Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/i-rD88aOrwZClqKIPo3qmbjpUQ4.roa
File:                     i-rD88aOrwZClqKIPo3qmbjpUQ4.roa (raw, json)
Hash identifier:          Y34oYtTUDYIl+/EhbLoLYdF3OdJoNFGlD1eF3oeNykA=
Subject key identifier:   8B:EA:C3:F3:C6:8E:AF:06:42:96:A2:88:3E:8D:EA:99:B8:E9:51:0E
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       018A4670AEFC51381D1DFD13AEC8B4F2CD35
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/i-rD88aOrwZClqKIPo3qmbjpUQ4.roa
Signing time:             Wed 30 Aug 2023 12:35:04 +0000
ROA not before:           Wed 30 Aug 2023 12:35:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9125
IP address blocks:        93.93.192.0/21 maxlen: 21
                          92.42.253.0/24 maxlen: 24
                          92.42.252.0/24 maxlen: 24
                          92.42.248.0/22 maxlen: 22
                          92.42.254.0/24 maxlen: 24
                          92.42.255.0/24 maxlen: 24
                          89.23.93.0/24 maxlen: 24
                          193.104.68.0/24 maxlen: 24
                          89.23.68.0/23 maxlen: 23
                          89.23.70.0/24 maxlen: 24
                          89.23.66.0/23 maxlen: 23
                          89.23.65.0/24 maxlen: 24
                          89.23.75.0/24 maxlen: 24
                          89.23.90.0/24 maxlen: 24
                          178.254.133.0/24 maxlen: 24
                          178.254.136.0/22 maxlen: 22
                          178.254.144.0/20 maxlen: 20
                          178.254.145.0/24 maxlen: 24
                          178.254.140.0/22 maxlen: 22
                          178.254.165.0/24 maxlen: 24
                          178.254.163.0/24 maxlen: 24
                          178.254.172.0/24 maxlen: 24
                          178.254.169.0/24 maxlen: 24
                          178.254.175.0/24 maxlen: 24
                          178.254.177.0/24 maxlen: 24
                          178.254.183.0/24 maxlen: 24
                          178.254.182.0/24 maxlen: 24
                          178.254.184.0/24 maxlen: 24
                          178.254.128.0/21 maxlen: 21
                          95.140.112.0/22 maxlen: 22
                          95.140.116.0/22 maxlen: 22
                          95.140.115.0/24 maxlen: 24
                          95.140.120.0/23 maxlen: 23
                          95.140.124.0/22 maxlen: 22
                          95.140.125.0/24 maxlen: 24
                          178.254.188.0/22 maxlen: 24
                          178.254.187.0/24 maxlen: 24
                          185.157.44.0/24 maxlen: 24
                          109.111.254.0/24 maxlen: 24
                          217.169.208.0/22 maxlen: 22
                          217.169.208.0/20 maxlen: 20
                          217.169.212.0/22 maxlen: 22
                          217.169.219.0/24 maxlen: 24
                          217.169.216.0/22 maxlen: 22
                          217.169.220.0/22 maxlen: 22
                          5.172.34.0/24 maxlen: 24
                          5.172.33.0/24 maxlen: 24
                          5.172.34.0/23 maxlen: 23
