Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/qh5YRYSfAHQSwauBCeN7WM0R-q0.roa
File:                     qh5YRYSfAHQSwauBCeN7WM0R-q0.roa (raw, json)
Hash identifier:          no1JsITjFqfEWSGxU7Hp1qGdBiAWBWxABMf2kNJlHHE=
Subject key identifier:   AA:1E:58:45:84:9F:00:74:12:C1:AB:81:09:E3:7B:58:CD:11:FA:AD
Certificate issuer:       /CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Certificate serial:       01856E2FA0862D55C4E383A42F66E6A3FFCF
Authority key identifier: DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/qh5YRYSfAHQSwauBCeN7WM0R-q0.roa
Signing time:             Sun 01 Jan 2023 16:34:52 +0000
ROA not before:           Sun 01 Jan 2023 16:34:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24875
IP address blocks:        185.147.14.0/23 maxlen: 23
                          185.147.12.0/23 maxlen: 23
                          185.147.12.0/22 maxlen: 22
                          89.105.192.0/20 maxlen: 20
                          89.105.192.0/19 maxlen: 19
                          89.105.208.0/20 maxlen: 20
                          80.89.236.0/23 maxlen: 23
                          80.89.224.0/20 maxlen: 24
                          185.80.232.0/22 maxlen: 22
                          185.80.232.0/23 maxlen: 23
                          185.80.234.0/23 maxlen: 23
                          2001:968:2016::/48 maxlen: 48
                          2001:968:2171::/48 maxlen: 48
                          2001:968:2005::/48 maxlen: 48
                          2001:968:2185::/48 maxlen: 48
                          2001:968::/32 maxlen: 32
                          2001:968:2160::/48 maxlen: 48
                          2001:968:2019::/48 maxlen: 48
                          2001:968:2119::/48 maxlen: 48
                          2001:968:2174::/48 maxlen: 48
                          2001:968:2177::/48 maxlen: 48
                          2001:968:677::/48 maxlen: 48
                          2001:968:2152::/48 maxlen: 48
                          2001:968:2108::/48 maxlen: 48
                          2001:968:2188::/48 maxlen: 48
                          2001:968:2008::/48 maxlen: 48
                          2001:968:2146::/48 maxlen: 48
                          2001:968:2021::/48 maxlen: 48
                          2a07:5440::/29 maxlen: 29
                          2001:968:2035::/48 maxlen: 48
                          2001:968:2135::/48 maxlen: 48
                          2001:968:2010::/48 maxlen: 48
                          2001:968:2190::/48 maxlen: 48
                          2001:968:2110::/48 maxlen: 48
                          2001:968:2193::/48 maxlen: 48
                          2001:968:2013::/48 maxlen: 48
                          2001:968:2024::/48 maxlen: 48
                          2001:968:2227::/48 maxlen: 48
                          2001:968:2127::/48 maxlen: 48
                          2001:968:2027::/48 maxlen: 48
                          2001:968:2182::/48 maxlen: 48
                          2001:968:2102::/48 maxlen: 48
                          2001:968:2138::/48 maxlen: 48
                          2001:968:676::/48 maxlen: 48
                          2001:968:2151::/48 maxlen: 48
                          2001:968:2140::/48 maxlen: 48
                          2001:968:2143::/48 maxlen: 48
                          2001:968:679::/48 maxlen: 48
                          2001:968:2179::/48 maxlen: 48
                          2001:968:2032::/48 maxlen: 48
                          2001:968:2132::/48 maxlen: 48
                          2a00:11f8::/32 maxlen: 32
                          2001:968:2026::/48 maxlen: 48
                          2001:968:2226::/48 maxlen: 48
                          2001:968:2101::/48 maxlen: 48
                          2001:968:2181::/48 maxlen: 48
                          2001:968:2001::/48 maxlen: 48
                          2001:968:15::/48 maxlen: 48
                          2001:968:2195::/48 maxlen: 48
                          2001:968:2015::/48 maxlen: 48
