Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/uwbrAblH_R4kP3Pk4CBmxCBCp7c.roa
File:                     uwbrAblH_R4kP3Pk4CBmxCBCp7c.roa (raw, json)
Hash identifier:          IywdRjFmvZr37b5e7f01Rez0QulNKyA5y45vaK03bwk=
Subject key identifier:   BB:06:EB:01:B9:47:FD:1E:24:3F:73:E4:E0:20:66:C4:20:42:A7:B7
Certificate issuer:       /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial:       0186163AF3A84216BB015259478DC79947AF
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/uwbrAblH_R4kP3Pk4CBmxCBCp7c.roa
Signing time:             Fri 03 Feb 2023 07:43:27 +0000
ROA not before:           Fri 03 Feb 2023 07:43:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201011
IP address blocks:        83.142.80.0/21 maxlen: 21
                          82.199.147.0/24 maxlen: 24
                          82.199.148.0/24 maxlen: 24
                          82.199.149.0/24 maxlen: 24
                          82.199.153.0/24 maxlen: 24
                          195.138.249.0/24 maxlen: 24
                          195.138.250.0/24 maxlen: 24
                          82.199.157.0/24 maxlen: 24
                          82.199.158.0/24 maxlen: 24
                          82.199.159.0/24 maxlen: 24
                          195.138.248.0/21 maxlen: 21
                          31.7.177.0/24 maxlen: 24
                          31.7.176.0/20 maxlen: 24
                          185.89.36.0/22 maxlen: 22
                          92.43.104.0/21 maxlen: 24
                          2.59.28.0/22 maxlen: 22
                          80.255.0.0/20 maxlen: 20
                          81.95.0.0/20 maxlen: 24
                          82.199.128.0/24 maxlen: 24
                          82.199.128.0/19 maxlen: 24
                          82.199.130.0/24 maxlen: 24
                          82.199.131.0/24 maxlen: 24
                          82.199.138.0/24 maxlen: 24
                          82.199.141.0/24 maxlen: 24
                          5.56.16.0/21 maxlen: 21
                          2a01:4a0:47::/48 maxlen: 48
                          2a01:4a0:42::/48 maxlen: 48
                          2a0b:76c0::/29 maxlen: 29
                          2a01:4a0:38::/48 maxlen: 48
                          2a09:ee40::/29 maxlen: 29
                          2a01:4a0:56::/48 maxlen: 48
                          2a01:4a0:30::/48 maxlen: 48
                          2a01:4a0:50::/48 maxlen: 48
                          2a01:4a0:e::/48 maxlen: 48
                          2a01:4a0::/29 maxlen: 48
                          2a01:4a0:17::/48 maxlen: 48
                          2a05:d4c0::/29 maxlen: 29
                          2a01:4a0:48::/48 maxlen: 48
                          2a01:4a0:b::/48 maxlen: 48
                          2a01:4a0:46::/48 maxlen: 48
                          2a01:4a0:45::/48 maxlen: 48
                          2a01:4a0:43::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 07 Feb 2023 08:09:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:16:3a:f3:a8:42:16:bb:01:52:59:47:8d:c7:99:47:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
        Validity
            Not Before: Feb  3 07:43:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb06eb01b947fd1e243f73e4e02066c42042a7b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:7c:af:a7:4a:99:33:9f:00:e0:c1:f9:8b:84:
                    d4:a8:33:a7:a6:2f:f4:37:ed:de:f2:ed:10:bd:b3:
                    7e:ff:33:29:98:6b:b1:b9:b1:73:4d:4c:1c:a6:6f:
                    34:0e:2b:15:63:bd:f9:c3:f8:bb:88:cc:b8:e5:12:
                    37:9e:15:7f:46:06:bb:fb:ea:4e:52:8b:6b:21:b6:
                    7a:ca:b0:b0:c1:a9:1f:40:a3:b5:9d:81:6e:aa:30:
                    02:38:f1:1b:b7:1d:f7:07:e8:6e:06:cd:8a:49:b9:
                    13:1b:a5:df:41:15:5f:e0:19:e3:26:88:fb:ec:3e:
                    0c:93:7b:ea:bd:4a:80:b2:87:43:cd:e1:43:5b:96:
                    c9:84:d4:05:d0:d4:37:8f:fb:e0:7c:59:2b:29:3c:
                    8c:de:68:e4:0b:0e:54:e0:c7:45:f7:30:92:60:e3:
                    63:fb:1f:2b:d3:c0:98:6c:9a:47:fe:2c:95:05:47:
                    37:00:ce:0c:4b:9e:98:65:ed:15:eb:2a:1a:e1:e4:
                    c5:7f:44:75:d6:bb:27:b5:5b:5c:f3:0c:8d:2d:86:
                    2a:c4:d7:de:4c:a4:7e:75:8c:80:d3:c6:f4:82:bd:
                    92:cd:26:8e:aa:92:f9:f1:6c:40:82:a7:72:90:1a:
                    d9:a9:89:ca:15:ad:b2:f7:17:fb:24:3f:2a:2f:3d:
                    51:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:06:EB:01:B9:47:FD:1E:24:3F:73:E4:E0:20:66:C4:20:42:A7:B7
            X509v3 Authority Key Identifier:
                keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/uwbrAblH_R4kP3Pk4CBmxCBCp7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.28.0/22
                  5.56.16.0/21
                  31.7.176.0/20
                  80.255.0.0/20
                  81.95.0.0/20
                  82.199.128.0/19
                  83.142.80.0/21
                  92.43.104.0/21
                  185.89.36.0/22
                  195.138.248.0/21
                IPv6:
                  2a01:4a0::/29
                  2a05:d4c0::/29
                  2a09:ee40::/29
                  2a0b:76c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         04:d3:d0:27:3b:e1:d7:12:52:8e:ec:94:51:9d:d2:b9:fa:ab:
         2c:8f:1e:4a:9f:48:c4:d8:e6:f1:10:f5:50:4b:ea:fd:af:26:
         bf:41:2c:cb:34:be:75:f6:c4:f8:55:7e:9a:b9:68:fc:f1:2d:
         43:1f:a3:f4:8f:4b:e9:3f:9a:a2:c6:56:e5:6d:2c:c3:d6:29:
         fa:42:d0:09:fc:81:2d:67:35:d0:76:33:1b:44:4a:61:2f:97:
         43:f2:67:15:01:26:35:e4:71:c7:1a:ca:44:6f:2a:62:09:22:
         e6:da:f7:4d:ba:38:fe:0e:81:1b:31:fa:17:1d:65:96:ac:da:
         fa:f1:7f:85:60:f3:45:0c:49:f9:01:aa:07:7f:e6:b8:de:53:
         19:54:81:7e:cd:6c:f8:ab:89:ca:a3:55:93:8e:08:a4:26:30:
         7c:a7:3b:91:98:69:48:39:cf:7d:5f:a5:4b:6e:bc:0f:14:0f:
         8c:8a:62:62:bb:24:76:92:e0:c5:de:0e:b9:99:88:5b:14:4d:
         26:c7:bf:a2:c2:77:b3:06:f7:1f:1c:fd:72:55:06:0a:b8:96:
         22:20:cb:0c:f4:53:4a:e6:a6:59:01:80:30:05:d9:87:99:4a:
         6b:dd:66:4d:c9:cc:4a:f0:a3:f4:86:79:be:fa:8b:5a:81:47:
         15:01:b5:ed
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYYWOvOoQha7AVJZR43HmUevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjMwMjAzMDc0MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjA2ZWIwMWI5NDdmZDFlMjQzZjczZTRlMDIwNjZjNDIwNDJhN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXyvp0qZM58A4MH5i4TUqDOnpi/0
N+3e8u0QvbN+/zMpmGuxubFzTUwcpm80DisVY735w/i7iMy45RI3nhV/Rga7++pO
UotrIbZ6yrCwwakfQKO1nYFuqjACOPEbtx33B+huBs2KSbkTG6XfQRVf4BnjJoj7
7D4Mk3vqvUqAsodDzeFDW5bJhNQF0NQ3j/vgfFkrKTyM3mjkCw5U4MdF9zCSYONj
+x8r08CYbJpH/iyVBUc3AM4MS56YZe0V6yoa4eTFf0R11rsntVtc8wyNLYYqxNfe
TKR+dYyA08b0gr2SzSaOqpL58WxAgqdykBrZqYnKFa2y9xf7JD8qLz1RhwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFLsG6wG5R/0eJD9z5OAgZsQgQqe3MB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvdXdickFibEhfUjRrUDNQazRDQm14Q0JDcDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBCBAIAATA8AwQCAjscAwQD
BTgQAwQEHwewAwQEUP8AAwQEUV8AAwQFUseAAwQDU45QAwQDXCtoAwQCuVkkAwQD
w4r4MCIEAgACMBwDBQMqAQSgAwUDKgXUwAMFAyoJ7kADBQMqC3bAMA0GCSqGSIb3
DQEBCwUAA4IBAQAE09AnO+HXElKO7JRRndK5+qssjx5Kn0jE2ObxEPVQS+r9rya/
QSzLNL519sT4VX6auWj88S1DH6P0j0vpP5qixlblbSzD1in6QtAJ/IEtZzXQdjMb
REphL5dD8mcVASY15HHHGspEbypiCSLm2vdNujj+DoEbMfoXHWWWrNr68X+FYPNF
DEn5AaoHf+a43lMZVIF+zWz4q4nKo1WTjgikJjB8pzuRmGlIOc99X6VLbrwPFA+M
imJiuyR2kuDF3g65mYhbFE0mx7+iwnezBvcfHP1yVQYKuJYiIMsM9FNK5qZZAYAw
BdmHmUpr3WZNycxK8KP0hnm++otagUcVAbXt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org