Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/MYlXGE3HZZh9xrVmjm0b5LPL_KE.roa
File:                     MYlXGE3HZZh9xrVmjm0b5LPL_KE.roa (raw, json)
Hash identifier:          WRqhYeOYtZzxMxVYSSzG7QWed/lXdzSPRq7z13nGNCw=
Subject key identifier:   31:89:57:18:4D:C7:65:98:7D:C6:B5:66:8E:6D:1B:E4:B3:CB:FC:A1
Certificate issuer:       /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial:       01878C796FA0461F76FB6CC1DA17F69FB845
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/MYlXGE3HZZh9xrVmjm0b5LPL_KE.roa
Signing time:             Sun 16 Apr 2023 23:49:41 +0000
ROA not before:           Sun 16 Apr 2023 23:49:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202448
IP address blocks:        45.137.151.0/24 maxlen: 24
                          45.137.150.0/24 maxlen: 24
                          45.137.148.0/24 maxlen: 32
                          45.137.149.0/24 maxlen: 24
                          2.56.213.0/24 maxlen: 24
                          2.56.212.0/24 maxlen: 24
                          89.43.33.0/24 maxlen: 24
                          86.107.197.0/24 maxlen: 24
                          93.114.128.0/24 maxlen: 24
                          2.56.215.0/24 maxlen: 24
                          2.56.214.0/24 maxlen: 24
                          194.32.78.0/24 maxlen: 24
                          194.32.77.0/24 maxlen: 24
                          194.32.76.0/24 maxlen: 24
                          194.32.79.0/24 maxlen: 24
                          91.250.248.0/24 maxlen: 32
                          91.250.249.0/24 maxlen: 32
                          185.234.52.0/24 maxlen: 32
                          185.96.163.0/24 maxlen: 24
                          178.157.82.0/24 maxlen: 24
                          185.170.213.0/24 maxlen: 24
                          178.157.91.0/24 maxlen: 24
                          185.170.212.0/24 maxlen: 24
                          178.157.90.0/24 maxlen: 24
                          185.170.215.0/24 maxlen: 24
                          185.170.214.0/24 maxlen: 24
                          45.153.184.0/24 maxlen: 24
                          45.153.186.0/24 maxlen: 24
                          45.153.185.0/24 maxlen: 24
                          45.153.187.0/24 maxlen: 24
                          86.106.181.0/24 maxlen: 24
                          89.38.135.0/24 maxlen: 32
                          91.227.41.0/24 maxlen: 24
                          91.227.40.0/24 maxlen: 24
                          86.105.252.0/24 maxlen: 24
                          94.176.182.0/24 maxlen: 24
                          185.243.214.0/24 maxlen: 32
                          185.243.215.0/24 maxlen: 24
                          194.99.23.0/24 maxlen: 24
                          194.99.22.0/24 maxlen: 24
                          194.99.21.0/24 maxlen: 24
                          194.99.20.0/24 maxlen: 24
                          89.38.131.0/24 maxlen: 24
                          31.14.238.0/24 maxlen: 24
                          89.38.130.0/24 maxlen: 24
                          89.38.129.0/24 maxlen: 24
                          89.38.128.0/24 maxlen: 24
                          188.212.125.0/24 maxlen: 24