                          5.172.36.0/23 maxlen: 23
                          5.172.36.0/22 maxlen: 22
                          109.111.226.0/24 maxlen: 24
                          109.111.225.0/24 maxlen: 24
                          109.111.224.0/24 maxlen: 24
                          109.111.232.0/22 maxlen: 22
                          109.111.229.0/24 maxlen: 24
                          109.111.228.0/24 maxlen: 24
                          109.111.230.0/23 maxlen: 23
                          109.111.227.0/24 maxlen: 24
                          109.111.240.0/24 maxlen: 24
                          109.111.236.0/22 maxlen: 22
                          109.111.246.0/24 maxlen: 24
                          109.111.243.0/24 maxlen: 24
                          109.111.245.0/24 maxlen: 24
                          109.111.244.0/24 maxlen: 24
                          109.111.250.0/24 maxlen: 24
                          109.111.252.0/23 maxlen: 23
                          109.111.247.0/24 maxlen: 24
                          109.111.248.0/24 maxlen: 24
                          2a02:b58::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 01 Nov 2023 12:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:46:70:ae:fc:51:38:1d:1d:fd:13:ae:c8:b4:f2:cd:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Aug 30 12:35:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8beac3f3c68eaf064296a2883e8dea99b8e9510e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4f:8d:3e:da:3d:a9:de:38:10:8e:87:87:bd:
                    5b:fb:20:26:99:ba:29:16:99:99:29:73:da:b5:25:
                    b8:cf:2e:39:b6:aa:60:ab:99:af:55:59:44:75:18:
                    80:96:a5:7d:5f:51:4e:5e:e8:87:3d:00:82:36:6c:
                    a1:48:43:16:0c:e4:ff:86:61:a8:42:de:c7:51:4d:
                    85:8c:e1:e1:c0:23:e5:62:42:55:44:26:81:98:bd:
                    9e:ec:21:ec:9c:5e:ee:da:bf:fd:54:f9:47:c0:c7:
                    29:c0:d9:27:3a:2c:ec:c3:be:28:71:f9:7d:77:ee:
                    55:01:58:67:08:8b:14:6e:cf:92:6c:63:85:f6:6e:
                    f5:e8:66:ef:0c:0f:e0:dd:94:60:7b:f5:27:e8:fb:
                    23:07:84:f8:f4:e8:e2:e4:95:d6:97:d3:77:c0:af:
                    07:7e:8f:60:22:71:0f:d9:26:c2:b3:46:7a:07:29:
                    5e:de:70:b7:c9:20:b1:fe:ef:39:d2:b5:82:90:5b:
                    c6:25:1e:f4:72:6c:84:9d:1a:23:eb:c6:1f:8a:d0:
                    5a:8d:36:17:31:17:02:90:04:76:97:f9:5b:d6:dc:
                    62:6c:61:d1:d3:f5:2a:52:e0:16:8b:85:28:5a:79:
                    07:b4:d9:45:ff:fc:83:dd:70:22:9f:05:95:97:5b:
                    83:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:EA:C3:F3:C6:8E:AF:06:42:96:A2:88:3E:8D:EA:99:B8:E9:51:0E
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/i-rD88aOrwZClqKIPo3qmbjpUQ4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.172.33.0-5.172.39.255
                  89.23.65.0-89.23.70.255
                  89.23.75.0/24
                  89.23.90.0/24
                  89.23.93.0/24
                  92.42.248.0/21
                  93.93.192.0/21
                  95.140.112.0-95.140.121.255
                  95.140.124.0/22
                  109.111.224.0-109.111.240.255
                  109.111.243.0-109.111.248.255
