Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/rLEdeGjZovMIAdTFrDI4SxFJZwM.roa
File:                     rLEdeGjZovMIAdTFrDI4SxFJZwM.roa (raw, json)
Hash identifier:          gWS6wK5GLIeQm+KjMows/hSzlsBtseoVNaqKgYk6qzc=
Subject key identifier:   AC:B1:1D:78:68:D9:A2:F3:08:01:D4:C5:AC:32:38:4B:11:49:67:03
Certificate issuer:       /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial:       01857002853FCD881A54FDC84ACF73A372F6
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/rLEdeGjZovMIAdTFrDI4SxFJZwM.roa
Signing time:             Mon 02 Jan 2023 01:04:51 +0000
ROA not before:           Mon 02 Jan 2023 01:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15967
IP address blocks:        77.55.208.0/20 maxlen: 20
                          77.55.224.0/20 maxlen: 20
                          77.55.240.0/22 maxlen: 22
                          77.55.244.0/23 maxlen: 23
                          77.55.246.0/24 maxlen: 24
                          77.55.248.0/22 maxlen: 22
                          77.55.252.0/23 maxlen: 23
                          77.55.247.0/24 maxlen: 24
                          77.55.152.0/22 maxlen: 22
                          77.55.159.0/24 maxlen: 24
                          77.55.158.0/24 maxlen: 24
                          77.55.156.0/23 maxlen: 23
                          77.55.155.0/24 maxlen: 24
                          77.55.166.0/24 maxlen: 24
                          77.55.160.0/23 maxlen: 23
                          77.55.160.0/20 maxlen: 20
                          77.55.164.0/23 maxlen: 23
                          77.55.162.0/23 maxlen: 23
                          77.55.167.0/24 maxlen: 24
                          77.55.168.0/21 maxlen: 21
                          77.55.176.0/23 maxlen: 23
                          77.55.176.0/21 maxlen: 21
                          77.55.186.0/23 maxlen: 23
                          77.55.181.0/24 maxlen: 24
                          77.55.180.0/23 maxlen: 23
                          77.55.184.0/23 maxlen: 23
                          77.55.182.0/23 maxlen: 23
                          77.55.192.0/20 maxlen: 20
                          77.55.188.0/23 maxlen: 23
                          77.55.190.0/23 maxlen: 23
                          77.55.254.0/23 maxlen: 23
                          77.55.0.0/18 maxlen: 18
                          77.55.0.0/16 maxlen: 16
                          31.172.170.0/23 maxlen: 23
                          31.172.169.0/24 maxlen: 24
                          31.172.168.0/24 maxlen: 24
                          31.172.168.0/22 maxlen: 22
                          77.55.96.0/20 maxlen: 20
                          77.55.118.0/23 maxlen: 23
                          77.55.116.0/23 maxlen: 23
                          77.55.114.0/23 maxlen: 23
                          77.55.122.0/23 maxlen: 23
                          77.55.121.0/24 maxlen: 24
                          77.55.120.0/24 maxlen: 24
                          77.55.125.0/24 maxlen: 24
                          77.55.124.0/24 maxlen: 24
                          77.55.126.0/24 maxlen: 24
                          77.55.128.0/20 maxlen: 20
                          77.55.127.0/24 maxlen: 24
                          77.55.144.0/21 maxlen: 21
                          77.55.64.0/19 maxlen: 19
                          77.55.76.0/23 maxlen: 23
                          77.55.78.0/23 maxlen: 23
                          77.55.72.0/22 maxlen: 22
                          85.128.160.0/19 maxlen: 19
                          85.128.192.0/18 maxlen: 18
                          85.128.130.0/24 maxlen: 24
                          85.128.129.0/24 maxlen: 24
                          85.128.128.0/24 maxlen: 24
                          85.128.128.0/17 maxlen: 17
                          85.128.132.0/23 maxlen: 23
                          85.128.131.0/24 maxlen: 24
                          85.128.136.0/22 maxlen: 22
                          85.128.135.0/24 maxlen: 24
                          85.128.134.0/24 maxlen: 24
                          85.128.144.0/20 maxlen: 20
                          85.128.143.0/24 maxlen: 24
                          85.128.142.0/24 maxlen: 24
                          85.128.140.0/23 maxlen: 23
                          2a01:6100::/32 maxlen: 32
