Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/wkKfljvSC7Uxn8o5LiZegfzirIs.roa
File:                     wkKfljvSC7Uxn8o5LiZegfzirIs.roa (raw, json)
Hash identifier:          tpD1lQz55vzPZmPYu0YJtk0+0sMZ2MkBBSccLkzGHcY=
Subject key identifier:   C2:42:9F:96:3B:D2:0B:B5:31:9F:CA:39:2E:26:5E:81:FC:E2:AC:8B
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       018D1751D07CFDDC593268E4EE2591498024
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/wkKfljvSC7Uxn8o5LiZegfzirIs.roa
Signing time:             Wed 17 Jan 2024 12:07:34 +0000
ROA not before:           Wed 17 Jan 2024 12:07:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34665
IP address blocks:        5.8.8.0/22 maxlen: 22
                          5.8.8.0/23 maxlen: 23
                          5.8.8.0/24 maxlen: 24
                          5.8.9.0/24 maxlen: 24
                          5.8.10.0/23 maxlen: 23
                          5.8.10.0/24 maxlen: 24
                          5.8.11.0/24 maxlen: 24
                          5.8.12.0/22 maxlen: 22
                          5.8.48.0/22 maxlen: 22
                          5.8.48.0/23 maxlen: 23
                          5.8.48.0/24 maxlen: 24
                          5.8.49.0/24 maxlen: 24
                          5.8.50.0/23 maxlen: 23
                          5.8.50.0/24 maxlen: 24
                          5.8.51.0/24 maxlen: 24
                          5.8.52.0/22 maxlen: 22
                          5.8.52.0/23 maxlen: 23
                          5.8.52.0/24 maxlen: 24
                          5.8.53.0/24 maxlen: 24
                          5.8.54.0/23 maxlen: 23
                          5.8.54.0/24 maxlen: 24
                          5.8.55.0/24 maxlen: 24
                          5.8.60.0/23 maxlen: 23
                          5.8.65.0/24 maxlen: 24
                          5.101.0.0/22 maxlen: 22
                          5.101.0.0/23 maxlen: 23
                          5.101.0.0/24 maxlen: 24
                          5.101.1.0/24 maxlen: 24
                          5.101.2.0/23 maxlen: 23
                          5.101.2.0/24 maxlen: 24
                          5.101.3.0/24 maxlen: 24
                          5.101.4.0/22 maxlen: 22
                          5.101.4.0/23 maxlen: 23
                          5.101.4.0/24 maxlen: 24
                          5.101.5.0/24 maxlen: 24
                          5.101.6.0/23 maxlen: 23
                          5.101.6.0/24 maxlen: 24
                          5.101.7.0/24 maxlen: 24
                          5.101.32.0/22 maxlen: 24
                          5.101.64.0/22 maxlen: 22
                          5.101.64.0/23 maxlen: 23
                          5.101.64.0/24 maxlen: 24
                          5.101.65.0/24 maxlen: 24
                          5.101.66.0/23 maxlen: 23
                          5.101.66.0/24 maxlen: 24
                          5.101.67.0/24 maxlen: 24
                          5.101.80.0/21 maxlen: 21
                          5.101.90.0/23 maxlen: 23
                          5.188.44.0/22 maxlen: 22
                          5.188.44.0/23 maxlen: 23
                          5.188.44.0/24 maxlen: 24
                          5.188.45.0/24 maxlen: 24
                          5.188.46.0/23 maxlen: 23
                          5.188.46.0/24 maxlen: 24
                          5.188.47.0/24 maxlen: 24
