                    52:1f:18:81:61:b6:e6:ea:e5:97:4a:be:73:88:f7:
                    b9:c3:29:8c:d4:c1:4a:bd:af:c5:ec:10:a0:92:33:
                    3e:b5:10:3c:05:5e:8f:47:d1:8a:24:e4:0c:fb:81:
                    66:f7:ec:f7:17:04:56:0d:da:e9:22:58:c6:99:3c:
                    98:07:a0:c1:68:c7:20:9a:38:0d:67:a7:15:fa:60:
                    37:ef:75:0f:dc:6b:d7:c6:15:37:fb:9c:bf:21:14:
                    5e:8d:8c:42:0b:6a:35:2c:85:ba:bd:a3:7a:ea:37:
                    c8:bd:3d:ae:ed:8f:77:57:97:21:15:06:93:37:8f:
                    e6:d1:b4:36:e8:54:aa:cc:c4:72:1b:5d:91:62:f1:
                    ac:9d:68:01:c8:b1:f0:26:72:8d:c2:17:aa:9d:fd:
                    53:e7:6d:89:32:57:4f:8a:60:ee:35:a4:29:22:bf:
                    34:0a:d4:e9:2f:c9:d6:3a:3f:3c:73:26:ba:64:a7:
                    f3:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:BD:B8:A0:C2:95:C5:96:9F:B1:F7:A9:75:A7:2F:F4:59:7A:9D:EB
            X509v3 Authority Key Identifier:
                keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zb24oMKVxZafsfepdacv9Fl6nes.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.84.0/23
                  5.181.87.0/24
                  45.88.139.0/24
                  45.94.170.0/24
                  45.132.181.0/24
                  85.209.120.0/23
                  146.19.125.0/24
                  193.30.241.0/24
                  193.57.41.0/24
                  195.177.93.0/24
                  195.177.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:a6:25:19:25:07:aa:2f:1c:3c:8a:4a:0b:bf:b3:56:d9:8c:
         97:3d:6f:09:ff:57:67:cb:0d:d9:df:02:d2:62:50:4d:0e:fb:
         67:35:5c:98:d9:d7:f1:11:49:2e:a4:ad:80:91:eb:79:77:bf:
         5d:8f:42:44:f0:39:26:7f:0b:8c:7c:4d:e9:a5:6b:15:97:c8:
         6a:b1:29:5b:d5:4c:c9:c0:ba:41:29:7d:af:85:75:53:35:73:
         c4:e0:75:c0:b9:5b:bb:ba:ea:45:32:1b:bd:be:71:09:d5:69:
         85:f2:46:1f:08:af:33:47:b3:94:df:62:4a:79:99:c5:43:71:
         c1:02:e2:e9:03:88:f3:44:37:66:8b:b4:7d:6b:be:f2:b3:b3:
         68:8c:6f:5a:eb:a2:85:4b:e0:3d:06:87:08:d4:68:95:f3:e7:
         0c:65:7d:d1:61:74:de:00:5d:9c:48:06:04:20:a6:02:8d:d6:
         4e:80:6a:b7:ba:58:2f:02:84:2a:3c:6b:10:a9:56:69:12:0c:
         ff:e0:d8:50:85:5f:1f:7c:8e:3b:bc:7c:48:e6:c5:eb:1c:c4:
         de:b2:98:f2:aa:00:53:ec:dc:b7:c0:b4:43:0e:a2:72:d2:14:
         f3:55:40:16:52:34:8b:4e:7e:9a:59:0d:7b:57:5e:da:0b:fe:
         fd:0a:4a:41
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY5qTv0qBdopZ7osNK/AYu0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzIzMDc1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGJkYjhhMGMyOTVjNTk2OWZiMWY3YTk3NWE3MmZmNDU5N2E5ZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhou4cjOX+jaE5FhLygYKDlWmk4q
ZR1JBjzwL7tCZyTTGFqqZe5oMyHQpEAPEinGfHqnquagn4ckGlVVZmksOPdgC1Gr
sZQu4CNSHxiBYbbm6uWXSr5ziPe5wymM1MFKva/F7BCgkjM+tRA8BV6PR9GKJOQM
+4Fm9+z3FwRWDdrpIljGmTyYB6DBaMcgmjgNZ6cV+mA373UP3GvXxhU3+5y/IRRe
jYxCC2o1LIW6vaN66jfIvT2u7Y93V5chFQaTN4/m0bQ26FSqzMRyG12RYvGsnWgB
yLHwJnKNwheqnf1T522JMldPimDuNaQpIr80CtTpL8nWOj88cya6ZKfzTQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFM29uKDClcWWn7H3qXWnL/RZep3rMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvemIyNG9NS1Z4WmFmc2ZlcGRhY3Y5Rmw2bmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBBbVUAwQA
BbVXAwQALViLAwQALV6qAwQALYS1AwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQA
w7FdAwQAw7FfMA0GCSqGSIb3DQEBCwUAA4IBAQArpiUZJQeqLxw8ikoLv7NW2YyX
PW8J/1dnyw3Z3wLSYlBNDvtnNVyY2dfxEUkupK2Aket5d79dj0JE8DkmfwuMfE3p
pWsVl8hqsSlb1UzJwLpBKX2vhXVTNXPE4HXAuVu7uupFMhu9vnEJ1WmF8kYfCK8z
R7OU32JKeZnFQ3HBAuLpA4jzRDdmi7R9a77ys7NojG9a66KFS+A9BocI1GiV8+cM
ZX3RYXTeAF2cSAYEIKYCjdZOgGq3ulgvAoQqPGsQqVZpEgz/4NhQhV8ffI47vHxI
5sXrHMTespjyqgBT7Ny3wLRDDqJy0hTzVUAWUjSLTn6aWQ17V17aC/79CkpB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:20 2024 by rpki-client on console-ams.rpki-client.org