Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/mL_zD-MZ50sckJrs5ir1SUXidrg.roa
File:                     mL_zD-MZ50sckJrs5ir1SUXidrg.roa (raw, json)
Hash identifier:          UmhIficVO2FaI1lmBTSGsw0i3swCaCRX47cpc7svX6c=
Subject key identifier:   98:BF:F3:0F:E3:19:E7:4B:1C:90:9A:EC:E6:2A:F5:49:45:E2:76:B8
Certificate issuer:       /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial:       0188959D450572FE407F8418CDE45530324E
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/mL_zD-MZ50sckJrs5ir1SUXidrg.roa
Signing time:             Wed 07 Jun 2023 11:28:11 +0000
ROA not before:           Wed 07 Jun 2023 11:28:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9125
IP address blocks:        93.93.192.0/21 maxlen: 21
                          92.42.253.0/24 maxlen: 24
                          92.42.252.0/24 maxlen: 24
                          92.42.248.0/22 maxlen: 22
                          92.42.254.0/24 maxlen: 24
                          92.42.255.0/24 maxlen: 24
                          89.23.93.0/24 maxlen: 24
                          89.23.68.0/23 maxlen: 23
                          89.23.70.0/24 maxlen: 24
                          89.23.65.0/24 maxlen: 24
                          89.23.75.0/24 maxlen: 24
                          178.254.133.0/24 maxlen: 24
                          178.254.136.0/22 maxlen: 22
                          178.254.144.0/20 maxlen: 20
                          178.254.145.0/24 maxlen: 24
                          178.254.140.0/22 maxlen: 22
                          178.254.165.0/24 maxlen: 24
                          178.254.163.0/24 maxlen: 24
                          178.254.172.0/24 maxlen: 24
                          178.254.169.0/24 maxlen: 24
                          178.254.175.0/24 maxlen: 24
                          178.254.177.0/24 maxlen: 24
                          178.254.183.0/24 maxlen: 24
                          178.254.182.0/24 maxlen: 24
                          178.254.184.0/21 maxlen: 21
                          178.254.128.0/21 maxlen: 21
                          95.140.112.0/22 maxlen: 22
                          95.140.116.0/22 maxlen: 22
                          95.140.115.0/24 maxlen: 24
                          95.140.120.0/23 maxlen: 23
                          95.140.124.0/22 maxlen: 22
                          95.140.125.0/24 maxlen: 24
                          185.157.44.0/24 maxlen: 24
                          109.111.254.0/24 maxlen: 24
                          217.169.208.0/20 maxlen: 20
                          217.169.208.0/22 maxlen: 22
                          217.169.212.0/22 maxlen: 22
                          217.169.219.0/24 maxlen: 24
                          217.169.216.0/22 maxlen: 22
                          217.169.220.0/22 maxlen: 22
                          5.172.34.0/24 maxlen: 24
                          5.172.33.0/24 maxlen: 24
                          5.172.34.0/23 maxlen: 23
                          5.172.36.0/23 maxlen: 23
                          5.172.36.0/22 maxlen: 22
                          109.111.226.0/24 maxlen: 24
                          109.111.225.0/24 maxlen: 24