                          188.212.124.0/24 maxlen: 24
                          93.114.133.0/24 maxlen: 24
                          93.115.16.0/24 maxlen: 24
                          93.115.17.0/24 maxlen: 24
                          93.115.23.0/24 maxlen: 24
                          93.115.22.0/24 maxlen: 24
                          93.115.21.0/24 maxlen: 24
                          93.115.20.0/24 maxlen: 24
                          93.115.19.0/24 maxlen: 24
                          93.115.18.0/24 maxlen: 24
                          2a05:8280::/32 maxlen: 32
                          2a09:cd42::/32 maxlen: 32
                          2a09:cd45::/32 maxlen: 32
                          2a09:cd43::/32 maxlen: 32
                          2a0c:b9c1::/32 maxlen: 32
                          2a09:cd41::/32 maxlen: 32
                          2a09:cd40::/32 maxlen: 32
                          2a0c:b9c0::/32 maxlen: 32
                          2a09:cd46::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 27 Sep 2023 00:10:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:8c:79:6f:a0:46:1f:76:fb:6c:c1:da:17:f6:9f:b8:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
        Validity
            Not Before: Apr 16 23:49:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=318957184dc765987dc6b5668e6d1be4b3cbfca1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:98:08:fc:de:2c:3f:4d:44:23:e0:2b:f1:ae:
                    da:c3:d5:03:84:77:03:4b:97:4e:4e:75:80:29:87:
                    f6:0c:43:91:28:59:01:26:c0:5c:90:dc:41:c6:0d:
                    cc:2e:ca:31:48:5e:f7:da:36:40:bb:e2:1d:09:ea:
                    b7:0e:32:3b:56:a1:1c:43:57:f9:58:53:88:02:90:
                    a9:71:84:a5:51:14:75:52:81:e9:d4:7a:55:d3:92:
                    aa:2c:08:e4:9f:a2:e7:0b:83:0b:88:ad:7f:23:1d:
                    37:99:42:5c:bd:85:1f:0f:a9:c6:e8:e8:d6:00:4f:
                    94:16:87:24:9d:85:f7:ed:b9:ee:ad:ca:2c:06:6a:
                    00:a2:00:bf:ed:c6:04:27:ab:8f:b9:07:f0:a7:ef:
                    7b:91:68:59:c2:1b:a2:2d:1b:45:96:e7:05:f1:92:
                    9f:ef:e4:cd:29:0f:b5:dd:91:2b:2e:bc:99:bd:9e:
                    57:f6:e3:40:d4:1d:52:d5:42:2e:8c:ca:b1:5d:df:
                    35:6b:6d:d6:37:31:ba:24:59:7a:2c:92:e4:c7:00:
                    4e:5b:a9:94:88:9f:b0:c9:b0:65:ab:28:e7:7b:a3:
                    74:50:33:cc:1d:69:7f:f4:b5:8f:ab:a5:6d:be:e6:
                    82:2a:f0:cc:82:b0:65:bb:4d:d3:70:e7:03:8e:18:
                    1b:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:89:57:18:4D:C7:65:98:7D:C6:B5:66:8E:6D:1B:E4:B3:CB:FC:A1
            X509v3 Authority Key Identifier:
                keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/MYlXGE3HZZh9xrVmjm0b5LPL_KE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.212.0/22
                  31.14.238.0/24
                  45.137.148.0/22
                  45.153.184.0/22
                  86.105.252.0/24
                  86.106.181.0/24
                  86.107.197.0/24
                  89.38.128.0/22
                  89.38.135.0/24
                  89.43.33.0/24
                  91.227.40.0/23
                  91.250.248.0/23
