Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/GF0XzV7gXPkhsfk-DHDzpz6O_1g.roa
File:                     GF0XzV7gXPkhsfk-DHDzpz6O_1g.roa (raw, json)
Hash identifier:          71qvHCOy8uVTdOlCUYN47Y9J76CWk2+jLWjRUjIPBr4=
Subject key identifier:   18:5D:17:CD:5E:E0:5C:F9:21:B1:F9:3E:0C:70:F3:A7:3E:8E:FF:58
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       018DA1B30A877E94BD5C40F336483BF7A7B7
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/GF0XzV7gXPkhsfk-DHDzpz6O_1g.roa
Signing time:             Tue 13 Feb 2024 09:01:21 +0000
ROA not before:           Tue 13 Feb 2024 09:01:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9125
IP address blocks:        5.172.33.0/24 maxlen: 24
                          5.172.34.0/23 maxlen: 23
                          5.172.34.0/24 maxlen: 24
                          5.172.36.0/22 maxlen: 22
                          5.172.36.0/23 maxlen: 23
                          89.23.65.0/24 maxlen: 24
                          89.23.66.0/23 maxlen: 23
                          89.23.68.0/23 maxlen: 23
                          89.23.70.0/24 maxlen: 24
                          89.23.74.0/24 maxlen: 24
                          89.23.75.0/24 maxlen: 24
                          89.23.77.0/24 maxlen: 24
                          89.23.83.0/24 maxlen: 24
                          89.23.84.0/24 maxlen: 24
                          89.23.90.0/24 maxlen: 24
                          89.23.93.0/24 maxlen: 24
                          92.42.248.0/22 maxlen: 22
                          92.42.252.0/24 maxlen: 24
                          92.42.253.0/24 maxlen: 24
                          92.42.254.0/24 maxlen: 24
                          92.42.255.0/24 maxlen: 24
                          93.93.192.0/21 maxlen: 21
                          95.140.112.0/22 maxlen: 22
                          95.140.115.0/24 maxlen: 24
                          95.140.116.0/22 maxlen: 22
                          95.140.120.0/23 maxlen: 23
                          95.140.124.0/22 maxlen: 22
                          95.140.125.0/24 maxlen: 24
                          109.111.224.0/24 maxlen: 24
                          109.111.225.0/24 maxlen: 24
                          109.111.226.0/24 maxlen: 24
                          109.111.227.0/24 maxlen: 24
                          109.111.228.0/24 maxlen: 24
                          109.111.229.0/24 maxlen: 24
                          109.111.230.0/23 maxlen: 23
                          109.111.232.0/22 maxlen: 22
                          109.111.236.0/22 maxlen: 22
                          109.111.240.0/24 maxlen: 24
                          109.111.243.0/24 maxlen: 24
                          109.111.244.0/24 maxlen: 24
                          109.111.245.0/24 maxlen: 24
                          109.111.246.0/24 maxlen: 24
                          109.111.247.0/24 maxlen: 24
                          109.111.248.0/24 maxlen: 24
                          109.111.250.0/24 maxlen: 24
                          109.111.252.0/23 maxlen: 23
                          109.111.254.0/24 maxlen: 24
                          178.254.128.0/21 maxlen: 21
                          178.254.133.0/24 maxlen: 24
                          178.254.136.0/22 maxlen: 22
                          178.254.140.0/22 maxlen: 22