                  109.111.250.0/24
                  109.111.252.0-109.111.254.255
                  178.254.128.0/19
                  178.254.163.0/24
                  178.254.165.0/24
                  178.254.169.0/24
                  178.254.172.0/24
                  178.254.175.0/24
                  178.254.177.0/24
                  178.254.182.0-178.254.184.255
                  178.254.187.0-178.254.191.255
                  185.157.44.0/24
                  193.104.68.0/24
                  217.169.208.0/20
                IPv6:
                  2a02:b58::/32

    Signature Algorithm: sha256WithRSAEncryption
         78:0c:cc:d1:60:2c:c4:97:de:dd:92:83:51:25:39:96:45:4d:
         3b:a6:03:34:ba:1c:3c:31:78:99:30:7a:2c:ed:24:d4:fa:1b:
         6c:a2:44:20:05:ab:97:d6:92:be:5a:a7:5c:5d:4a:56:4a:69:
         15:e7:0c:9e:3c:61:5f:5d:35:6d:92:32:6c:e7:01:5f:f1:ee:
         9e:25:84:80:76:1d:33:c3:9d:f8:0a:87:b2:bc:47:30:55:1c:
         d4:e8:1c:dd:ed:26:85:ec:7a:0a:7d:26:c9:10:8a:d8:94:ca:
         2e:69:e8:c9:bd:ff:d2:a7:ac:73:79:59:e4:ee:0c:6f:e2:18:
         84:f4:8a:27:7a:9e:32:1b:2a:51:e5:19:c8:b4:27:45:d2:a7:
         87:51:36:8f:4c:26:f4:f7:f0:1c:c8:4b:2e:39:9c:5d:18:0d:
         45:cb:f2:46:54:95:60:e1:d0:1e:4a:7a:8e:9d:2f:53:19:14:
         27:84:31:8d:ce:90:6c:7a:e1:0c:1d:a8:7f:87:50:05:c9:06:
         8c:26:5f:42:d5:4a:5a:ce:0c:89:1a:08:22:4e:a5:3f:e5:63:
         e5:72:0b:76:a1:4a:ea:04:67:7c:a8:4f:56:c2:62:4e:00:a7:
         0e:e3:e3:09:33:82:59:bd:ea:d0:a4:83:79:5e:ec:03:b6:fb:
         44:06:37:30
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAYpGcK78UTgdHf0Trsi08s01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwODMwMTIzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmVhYzNmM2M2OGVhZjA2NDI5NmEyODgzZThkZWE5OWI4ZTk1MTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0+NPto9qd44EI6Hh71b+yAmmbop
FpmZKXPatSW4zy45tqpgq5mvVVlEdRiAlqV9X1FOXuiHPQCCNmyhSEMWDOT/hmGo
Qt7HUU2FjOHhwCPlYkJVRCaBmL2e7CHsnF7u2r/9VPlHwMcpwNknOizsw74ocfl9
d+5VAVhnCIsUbs+SbGOF9m716GbvDA/g3ZRge/Un6PsjB4T49Oji5JXWl9N3wK8H
fo9gInEP2SbCs0Z6Byle3nC3ySCx/u850rWCkFvGJR70cmyEnRoj68YfitBajTYX
MRcCkAR2l/lb1txibGHR0/UqUuAWi4UoWnkHtNlF//yD3XAinwWVl1uDpwIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFIvqw/PGjq8GQpaiiD6N6pm46VEOMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvaS1yRDg4YU9yd1pDbHFLSVBvM3FtYmpwVVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgd0EAgABMIHWMAwD
BAAFrCEDBAMFrCAwDAMEAFkXQQMEAFkXRgMEAFkXSwMEAFkXWgMEAFkXXQMEA1wq
+AMEA11dwDAMAwQEX4xwAwQBX4x4AwQCX4x8MAwDBAVtb+ADBABtb/AwDAMEAG1v
8wMEAG1v+AMEAG1v+jAMAwQCbW/8AwQAbW/+AwQFsv6AAwQAsv6jAwQAsv6lAwQA
sv6pAwQAsv6sAwQAsv6vAwQAsv6xMAwDBAGy/rYDBACy/rgwDAMEALL+uwMEBrL+
gAMEALmdLAMEAMFoRAMEBNmp0DANBAIAAjAHAwUAKgILWDANBgkqhkiG9w0BAQsF
AAOCAQEAeAzM0WAsxJfe3ZKDUSU5lkVNO6YDNLocPDF4mTB6LO0k1PobbKJEIAWr
l9aSvlqnXF1KVkppFecMnjxhX101bZIybOcBX/HuniWEgHYdM8Od+AqHsrxHMFUc
1Ogc3e0mhex6Cn0myRCK2JTKLmnoyb3/0qesc3lZ5O4Mb+IYhPSKJ3qeMhsqUeUZ
yLQnRdKnh1E2j0wm9PfwHMhLLjmcXRgNRcvyRlSVYOHQHkp6jp0vUxkUJ4Qxjc6Q
bHrhDB2of4dQBckGjCZfQtVKWs4MiRoIIk6lP+Vj5XILdqFK6gRnfKhPVsJiTgCn
DuPjCTOCWb3q0KSDeV7sA7b7RAY3MA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:41 2024 by rpki-client on console-ams.rpki-client.org