Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/HxSQJJ9SLMSGqUyrWJHiMIsX2nQ.roa
File:                     HxSQJJ9SLMSGqUyrWJHiMIsX2nQ.roa (raw, json)
Hash identifier:          v0S4IJTVm/G0c+sphSxWliS8ulW30rn0t+u9rIn98kg=
Subject key identifier:   1F:14:90:24:9F:52:2C:C4:86:A9:4C:AB:58:91:E2:30:8B:17:DA:74
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       0189A1A1E0B2670F61473791CD144430DA89
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/HxSQJJ9SLMSGqUyrWJHiMIsX2nQ.roa
Signing time:             Sat 29 Jul 2023 12:31:27 +0000
ROA not before:           Sat 29 Jul 2023 12:31:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9125
IP address blocks:        93.93.192.0/21 maxlen: 21
                          92.42.253.0/24 maxlen: 24
                          92.42.252.0/24 maxlen: 24
                          92.42.248.0/22 maxlen: 22
                          92.42.254.0/24 maxlen: 24
                          92.42.255.0/24 maxlen: 24
                          89.23.93.0/24 maxlen: 24
                          193.104.68.0/24 maxlen: 24
                          89.23.68.0/23 maxlen: 23
                          89.23.70.0/24 maxlen: 24
                          89.23.66.0/23 maxlen: 23
                          89.23.65.0/24 maxlen: 24
                          89.23.75.0/24 maxlen: 24
                          178.254.133.0/24 maxlen: 24
                          178.254.136.0/22 maxlen: 22
                          178.254.144.0/20 maxlen: 20
                          178.254.145.0/24 maxlen: 24
                          178.254.140.0/22 maxlen: 22
                          178.254.165.0/24 maxlen: 24
                          178.254.163.0/24 maxlen: 24
                          178.254.172.0/24 maxlen: 24
                          178.254.169.0/24 maxlen: 24
                          178.254.175.0/24 maxlen: 24
                          178.254.177.0/24 maxlen: 24
                          178.254.183.0/24 maxlen: 24
                          178.254.182.0/24 maxlen: 24
                          178.254.184.0/24 maxlen: 24
                          178.254.128.0/21 maxlen: 21
                          95.140.112.0/22 maxlen: 22
                          95.140.116.0/22 maxlen: 22
                          95.140.115.0/24 maxlen: 24
                          95.140.120.0/23 maxlen: 23
                          95.140.124.0/22 maxlen: 22
                          95.140.125.0/24 maxlen: 24
                          178.254.188.0/22 maxlen: 24
                          178.254.187.0/24 maxlen: 24
                          185.157.44.0/24 maxlen: 24
                          109.111.254.0/24 maxlen: 24
                          217.169.208.0/20 maxlen: 20
                          217.169.208.0/22 maxlen: 22
                          217.169.212.0/22 maxlen: 22
                          217.169.219.0/24 maxlen: 24
                          217.169.216.0/22 maxlen: 22
                          217.169.220.0/22 maxlen: 22
                          5.172.34.0/24 maxlen: 24
                          5.172.33.0/24 maxlen: 24
                          5.172.34.0/23 maxlen: 23
                          5.172.36.0/23 maxlen: 23
