Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/lgKaCmo4Z1IWHLEYBQQGNPSVp58.roa
File:                     lgKaCmo4Z1IWHLEYBQQGNPSVp58.roa (raw, json)
Hash identifier:          0xSa3+2+rXzBLJ23gVX0Jcn9kQ1YI0cuyHy5nU+8jQ4=
Subject key identifier:   96:02:9A:0A:6A:38:67:52:16:1C:B1:18:05:04:06:34:F4:95:A7:9F
Certificate issuer:       /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial:       018A8E2C1CDFC2D87B004B603C6BE1BE6DC2
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/lgKaCmo4Z1IWHLEYBQQGNPSVp58.roa
Signing time:             Wed 13 Sep 2023 10:52:50 +0000
ROA not before:           Wed 13 Sep 2023 10:52:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15967
IP address blocks:        77.55.208.0/20 maxlen: 20
                          77.55.224.0/20 maxlen: 20
                          77.55.240.0/23 maxlen: 23
                          77.55.242.0/23 maxlen: 23
                          77.55.246.0/24 maxlen: 24
                          77.55.248.0/22 maxlen: 22
                          77.55.252.0/23 maxlen: 23
                          77.55.247.0/24 maxlen: 24
                          77.55.152.0/24 maxlen: 24
                          77.55.159.0/24 maxlen: 24
                          77.55.158.0/24 maxlen: 24
                          77.55.153.0/24 maxlen: 24
                          77.55.156.0/23 maxlen: 23
                          77.55.155.0/24 maxlen: 24
                          77.55.154.0/24 maxlen: 24
                          77.55.166.0/24 maxlen: 24
                          77.55.160.0/23 maxlen: 23
                          77.55.160.0/20 maxlen: 20
                          77.55.164.0/23 maxlen: 23
                          77.55.162.0/23 maxlen: 23
                          77.55.172.0/23 maxlen: 23
                          77.55.167.0/24 maxlen: 24
                          77.55.170.0/23 maxlen: 23
                          77.55.168.0/23 maxlen: 23
                          77.55.174.0/23 maxlen: 23
                          77.55.178.0/24 maxlen: 24
                          77.55.177.0/24 maxlen: 24
                          77.55.176.0/23 maxlen: 23
                          77.55.176.0/24 maxlen: 24
                          77.55.176.0/21 maxlen: 21
                          77.55.179.0/24 maxlen: 24
                          77.55.186.0/23 maxlen: 23
                          77.55.181.0/24 maxlen: 24
                          77.55.180.0/23 maxlen: 23
                          77.55.184.0/23 maxlen: 23
                          77.55.182.0/23 maxlen: 23
                          77.55.192.0/20 maxlen: 20
                          77.55.188.0/23 maxlen: 23
                          77.55.190.0/23 maxlen: 23
                          77.55.0.0/18 maxlen: 18
                          77.55.0.0/16 maxlen: 16
                          31.172.170.0/23 maxlen: 23
                          31.172.169.0/24 maxlen: 24
                          31.172.168.0/24 maxlen: 24
                          31.172.168.0/22 maxlen: 22
                          77.55.96.0/22 maxlen: 22
                          77.55.104.0/23 maxlen: 23
                          77.55.100.0/22 maxlen: 22
                          77.55.112.0/23 maxlen: 23
                          77.55.108.0/22 maxlen: 22