                          2a01:6100::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 03 Apr 2023 05:47:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:85:3f:cd:88:1a:54:fd:c8:4a:cf:73:a3:72:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
        Validity
            Not Before: Jan  2 01:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=acb11d7868d9a2f30801d4c5ac32384b11496703
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:e8:b9:86:94:5f:27:b0:62:b2:bb:3c:d5:c2:
                    80:65:9e:75:15:cc:1a:64:4f:43:2b:75:eb:04:fe:
                    6c:5e:11:6e:bc:41:af:e2:fe:c6:20:96:46:e1:62:
                    c3:9b:74:72:f7:48:38:c7:5a:d0:66:28:cf:96:50:
                    4e:9a:c2:9e:16:50:07:e1:61:02:90:20:09:87:cf:
                    50:f9:8b:8f:bd:ae:25:d7:79:b2:be:1c:f6:11:ca:
                    fa:71:5d:55:a5:e4:13:dc:aa:5e:e1:29:6e:5d:56:
                    b7:d7:26:6a:68:59:1f:f1:bf:6f:da:f6:59:15:66:
                    a6:a5:56:6e:a3:5a:e5:3d:3d:4a:95:c4:75:cc:9d:
                    c2:f9:98:1d:e4:f1:72:7f:3d:9c:db:cf:81:c8:b6:
                    db:f1:90:14:0b:73:68:0e:1c:12:08:cb:44:71:89:
                    da:ab:d4:dd:5f:dc:4d:b9:d2:08:a0:b4:d2:75:36:
                    bf:d3:54:b9:35:98:1a:bb:d2:74:e5:61:d2:3d:35:
                    9e:7a:34:b7:b0:56:d4:15:39:2c:62:bc:76:7e:64:
                    19:52:34:79:b3:d7:47:39:6b:db:d7:e8:ea:cf:da:
                    d7:13:b1:f8:14:30:47:b2:a1:9b:11:20:2f:1d:1b:
                    e4:eb:6d:97:12:89:12:fc:73:45:4a:f1:de:fb:bf:
                    e4:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:B1:1D:78:68:D9:A2:F3:08:01:D4:C5:AC:32:38:4B:11:49:67:03
            X509v3 Authority Key Identifier:
                keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/rLEdeGjZovMIAdTFrDI4SxFJZwM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.172.168.0/22
                  77.55.0.0/16
                  85.128.128.0/17
                IPv6:
                  2a01:6100::/32

    Signature Algorithm: sha256WithRSAEncryption
         7d:0b:eb:29:f1:93:aa:6e:c0:99:94:a7:95:b2:50:80:73:ef:
         2c:a8:3f:99:71:2e:2f:80:18:60:39:fc:c5:b7:15:90:25:3c:
         d7:0b:e7:59:a9:08:3f:21:3e:42:c1:b3:1f:ff:e5:0b:8d:13:
         f1:48:f4:f4:53:9f:b4:d7:e6:6e:86:ee:d8:43:6c:1f:f5:d0:
         cf:1b:ef:1a:f1:76:ce:7c:9e:36:74:bc:27:b3:e3:1f:62:11:
         71:35:41:0f:b4:42:4d:65:a1:1b:fe:f8:24:df:fc:fb:00:f3:
         ca:37:79:42:9b:d1:d1:e7:58:d3:72:ae:99:0b:e2:02:5b:5a:
         33:67:ed:95:5f:db:1b:0a:27:7f:a5:93:ed:e4:6d:5b:89:31:
         1d:2c:91:ee:b7:6b:10:a3:66:c4:11:6a:35:fb:88:8d:ef:11:
         82:ce:82:3e:66:d5:7b:a1:93:9e:ad:89:04:14:62:8c:82:23:
         9e:bb:f1:da:e8:c9:80:89:bb:41:cf:01:94:67:06:b9:8b:b2:
         d7:e6:fe:5d:d6:30:b1:9d:ad:7d:62:f9:db:81:18:d7:ec:64:
         6c:f7:61:98:e9:84:63:7b:04:e6:04:e0:a6:4f:0f:4c:69:1e:
         10:a2:8f:3f:3f:db:5c:45:96:15:bd:97:48:88:79:53:fc:96:
         25:92:3d:91
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVwAoU/zYgaVP3ISs9zo3L2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjMwMTAyMDEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2IxMWQ3ODY4ZDlhMmYzMDgwMWQ0YzVhYzMyMzg0YjExNDk2NzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiei5hpRfJ7Bisrs81cKAZZ51Fcwa
ZE9DK3XrBP5sXhFuvEGv4v7GIJZG4WLDm3Ry90g4x1rQZijPllBOmsKeFlAH4WEC
kCAJh89Q+YuPva4l13myvhz2Ecr6cV1VpeQT3Kpe4SluXVa31yZqaFkf8b9v2vZZ
FWampVZuo1rlPT1KlcR1zJ3C+Zgd5PFyfz2c28+ByLbb8ZAUC3NoDhwSCMtEcYna
q9TdX9xNudIIoLTSdTa/01S5NZgau9J05WHSPTWeejS3sFbUFTksYrx2fmQZUjR5
s9dHOWvb1+jqz9rXE7H4FDBHsqGbESAvHRvk622XEokS/HNFSvHe+7/kIQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKyxHXho2aLzCAHUxawyOEsRSWcDMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEvckxFZGVHalpvdk1JQWRURnJESTRTeEZKWndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCH6yoAwMA
TTcDBAdVgIAwDQQCAAIwBwMFACoBYQAwDQYJKoZIhvcNAQELBQADggEBAH0L6ynx
k6puwJmUp5WyUIBz7yyoP5lxLi+AGGA5/MW3FZAlPNcL51mpCD8hPkLBsx//5QuN
E/FI9PRTn7TX5m6G7thDbB/10M8b7xrxds58njZ0vCez4x9iEXE1QQ+0Qk1loRv+
+CTf/PsA88o3eUKb0dHnWNNyrpkL4gJbWjNn7ZVf2xsKJ3+lk+3kbVuJMR0ske63
axCjZsQRajX7iI3vEYLOgj5m1Xuhk56tiQQUYoyCI5678droyYCJu0HPAZRnBrmL
stfm/l3WMLGdrX1i+duBGNfsZGz3YZjphGN7BOYE4KZPD0xpHhCijz8/21xFlhW9
l0iIeVP8liWSPZE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:39 2024 by rpki-client on console-fra.rpki-client.org