                          5.188.49.0/24 maxlen: 24
                          5.188.62.0/24 maxlen: 24
                          5.188.166.0/24 maxlen: 24
                          5.188.207.0/24 maxlen: 24
                          5.188.208.0/23 maxlen: 23
                          5.188.210.0/24 maxlen: 24
                          5.188.211.0/24 maxlen: 24
                          5.188.223.0/24 maxlen: 24
                          5.188.233.0/24 maxlen: 24
                          5.188.234.0/23 maxlen: 23
                          31.44.184.0/24 maxlen: 24
                          31.44.188.0/22 maxlen: 32
                          31.184.192.0/22 maxlen: 22
                          31.184.192.0/23 maxlen: 23
                          31.184.192.0/24 maxlen: 24
                          31.184.193.0/24 maxlen: 24
                          31.184.194.0/23 maxlen: 23
                          31.184.194.0/24 maxlen: 24
                          31.184.195.0/24 maxlen: 24
                          31.184.196.0/22 maxlen: 22
                          31.184.196.0/23 maxlen: 23
                          31.184.196.0/24 maxlen: 24
                          31.184.197.0/24 maxlen: 24
                          31.184.198.0/23 maxlen: 23
                          31.184.198.0/24 maxlen: 24
                          31.184.199.0/24 maxlen: 24
                          31.184.228.0/23 maxlen: 23
                          31.184.231.0/24 maxlen: 24
                          31.184.238.0/23 maxlen: 23
                          31.184.243.0/24 maxlen: 24
                          37.9.48.0/24 maxlen: 24
                          37.139.53.0/24 maxlen: 24
                          37.139.54.0/23 maxlen: 23
                          37.139.56.0/22 maxlen: 22
                          37.139.56.0/23 maxlen: 23
                          37.139.56.0/24 maxlen: 24
                          37.139.57.0/24 maxlen: 24
                          37.139.58.0/23 maxlen: 23
                          37.139.58.0/24 maxlen: 24
                          37.139.59.0/24 maxlen: 24
                          46.161.2.0/23 maxlen: 23
                          46.161.8.0/24 maxlen: 24
                          46.161.10.0/24 maxlen: 24
                          46.161.14.0/23 maxlen: 23
                          46.161.24.0/23 maxlen: 23
                          46.161.32.0/22 maxlen: 22
                          46.161.40.0/24 maxlen: 24
                          46.161.44.0/22 maxlen: 22
                          46.161.48.0/22 maxlen: 22
                          46.161.48.0/23 maxlen: 23
                          46.161.48.0/24 maxlen: 24
                          46.161.49.0/24 maxlen: 24
                          46.161.50.0/23 maxlen: 23
                          46.161.50.0/24 maxlen: 24
                          46.161.51.0/24 maxlen: 24
                          91.243.48.0/22 maxlen: 22
                          91.243.48.0/23 maxlen: 23
                          91.243.48.0/24 maxlen: 24
                          91.243.49.0/24 maxlen: 24
                          91.243.50.0/23 maxlen: 23
                          91.243.50.0/24 maxlen: 24
                          91.243.51.0/24 maxlen: 24
                          91.243.60.0/24 maxlen: 24
                          91.243.61.0/24 maxlen: 24
                          91.243.90.0/24 maxlen: 24
                          91.243.91.0/24 maxlen: 24
