Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/LeiYgR1p_MxqmPjHTJIUdn2EEK4.roa
File:                     LeiYgR1p_MxqmPjHTJIUdn2EEK4.roa (raw, json)
Hash identifier:          Dhm8n+tMZYEDTTD2h9j4/7wnSTp5CSA19Re1dSoyVwI=
Subject key identifier:   2D:E8:98:81:1D:69:FC:CC:6A:98:F8:C7:4C:92:14:76:7D:84:10:AE
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0187D7D8D1DB58C5D4AE0135AE967AB887FE
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/LeiYgR1p_MxqmPjHTJIUdn2EEK4.roa
Signing time:             Mon 01 May 2023 15:05:23 +0000
ROA not before:           Mon 01 May 2023 15:05:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7489
IP address blocks:        2.56.164.0/22 maxlen: 24
                          78.108.216.0/22 maxlen: 24
                          45.140.220.0/22 maxlen: 24
                          193.221.192.0/22 maxlen: 24
                          194.50.16.0/22 maxlen: 24
                          194.31.140.0/22 maxlen: 24
                          212.107.12.0/22 maxlen: 24
                          185.186.64.0/22 maxlen: 24
                          45.154.196.0/22 maxlen: 24
                          185.227.68.0/22 maxlen: 24
                          185.185.40.0/22 maxlen: 24
                          193.105.184.0/24 maxlen: 24
                          45.90.144.0/22 maxlen: 24
                          194.56.226.0/24 maxlen: 24
                          194.56.224.0/22 maxlen: 24
                          178.218.144.0/22 maxlen: 24
                          45.90.145.0/24 maxlen: 24
                          45.90.146.0/24 maxlen: 24
                          77.83.240.0/22 maxlen: 24
                          45.81.20.0/22 maxlen: 24
                          89.190.156.0/22 maxlen: 24
                          83.143.116.0/24 maxlen: 24
                          83.143.116.0/22 maxlen: 24
                          185.242.224.0/22 maxlen: 24
                          185.234.74.0/24 maxlen: 24
                          185.234.72.0/22 maxlen: 24
                          193.31.28.0/22 maxlen: 24
                          193.31.30.0/24 maxlen: 24
                          85.202.160.0/22 maxlen: 24
                          193.34.77.0/24 maxlen: 24
                          193.34.76.0/22 maxlen: 24
                          2a0b:7080:10::/48 maxlen: 48
                          2a0b:b87:ffb4::/48 maxlen: 48
                          2a0b:b82::/44 maxlen: 44
                          2a0b:b85::/32 maxlen: 32
                          2a0b:b87:fff0::/44 maxlen: 44
                          2a0b:b87:ff12::/48 maxlen: 48
                          2a0b:7080:30::/44 maxlen: 48
                          2a0b:7080:10::/44 maxlen: 44
                          2a0b:7080:10::/45 maxlen: 45
                          2a0b:b87:ffda::/48 maxlen: 48
                          2a0d:77c7::/32 maxlen: 48
                          2a0b:7080:20::/44 maxlen: 48
                          2a0b:b87:ffec::/48 maxlen: 48
                          2a0b:b84::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 01 Jun 2023 00:06:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d7:d8:d1:db:58:c5:d4:ae:01:35:ae:96:7a:b8:87:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: May  1 15:05:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2de898811d69fccc6a98f8c74c9214767d8410ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:fa:87:00:0a:e6:67:61:51:cb:01:97:81:74:
                    b1:30:c5:45:01:0e:4d:01:a4:26:f4:e2:29:85:d8:
                    a6:d2:36:f9:c3:05:64:0a:0f:81:da:a5:ec:11:4d:
                    bc:24:55:f7:b2:13:4c:6d:7a:72:65:27:e8:89:c2:
                    4f:34:d0:4b:1b:6e:cd:5e:28:13:e6:e8:0f:7a:df:
                    ac:be:64:04:d0:d9:5f:31:88:be:d3:f4:56:3c:6a:
                    78:a3:ff:a7:b0:cf:a4:e2:56:e1:86:f1:62:e7:61:
                    c8:72:48:e5:07:6d:64:77:54:fb:17:ca:bd:b7:f8:
                    b5:09:d2:75:bf:cd:93:27:30:bc:30:88:99:a7:4e:
                    12:e5:83:87:63:7d:c1:d6:6d:73:dd:eb:7f:68:2c:
                    63:2d:37:d9:c1:cc:ff:0a:32:cf:73:b1:a4:1b:81:
                    5f:4a:7c:48:8d:51:ec:8f:3b:26:ce:da:4a:a4:c1:
                    af:cf:d9:15:26:3b:00:b7:a5:5d:d8:41:83:8b:74:
                    27:28:c7:a3:a6:96:ae:a5:75:dd:d4:d1:84:fc:6c:
                    a5:84:81:02:19:9a:9f:ad:24:e2:1a:c2:cc:0d:7d:
                    b8:28:4f:5a:59:57:5b:c6:7a:1c:38:f5:6d:23:5d:
                    34:f7:0c:05:17:5c:13:4a:72:4c:69:05:d8:d3:49:
                    67:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:E8:98:81:1D:69:FC:CC:6A:98:F8:C7:4C:92:14:76:7D:84:10:AE
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/LeiYgR1p_MxqmPjHTJIUdn2EEK4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.164.0/22
                  45.81.20.0/22
                  45.90.144.0/22
                  45.140.220.0/22
                  45.154.196.0/22
                  77.83.240.0/22
                  78.108.216.0/22
                  83.143.116.0/22
                  85.202.160.0/22
                  89.190.156.0/22
                  178.218.144.0/22
                  185.185.40.0/22
                  185.186.64.0/22
                  185.227.68.0/22
                  185.234.72.0/22
                  185.242.224.0/22
                  193.31.28.0/22
                  193.34.76.0/22
                  193.105.184.0/24
                  193.221.192.0/22
                  194.31.140.0/22
                  194.50.16.0/22
                  194.56.224.0/22
                  212.107.12.0/22
                IPv6:
                  2a0b:b82::/44
                  2a0b:b84::/31
                  2a0b:b87:ff12::/48
                  2a0b:b87:ffb4::/48
                  2a0b:b87:ffda::/48
                  2a0b:b87:ffec::/48
                  2a0b:b87:fff0::/44
                  2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
                  2a0d:77c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:8c:97:4d:33:2e:fe:fb:72:fb:bb:0f:ed:66:2e:cc:e0:44:
         28:41:bf:3a:57:e0:15:05:54:62:5a:96:1e:16:7e:f7:46:4c:
         bd:41:04:c1:54:8e:60:53:53:a8:c8:84:77:49:6f:33:49:ce:
         bd:eb:e0:85:eb:58:b6:df:2c:a3:53:6b:4d:35:ae:e5:d1:08:
         77:31:16:b9:d9:da:00:90:d6:30:7a:9d:45:bc:7f:0c:0e:c4:
         1a:4b:ea:90:1d:fe:9e:65:8b:43:ca:48:03:74:3c:a8:d9:98:
         9e:9b:b1:0b:8a:32:84:89:5f:84:91:0c:61:c4:00:c3:f6:d6:
         1e:cd:7b:b9:bb:2d:a9:46:25:2b:d9:88:66:8a:c5:78:76:2f:
         7a:cf:58:d0:eb:b5:7c:51:23:2d:f9:e2:c5:66:95:4d:fd:55:
         fb:8e:50:44:f3:aa:8c:d6:03:fa:d7:9f:e9:9e:e6:21:73:20:
         f5:a9:6d:97:77:8f:ff:8b:fc:e1:87:eb:52:3e:df:aa:f1:22:
         a0:29:d7:f5:bd:6a:da:9a:16:3a:82:62:b9:17:21:9a:2d:43:
         c5:30:95:b9:f8:ff:68:00:41:72:62:f0:ba:b3:6c:09:a2:75:
         57:0a:49:a2:1a:ec:0f:0f:9b:32:69:e8:85:ec:94:97:b3:0c:
         ba:04:a7:11
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYfX2NHbWMXUrgE1rpZ6uIf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNTAxMTUwNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGU4OTg4MTFkNjlmY2NjNmE5OGY4Yzc0YzkyMTQ3NjdkODQxMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfqHAArmZ2FRywGXgXSxMMVFAQ5N
AaQm9OIphdim0jb5wwVkCg+B2qXsEU28JFX3shNMbXpyZSfoicJPNNBLG27NXigT
5ugPet+svmQE0NlfMYi+0/RWPGp4o/+nsM+k4lbhhvFi52HIckjlB21kd1T7F8q9
t/i1CdJ1v82TJzC8MIiZp04S5YOHY33B1m1z3et/aCxjLTfZwcz/CjLPc7GkG4Ff
SnxIjVHsjzsmztpKpMGvz9kVJjsAt6Vd2EGDi3QnKMejppaupXXd1NGE/GylhIEC
GZqfrSTiGsLMDX24KE9aWVdbxnocOPVtI1009wwFF1wTSnJMaQXY00lngwIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFC3omIEdafzMapj4x0ySFHZ9hBCuMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvTGVpWWdSMXBfTXhxbVBqSFRKSVVkbjJFRUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgZcEAgABMIGQAwQC
AjikAwQCLVEUAwQCLVqQAwQCLYzcAwQCLZrEAwQCTVPwAwQCTmzYAwQCU490AwQC
VcqgAwQCWb6cAwQCstqQAwQCubkoAwQCubpAAwQCueNEAwQCuepIAwQCufLgAwQC
wR8cAwQCwSJMAwQAwWm4AwQCwd3AAwQCwh+MAwQCwjIQAwQCwjjgAwQC1GsMMF4E
AgACMFgDBwQqCwuCAAADBQEqCwuEAwcAKgsLh/8SAwcAKgsLh/+0AwcAKgsLh//a
AwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CAAAADBQAqDXfHMA0G
CSqGSIb3DQEBCwUAA4IBAQCMjJdNMy7++3L7uw/tZi7M4EQoQb86V+AVBVRiWpYe
Fn73Rky9QQTBVI5gU1OoyIR3SW8zSc696+CF61i23yyjU2tNNa7l0Qh3MRa52doA
kNYwep1FvH8MDsQaS+qQHf6eZYtDykgDdDyo2Ziem7ELijKEiV+EkQxhxADD9tYe
zXu5uy2pRiUr2YhmisV4di96z1jQ67V8USMt+eLFZpVN/VX7jlBE86qM1gP615/p
nuYhcyD1qW2Xd4//i/zhh+tSPt+q8SKgKdf1vWramhY6gmK5FyGaLUPFMJW5+P9o
AEFyYvC6s2wJonVXCkmiGuwPD5syaeiF7JSXswy6BKcR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org