Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/e-a3llfSxBeiDSBSkUmntGuHtQE.roa
File:                     e-a3llfSxBeiDSBSkUmntGuHtQE.roa (raw, json)
Hash identifier:          tdnRconexMQFmN1C4kQdbXkmaE8xvO3D4L26tcSxzkI=
Subject key identifier:   7B:E6:B7:96:57:D2:C4:17:A2:0D:20:52:91:49:A7:B4:6B:87:B5:01
Certificate issuer:       /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial:       018948E36E0AC98FC0A796DD2B98C396EF34
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/e-a3llfSxBeiDSBSkUmntGuHtQE.roa
Signing time:             Wed 12 Jul 2023 06:56:51 +0000
ROA not before:           Wed 12 Jul 2023 06:56:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15967
IP address blocks:        77.55.208.0/20 maxlen: 20
                          77.55.224.0/20 maxlen: 20
                          77.55.240.0/22 maxlen: 22
                          77.55.246.0/24 maxlen: 24
                          77.55.248.0/22 maxlen: 22
                          77.55.252.0/23 maxlen: 23
                          77.55.247.0/24 maxlen: 24
                          77.55.152.0/24 maxlen: 24
                          77.55.159.0/24 maxlen: 24
                          77.55.158.0/24 maxlen: 24
                          77.55.153.0/24 maxlen: 24
                          77.55.156.0/23 maxlen: 23
                          77.55.155.0/24 maxlen: 24
                          77.55.154.0/24 maxlen: 24
                          77.55.166.0/24 maxlen: 24
                          77.55.160.0/23 maxlen: 23
                          77.55.160.0/20 maxlen: 20
                          77.55.164.0/23 maxlen: 23
                          77.55.162.0/23 maxlen: 23
                          77.55.172.0/23 maxlen: 23
                          77.55.167.0/24 maxlen: 24
                          77.55.170.0/23 maxlen: 23
                          77.55.168.0/23 maxlen: 23
                          77.55.174.0/23 maxlen: 23
                          77.55.178.0/24 maxlen: 24
                          77.55.177.0/24 maxlen: 24
                          77.55.176.0/23 maxlen: 23
                          77.55.176.0/24 maxlen: 24
                          77.55.176.0/21 maxlen: 21
                          77.55.179.0/24 maxlen: 24
                          77.55.186.0/23 maxlen: 23
                          77.55.181.0/24 maxlen: 24
                          77.55.180.0/23 maxlen: 23
                          77.55.184.0/23 maxlen: 23
                          77.55.182.0/23 maxlen: 23
                          77.55.192.0/20 maxlen: 20
                          77.55.188.0/23 maxlen: 23
                          77.55.190.0/23 maxlen: 23
                          77.55.0.0/18 maxlen: 18
                          77.55.0.0/16 maxlen: 16
                          31.172.170.0/23 maxlen: 23
                          31.172.169.0/24 maxlen: 24
                          31.172.168.0/24 maxlen: 24
                          31.172.168.0/22 maxlen: 22
                          77.55.96.0/22 maxlen: 22
                          77.55.104.0/23 maxlen: 23
                          77.55.100.0/22 maxlen: 22
                          77.55.112.0/23 maxlen: 23
                          77.55.108.0/22 maxlen: 22
                          77.55.106.0/23 maxlen: 23