                          178.254.144.0/20 maxlen: 20
                          178.254.145.0/24 maxlen: 24
                          178.254.163.0/24 maxlen: 24
                          178.254.165.0/24 maxlen: 24
                          178.254.169.0/24 maxlen: 24
                          178.254.172.0/24 maxlen: 24
                          178.254.175.0/24 maxlen: 24
                          178.254.177.0/24 maxlen: 24
                          178.254.182.0/24 maxlen: 24
                          178.254.183.0/24 maxlen: 24
                          178.254.184.0/24 maxlen: 24
                          178.254.187.0/24 maxlen: 24
                          178.254.188.0/22 maxlen: 24
                          185.157.44.0/24 maxlen: 24
                          193.104.68.0/24 maxlen: 24
                          217.169.208.0/20 maxlen: 20
                          217.169.208.0/22 maxlen: 22
                          217.169.212.0/22 maxlen: 22
                          217.169.216.0/22 maxlen: 22
                          217.169.219.0/24 maxlen: 24
                          217.169.220.0/22 maxlen: 22
                          2a02:b58::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 11:11:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a1:b3:0a:87:7e:94:bd:5c:40:f3:36:48:3b:f7:a7:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Feb 13 09:01:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=185d17cd5ee05cf921b1f93e0c70f3a73e8eff58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:dc:70:c3:ec:ff:9d:d5:f8:41:f6:3d:39:fc:
                    c6:50:86:95:4d:d9:c3:a6:2b:5e:3c:ed:2f:39:89:
                    0e:7c:3f:98:43:2b:e3:e7:cd:c3:22:fc:ad:ec:63:
                    60:93:3f:05:d4:a2:52:99:3c:5f:ef:8c:6b:19:16:
                    a8:43:c8:7b:dd:96:1b:f4:14:3d:a9:77:3b:82:92:
                    4e:b6:f5:0d:f8:2c:e2:4f:e9:a8:f7:11:71:47:d3:
                    e1:ee:00:53:d1:57:d1:91:5e:7a:b0:55:e9:31:60:
                    75:df:f2:59:a7:ee:15:98:cf:ef:67:58:40:b9:c9:
                    51:fe:7b:2e:c5:8a:0e:66:93:8c:2f:7d:07:b1:b2:
                    d2:68:aa:97:e6:6c:cf:f8:00:d2:6e:c5:40:13:77:
                    23:1a:f4:55:2f:e4:cc:47:bf:c7:e8:52:08:ee:5b:
                    b7:e2:70:11:a0:ec:b5:ec:e2:ab:40:28:64:38:75:
                    c5:c0:20:1e:a1:bc:1f:50:8a:8f:db:47:1d:ab:5a:
                    7f:71:99:c6:51:15:fd:27:1c:cc:7e:51:65:b6:8b:
                    88:3b:e7:cf:9f:ae:b1:60:50:5b:6d:0b:f3:ca:7a:
                    e1:22:a3:4d:f1:11:eb:2d:c6:4e:3e:a8:9b:b4:f9:
                    28:9d:47:58:ab:25:53:01:72:8c:8f:08:74:bc:71:
                    8b:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:5D:17:CD:5E:E0:5C:F9:21:B1:F9:3E:0C:70:F3:A7:3E:8E:FF:58
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/GF0XzV7gXPkhsfk-DHDzpz6O_1g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.172.33.0-5.172.39.255
                  89.23.65.0-89.23.70.255
                  89.23.74.0/23
                  89.23.77.0/24
                  89.23.83.0-89.23.84.255
                  89.23.90.0/24
                  89.23.93.0/24
                  92.42.248.0/21
                  93.93.192.0/21
                  95.140.112.0-95.140.121.255
                  95.140.124.0/22
