Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/CQAhtTCkvcd8ePIA1H-LeZiY9Qw.roa
File:                     CQAhtTCkvcd8ePIA1H-LeZiY9Qw.roa (raw, json)
Hash identifier:          wPYyHCl7m7Suax7JOzCLIzlwfdPR6hx8QjJrp2F6QB0=
Subject key identifier:   09:00:21:B5:30:A4:BD:C7:7C:78:F2:00:D4:7F:8B:79:98:98:F5:0C
Certificate issuer:       /CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Certificate serial:       018F14069D274FADA229EE3D0DB050892954
Authority key identifier: 72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/CQAhtTCkvcd8ePIA1H-LeZiY9Qw.roa
Signing time:             Thu 25 Apr 2024 06:52:08 +0000
ROA not before:           Thu 25 Apr 2024 06:52:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15695
IP address blocks:        5.253.88.0/24 maxlen: 24
                          5.253.89.0/24 maxlen: 24
                          5.253.90.0/24 maxlen: 24
                          5.253.91.0/24 maxlen: 24
                          37.26.224.0/24 maxlen: 24
                          37.26.225.0/24 maxlen: 24
                          37.26.226.0/24 maxlen: 24
                          37.26.227.0/24 maxlen: 24
                          37.26.228.0/24 maxlen: 24
                          37.26.229.0/24 maxlen: 24
                          37.26.230.0/24 maxlen: 24
                          37.26.231.0/24 maxlen: 24
                          45.81.220.0/24 maxlen: 24
                          45.81.221.0/24 maxlen: 24
                          45.81.222.0/24 maxlen: 24
                          45.81.223.0/24 maxlen: 24
                          45.93.84.0/24 maxlen: 24
                          45.93.85.0/24 maxlen: 24
                          45.93.87.0/24 maxlen: 24
                          45.94.190.0/24 maxlen: 24
                          45.95.216.0/24 maxlen: 24
                          45.95.217.0/24 maxlen: 24
                          45.95.218.0/24 maxlen: 24
                          45.95.219.0/24 maxlen: 24
                          63.247.192.0/24 maxlen: 24
                          63.247.193.0/24 maxlen: 24
                          63.247.194.0/24 maxlen: 24
                          63.247.195.0/24 maxlen: 24
                          63.247.196.0/24 maxlen: 24
                          63.247.197.0/24 maxlen: 24
                          63.247.198.0/24 maxlen: 24
                          63.247.199.0/24 maxlen: 24
                          63.247.200.0/24 maxlen: 24
                          63.247.201.0/24 maxlen: 24
                          63.247.202.0/24 maxlen: 24
                          63.247.203.0/24 maxlen: 24
                          63.247.204.0/24 maxlen: 24
                          63.247.205.0/24 maxlen: 24
                          63.247.206.0/24 maxlen: 24
                          63.247.207.0/24 maxlen: 24
                          86.48.208.0/24 maxlen: 24
                          86.48.209.0/24 maxlen: 24
                          86.48.210.0/24 maxlen: 24
                          86.48.211.0/24 maxlen: 24
                          86.48.216.0/24 maxlen: 24
                          86.48.217.0/24 maxlen: 24
                          86.48.218.0/24 maxlen: 24
                          86.48.219.0/24 maxlen: 24
                          86.48.220.0/24 maxlen: 24
                          86.48.221.0/24 maxlen: 24
                          86.48.222.0/24 maxlen: 24
                          86.48.223.0/24 maxlen: 24
                          86.48.224.0/24 maxlen: 24
                          86.48.240.0/24 maxlen: 24
                          86.48.241.0/24 maxlen: 24
                          86.48.242.0/24 maxlen: 24
                          91.103.16.0/24 maxlen: 24
                          91.103.17.0/24 maxlen: 24
                          91.103.18.0/24 maxlen: 24