                          5.172.36.0/22 maxlen: 22
                          109.111.226.0/24 maxlen: 24
                          109.111.225.0/24 maxlen: 24
                          109.111.224.0/24 maxlen: 24
                          109.111.232.0/22 maxlen: 22
                          109.111.229.0/24 maxlen: 24
                          109.111.228.0/24 maxlen: 24
                          109.111.230.0/23 maxlen: 23
                          109.111.227.0/24 maxlen: 24
                          109.111.240.0/24 maxlen: 24
                          109.111.236.0/22 maxlen: 22
                          109.111.246.0/24 maxlen: 24
                          109.111.243.0/24 maxlen: 24
                          109.111.244.0/24 maxlen: 24
                          109.111.250.0/24 maxlen: 24
                          109.111.252.0/23 maxlen: 23
                          109.111.247.0/24 maxlen: 24
                          109.111.248.0/24 maxlen: 24
                          2a02:b58::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 09:48:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:a1:a1:e0:b2:67:0f:61:47:37:91:cd:14:44:30:da:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Jul 29 12:31:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f1490249f522cc486a94cab5891e2308b17da74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:ce:93:7a:19:06:82:14:96:e9:8d:3f:51:b0:
                    c1:57:80:0b:7a:41:05:8a:2e:b7:a9:ff:28:63:b7:
                    02:1f:1f:fe:bd:46:71:0c:ba:cd:f7:0d:e1:45:4f:
                    f5:2c:07:de:92:ce:4a:be:6c:c4:b8:ac:08:d5:f5:
                    71:31:c3:70:92:91:a9:72:d7:11:ad:6c:19:ad:95:
                    d7:93:4b:50:13:15:04:f2:40:08:04:68:ff:a6:ba:
                    00:55:f6:3b:0c:55:a8:72:11:86:ed:b4:02:86:6e:
                    4d:87:2b:16:05:86:95:ad:96:27:b0:4e:5d:b1:03:
                    89:d3:9c:dc:d5:f9:1c:73:7b:5f:48:87:58:bc:22:
                    af:20:9c:76:ff:d9:ef:fd:cd:63:18:c6:29:da:c4:
                    b0:f1:de:13:01:c7:e0:55:e9:2a:c7:40:4b:6d:93:
                    1e:f9:22:4e:65:f4:c3:74:83:67:48:0f:8c:d5:c7:
                    97:56:22:28:13:a6:87:b6:8e:42:e5:cf:aa:81:d6:
                    d9:c2:14:19:e9:d4:be:92:66:1c:51:2c:f1:1a:45:
                    5a:c5:21:69:9b:7c:d0:68:07:75:63:07:df:7c:c2:
                    b9:98:37:a0:f8:29:d3:da:41:c8:07:b1:ae:fa:25:
                    ab:4f:5e:cd:a4:a5:05:8d:af:f3:4f:59:19:b1:52:
                    a7:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:14:90:24:9F:52:2C:C4:86:A9:4C:AB:58:91:E2:30:8B:17:DA:74
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/HxSQJJ9SLMSGqUyrWJHiMIsX2nQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.172.33.0-5.172.39.255
                  89.23.65.0-89.23.70.255
                  89.23.75.0/24
                  89.23.93.0/24
                  92.42.248.0/21
                  93.93.192.0/21
                  95.140.112.0-95.140.121.255
                  95.140.124.0/22
                  109.111.224.0-109.111.240.255
                  109.111.243.0-109.111.244.255
                  109.111.246.0-109.111.248.255