                  109.111.224.0-109.111.240.255
                  109.111.243.0-109.111.248.255
                  109.111.250.0/24
                  109.111.252.0-109.111.254.255
                  178.254.128.0/19
                  178.254.163.0/24
                  178.254.165.0/24
                  178.254.169.0/24
                  178.254.172.0/24
                  178.254.175.0/24
                  178.254.177.0/24
                  178.254.182.0-178.254.184.255
                  178.254.187.0-178.254.191.255
                  185.157.44.0/24
                  193.104.68.0/24
                  217.169.208.0/20
                IPv6:
                  2a02:b58::/32

    Signature Algorithm: sha256WithRSAEncryption
         1d:bf:30:e5:4a:e3:e5:17:30:de:04:3d:0f:64:d9:a0:96:db:
         e0:42:6f:ec:d5:9f:2d:ec:bc:96:35:b2:64:98:9d:75:9c:b1:
         0e:0c:79:b6:13:0f:43:c6:10:2f:c6:41:7e:c1:b0:e6:39:6b:
         9b:d9:8d:19:71:8e:d3:59:c3:d7:95:60:00:2b:20:ad:3e:a7:
         a3:b5:c7:76:9d:bb:84:40:29:46:d1:ed:3f:0e:c2:ff:c4:24:
         a4:48:1d:ce:0a:ac:ac:03:4e:71:46:ef:06:28:04:c4:bd:62:
         51:14:ce:7f:f9:b0:f9:cd:a7:14:61:a8:3b:a3:e0:55:36:25:
         41:7f:67:66:e4:38:39:41:1b:32:4d:1f:e6:b0:08:73:73:5d:
         f3:6e:c1:70:96:73:b0:6b:46:f3:a2:45:5e:36:71:34:75:2d:
         1d:69:4e:ec:b9:3a:f3:91:be:c4:14:f2:ee:e8:bc:c1:d6:4c:
         d8:18:7d:d9:e5:4a:a6:1f:f7:07:3d:0d:06:d9:ae:30:f4:57:
         c9:24:3d:7c:26:46:60:f7:7f:d2:fa:43:a2:3b:b5:a1:ac:76:
         b5:f5:2e:1a:56:82:15:d8:63:9f:a3:b4:f4:75:c2:f2:72:1d:
         0c:76:53:15:5e:93:c6:c8:0b:82:df:dd:3b:28:ac:a0:1e:a5:
         6f:e3:5d:d2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAY2hswqHfpS9XEDzNkg796e3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjQwMjEzMDkwMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODVkMTdjZDVlZTA1Y2Y5MjFiMWY5M2UwYzcwZjNhNzNlOGVmZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3txww+z/ndX4QfY9OfzGUIaVTdnD
pitePO0vOYkOfD+YQyvj583DIvyt7GNgkz8F1KJSmTxf74xrGRaoQ8h73ZYb9BQ9
qXc7gpJOtvUN+CziT+mo9xFxR9Ph7gBT0VfRkV56sFXpMWB13/JZp+4VmM/vZ1hA
uclR/nsuxYoOZpOML30HsbLSaKqX5mzP+ADSbsVAE3cjGvRVL+TMR7/H6FII7lu3
4nARoOy17OKrQChkOHXFwCAeobwfUIqP20cdq1p/cZnGURX9JxzMflFltouIO+fP
n66xYFBbbQvzynrhIqNN8RHrLcZOPqibtPkonUdYqyVTAXKMjwh0vHGLPwIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFBhdF81e4Fz5IbH5Pgxw86c+jv9YMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvR0YwWHpWN2dYUGtoc2ZrLURIRHpwejZPXzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB8QQCAAEwgeow
DAMEAAWsIQMEAwWsIDAMAwQAWRdBAwQAWRdGAwQBWRdKAwQAWRdNMAwDBABZF1MD
BABZF1QDBABZF1oDBABZF10DBANcKvgDBANdXcAwDAMEBF+McAMEAV+MeAMEAl+M
fDAMAwQFbW/gAwQAbW/wMAwDBABtb/MDBABtb/gDBABtb/owDAMEAm1v/AMEAG1v
/gMEBbL+gAMEALL+owMEALL+pQMEALL+qQMEALL+rAMEALL+rwMEALL+sTAMAwQB
sv62AwQAsv64MAwDBACy/rsDBAay/oADBAC5nSwDBADBaEQDBATZqdAwDQQCAAIw
BwMFACoCC1gwDQYJKoZIhvcNAQELBQADggEBAB2/MOVK4+UXMN4EPQ9k2aCW2+BC
b+zVny3svJY1smSYnXWcsQ4MebYTD0PGEC/GQX7BsOY5a5vZjRlxjtNZw9eVYAAr
IK0+p6O1x3adu4RAKUbR7T8Owv/EJKRIHc4KrKwDTnFG7wYoBMS9YlEUzn/5sPnN
pxRhqDuj4FU2JUF/Z2bkODlBGzJNH+awCHNzXfNuwXCWc7BrRvOiRV42cTR1LR1p
Tuy5OvORvsQU8u7ovMHWTNgYfdnlSqYf9wc9DQbZrjD0V8kkPXwmRmD3f9L6Q6I7
taGsdrX1LhpWghXYY5+jtPR1wvJyHQx2UxVek8bIC4Lf3TsorKAepW/jXdI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:41 2024 by rpki-client on console-ams.rpki-client.org