                          91.103.19.0/24 maxlen: 24
                          91.103.21.0/24 maxlen: 24
                          91.103.23.0/24 maxlen: 24
                          185.62.116.0/24 maxlen: 24
                          185.62.117.0/24 maxlen: 24
                          185.62.118.0/24 maxlen: 24
                          185.62.119.0/24 maxlen: 24
                          193.160.134.0/24 maxlen: 24
                          193.160.135.0/24 maxlen: 24
                          195.238.244.0/24 maxlen: 24
                          216.172.64.0/24 maxlen: 24
                          216.172.65.0/24 maxlen: 24
                          216.172.66.0/24 maxlen: 24
                          216.172.67.0/24 maxlen: 24
                          216.172.68.0/24 maxlen: 24
                          216.172.69.0/24 maxlen: 24
                          216.172.70.0/24 maxlen: 24
                          216.172.71.0/24 maxlen: 24
                          216.172.72.0/24 maxlen: 24
                          216.172.73.0/24 maxlen: 24
                          216.172.74.0/24 maxlen: 24
                          216.172.75.0/24 maxlen: 24
                          216.172.76.0/24 maxlen: 24
                          216.172.77.0/24 maxlen: 24
                          216.172.78.0/24 maxlen: 24
                          216.172.79.0/24 maxlen: 24
                          2a00:cb8:31::/48 maxlen: 48
                          2a00:cb8:33::/48 maxlen: 48
                          2a00:cb8:34::/48 maxlen: 48
                          2a00:cb8:39::/48 maxlen: 48
                          2a00:cb8:41::/48 maxlen: 48
                          2a00:cb8:44::/48 maxlen: 48
                          2a00:cb8:48::/48 maxlen: 48
                          2a00:cb8:49::/48 maxlen: 48
                          2a00:cb8:144::/48 maxlen: 48
                          2a00:cb8:353::/48 maxlen: 48
                          2a00:cb8:971::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 14 May 2024 05:34:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:14:06:9d:27:4f:ad:a2:29:ee:3d:0d:b0:50:89:29:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
        Validity
            Not Before: Apr 25 06:52:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=090021b530a4bdc77c78f200d47f8b799898f50c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:61:9a:b4:31:ef:dc:45:e3:9d:c2:59:27:61:
                    83:73:b0:c0:e4:6e:dd:11:68:a4:6c:1c:f4:09:78:
                    98:4a:42:39:23:aa:bc:ba:f9:d3:86:c0:d6:23:a0:
                    53:da:48:73:cb:59:f1:3a:91:f1:7b:9f:7b:11:25:
                    99:1f:27:b9:68:b3:2b:6f:dd:9e:c9:26:03:ec:c5:
                    80:62:e3:9a:71:73:d7:55:4a:86:a7:ec:18:36:a8:
                    32:af:e0:a6:74:e9:32:d3:20:be:95:ba:fc:af:41:
                    35:0f:03:7b:1d:5f:37:10:52:89:b7:ca:8e:a4:40:
                    6e:4c:55:cf:d0:20:0c:98:df:29:92:1e:3e:49:f9:
                    3e:01:4a:56:ab:29:83:ee:95:7b:7e:60:60:59:fe:
                    b2:1e:cb:2c:2a:f8:e5:74:31:30:2f:62:2a:3b:db:
                    f1:9a:c1:27:a5:f2:3a:41:8c:74:89:51:fe:40:65:
                    42:21:79:1c:f3:c0:e2:2a:ab:da:68:85:c7:1d:98:
                    e9:62:ed:44:96:9b:4b:fa:33:b2:d4:31:d9:be:8a:
                    88:0a:34:c6:9e:2c:7a:a1:25:4f:f2:1f:ae:55:e6:
                    e8:ac:f0:d5:47:50:8d:c0:c6:57:9d:89:c8:63:8d:
                    7a:b1:61:56:e2:7c:59:f0:29:62:30:d8:a4:19:de:
                    f1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:00:21:B5:30:A4:BD:C7:7C:78:F2:00:D4:7F:8B:79:98:98:F5:0C
            X509v3 Authority Key Identifier:
                keyid:72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/CQAhtTCkvcd8ePIA1H-LeZiY9Qw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.253.88.0/22