                  109.111.250.0/24
                  109.111.252.0-109.111.254.255
                  178.254.128.0/19
                  178.254.163.0/24
                  178.254.165.0/24
                  178.254.169.0/24
                  178.254.172.0/24
                  178.254.175.0/24
                  178.254.177.0/24
                  178.254.182.0-178.254.184.255
                  178.254.187.0-178.254.191.255
                  185.157.44.0/24
                  193.104.68.0/24
                  217.169.208.0/20
                IPv6:
                  2a02:b58::/32

    Signature Algorithm: sha256WithRSAEncryption
         10:b6:a8:d7:00:aa:f6:db:d1:ec:2d:dd:ff:98:e8:35:a9:ff:
         0e:58:66:eb:1f:84:6a:c8:29:96:2c:b4:dd:cf:d1:6d:06:0a:
         0b:06:b7:41:a7:4b:85:90:a0:e5:7b:b1:83:27:8e:88:13:8c:
         84:cb:1e:f7:ea:33:94:f5:61:5e:2f:e6:02:aa:1d:ae:8e:54:
         aa:4a:25:02:93:e6:12:7e:f9:09:bb:07:f1:9d:25:f7:be:33:
         17:5c:cc:8f:a9:bd:45:dc:43:61:76:ba:77:5b:9f:e7:64:f1:
         25:94:59:08:69:fb:df:f7:c6:98:1e:8a:df:ff:b3:19:0e:19:
         80:66:88:aa:29:7e:3f:c9:95:99:cf:5b:34:22:6f:a6:4e:6d:
         64:87:2f:ba:e1:ea:ee:af:ff:eb:2f:cf:8b:bd:8b:aa:1d:ba:
         3a:f3:cc:51:4c:57:47:36:8d:8c:07:6b:c1:73:af:16:ed:40:
         de:07:d0:fe:b9:81:fb:3e:6f:35:0f:68:e2:2b:7e:72:b2:a7:
         59:d6:eb:91:4d:30:a1:3a:6f:44:10:38:84:10:99:de:15:06:
         07:65:0a:05:fa:27:a0:e5:fa:92:e5:b4:5d:9a:7e:8e:5c:5b:
         eb:26:ce:76:39:79:ed:59:0b:40:9f:61:d8:9e:dc:0e:67:c0:
         a0:83:42:dc
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAYmhoeCyZw9hRzeRzRREMNqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwNzI5MTIzMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjE0OTAyNDlmNTIyY2M0ODZhOTRjYWI1ODkxZTIzMDhiMTdkYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyc6TehkGghSW6Y0/UbDBV4ALekEF
ii63qf8oY7cCHx/+vUZxDLrN9w3hRU/1LAfeks5KvmzEuKwI1fVxMcNwkpGpctcR
rWwZrZXXk0tQExUE8kAIBGj/proAVfY7DFWochGG7bQChm5NhysWBYaVrZYnsE5d
sQOJ05zc1fkcc3tfSIdYvCKvIJx2/9nv/c1jGMYp2sSw8d4TAcfgVekqx0BLbZMe
+SJOZfTDdINnSA+M1ceXViIoE6aHto5C5c+qgdbZwhQZ6dS+kmYcUSzxGkVaxSFp
m3zQaAd1YwfffMK5mDeg+CnT2kHIB7Gu+iWrT17NpKUFja/zT1kZsVKnFwIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFB8UkCSfUizEhqlMq1iR4jCLF9p0MB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvSHhTUUpKOVNMTVNHcVV5cldKSGlNSXNYMm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCgYIKwYBBQUHAQcBAf8EgfowgfcwgeUEAgABMIHeMAwD
BAAFrCEDBAMFrCAwDAMEAFkXQQMEAFkXRgMEAFkXSwMEAFkXXQMEA1wq+AMEA11d
wDAMAwQEX4xwAwQBX4x4AwQCX4x8MAwDBAVtb+ADBABtb/AwDAMEAG1v8wMEAG1v
9DAMAwQBbW/2AwQAbW/4AwQAbW/6MAwDBAJtb/wDBABtb/4DBAWy/oADBACy/qMD
BACy/qUDBACy/qkDBACy/qwDBACy/q8DBACy/rEwDAMEAbL+tgMEALL+uDAMAwQA
sv67AwQGsv6AAwQAuZ0sAwQAwWhEAwQE2anQMA0EAgACMAcDBQAqAgtYMA0GCSqG
SIb3DQEBCwUAA4IBAQAQtqjXAKr229HsLd3/mOg1qf8OWGbrH4RqyCmWLLTdz9Ft
BgoLBrdBp0uFkKDle7GDJ46IE4yEyx736jOU9WFeL+YCqh2ujlSqSiUCk+YSfvkJ
uwfxnSX3vjMXXMyPqb1F3ENhdrp3W5/nZPEllFkIafvf98aYHorf/7MZDhmAZoiq
KX4/yZWZz1s0Im+mTm1khy+64erur//rL8+LvYuqHbo688xRTFdHNo2MB2vBc68W
7UDeB9D+uYH7Pm81D2jiK35ysqdZ1uuRTTChOm9EEDiEEJneFQYHZQoF+ieg5fqS
5bRdmn6OXFvrJs52OXntWQtAn2HYntwOZ8Cgg0Lc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org