                          77.55.118.0/23 maxlen: 23
                          77.55.116.0/23 maxlen: 23
                          77.55.114.0/23 maxlen: 23
                          77.55.122.0/23 maxlen: 23
                          77.55.121.0/24 maxlen: 24
                          77.55.120.0/24 maxlen: 24
                          77.55.125.0/24 maxlen: 24
                          77.55.124.0/24 maxlen: 24
                          77.55.126.0/24 maxlen: 24
                          77.55.128.0/20 maxlen: 20
                          77.55.127.0/24 maxlen: 24
                          77.55.144.0/21 maxlen: 21
                          77.55.64.0/22 maxlen: 22
                          77.55.68.0/22 maxlen: 22
                          77.55.76.0/23 maxlen: 23
                          77.55.78.0/23 maxlen: 23
                          77.55.72.0/22 maxlen: 22
                          77.55.84.0/22 maxlen: 22
                          77.55.90.0/23 maxlen: 23
                          77.55.88.0/23 maxlen: 23
                          85.128.160.0/19 maxlen: 19
                          85.128.192.0/18 maxlen: 18
                          85.128.130.0/24 maxlen: 24
                          85.128.129.0/24 maxlen: 24
                          85.128.128.0/24 maxlen: 24
                          85.128.128.0/17 maxlen: 17
                          85.128.132.0/23 maxlen: 23
                          85.128.131.0/24 maxlen: 24
                          85.128.136.0/22 maxlen: 22
                          85.128.135.0/24 maxlen: 24
                          85.128.134.0/24 maxlen: 24
                          85.128.144.0/20 maxlen: 20
                          85.128.143.0/24 maxlen: 24
                          85.128.142.0/24 maxlen: 24
                          85.128.140.0/23 maxlen: 23
                          2a01:6100:fe01::/48 maxlen: 48
                          2a01:6100:fe12::/48 maxlen: 48
                          2a01:6100::/32 maxlen: 32
                          2a01:6100:fe02::/48 maxlen: 48
                          2a01:6100:fe10::/48 maxlen: 48
                          2a01:6100:fe00::/48 maxlen: 48
                          2a01:6100::/48 maxlen: 48
                          2a01:6100:111::/48 maxlen: 48
                          2a01:6100:fe11::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 13 Sep 2023 10:52:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:48:e3:6e:0a:c9:8f:c0:a7:96:dd:2b:98:c3:96:ef:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
        Validity
            Not Before: Jul 12 06:56:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7be6b79657d2c417a20d20529149a7b46b87b501
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:bb:94:7c:33:33:a1:ae:a5:aa:0d:19:8b:ed:
                    d9:f7:c1:eb:41:ee:e2:2b:46:e3:c6:52:ff:d4:04:
                    74:0a:6c:f7:4a:d1:9e:cc:96:cb:6f:7f:6c:75:41:
                    71:4d:42:ec:4d:86:52:10:6a:d2:f3:0e:9c:5a:25:
                    f3:cd:9c:b7:3e:18:c5:bf:07:5b:2c:6d:18:54:cb:
                    9c:31:cf:a2:ff:4a:99:cd:4c:c7:2e:8d:e6:7c:2c:
                    ba:3c:09:81:81:ed:61:a4:f2:c2:9b:66:44:95:c2:
                    60:72:49:f2:ae:80:77:42:1f:9a:6d:c4:9d:4f:78:
                    fc:6f:0c:23:8a:c8:fd:ba:14:20:77:21:89:8b:78:
                    70:89:9b:94:2a:56:dd:4d:f4:ea:ce:fa:9a:79:b1:
                    af:4a:5c:ed:b4:d2:4c:c6:96:02:f2:22:85:b0:31:
                    65:e3:8b:71:27:89:82:96:6b:1a:fb:61:59:4c:6f:
                    27:65:0d:6a:4e:66:e6:b8:bd:b2:77:09:7d:de:58:
                    de:b5:87:a8:84:ac:60:d0:66:72:aa:77:ab:af:b1:
                    a7:72:ee:12:74:ca:19:5f:5d:b3:b2:11:cf:ec:33:
                    69:2d:9b:17:a2:df:61:75:c9:98:83:f3:ad:e5:89:
                    13:40:ba:0f:1c:fb:eb:46:c4:00:36:ea:f0:bd:c4:
                    ec:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:E6:B7:96:57:D2:C4:17:A2:0D:20:52:91:49:A7:B4:6B:87:B5:01
            X509v3 Authority Key Identifier:
                keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/e-a3llfSxBeiDSBSkUmntGuHtQE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.172.168.0/22
                  77.55.0.0/16
                  85.128.128.0/17
                IPv6:
                  2a01:6100::/32

    Signature Algorithm: sha256WithRSAEncryption
         52:32:46:85:cd:3a:00:04:81:3a:50:79:10:a6:2f:da:d5:13:
         7b:a4:3d:43:bb:2d:65:41:88:fe:23:cb:78:eb:99:b7:0e:3d:
         57:75:95:b2:00:64:22:21:c3:52:bb:d2:fc:ce:73:8a:59:3c:
         3c:a6:c1:77:43:16:20:b4:07:12:df:2c:ff:13:2d:a3:5f:eb:
         97:0d:aa:1c:d7:b8:0a:e6:bf:7b:8c:0a:50:fd:74:92:7d:eb:
         a9:04:3b:bb:64:39:a6:a8:c6:6d:56:05:f4:df:13:85:86:0e:
         e2:3a:73:c2:53:d6:2e:9b:10:e5:b8:20:af:d0:83:b2:3a:9d:
         33:8a:79:a4:b3:53:23:e7:fd:1b:4c:1e:17:41:bb:67:d7:01:
         fc:34:9e:22:2a:b1:89:a3:b7:dc:24:13:2d:b1:eb:9e:0f:9e:
         fb:e4:2a:c4:1f:74:13:98:6f:fd:d0:33:01:2d:07:c1:51:d3:
         1b:a7:e3:01:19:36:bf:31:f3:8d:b3:57:8d:38:ec:77:e6:16:
         e5:14:29:a3:9a:f2:ea:21:59:e4:5c:64:dd:23:0e:ac:1d:92:
         bf:ee:e4:41:10:21:c9:5f:7f:b7:4f:9c:b8:b0:d7:aa:a2:b6:
         64:a9:3c:d8:23:fb:10:c6:1e:51:59:e1:d9:c8:83:e7:3c:ad:
         6d:03:b0:31
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYlI424KyY/Ap5bdK5jDlu80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjMwNzEyMDY1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmU2Yjc5NjU3ZDJjNDE3YTIwZDIwNTI5MTQ5YTdiNDZiODdiNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLuUfDMzoa6lqg0Zi+3Z98HrQe7i
K0bjxlL/1AR0Cmz3StGezJbLb39sdUFxTULsTYZSEGrS8w6cWiXzzZy3PhjFvwdb
LG0YVMucMc+i/0qZzUzHLo3mfCy6PAmBge1hpPLCm2ZElcJgcknyroB3Qh+abcSd
T3j8bwwjisj9uhQgdyGJi3hwiZuUKlbdTfTqzvqaebGvSlzttNJMxpYC8iKFsDFl
44txJ4mClmsa+2FZTG8nZQ1qTmbmuL2ydwl93ljetYeohKxg0GZyqnerr7Gncu4S
dMoZX12zshHP7DNpLZsXot9hdcmYg/Ot5YkTQLoPHPvrRsQANurwvcTsQwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHvmt5ZX0sQXog0gUpFJp7Rrh7UBMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEvZS1hM2xsZlN4QmVpRFNCU2tVbW50R3VIdFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCH6yoAwMA
TTcDBAdVgIAwDQQCAAIwBwMFACoBYQAwDQYJKoZIhvcNAQELBQADggEBAFIyRoXN
OgAEgTpQeRCmL9rVE3ukPUO7LWVBiP4jy3jrmbcOPVd1lbIAZCIhw1K70vzOc4pZ
PDymwXdDFiC0BxLfLP8TLaNf65cNqhzXuArmv3uMClD9dJJ966kEO7tkOaaoxm1W
BfTfE4WGDuI6c8JT1i6bEOW4IK/Qg7I6nTOKeaSzUyPn/RtMHhdBu2fXAfw0niIq
sYmjt9wkEy2x654PnvvkKsQfdBOYb/3QMwEtB8FR0xun4wEZNr8x842zV4047Hfm
FuUUKaOa8uohWeRcZN0jDqwdkr/u5EEQIclff7dPnLiw16qitmSpPNgj+xDGHlFZ
4dnIg+c8rW0DsDE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:39 2024 by rpki-client on console-fra.rpki-client.org