Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/uGWmzqyLzJsv61aeyEMhB3dfPz0.roa
File:                     uGWmzqyLzJsv61aeyEMhB3dfPz0.roa (raw, json)
Hash identifier:          tXRZ4CiaJSeb+TcGjRU9/ONNF4PhaDRD6x1JJ6O1Z0I=
Subject key identifier:   B8:65:A6:CE:AC:8B:CC:9B:2F:EB:56:9E:C8:43:21:07:77:5F:3F:3D
Certificate issuer:       /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial:       018C34A458200033F49AA9260D12B8885DFA
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/uGWmzqyLzJsv61aeyEMhB3dfPz0.roa
Signing time:             Mon 04 Dec 2023 11:43:54 +0000
ROA not before:           Mon 04 Dec 2023 11:43:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16839
IP address blocks:        165.171.0.0/17 maxlen: 24
                          163.120.128.0/17 maxlen: 24
                          136.242.128.0/17 maxlen: 24
                          138.12.128.0/17 maxlen: 17
                          148.139.48.0/20 maxlen: 20
                          148.139.64.0/20 maxlen: 20
                          148.139.80.0/20 maxlen: 20
                          37.98.233.0/24 maxlen: 24
                          37.98.232.0/21 maxlen: 21
                          37.98.232.0/24 maxlen: 24
                          37.98.232.0/22 maxlen: 22
                          37.98.232.0/23 maxlen: 23
                          37.98.235.0/24 maxlen: 24
                          37.98.236.0/22 maxlen: 22
                          37.98.236.0/23 maxlen: 23
                          37.98.236.0/24 maxlen: 24
                          37.98.238.0/23 maxlen: 23
                          37.98.238.0/24 maxlen: 24
                          37.98.237.0/24 maxlen: 24
                          37.98.234.0/24 maxlen: 24
                          37.98.234.0/23 maxlen: 23
                          37.98.239.0/24 maxlen: 24
                          148.139.4.0/22 maxlen: 22
                          148.139.1.0/24 maxlen: 24
                          148.139.0.0/24 maxlen: 24
                          148.139.3.0/24 maxlen: 24
                          148.139.2.0/24 maxlen: 24
                          148.139.0.0/16 maxlen: 16
                          148.139.8.0/22 maxlen: 22
                          148.139.12.0/22 maxlen: 22
                          148.139.16.0/22 maxlen: 22
                          148.139.29.0/24 maxlen: 24
                          148.139.28.0/24 maxlen: 24
                          148.139.30.0/24 maxlen: 24
                          148.139.32.0/20 maxlen: 20
                          148.139.96.0/22 maxlen: 22
                          148.139.105.0/24 maxlen: 24
                          148.139.104.0/24 maxlen: 24
                          148.139.100.0/22 maxlen: 22
                          148.139.108.0/22 maxlen: 22
                          148.139.112.0/22 maxlen: 22
                          148.139.116.0/22 maxlen: 22
                          148.139.125.0/24 maxlen: 24
                          148.139.124.0/24 maxlen: 24
                          148.139.120.0/22 maxlen: 22
                          2a04:37c0:3510::/48 maxlen: 48
                          2a04:37c0:4910::/48 maxlen: 48
                          2a04:37c0:4110::/48 maxlen: 48
                          2a04:37c0:4410::/48 maxlen: 48
                          2a04:37c0:3110::/48 maxlen: 48
                          2a04:37c0:4430::/48 maxlen: 48
                          2a04:37c0::/29 maxlen: 48
                          2a04:37c0:3120::/48 maxlen: 48
                          2a04:37c0:4120::/48 maxlen: 48
                          2a04:37c0:4420::/48 maxlen: 48
                          2a04:37c0:4920::/48 maxlen: 48
                          2a04:37c0:3520::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 04 Dec 2023 12:04:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:34:a4:58:20:00:33:f4:9a:a9:26:0d:12:b8:88:5d:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
        Validity