                  37.26.224.0/21
                  45.81.220.0/22
                  45.93.84.0/23
                  45.93.87.0/24
                  45.94.190.0/24
                  45.95.216.0/22
                  63.247.192.0/20
                  86.48.208.0/22
                  86.48.216.0-86.48.224.255
                  86.48.240.0-86.48.242.255
                  91.103.16.0/22
                  91.103.21.0/24
                  91.103.23.0/24
                  185.62.116.0/22
                  193.160.134.0/23
                  195.238.244.0/24
                  216.172.64.0/20
                IPv6:
                  2a00:cb8:31::/48
                  2a00:cb8:33::-2a00:cb8:34:ffff:ffff:ffff:ffff:ffff
                  2a00:cb8:39::/48
                  2a00:cb8:41::/48
                  2a00:cb8:44::/48
                  2a00:cb8:48::/47
                  2a00:cb8:144::/48
                  2a00:cb8:353::/48
                  2a00:cb8:971::/48

    Signature Algorithm: sha256WithRSAEncryption
         8c:6a:09:0c:59:ac:a3:52:53:25:ae:d1:71:ce:69:7b:54:e9:
         be:c7:a9:66:54:90:89:ae:fd:6f:6c:a8:ca:6d:fa:7f:70:dc:
         1a:d8:4d:52:f8:20:c4:dc:b6:f5:cc:10:4b:96:a6:91:ad:97:
         f4:8c:af:fc:04:76:5e:0f:07:d7:96:23:d5:92:62:9f:1a:5b:
         6c:84:d6:0c:79:6e:68:d6:5d:d5:e8:bb:8c:f0:aa:e4:da:d7:
         04:8f:0e:06:9d:b4:80:9a:ad:38:10:b1:f0:82:d2:32:46:7a:
         61:85:90:4e:e0:fc:40:34:8f:fd:6e:1a:0d:22:1b:2f:52:db:
         38:14:0c:90:45:c3:94:fd:9a:94:82:56:44:a7:f3:da:60:14:
         27:c2:7a:62:01:b5:5b:bd:a6:53:3f:a4:7f:a4:cf:2b:3d:9b:
         2c:44:bb:90:1c:67:20:0d:cf:0e:a0:a0:70:70:77:c3:25:e7:
         cf:61:84:c7:a8:19:97:d9:8f:f0:cd:23:95:07:61:19:a1:9d:
         92:63:88:0e:13:f7:1c:1c:ab:95:2d:7e:26:5c:36:65:7e:d3:
         85:df:65:1f:bc:69:e4:43:d5:7f:95:28:67:5d:64:5b:48:31:
         75:ba:3f:34:ca:10:1d:71:7d:7a:2f:fa:e1:6c:f8:a6:94:38:
         7a:5a:be:58
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAY8UBp0nT62iKe49DbBQiSlUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTgxZmI1Y2YwZmIzMmM0NTc1Zjg0MTNhY2JkNDFhYTg0
YjgyZjQwHhcNMjQwNDI1MDY1MjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTAwMjFiNTMwYTRiZGM3N2M3OGYyMDBkNDdmOGI3OTk4OThmNTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGGatDHv3EXjncJZJ2GDc7DA5G7d
EWikbBz0CXiYSkI5I6q8uvnThsDWI6BT2khzy1nxOpHxe597ESWZHye5aLMrb92e
ySYD7MWAYuOacXPXVUqGp+wYNqgyr+CmdOky0yC+lbr8r0E1DwN7HV83EFKJt8qO
pEBuTFXP0CAMmN8pkh4+Sfk+AUpWqymD7pV7fmBgWf6yHsssKvjldDEwL2IqO9vx
msEnpfI6QYx0iVH+QGVCIXkc88DiKqvaaIXHHZjpYu1ElptL+jOy1DHZvoqICjTG
nix6oSVP8h+uVeborPDVR1CNwMZXnYnIY416sWFW4nxZ8CliMNikGd7xsQIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFAkAIbUwpL3HfHjyANR/i3mYmPUMMB8GA1UdIwQY
MBaAFHLoH7XPD7MsRXX4QTrL1BqoS4L0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQt
Y2RhNmUxOWZmYjg4LzEvQ1FBaHRUQ2t2Y2Q4ZVBJQTFILUxlWmlZOVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQtY2RhNmUxOWZmYjg4
LzEvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCBggQCAAEwfAMEAgX9
WAMEAyUa4AMEAi1R3AMEAS1dVAMEAC1dVwMEAC1evgMEAi1f2AMEBD/3wAMEAlYw
0DAMAwQDVjDYAwQAVjDgMAwDBARWMPADBABWMPIDBAJbZxADBABbZxUDBABbZxcD
BAK5PnQDBAHBoIYDBADD7vQDBATYrEAwYgQCAAIwXAMHACoADLgAMTASAwcAKgAM
uAAzAwcAKgAMuAA0AwcAKgAMuAA5AwcAKgAMuABBAwcAKgAMuABEAwcBKgAMuABI
AwcAKgAMuAFEAwcAKgAMuANTAwcAKgAMuAlxMA0GCSqGSIb3DQEBCwUAA4IBAQCM
agkMWayjUlMlrtFxzml7VOm+x6lmVJCJrv1vbKjKbfp/cNwa2E1S+CDE3Lb1zBBL
lqaRrZf0jK/8BHZeDwfXliPVkmKfGltshNYMeW5o1l3V6LuM8Krk2tcEjw4GnbSA
mq04ELHwgtIyRnphhZBO4PxANI/9bhoNIhsvUts4FAyQRcOU/ZqUglZEp/PaYBQn
wnpiAbVbvaZTP6R/pM8rPZssRLuQHGcgDc8OoKBwcHfDJefPYYTHqBmX2Y/wzSOV
B2EZoZ2SY4gOE/ccHKuVLX4mXDZlftOF32UfvGnkQ9V/lShnXWRbSDF1uj80yhAd
cX16L/rhbPimlDh6Wr5Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:56 2024 by rpki-client on console-ams.rpki-client.org