                          109.111.224.0/24 maxlen: 24
                          109.111.232.0/22 maxlen: 22
                          109.111.229.0/24 maxlen: 24
                          109.111.228.0/24 maxlen: 24
                          109.111.230.0/23 maxlen: 23
                          109.111.227.0/24 maxlen: 24
                          109.111.240.0/24 maxlen: 24
                          109.111.236.0/22 maxlen: 22
                          109.111.246.0/24 maxlen: 24
                          109.111.243.0/24 maxlen: 24
                          109.111.244.0/24 maxlen: 24
                          109.111.250.0/24 maxlen: 24
                          109.111.252.0/23 maxlen: 23
                          109.111.247.0/24 maxlen: 24
                          109.111.248.0/24 maxlen: 24
                          2a02:b58::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 12 Jun 2023 22:50:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:95:9d:45:05:72:fe:40:7f:84:18:cd:e4:55:30:32:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
        Validity
            Not Before: Jun  7 11:28:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=98bff30fe319e74b1c909aece62af54945e276b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:26:47:7c:78:19:96:cb:85:c1:6f:84:cc:92:
                    fa:0c:4e:46:54:cf:0d:14:df:1e:c3:20:76:79:d5:
                    0d:bb:44:18:be:2f:9a:7a:68:45:18:8a:c2:b5:19:
                    77:e3:0b:cc:0a:a6:82:6d:ce:7b:25:50:9f:c6:f2:
                    25:5e:2b:c6:7d:71:91:53:5e:cd:5e:47:ea:79:9b:
                    d8:26:3b:d2:8c:a8:7d:11:6f:50:0f:15:e8:6f:ad:
                    65:a5:8b:34:02:68:43:90:c9:20:25:10:2b:a4:a4:
                    b2:9a:9d:fb:1a:e3:c4:8c:f5:14:a5:2a:aa:1e:b9:
                    5b:22:00:f5:af:ec:e8:56:1a:35:0c:00:44:5c:76:
                    76:06:06:17:a3:fc:af:fc:08:eb:47:8e:c4:2e:55:
                    36:c4:b7:c2:96:24:72:bd:cf:be:c2:49:bb:76:95:
                    a0:c3:71:d2:14:76:c3:c1:9f:a8:d3:4c:f8:66:d5:
                    99:cb:91:c3:23:f3:39:8b:e5:73:e7:b4:7d:c6:29:
                    0f:6e:a6:7e:35:74:0e:e2:46:d9:6b:a2:fb:7a:33:
                    1a:c8:0e:93:8c:c5:fc:47:05:8b:ca:de:db:8a:9c:
                    55:93:1d:49:b1:98:ac:e3:60:4d:25:c4:a6:94:42:
                    97:6b:b5:37:de:f4:57:52:cc:d2:64:67:44:08:8c:
                    03:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:BF:F3:0F:E3:19:E7:4B:1C:90:9A:EC:E6:2A:F5:49:45:E2:76:B8
            X509v3 Authority Key Identifier:
                keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/mL_zD-MZ50sckJrs5ir1SUXidrg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.172.33.0-5.172.39.255
                  89.23.65.0/24
                  89.23.68.0-89.23.70.255
                  89.23.75.0/24
                  89.23.93.0/24
                  92.42.248.0/21
                  93.93.192.0/21
                  95.140.112.0-95.140.121.255
                  95.140.124.0/22
                  109.111.224.0-109.111.240.255
                  109.111.243.0-109.111.244.255