                          91.243.93.0/24 maxlen: 24
                          95.215.0.0/22 maxlen: 24
                          95.215.0.0/23 maxlen: 23
                          95.215.0.0/24 maxlen: 24
                          95.215.1.0/24 maxlen: 24
                          95.215.2.0/23 maxlen: 23
                          95.215.2.0/24 maxlen: 24
                          95.215.3.0/24 maxlen: 24
                          146.185.223.0/24 maxlen: 24
                          146.185.224.0/21 maxlen: 21
                          188.143.232.0/22 maxlen: 22
                          188.143.232.0/23 maxlen: 23
                          188.143.232.0/24 maxlen: 24
                          188.143.233.0/24 maxlen: 24
                          188.143.235.0/24 maxlen: 24
                          195.2.240.0/23 maxlen: 24
                          2a00:1d78:100:1c0::/58 maxlen: 58

Validation:               Failed, certificate revoked on Mon 12 Feb 2024 13:49:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:17:51:d0:7c:fd:dc:59:32:68:e4:ee:25:91:49:80:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Jan 17 12:07:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c2429f963bd20bb5319fca392e265e81fce2ac8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b0:3f:48:3c:5b:85:5c:65:8f:e7:35:7e:f4:
                    7b:0f:6f:c6:9b:87:b3:1c:d0:ad:1a:14:fc:a9:ae:
                    b9:50:1a:e6:58:ed:d9:f4:91:48:80:68:c4:22:73:
                    85:2b:a8:da:47:71:a3:91:51:15:9d:79:73:47:a7:
                    40:ae:0b:1b:4e:de:09:69:30:4d:dc:58:11:7d:5a:
                    78:38:86:e2:cf:7b:5f:b2:55:d9:d0:1d:04:13:71:
                    e3:71:25:60:8e:c2:6b:0c:0d:46:5a:f4:f3:e0:55:
                    d9:02:c6:07:a3:20:23:a5:41:1f:d1:ab:83:e0:63:
                    2b:f2:ca:e1:bc:be:eb:1f:c2:16:5e:26:6b:15:cc:
                    b4:1d:6c:9d:5a:ca:95:2b:24:f2:14:8c:24:16:79:
                    78:32:50:7f:92:57:98:0f:a6:4d:cf:96:41:f0:b2:
                    35:cc:be:81:af:e8:41:ab:94:76:f0:c6:63:ec:fa:
                    eb:42:bd:f8:0c:ec:99:43:55:28:ff:b5:31:e3:c0:
                    e7:17:95:54:99:d7:92:6e:f6:35:30:8d:0d:c7:0e:
                    62:00:b4:49:f3:b4:02:13:c0:1e:e0:c2:54:a7:9a:
                    bf:35:82:e9:e2:37:ff:13:ff:63:ba:e7:af:61:24:
                    3b:ae:2b:6f:16:cc:e5:03:2e:e9:96:68:e5:1b:24:
                    ce:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:42:9F:96:3B:D2:0B:B5:31:9F:CA:39:2E:26:5E:81:FC:E2:AC:8B
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/wkKfljvSC7Uxn8o5LiZegfzirIs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.8.0/21
                  5.8.48.0/21
                  5.8.60.0/23
                  5.8.65.0/24
                  5.101.0.0/21
                  5.101.32.0/22
                  5.101.64.0/22
                  5.101.80.0/21
                  5.101.90.0/23
                  5.188.44.0/22
                  5.188.49.0/24
                  5.188.62.0/24
                  5.188.166.0/24
                  5.188.207.0-5.188.211.255
                  5.188.223.0/24
                  5.188.233.0-5.188.235.255
                  31.44.184.0/24
                  31.44.188.0/22
                  31.184.192.0/21
                  31.184.228.0/23
                  31.184.231.0/24
                  31.184.238.0/23
                  31.184.243.0/24
                  37.9.48.0/24