                          77.55.106.0/23 maxlen: 23
                          77.55.118.0/23 maxlen: 23
                          77.55.116.0/23 maxlen: 23
                          77.55.114.0/23 maxlen: 23
                          77.55.122.0/23 maxlen: 23
                          77.55.121.0/24 maxlen: 24
                          77.55.120.0/24 maxlen: 24
                          77.55.125.0/24 maxlen: 24
                          77.55.124.0/24 maxlen: 24
                          77.55.126.0/24 maxlen: 24
                          77.55.128.0/20 maxlen: 20
                          77.55.127.0/24 maxlen: 24
                          77.55.144.0/21 maxlen: 21
                          77.55.64.0/22 maxlen: 22
                          77.55.68.0/22 maxlen: 22
                          77.55.76.0/23 maxlen: 23
                          77.55.78.0/23 maxlen: 23
                          77.55.72.0/22 maxlen: 22
                          77.55.84.0/22 maxlen: 22
                          77.55.90.0/23 maxlen: 23
                          77.55.88.0/23 maxlen: 23
                          85.128.160.0/19 maxlen: 19
                          85.128.192.0/18 maxlen: 18
                          85.128.130.0/24 maxlen: 24
                          85.128.129.0/24 maxlen: 24
                          85.128.128.0/24 maxlen: 24
                          85.128.128.0/17 maxlen: 17
                          85.128.132.0/23 maxlen: 23
                          85.128.131.0/24 maxlen: 24
                          85.128.136.0/22 maxlen: 22
                          85.128.135.0/24 maxlen: 24
                          85.128.134.0/24 maxlen: 24
                          85.128.144.0/20 maxlen: 20
                          85.128.143.0/24 maxlen: 24
                          85.128.142.0/24 maxlen: 24
                          85.128.140.0/23 maxlen: 23
                          2a01:6100:fe01::/48 maxlen: 48
                          2a01:6100:fe12::/48 maxlen: 48
                          2a01:6100::/32 maxlen: 32
                          2a01:6100:fe02::/48 maxlen: 48
                          2a01:6100:fe10::/48 maxlen: 48
                          2a01:6100::/48 maxlen: 48
                          2a01:6100:fe00::/48 maxlen: 48
                          2a01:6100:fe11::/48 maxlen: 48
                          2a01:6100:111::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:8e:2c:1c:df:c2:d8:7b:00:4b:60:3c:6b:e1:be:6d:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
        Validity
            Not Before: Sep 13 10:52:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=96029a0a6a386752161cb11805040634f495a79f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:4d:c9:29:08:bd:70:4b:e6:a4:b3:32:59:6f:
                    68:5a:9d:64:e7:ac:01:eb:21:c1:67:5e:b7:a7:d6:
                    ca:ed:e7:40:bb:f4:be:12:ad:d3:82:d2:00:87:18:
                    f9:80:35:ef:5e:10:ce:4f:c4:e8:a9:4d:62:24:8a:
                    9e:b3:92:aa:bb:1e:b7:42:8e:2c:1f:ea:a2:77:1c:
                    f0:76:e4:41:14:f6:17:a0:ad:85:26:51:79:f1:fc:
                    d0:e5:84:cb:08:1e:ca:af:4e:3a:6c:63:6b:43:2c:
                    c7:26:9e:13:ac:b7:91:34:87:1f:a0:88:0e:77:9b:
                    4e:4a:b5:0e:bf:cd:e3:31:9e:9b:a5:9d:2b:c8:8d:
                    3f:90:6e:d4:98:26:20:6f:f5:74:ea:b9:e8:02:1e:
                    72:25:99:15:34:b2:6d:65:57:a0:0c:7a:1f:3b:0e:
                    88:d3:9e:b9:20:9b:25:67:85:57:82:55:39:82:77:
                    b4:53:cd:63:2b:3a:4e:ea:fa:40:2b:66:ed:e6:7b:
                    8f:de:5b:d8:20:d0:d8:16:b5:cc:cb:9a:1d:6c:2d:
                    66:b8:04:bd:3b:c6:64:d0:63:9f:c6:05:4c:50:a8:
                    7e:14:53:92:c8:51:03:e7:f5:e2:98:4a:f5:59:2b:
                    fc:e7:09:45:5f:f1:b4:ad:67:6f:9f:ea:a0:41:3d:
                    2a:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:02:9A:0A:6A:38:67:52:16:1C:B1:18:05:04:06:34:F4:95:A7:9F
            X509v3 Authority Key Identifier:
                keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/lgKaCmo4Z1IWHLEYBQQGNPSVp58.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.172.168.0/22
                  77.55.0.0/16
                  85.128.128.0/17
                IPv6:
                  2a01:6100::/32

    Signature Algorithm: sha256WithRSAEncryption
         41:58:c0:f7:ad:f3:74:01:ec:2b:c2:2e:3c:e4:b0:b1:4e:1c:
         b7:a9:17:8b:08:47:0e:90:d1:8b:ce:66:69:23:cf:7d:8c:13:
         94:09:f7:49:32:00:72:51:4c:b4:d2:c2:a1:b2:76:a2:67:68:
         4e:55:95:7b:25:1b:1c:b3:a8:ad:bb:31:cc:4e:c8:d6:7d:1c:
         9c:63:fa:96:d8:45:d1:5a:17:f9:48:f0:dd:a4:2d:b8:cd:75:
         1e:8f:43:31:c5:0c:89:19:8f:51:7a:1c:62:9e:34:75:b7:12:
         99:98:ee:f9:c2:cc:cb:71:0f:93:fc:e5:87:0e:bb:c4:97:14:
         90:fd:f3:f5:89:25:f0:23:71:8f:29:c7:a8:6e:02:22:ee:6a:
         1d:ed:c2:ec:c4:ce:4c:b1:1f:6c:94:ab:81:61:94:23:ea:e2:
         22:a8:70:7e:da:a0:42:c4:69:d4:ee:c9:44:c5:49:1a:4b:98:
         3b:36:14:d8:f3:6a:39:92:3c:dd:50:42:5f:b9:29:35:cd:3f:
         e5:e7:74:59:97:fa:d0:b4:77:50:07:e6:8a:76:f6:3c:8f:9f:
         75:d1:d8:04:99:b7:04:da:42:e3:04:c8:68:63:e9:77:d0:d8:
         ac:8e:df:1b:3a:11:f0:4c:8f:96:85:a1:1f:95:6a:70:d0:14:
         6c:a9:53:5c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYqOLBzfwth7AEtgPGvhvm3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjMwOTEzMTA1MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjAyOWEwYTZhMzg2NzUyMTYxY2IxMTgwNTA0MDYzNGY0OTVhNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU3JKQi9cEvmpLMyWW9oWp1k56wB
6yHBZ163p9bK7edAu/S+Eq3TgtIAhxj5gDXvXhDOT8ToqU1iJIqes5Kqux63Qo4s
H+qidxzwduRBFPYXoK2FJlF58fzQ5YTLCB7Kr046bGNrQyzHJp4TrLeRNIcfoIgO
d5tOSrUOv83jMZ6bpZ0ryI0/kG7UmCYgb/V06rnoAh5yJZkVNLJtZVegDHofOw6I
0565IJslZ4VXglU5gne0U81jKzpO6vpAK2bt5nuP3lvYINDYFrXMy5odbC1muAS9
O8Zk0GOfxgVMUKh+FFOSyFED5/XimEr1WSv85wlFX/G0rWdvn+qgQT0q4QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJYCmgpqOGdSFhyxGAUEBjT0laefMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEvbGdLYUNtbzRaMUlXSExFWUJRUUdOUFNWcDU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCH6yoAwMA
TTcDBAdVgIAwDQQCAAIwBwMFACoBYQAwDQYJKoZIhvcNAQELBQADggEBAEFYwPet
83QB7CvCLjzksLFOHLepF4sIRw6Q0YvOZmkjz32ME5QJ90kyAHJRTLTSwqGydqJn
aE5VlXslGxyzqK27McxOyNZ9HJxj+pbYRdFaF/lI8N2kLbjNdR6PQzHFDIkZj1F6
HGKeNHW3EpmY7vnCzMtxD5P85YcOu8SXFJD98/WJJfAjcY8px6huAiLuah3twuzE
zkyxH2yUq4FhlCPq4iKocH7aoELEadTuyUTFSRpLmDs2FNjzajmSPN1QQl+5KTXN
P+XndFmX+tC0d1AH5op29jyPn3XR2ASZtwTaQuMEyGhj6XfQ2KyO3xs6EfBMj5aF
oR+VanDQFGypU1w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:10 2024 by rpki-client on console-ams.rpki-client.org