Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/huFIDYMV3KIuLmMidxbC0HWE8t0.roa
File:                     huFIDYMV3KIuLmMidxbC0HWE8t0.roa (raw, json)
Hash identifier:          59i70edeOsTuPXIISN5bwGbSXiyUZj+OObF63wtwBOg=
Subject key identifier:   86:E1:48:0D:83:15:DC:A2:2E:2E:63:22:77:16:C2:D0:75:84:F2:DD
Certificate issuer:       /CN=b30e3011a0fb3111fbe8493c1230974aef532704
Certificate serial:       018C3FDCFA41EDECC081447FFE426EF233AE
Authority key identifier: B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/huFIDYMV3KIuLmMidxbC0HWE8t0.roa
Signing time:             Wed 06 Dec 2023 16:01:35 +0000
ROA not before:           Wed 06 Dec 2023 16:01:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208951
IP address blocks:        188.227.57.0/24 maxlen: 24
                          188.227.58.0/24 maxlen: 24
                          188.227.59.0/24 maxlen: 24
                          94.141.96.0/24 maxlen: 24
                          94.141.97.0/24 maxlen: 24
                          94.141.98.0/24 maxlen: 24
                          94.141.99.0/24 maxlen: 24
                          188.227.84.0/24 maxlen: 24
                          188.227.85.0/24 maxlen: 24
                          188.227.86.0/24 maxlen: 24
                          188.227.87.0/24 maxlen: 24
                          45.138.24.0/24 maxlen: 24
                          31.44.2.0/24 maxlen: 24
                          31.44.1.0/24 maxlen: 24
                          31.44.3.0/24 maxlen: 24
                          31.44.0.0/24 maxlen: 24
                          45.138.26.0/24 maxlen: 24
                          45.138.25.0/24 maxlen: 24
                          188.227.107.0/24 maxlen: 24
                          188.227.106.0/24 maxlen: 24
                          78.111.84.0/24 maxlen: 24
                          45.14.48.0/24 maxlen: 24
                          45.14.50.0/24 maxlen: 24
                          45.14.49.0/24 maxlen: 24
                          45.14.51.0/24 maxlen: 24
                          109.207.168.0/24 maxlen: 24
                          109.207.169.0/24 maxlen: 24
                          109.207.171.0/24 maxlen: 24
                          109.207.172.0/24 maxlen: 24
                          92.246.130.0/24 maxlen: 24
                          92.246.131.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:3f:dc:fa:41:ed:ec:c0:81:44:7f:fe:42:6e:f2:33:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b30e3011a0fb3111fbe8493c1230974aef532704
        Validity
            Not Before: Dec  6 16:01:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=86e1480d8315dca22e2e63227716c2d07584f2dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:84:e5:4b:13:bb:f9:26:74:70:1f:81:fd:72:
                    fd:30:75:f6:95:90:40:2e:0c:af:83:5d:c1:a7:38:
                    a7:78:e9:d7:0a:fc:05:4d:9b:f4:8a:5a:e6:d1:69:
                    6d:89:79:5d:6b:b6:c4:bc:be:09:8e:3b:3d:30:8a:
                    ec:91:02:e0:f6:27:6f:75:09:01:3e:23:8d:79:a6:
                    c0:87:45:75:75:ea:f6:45:49:3c:ac:82:52:9e:d6:
                    2d:6b:2e:0a:36:af:cf:e9:b8:16:aa:98:06:55:cb:
                    a2:0a:67:49:7b:bb:9e:51:a5:c7:9c:95:d2:bf:c9:
                    1d:67:c6:84:20:8e:06:c3:20:f4:bd:6b:fa:83:fe:
                    7b:52:95:c0:17:bf:44:74:a6:7d:b0:dc:d5:f7:5f:
                    c4:f7:56:40:a9:3e:1a:e8:e2:ad:de:36:85:fe:9a:
                    19:23:f3:61:ad:75:27:0d:bc:ce:81:11:c6:02:ed:
                    3f:5c:ca:0a:e9:e6:d3:b7:c0:92:54:af:7d:db:45:
                    5a:52:6d:27:b0:b5:10:f9:fe:dd:f3:95:3c:4a:59:
                    cb:50:50:37:c1:63:3f:4d:55:b8:1d:dd:86:6e:f7:
                    4d:56:47:af:73:1a:46:2e:d5:b1:b5:49:f9:aa:f7:
                    ab:24:a8:01:8c:1a:ce:2f:73:f3:d0:97:d0:12:6d:
                    ea:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:E1:48:0D:83:15:DC:A2:2E:2E:63:22:77:16:C2:D0:75:84:F2:DD
            X509v3 Authority Key Identifier:
                keyid:B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/huFIDYMV3KIuLmMidxbC0HWE8t0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.44.0.0/22
                  45.14.48.0/22
                  45.138.24.0-45.138.26.255
                  78.111.84.0/24
                  92.246.130.0/23
                  94.141.96.0/22
                  109.207.168.0/23
                  109.207.171.0-109.207.172.255
                  188.227.57.0-188.227.59.255
                  188.227.84.0/22
                  188.227.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         17:3f:e5:33:33:66:86:77:ae:5d:83:82:64:26:57:7e:d3:95:
         92:aa:63:8d:da:b4:0e:01:53:a1:ec:46:52:3e:58:fe:8b:35:
         24:4e:53:cb:82:e1:88:b8:f0:1c:63:e3:63:82:ca:86:97:75:
         ea:23:ac:ca:4d:2b:6c:9d:ec:65:ac:f5:08:f9:b0:92:e5:94:
         83:ec:76:04:18:63:9e:20:5c:01:ac:3e:4d:00:1c:2b:c3:5f:
         7e:b8:4d:dd:cc:d5:aa:39:b1:13:b0:b5:95:20:b8:34:d1:d4:
         47:81:8a:ad:5f:98:8b:42:6b:35:89:2c:2c:09:2f:65:9e:ac:
         73:f6:95:e7:44:87:ac:23:e4:ac:70:27:70:a0:1b:4a:48:87:
         7c:e4:39:48:d4:82:b1:be:9e:35:9b:aa:93:08:76:a6:28:73:
         a5:e4:d7:f8:3c:40:59:60:0e:e0:7b:b5:ae:54:6c:ee:64:64:
         ea:b4:e3:59:d5:8b:41:4e:db:22:18:30:ba:30:a9:18:3a:11:
         23:37:36:4f:a1:85:d5:99:77:81:cc:6c:f3:bf:5e:1e:60:4a:
         23:3c:c2:5f:f4:4f:c1:8c:ea:e0:a4:66:e0:05:44:94:6b:e2:
         fb:25:9a:ee:32:a4:87:1a:aa:e8:53:25:41:81:be:03:48:80:
         20:41:1b:29
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYw/3PpB7ezAgUR//kJu8jOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMGUzMDExYTBmYjMxMTFmYmU4NDkzYzEyMzA5NzRhZWY1
MzI3MDQwHhcNMjMxMjA2MTYwMTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmUxNDgwZDgzMTVkY2EyMmUyZTYzMjI3NzE2YzJkMDc1ODRmMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YTlSxO7+SZ0cB+B/XL9MHX2lZBA
Lgyvg13BpzineOnXCvwFTZv0ilrm0WltiXlda7bEvL4Jjjs9MIrskQLg9idvdQkB
PiONeabAh0V1der2RUk8rIJSntYtay4KNq/P6bgWqpgGVcuiCmdJe7ueUaXHnJXS
v8kdZ8aEII4GwyD0vWv6g/57UpXAF79EdKZ9sNzV91/E91ZAqT4a6OKt3jaF/poZ
I/NhrXUnDbzOgRHGAu0/XMoK6ebTt8CSVK9920VaUm0nsLUQ+f7d85U8SlnLUFA3
wWM/TVW4Hd2GbvdNVkevcxpGLtWxtUn5qverJKgBjBrOL3Pz0JfQEm3qzQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFIbhSA2DFdyiLi5jIncWwtB1hPLdMB8GA1UdIwQY
MBaAFLMOMBGg+zER++hJPBIwl0rvUycEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDIt
ZjlmYjM4Yzc3YzU1LzEvaHVGSURZTVYzS0l1TG1NaWR4YkMwSFdFOHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDItZjlmYjM4Yzc3YzU1
LzEvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQCHywAAwQC
LQ4wMAwDBAMtihgDBAAtihoDBABOb1QDBAFc9oIDBAJejWADBAFtz6gwDAMEAG3P
qwMEAG3PrDAMAwQAvOM5AwQCvOM4AwQCvONUAwQBvONqMA0GCSqGSIb3DQEBCwUA
A4IBAQAXP+UzM2aGd65dg4JkJld+05WSqmON2rQOAVOh7EZSPlj+izUkTlPLguGI
uPAcY+NjgsqGl3XqI6zKTStsnexlrPUI+bCS5ZSD7HYEGGOeIFwBrD5NABwrw19+
uE3dzNWqObETsLWVILg00dRHgYqtX5iLQms1iSwsCS9lnqxz9pXnRIesI+SscCdw
oBtKSId85DlI1IKxvp41m6qTCHamKHOl5Nf4PEBZYA7ge7WuVGzuZGTqtONZ1YtB
TtsiGDC6MKkYOhEjNzZPoYXVmXeBzGzzv14eYEojPMJf9E/BjOrgpGbgBUSUa+L7
JZruMqSHGqroUyVBgb4DSIAgQRsp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:34 2024 by rpki-client on console-ams.rpki-client.org