                          2001:968:3295::/48 maxlen: 48
                          2001:968:2173::/48 maxlen: 48
                          2001:968:2129::/48 maxlen: 48
                          2001:968:2004::/48 maxlen: 48
                          2001:968:2184::/48 maxlen: 48
                          2001:968:2104::/48 maxlen: 48
                          2001:968:2007::/48 maxlen: 48
                          2001:968:2107::/48 maxlen: 48
                          2001:968:1007::/48 maxlen: 48
                          2001:968:2162::/48 maxlen: 48
                          2001:968:2062::/48 maxlen: 48
                          2001:968:2198::/48 maxlen: 48
                          2001:968:2118::/48 maxlen: 48
                          2a07:5440::/32 maxlen: 32
                          2001:968:2131::/48 maxlen: 48
                          2001:968:2145::/48 maxlen: 48
                          2001:968:2020::/48 maxlen: 48
                          2001:968:2023::/48 maxlen: 48
                          2001:968:2134::/48 maxlen: 48
                          2001:968:2037::/48 maxlen: 48
                          2001:968:2137::/48 maxlen: 48
                          2001:968:2412::/48 maxlen: 48
                          2001:968:2112::/48 maxlen: 48
                          2001:968:2192::/48 maxlen: 48
                          2001:968:2148::/48 maxlen: 48
                          2001:968:2106::/48 maxlen: 48
                          2001:968:2006::/48 maxlen: 48
                          2001:968:2186::/48 maxlen: 48
                          2001:968::/29 maxlen: 29
                          2001:968:675::/48 maxlen: 48
                          2001:968:2150::/48 maxlen: 48
                          2001:968:2153::/48 maxlen: 48
                          2001:968:2189::/48 maxlen: 48
                          2001:968:2109::/48 maxlen: 48
                          2001:968:2164::/48 maxlen: 48
                          2a00:11f8::/29 maxlen: 29
                          2001:968:2178::/48 maxlen: 48
                          2001:968:678::/48 maxlen: 48
                          2001:968:2036::/48 maxlen: 48
                          2001:968:2111::/48 maxlen: 48
                          2001:968:2191::/48 maxlen: 48
                          2001:968:2025::/48 maxlen: 48
                          2001:968:2180::/48 maxlen: 48
                          2001:968:780::/48 maxlen: 48
                          2001:968:1400::/48 maxlen: 48
                          2001:968:100::/48 maxlen: 48
                          2001:968:2103::/48 maxlen: 48
                          2001:968:2003::/48 maxlen: 48
                          2001:968:2139::/48 maxlen: 48
                          2001:968:2194::/48 maxlen: 48
                          2001:968:2197::/48 maxlen: 48
                          2001:968:2117::/48 maxlen: 48
                          2001:968:2017::/48 maxlen: 48
                          2001:968:2172::/48 maxlen: 48
                          2001:968:2128::/48 maxlen: 48
                          2001:968:2155::/48 maxlen: 48
                          2001:968:2130::/48 maxlen: 48
                          2001:968:2133::/48 maxlen: 48
                          2001:968:2144::/48 maxlen: 48
                          2001:968:2147::/48 maxlen: 48
                          2001:968:2022::/48 maxlen: 48
                          2001:968:2158::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 23 Feb 2023 10:10:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:2f:a0:86:2d:55:c4:e3:83:a4:2f:66:e6:a3:ff:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
        Validity
            Not Before: Jan  1 16:34:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aa1e5845849f007412c1ab8109e37b58cd11faad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b7:71:89:db:0a:49:c4:d8:c9:66:54:a7:d7:
                    c0:20:59:a3:b8:08:06:ce:3c:85:22:6b:54:7d:44:
                    52:ef:a8:ee:ff:db:62:64:28:16:ec:a7:9b:40:cd:
                    ed:35:6b:5e:35:6a:e2:bc:16:ed:60:a1:25:8c:cd:
                    47:ac:33:a2:da:9c:2f:52:ce:b0:b4:9a:70:78:82:
                    f5:b5:14:11:28:00:82:68:49:77:91:c5:c4:ba:71:
                    db:67:91:45:0d:bb:3c:a0:98:cf:a2:71:31:e9:b9:
                    73:43:7e:37:95:11:63:68:d8:60:96:24:ce:6f:78:
                    99:02:66:1a:aa:99:86:05:8f:e4:4a:54:ca:a9:a0:
                    32:fa:2f:dd:fa:74:34:bd:6e:bb:0f:87:c4:71:a7:
                    14:37:b5:cc:5e:50:0a:ac:77:0d:51:92:58:c7:08:
                    a1:d1:ac:bd:bc:6e:db:85:36:18:b0:8b:2f:01:4c:
                    27:c4:46:24:65:22:bf:fc:6d:68:ec:fd:6d:88:7a:
                    5f:bc:30:c1:1d:33:86:c4:6a:d9:1a:b2:6c:17:5d:
                    b9:ae:bc:12:94:63:59:e8:0d:75:8e:b5:f3:75:46:
                    bc:7a:79:95:41:50:91:53:07:4f:d1:af:f9:16:d6:
                    58:9b:33:98:12:e0:91:15:01:3f:d0:c9:68:fb:8c:
                    eb:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:1E:58:45:84:9F:00:74:12:C1:AB:81:09:E3:7B:58:CD:11:FA:AD
            X509v3 Authority Key Identifier:
                keyid:DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/qh5YRYSfAHQSwauBCeN7WM0R-q0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.89.224.0/20
                  89.105.192.0/19
                  185.80.232.0/22
                  185.147.12.0/22
                IPv6:
                  2001:968::/29
                  2a00:11f8::/29
                  2a07:5440::/29

    Signature Algorithm: sha256WithRSAEncryption
         a2:05:67:e7:e8:21:2a:a1:d8:a2:f2:54:aa:60:8c:fb:56:fa:
         fd:93:a6:4c:70:f6:e2:87:cd:01:4e:1b:98:3d:ec:2d:67:29:
         26:27:60:a0:4f:39:50:c6:82:83:a2:b4:ee:59:45:91:0c:2a:
         aa:53:09:fb:25:ac:bf:22:44:c2:fa:b1:b1:55:ef:52:e5:d0:
         99:1a:01:15:a9:a7:29:12:61:46:87:b0:24:9b:c9:e3:0a:c9:
         d1:a7:fe:c4:ae:6f:d4:da:cb:f2:cf:67:72:5e:3c:90:11:b9:
         a9:d1:05:32:cf:cd:a2:b6:2b:e4:b6:3a:25:4d:05:a2:99:9a:
         c5:0f:f7:08:4c:41:26:a6:53:a3:fe:b6:67:12:82:ff:c2:6a:
         2d:43:fb:b6:1a:ca:8c:53:88:1e:7e:5c:10:d0:36:e0:7c:25:
         10:ac:14:dc:0a:59:bf:ca:f7:2e:1d:12:44:e9:18:d8:11:ad:
         89:36:0c:6a:6f:a2:5c:ed:a9:01:b6:b4:63:77:d6:ea:fa:ca:
         6a:b4:5d:b5:7a:ce:c0:b4:1a:f2:a9:12:7c:d8:10:7d:d1:0c:
         09:e9:c5:2f:00:be:fe:95:eb:c4:41:06:a4:ea:ad:f6:98:52:
         d9:26:06:d2:5d:16:d8:54:5b:c0:9b:fb:01:1e:87:7e:de:8e:
         12:2e:90:69
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVuL6CGLVXE44OkL2bmo//PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTBlMGFlZTFlY2MzMTA2NmNiNzQ0ZjhhN2ZlZWRlZmIz
Zjc5MzAwHhcNMjMwMTAxMTYzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFlNTg0NTg0OWYwMDc0MTJjMWFiODEwOWUzN2I1OGNkMTFmYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrdxidsKScTYyWZUp9fAIFmjuAgG
zjyFImtUfURS76ju/9tiZCgW7KebQM3tNWteNWrivBbtYKEljM1HrDOi2pwvUs6w
tJpweIL1tRQRKACCaEl3kcXEunHbZ5FFDbs8oJjPonEx6blzQ343lRFjaNhgliTO
b3iZAmYaqpmGBY/kSlTKqaAy+i/d+nQ0vW67D4fEcacUN7XMXlAKrHcNUZJYxwih
0ay9vG7bhTYYsIsvAUwnxEYkZSK//G1o7P1tiHpfvDDBHTOGxGrZGrJsF125rrwS
lGNZ6A11jrXzdUa8enmVQVCRUwdP0a/5FtZYmzOYEuCRFQE/0Mlo+4zr8wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFKoeWEWEnwB0EsGrgQnje1jNEfqtMB8GA1UdIwQY
MBaAFNyQ4K7h7MMQZst0T4p/7t77P3kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYt
MDBiY2Q5YjkxYzFiLzEvcWg1WVJZU2ZBSFFTd2F1QkNlTjdXTTBSLXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYtMDBiY2Q5YjkxYzFi
LzEvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQEUFngAwQF
WWnAAwQCuVDoAwQCuZMMMBsEAgACMBUDBQMgAQloAwUDKgAR+AMFAyoHVEAwDQYJ
KoZIhvcNAQELBQADggEBAKIFZ+foISqh2KLyVKpgjPtW+v2Tpkxw9uKHzQFOG5g9
7C1nKSYnYKBPOVDGgoOitO5ZRZEMKqpTCfslrL8iRML6sbFV71Ll0JkaARWppykS
YUaHsCSbyeMKydGn/sSub9Tay/LPZ3JePJARuanRBTLPzaK2K+S2OiVNBaKZmsUP
9whMQSamU6P+tmcSgv/Cai1D+7YayoxTiB5+XBDQNuB8JRCsFNwKWb/K9y4dEkTp
GNgRrYk2DGpvolztqQG2tGN31ur6ymq0XbV6zsC0GvKpEnzYEH3RDAnpxS8Avv6V
68RBBqTqrfaYUtkmBtJdFthUW8Cb+wEeh37ejhIukGk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:34 2024 by rpki-client on console-fra.rpki-client.org