                  93.114.128.0/24
                  93.114.133.0/24
                  93.115.16.0/21
                  94.176.182.0/24
                  178.157.82.0/24
                  178.157.90.0/23
                  185.96.163.0/24
                  185.170.212.0/22
                  185.234.52.0/24
                  185.243.214.0/23
                  188.212.124.0/23
                  194.32.76.0/22
                  194.99.20.0/22
                IPv6:
                  2a05:8280::/32
                  2a09:cd40::/30
                  2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0c:b9c0::/31

    Signature Algorithm: sha256WithRSAEncryption
         7f:12:f3:84:b4:d4:ee:c5:0d:aa:00:1f:32:fb:b6:5b:1a:e2:
         ba:fb:e9:e3:a6:09:30:cb:41:10:4f:af:87:b2:85:38:86:a4:
         16:6e:d8:c8:59:2e:84:67:22:b9:62:83:cd:a3:06:68:88:47:
         f0:06:ce:d4:4a:19:dc:25:12:0f:16:a2:3e:fd:33:bc:e2:ed:
         2d:30:87:e1:9d:38:f0:4f:34:72:3e:76:d5:87:fc:4a:e1:a0:
         f0:45:da:f0:e1:67:14:a2:e8:28:b0:a0:31:44:db:21:a2:27:
         9f:72:8a:8f:36:6f:cb:61:0d:70:6a:da:e4:26:35:ba:23:7d:
         2e:62:d0:05:c1:8c:d1:59:6d:65:c6:36:42:f4:d4:35:fe:66:
         de:a0:12:b6:6c:e5:b7:a8:7a:a3:2f:ce:43:48:7c:10:c4:da:
         e8:aa:75:5e:39:6d:60:61:43:71:e9:8f:d9:e0:bf:24:bf:14:
         8f:51:f6:ac:f0:92:fc:bd:9f:f9:79:c4:00:67:0d:47:aa:ec:
         2d:fd:5b:35:19:bf:3d:04:08:88:dc:7d:e6:29:14:bf:f8:87:
         42:e7:3f:da:01:15:c3:54:b1:dc:d7:0c:ce:eb:27:1b:c3:34:
         20:45:6d:16:6e:16:6b:a4:27:a7:bd:99:03:b9:ba:22:ff:2d:
         ca:6b:47:f2
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAYeMeW+gRh92+2zB2hf2n7hFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjMwNDE2MjM0OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTg5NTcxODRkYzc2NTk4N2RjNmI1NjY4ZTZkMWJlNGIzY2JmY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZgI/N4sP01EI+Ar8a7aw9UDhHcD
S5dOTnWAKYf2DEORKFkBJsBckNxBxg3MLsoxSF732jZAu+IdCeq3DjI7VqEcQ1f5
WFOIApCpcYSlURR1UoHp1HpV05KqLAjkn6LnC4MLiK1/Ix03mUJcvYUfD6nG6OjW
AE+UFocknYX37bnurcosBmoAogC/7cYEJ6uPuQfwp+97kWhZwhuiLRtFlucF8ZKf
7+TNKQ+13ZErLryZvZ5X9uNA1B1S1UIujMqxXd81a23WNzG6JFl6LJLkxwBOW6mU
iJ+wybBlqyjne6N0UDPMHWl/9LWPq6VtvuaCKvDMgrBlu03TcOcDjhgbnQIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFDGJVxhNx2WYfca1Zo5tG+Szy/yhMB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvTVlsWEdFM0haWmg5eHJWbWptMGI1TFBMX0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHgBggrBgEFBQcBBwEB/wSB0DCBzTCBnQQCAAEwgZYDBAIC
ONQDBAAfDu4DBAItiZQDBAItmbgDBABWafwDBABWarUDBABWa8UDBAJZJoADBABZ
JocDBABZKyEDBAFb4ygDBAFb+vgDBABdcoADBABdcoUDBANdcxADBABesLYDBACy
nVIDBAGynVoDBAC5YKMDBAK5qtQDBAC56jQDBAG589YDBAG81HwDBALCIEwDBALC
YxQwKwQCAAIwJQMFACoFgoADBQIqCc1AMA4DBQAqCc1FAwUAKgnNRgMFASoMucAw
DQYJKoZIhvcNAQELBQADggEBAH8S84S01O7FDaoAHzL7tlsa4rr76eOmCTDLQRBP
r4eyhTiGpBZu2MhZLoRnIrlig82jBmiIR/AGztRKGdwlEg8Woj79M7zi7S0wh+Gd
OPBPNHI+dtWH/ErhoPBF2vDhZxSi6CiwoDFE2yGiJ59yio82b8thDXBq2uQmNboj
fS5i0AXBjNFZbWXGNkL01DX+Zt6gErZs5beoeqMvzkNIfBDE2uiqdV45bWBhQ3Hp
j9ngvyS/FI9R9qzwkvy9n/l5xABnDUeq7C39WzUZvz0ECIjcfeYpFL/4h0LnP9oB
FcNUsdzXDM7rJxvDNCBFbRZuFmukJ6e9mQO5uiL/LcprR/I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:35 2024 by rpki-client on console-fra.rpki-client.org