                  37.139.53.0-37.139.59.255
                  46.161.2.0/23
                  46.161.8.0/24
                  46.161.10.0/24
                  46.161.14.0/23
                  46.161.24.0/23
                  46.161.32.0/22
                  46.161.40.0/24
                  46.161.44.0-46.161.51.255
                  91.243.48.0/22
                  91.243.60.0/23
                  91.243.90.0/23
                  91.243.93.0/24
                  95.215.0.0/22
                  146.185.223.0-146.185.231.255
                  188.143.232.0/22
                  195.2.240.0/23
                IPv6:
                  2a00:1d78:100:1c0::/58

    Signature Algorithm: sha256WithRSAEncryption
         93:b9:3f:88:5b:5e:a7:c0:02:bb:80:f0:e4:20:cd:f2:d1:40:
         2d:e9:94:66:2e:2b:3a:cf:74:5b:23:99:89:85:8a:aa:eb:87:
         5e:9b:1b:22:86:4b:5f:8b:6c:8f:14:1c:57:8e:6c:e5:41:c6:
         27:d4:39:07:0c:9e:c3:68:82:f8:37:be:db:89:c4:e9:5f:88:
         39:17:a1:d3:12:96:97:bc:5d:5a:49:7e:7b:e2:db:62:0b:bb:
         d2:26:10:c6:33:91:bd:7e:be:13:b3:04:88:22:1c:a1:02:8e:
         b0:8c:10:58:6c:c3:b6:48:38:28:3f:18:15:87:38:62:70:f4:
         3e:e7:ea:1f:38:00:d6:ea:cd:cc:d1:d8:5e:61:24:af:dd:c0:
         08:9c:cc:0d:c6:17:24:ad:9f:be:cf:df:c9:61:ea:91:fe:e2:
         28:d2:f5:71:07:0f:6a:7a:1b:9e:86:f2:47:52:43:28:a7:8c:
         b1:d4:f5:6b:a8:20:8e:4e:e0:c3:cb:67:ef:1a:e6:29:8a:07:
         b2:f7:9e:08:31:ee:e3:be:c5:53:b2:c8:b7:5a:eb:6d:20:06:
         e3:b9:73:8c:ad:8c:98:32:54:06:4d:2e:70:97:ba:73:56:c0:
         37:cc:4e:fa:72:3c:85:d5:38:77:ec:07:ce:c2:78:cd:66:cf:
         b5:37:b1:a5
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgISAY0XUdB8/dxZMmjk7iWRSYAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTE3MTIwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjQyOWY5NjNiZDIwYmI1MzE5ZmNhMzkyZTI2NWU4MWZjZTJhYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7A/SDxbhVxlj+c1fvR7D2/Gm4ez
HNCtGhT8qa65UBrmWO3Z9JFIgGjEInOFK6jaR3GjkVEVnXlzR6dArgsbTt4JaTBN
3FgRfVp4OIbiz3tfslXZ0B0EE3HjcSVgjsJrDA1GWvTz4FXZAsYHoyAjpUEf0auD
4GMr8srhvL7rH8IWXiZrFcy0HWydWsqVKyTyFIwkFnl4MlB/kleYD6ZNz5ZB8LI1
zL6Br+hBq5R28MZj7PrrQr34DOyZQ1Uo/7Ux48DnF5VUmdeSbvY1MI0Nxw5iALRJ
87QCE8Ae4MJUp5q/NYLp4jf/E/9juuevYSQ7ritvFszlAy7plmjlGyTOlQIDAQAB
o4IDPjCCAzowHQYDVR0OBBYEFMJCn5Y70gu1MZ/KOS4mXoH84qyLMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvd2tLZmxqdlNDN1V4bjhvNUxpWmVnZnppcklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUgYIKwYBBQUHAQcBAf8EggFBMIIBPTCCASYEAgABMIIB
HgMEAwUICAMEAwUIMAMEAQUIPAMEAAUIQQMEAwVlAAMEAgVlIAMEAgVlQAMEAwVl
UAMEAQVlWgMEAgW8LAMEAAW8MQMEAAW8PgMEAAW8pjAMAwQABbzPAwQCBbzQAwQA
BbzfMAwDBAAFvOkDBAIFvOgDBAAfLLgDBAIfLLwDBAMfuMADBAEfuOQDBAAfuOcD
BAEfuO4DBAAfuPMDBAAlCTAwDAMEACWLNQMEAiWLOAMEAS6hAgMEAC6hCAMEAC6h
CgMEAS6hDgMEAS6hGAMEAi6hIAMEAC6hKDAMAwQCLqEsAwQCLqEwAwQCW/MwAwQB
W/M8AwQBW/NaAwQAW/NdAwQCX9cAMAwDBACSud8DBAOSueADBAK8j+gDBAHDAvAw
EQQCAAIwCwMJBioAHXgBAAHAMA0GCSqGSIb3DQEBCwUAA4IBAQCTuT+IW16nwAK7
gPDkIM3y0UAt6ZRmLis6z3RbI5mJhYqq64demxsihktfi2yPFBxXjmzlQcYn1DkH
DJ7DaIL4N77bicTpX4g5F6HTEpaXvF1aSX574ttiC7vSJhDGM5G9fr4TswSIIhyh
Ao6wjBBYbMO2SDgoPxgVhzhicPQ+5+ofOADW6s3M0dheYSSv3cAInMwNxhckrZ++
z9/JYeqR/uIo0vVxBw9qehuehvJHUkMop4yx1PVrqCCOTuDDy2fvGuYpigey954I
Me7jvsVTssi3WuttIAbjuXOMrYyYMlQGTS5wl7pzVsA3zE76cjyF1Th37AfOwnjN
Zs+1N7Gl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:29 2024 by rpki-client on console-fra.rpki-client.org