                  109.111.246.0-109.111.248.255
                  109.111.250.0/24
                  109.111.252.0-109.111.254.255
                  178.254.128.0/19
                  178.254.163.0/24
                  178.254.165.0/24
                  178.254.169.0/24
                  178.254.172.0/24
                  178.254.175.0/24
                  178.254.177.0/24
                  178.254.182.0-178.254.191.255
                  185.157.44.0/24
                  217.169.208.0/20
                IPv6:
                  2a02:b58::/32

    Signature Algorithm: sha256WithRSAEncryption
         21:cb:2c:b1:77:93:f2:9d:e5:de:ab:83:7e:ec:f4:cd:14:09:
         f3:c2:04:42:81:dd:f8:d4:ab:5d:97:2c:56:74:b9:b4:0e:4e:
         f2:30:a9:5a:74:3d:5f:ef:44:2f:6f:8b:cb:e3:7f:0f:c6:f1:
         d5:70:55:17:f0:6e:a0:9f:dc:0f:50:d0:3f:dd:ff:cd:df:05:
         12:ca:e2:06:88:92:28:70:0a:c1:93:0b:fa:94:c4:c0:0a:13:
         40:b4:54:90:05:a1:64:8f:69:12:1c:6d:6e:d2:92:95:07:84:
         2a:2c:4f:01:10:51:16:8a:9d:51:e2:75:c3:d2:19:7c:21:73:
         c7:f3:95:f3:c7:4b:d3:4e:46:57:1e:4f:df:df:00:5b:d1:e4:
         5d:ed:6a:55:7b:49:9e:39:e5:e7:a8:5d:00:3f:d0:5e:17:5c:
         c1:6e:48:17:10:5b:21:c3:0e:b1:af:c4:38:8d:8d:a8:df:4c:
         85:10:5b:ef:a3:ce:3d:0e:b4:36:63:ae:65:12:8c:8b:af:4b:
         d4:18:3c:ef:22:7f:b8:ce:6d:de:ff:4e:71:60:d7:50:58:56:
         01:2e:0f:f0:57:86:9c:b6:e0:fd:d4:8b:09:e1:3f:15:31:22:
         fc:16:eb:1b:6b:cf:38:07:e3:1b:5a:45:8b:fd:f8:65:a8:40:
         b8:bd:a0:74
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAYiVnUUFcv5Af4QYzeRVMDJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwNjA3MTEyODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGJmZjMwZmUzMTllNzRiMWM5MDlhZWNlNjJhZjU0OTQ1ZTI3NmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSZHfHgZlsuFwW+EzJL6DE5GVM8N
FN8ewyB2edUNu0QYvi+aemhFGIrCtRl34wvMCqaCbc57JVCfxvIlXivGfXGRU17N
XkfqeZvYJjvSjKh9EW9QDxXob61lpYs0AmhDkMkgJRArpKSymp37GuPEjPUUpSqq
HrlbIgD1r+zoVho1DABEXHZ2BgYXo/yv/AjrR47ELlU2xLfCliRyvc++wkm7dpWg
w3HSFHbDwZ+o00z4ZtWZy5HDI/M5i+Vz57R9xikPbqZ+NXQO4kbZa6L7ejMayA6T
jMX8RwWLyt7bipxVkx1JsZis42BNJcSmlEKXa7U33vRXUszSZGdECIwDfwIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFJi/8w/jGedLHJCa7OYq9UlF4na4MB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvbUxfekQtTVo1MHNja0pyczVpcjFTVVhpZHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCB1wQCAAEwgdAwDAME
AAWsIQMEAwWsIAMEAFkXQTAMAwQCWRdEAwQAWRdGAwQAWRdLAwQAWRddAwQDXCr4
AwQDXV3AMAwDBARfjHADBAFfjHgDBAJfjHwwDAMEBW1v4AMEAG1v8DAMAwQAbW/z
AwQAbW/0MAwDBAFtb/YDBABtb/gDBABtb/owDAMEAm1v/AMEAG1v/gMEBbL+gAME
ALL+owMEALL+pQMEALL+qQMEALL+rAMEALL+rwMEALL+sTAMAwQBsv62AwQGsv6A
AwQAuZ0sAwQE2anQMA0EAgACMAcDBQAqAgtYMA0GCSqGSIb3DQEBCwUAA4IBAQAh
yyyxd5PyneXeq4N+7PTNFAnzwgRCgd341KtdlyxWdLm0Dk7yMKladD1f70Qvb4vL
438PxvHVcFUX8G6gn9wPUNA/3f/N3wUSyuIGiJIocArBkwv6lMTAChNAtFSQBaFk
j2kSHG1u0pKVB4QqLE8BEFEWip1R4nXD0hl8IXPH85Xzx0vTTkZXHk/f3wBb0eRd
7WpVe0meOeXnqF0AP9BeF1zBbkgXEFshww6xr8Q4jY2o30yFEFvvo849DrQ2Y65l
EoyLr0vUGDzvIn+4zm3e/05xYNdQWFYBLg/wV4actuD91IsJ4T8VMSL8Fusba884
B+MbWkWL/fhlqEC4vaB0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:45 2024 by rpki-client on console-fra.rpki-client.org