            Not Before: Dec  4 11:43:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b865a6ceac8bcc9b2feb569ec8432107775f3f3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:1d:09:e2:9a:ea:37:ce:6b:15:b8:76:6c:ca:
                    c8:4b:01:32:80:ef:39:f6:7d:90:5b:ca:20:b9:93:
                    a8:a0:19:1c:f3:65:fd:1b:ec:e1:59:8e:c2:d0:e3:
                    80:0d:cc:73:bd:d9:f4:62:ce:0a:9d:a7:e3:50:1e:
                    1f:f8:51:18:fa:09:08:28:85:16:58:06:98:44:15:
                    1f:51:ca:a7:6a:4c:0e:f7:38:cf:44:c2:b6:36:6b:
                    d5:00:0a:58:3a:92:2b:fa:d6:8e:2b:b5:58:4e:48:
                    ad:9c:50:e0:40:54:1c:9c:75:33:3c:30:bc:50:f2:
                    d5:b5:df:39:8a:29:9a:a7:35:55:5c:77:d9:1f:d7:
                    52:2a:d1:0a:cb:2a:15:98:2b:af:3c:92:39:20:61:
                    c9:82:17:3b:3f:38:ba:d9:ef:50:81:88:8c:77:9c:
                    ba:98:5c:21:e0:13:cc:e2:e0:4a:d2:8b:93:70:ff:
                    0b:14:27:50:e7:d5:c6:23:f8:c6:42:f4:98:b0:df:
                    9e:2e:39:8d:29:eb:94:2c:52:a6:6f:9c:63:db:f0:
                    59:8a:b9:b2:41:b2:92:c5:8c:eb:f2:a0:cc:5a:1e:
                    df:0c:94:72:ac:d1:46:39:c3:13:42:f0:7c:05:c7:
                    68:59:c3:e0:6c:a2:a2:a4:40:6c:04:49:f9:5f:f7:
                    e1:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:65:A6:CE:AC:8B:CC:9B:2F:EB:56:9E:C8:43:21:07:77:5F:3F:3D
            X509v3 Authority Key Identifier:
                keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/uGWmzqyLzJsv61aeyEMhB3dfPz0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.98.232.0/21
                  136.242.128.0/17
                  138.12.128.0/17
                  148.139.0.0/16
                  163.120.128.0/17
                  165.171.0.0/17
                IPv6:
                  2a04:37c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         54:40:0d:13:ee:9e:10:f8:7d:b9:2a:7d:ea:fd:dc:9c:0b:6c:
         07:4f:6f:4b:5e:08:65:03:1d:81:fa:21:bf:e0:93:66:42:87:
         58:65:16:f7:33:77:b9:64:14:b2:fa:34:14:2d:be:06:0a:a0:
         a2:0e:1b:ad:a6:bc:6b:42:2b:ec:a7:59:ce:8b:74:1c:5e:f7:
         1c:39:05:98:9f:e9:7a:94:77:a4:ba:80:db:bb:d5:bc:2f:e6:
         93:ff:d4:1b:52:92:1e:02:db:87:2f:3d:cf:d8:7b:db:88:b3:
         0f:8b:c8:70:77:3e:9d:94:8b:fb:08:d9:f8:64:74:17:30:a5:
         80:cf:36:ca:74:14:c9:3e:62:2f:06:a7:96:de:7b:b2:6c:fe:
         67:e3:d1:51:be:92:d8:96:e8:a0:0c:21:d3:e9:3d:bf:e2:a7:
         88:14:54:43:40:fa:2c:7d:19:cc:fe:f2:54:30:f6:ff:0b:71:
         b5:60:b9:94:66:e4:fa:03:ab:3c:4c:01:ce:0d:ee:d0:f0:2b:
         0f:67:02:5e:7b:4b:d7:0e:24:f2:0f:6f:4b:69:e9:04:76:95:
         75:b1:9c:5b:2a:d5:21:d2:9d:64:77:1a:2f:2f:d2:b4:ec:b8:
         82:dd:35:74:df:21:90:8d:f3:5d:8b:7b:bd:46:31:0f:13:a7:
         10:bf:6a:21
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYw0pFggADP0mqkmDRK4iF36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjMxMjA0MTE0MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODY1YTZjZWFjOGJjYzliMmZlYjU2OWVjODQzMjEwNzc3NWYzZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh0J4prqN85rFbh2bMrISwEygO85
9n2QW8oguZOooBkc82X9G+zhWY7C0OOADcxzvdn0Ys4KnafjUB4f+FEY+gkIKIUW
WAaYRBUfUcqnakwO9zjPRMK2NmvVAApYOpIr+taOK7VYTkitnFDgQFQcnHUzPDC8
UPLVtd85iimapzVVXHfZH9dSKtEKyyoVmCuvPJI5IGHJghc7Pzi62e9QgYiMd5y6
mFwh4BPM4uBK0ouTcP8LFCdQ59XGI/jGQvSYsN+eLjmNKeuULFKmb5xj2/BZirmy
QbKSxYzr8qDMWh7fDJRyrNFGOcMTQvB8BcdoWcPgbKKipEBsBEn5X/fh0wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLhlps6si8ybL+tWnshDIQd3Xz89MB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvdUdXbXpxeUx6SnN2NjFhZXlFTWhCM2RmUHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAejeIADBAelqwAwDQQCAAIwBwMFAyoEN8AwDQYJKoZI
hvcNAQELBQADggEBAFRADRPunhD4fbkqfer93JwLbAdPb0teCGUDHYH6Ib/gk2ZC
h1hlFvczd7lkFLL6NBQtvgYKoKIOG62mvGtCK+ynWc6LdBxe9xw5BZif6XqUd6S6
gNu71bwv5pP/1BtSkh4C24cvPc/Ye9uIsw+LyHB3Pp2Ui/sI2fhkdBcwpYDPNsp0
FMk+Yi8Gp5bee7Js/mfj0VG+ktiW6KAMIdPpPb/ip4gUVENA+ix9Gcz+8lQw9v8L
cbVguZRm5PoDqzxMAc4N7tDwKw9nAl57S9cOJPIPb0tp6QR2lXWxnFsq1SHSnWR3
Gi8v0rTsuILdNXTfIZCN812Le71GMQ8TpxC/aiE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:37 2024 by rpki-client on console-ams.rpki-client.org