Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/1-POD35ZeiLKr68ginihUQs9ZeO0.roa
File:                     1-POD35ZeiLKr68ginihUQs9ZeO0.roa (raw, json)
Hash identifier:          ZOLdhXGxcF1H6ytsKf7kStgj3SoKo5m6f+7k8AGsP20=
Subject key identifier:   F8:F3:83:DF:96:5E:88:B2:AB:EB:C8:22:9E:28:54:42:CF:59:78:ED
Certificate issuer:       /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial:       018E3DCD3F7DB3D682BF0C13C1BAC95081A8
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/1-POD35ZeiLKr68ginihUQs9ZeO0.roa
Signing time:             Thu 14 Mar 2024 16:30:44 +0000
ROA not before:           Thu 14 Mar 2024 16:30:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202
IP address blocks:        5.159.208.0/21 maxlen: 24
                          31.192.96.0/21 maxlen: 24
                          45.8.100.0/22 maxlen: 24
                          45.132.108.0/22 maxlen: 24
                          80.74.240.0/21 maxlen: 24
                          80.74.248.0/21 maxlen: 24
                          85.95.96.0/19 maxlen: 24
                          92.42.120.0/21 maxlen: 24
                          95.129.64.0/21 maxlen: 24
                          176.58.0.0/21 maxlen: 24
                          185.79.184.0/22 maxlen: 24
                          185.94.204.0/22 maxlen: 24
                          185.99.76.0/22 maxlen: 24
                          185.145.88.0/22 maxlen: 24
                          185.178.216.0/22 maxlen: 24
                          185.204.212.0/22 maxlen: 24
                          188.94.16.0/21 maxlen: 24
                          193.24.3.0/24 maxlen: 24
                          193.24.6.0/24 maxlen: 24
                          193.24.13.0/24 maxlen: 24
                          193.24.31.0/24 maxlen: 24
                          195.26.32.0/19 maxlen: 24
                          195.88.8.0/23 maxlen: 24
                          212.11.68.0/22 maxlen: 24
                          212.11.72.0/22 maxlen: 24
                          217.145.128.0/20 maxlen: 24
                          2a00:f1c0::/32 maxlen: 32
                          2a04:e9c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Fri 12 Apr 2024 15:18:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:3d:cd:3f:7d:b3:d6:82:bf:0c:13:c1:ba:c9:50:81:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66df7742890173927935206a28efbf48123e787c
        Validity
            Not Before: Mar 14 16:30:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f8f383df965e88b2abebc8229e285442cf5978ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:7b:fd:e4:90:04:e5:72:e0:1c:d4:7b:08:73:
                    49:59:b1:f8:10:00:d5:2d:6b:14:27:5f:6d:9d:cd:
                    77:f9:92:7e:05:da:e7:a2:8d:e1:fa:a2:8a:b4:7c:
                    d6:77:7b:cd:79:50:f3:45:0e:49:91:a9:09:d6:cb:
                    46:bd:59:e2:89:2a:2b:a2:ce:54:b6:58:b1:21:eb:
                    21:81:c2:7b:4f:4f:c7:62:bf:0b:fd:1a:75:d9:5f:
                    21:93:33:1b:60:f3:6b:af:cd:2e:93:23:29:9a:60:
                    e2:89:de:11:5b:97:4e:bc:83:e6:8d:7a:f2:2d:04:
                    8d:b8:f4:27:f7:af:fa:2d:05:4d:9e:67:8a:a7:25:
                    66:b5:f5:c2:20:a8:57:74:9b:07:94:7b:c3:38:75:
                    6c:ee:6a:8c:9f:95:b5:cd:cd:be:1e:4b:48:0b:fc:
                    4d:23:80:87:89:7f:47:78:1b:6a:85:6f:05:41:a7:
                    d7:6e:83:b6:91:dc:ac:ff:65:38:80:3f:de:a4:0d:
                    12:b1:dc:37:d6:29:d2:5e:1f:66:82:61:b4:2c:06:
                    cb:ed:ae:2d:bb:45:30:84:d3:78:58:65:f8:f6:1e:
                    56:83:67:61:14:bc:78:17:21:0d:5c:4c:9c:bb:42:
                    c5:93:68:52:bc:3d:4d:56:87:ca:6f:3c:c9:a8:ab:
                    a3:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:F3:83:DF:96:5E:88:B2:AB:EB:C8:22:9E:28:54:42:CF:59:78:ED
            X509v3 Authority Key Identifier:
                keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/1-POD35ZeiLKr68ginihUQs9ZeO0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.159.208.0/21
                  31.192.96.0/21
                  45.8.100.0/22
                  45.132.108.0/22
                  80.74.240.0/20
                  85.95.96.0/19
                  92.42.120.0/21
                  95.129.64.0/21
                  176.58.0.0/21
                  185.79.184.0/22
                  185.94.204.0/22
                  185.99.76.0/22
                  185.145.88.0/22
                  185.178.216.0/22
                  185.204.212.0/22
                  188.94.16.0/21
                  193.24.3.0/24
                  193.24.6.0/24
                  193.24.13.0/24
                  193.24.31.0/24
                  195.26.32.0/19
                  195.88.8.0/23
                  212.11.68.0-212.11.75.255
                  217.145.128.0/20
                IPv6:
                  2a00:f1c0::/32
                  2a04:e9c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         6e:07:7e:d5:8a:04:0b:19:35:c2:f5:6c:80:42:3f:aa:c3:ea:
         61:67:77:c0:65:0c:3c:c0:44:d6:75:09:e9:f0:a5:ab:87:01:
         b6:c5:61:ab:bc:c9:02:1c:9d:30:85:12:8d:dc:1d:bc:57:a3:
         81:80:6e:42:4f:c9:c8:ba:24:61:0b:7f:b6:4a:3b:60:51:58:
         95:1e:e2:5a:2b:55:ae:07:b3:39:14:9c:01:6a:69:ae:05:5b:
         cf:b8:b7:3f:55:f8:d3:0c:04:7b:d4:3b:ab:5d:74:51:b8:a2:
         f3:91:c6:70:f3:6f:29:d0:04:79:2f:84:68:7b:f1:da:c7:a0:
         e2:bc:95:42:31:52:a1:84:0c:98:db:ce:0e:a9:e7:ae:36:f5:
         57:8d:de:ff:d5:f5:1b:07:56:9b:f0:24:0e:4b:14:e7:c3:3c:
         b9:df:75:3f:da:60:d3:ca:47:4f:98:66:22:25:ff:6b:e9:9c:
         29:e6:8d:61:ef:c5:8e:1e:ff:fa:d6:2c:cf:fb:04:66:a7:f4:
         64:6e:4c:a0:3a:05:88:25:52:a3:51:c5:b0:d4:0c:eb:b4:b0:
         68:16:9b:ef:e5:4c:82:fa:71:34:f3:68:2d:17:9c:a2:f3:f3:
         03:35:12:0f:26:5d:13:62:ab:8e:ce:a1:b8:82:e0:d3:6a:36:
         5f:78:e8:05
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAY49zT99s9aCvwwTwbrJUIGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzE0MTYzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGYzODNkZjk2NWU4OGIyYWJlYmM4MjI5ZTI4NTQ0MmNmNTk3OGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonv95JAE5XLgHNR7CHNJWbH4EADV
LWsUJ19tnc13+ZJ+Bdrnoo3h+qKKtHzWd3vNeVDzRQ5JkakJ1stGvVniiSoros5U
tlixIeshgcJ7T0/HYr8L/Rp12V8hkzMbYPNrr80ukyMpmmDiid4RW5dOvIPmjXry
LQSNuPQn96/6LQVNnmeKpyVmtfXCIKhXdJsHlHvDOHVs7mqMn5W1zc2+HktIC/xN
I4CHiX9HeBtqhW8FQafXboO2kdys/2U4gD/epA0Ssdw31inSXh9mgmG0LAbL7a4t
u0UwhNN4WGX49h5Wg2dhFLx4FyENXEycu0LFk2hSvD1NVofKbzzJqKujGwIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFPjzg9+WXoiyq+vIIp4oVELPWXjtMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvMS1QT0QzNVplaUxLcjY4Z2luaWhVUXM5WmVPMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjEvZTg0MzQwLTEyOGEtNDQ5Ny05NDZmLTA5Nzg3ZjE1MmFk
ZS8xL1p0OTNRb2tCYzVKNU5TQnFLTy1fU0JJLWVIdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBywYIKwYBBQUHAQcBAf8EgbswgbgwgZ8EAgABMIGYAwQD
BZ/QAwQDH8BgAwQCLQhkAwQCLYRsAwQEUErwAwQFVV9gAwQDXCp4AwQDX4FAAwQD
sDoAAwQCuU+4AwQCuV7MAwQCuWNMAwQCuZFYAwQCubLYAwQCuczUAwQDvF4QAwQA
wRgDAwQAwRgGAwQAwRgNAwQAwRgfAwQFwxogAwQBw1gIMAwDBALUC0QDBALUC0gD
BATZkYAwFAQCAAIwDgMFACoA8cADBQMqBOnAMA0GCSqGSIb3DQEBCwUAA4IBAQBu
B37VigQLGTXC9WyAQj+qw+phZ3fAZQw8wETWdQnp8KWrhwG2xWGrvMkCHJ0whRKN
3B28V6OBgG5CT8nIuiRhC3+2SjtgUViVHuJaK1WuB7M5FJwBammuBVvPuLc/VfjT
DAR71DurXXRRuKLzkcZw828p0AR5L4Roe/Hax6DivJVCMVKhhAyY284OqeeuNvVX
jd7/1fUbB1ab8CQOSxTnwzy533U/2mDTykdPmGYiJf9r6Zwp5o1h78WOHv/61izP
+wRmp/RkbkygOgWIJVKjUcWw1AzrtLBoFpvv5UyC+nE082gtF5yi8/MDNRIPJl0T
YquOzqG4guDTajZfeOgF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:14 2024 by rpki-client on console-fra.rpki-client.org