Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6Cp8yCvhdHBj9oreyf9-JjowQRQ.roa
File:                     6Cp8yCvhdHBj9oreyf9-JjowQRQ.roa (raw, json)
Hash identifier:          k5a8wTj+rZRo9J1hjVnEkd+7AGIx1Y+uSCTDgt80Ckc=
Subject key identifier:   E8:2A:7C:C8:2B:E1:74:70:63:F6:8A:DE:C9:FF:7E:26:3A:30:41:14
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018DDC040923D6722CA3929FAF9D84B0D17E
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6Cp8yCvhdHBj9oreyf9-JjowQRQ.roa
Signing time:             Sat 24 Feb 2024 16:47:48 +0000
ROA not before:           Sat 24 Feb 2024 16:47:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3257
IP address blocks:        45.67.117.0/24 maxlen: 24
                          85.159.117.0/24 maxlen: 24
                          89.39.242.0/24 maxlen: 24
                          89.40.161.0/24 maxlen: 24
                          91.242.70.0/24 maxlen: 24
                          91.242.72.0/23 maxlen: 24
                          91.242.74.0/23 maxlen: 24
                          91.242.75.0/24 maxlen: 24
                          91.242.103.0/24 maxlen: 24
                          91.242.105.0/24 maxlen: 24
                          94.231.198.0/24 maxlen: 24
                          185.40.105.0/24 maxlen: 24
                          194.50.200.0/23 maxlen: 24
                          194.50.206.0/23 maxlen: 24
                          195.138.103.0/24 maxlen: 24
                          195.138.104.0/24 maxlen: 24
                          195.138.105.0/24 maxlen: 24
                          195.138.106.0/24 maxlen: 24
                          195.138.107.0/24 maxlen: 24
                          195.138.108.0/24 maxlen: 24
                          195.138.111.0/24 maxlen: 24
                          195.138.114.0/24 maxlen: 24
                          195.138.116.0/24 maxlen: 24
                          195.138.118.0/24 maxlen: 24
                          195.138.120.0/24 maxlen: 24
                          195.138.122.0/23 maxlen: 23
                          195.138.124.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 26 Feb 2024 20:38:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:dc:04:09:23:d6:72:2c:a3:92:9f:af:9d:84:b0:d1:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Feb 24 16:47:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e82a7cc82be1747063f68adec9ff7e263a304114
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:70:96:f6:14:01:cd:a9:c7:06:91:4f:53:c3:
                    6a:c2:cd:68:b3:d8:a3:a5:56:03:79:08:fb:02:c0:
                    f0:b5:4c:e0:11:9c:5d:a9:f5:aa:0f:0e:94:7e:ae:
                    45:e9:50:4f:bb:3d:11:16:a3:83:26:24:69:ff:38:
                    ec:44:8e:ac:40:3d:ab:4f:f9:5b:90:b4:aa:70:15:
                    47:11:ba:41:e5:e2:2d:50:55:2b:04:cd:57:e8:95:
                    b6:6b:c3:09:d6:48:c2:32:f8:8b:80:86:2d:60:ee:
                    8c:14:05:f5:31:c5:6c:17:30:88:f9:03:72:8d:a8:
                    d5:00:28:47:d9:32:9e:9d:a0:5a:e2:68:89:dc:eb:
                    38:13:c6:08:b6:85:82:2d:7b:74:80:44:58:ea:f7:
                    fd:72:31:b3:0a:b6:06:0d:4c:e5:e2:c5:bc:7e:f3:
                    12:7c:93:93:f5:c7:90:ec:96:2b:26:8d:ee:f9:7e:
                    9b:d7:2c:af:55:07:8d:95:1d:09:1a:22:bb:17:02:
                    a5:ac:a0:74:15:20:cd:66:d7:1e:09:ee:ca:b2:6e:
                    22:64:cd:7c:53:de:a3:08:e7:a0:ab:5b:39:76:c4:
                    45:04:44:af:14:0b:a2:6a:79:c8:d5:c6:6a:7e:8a:
                    35:e9:d8:e0:90:0e:c7:14:2c:47:8d:30:b1:6b:0d:
                    45:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:2A:7C:C8:2B:E1:74:70:63:F6:8A:DE:C9:FF:7E:26:3A:30:41:14
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6Cp8yCvhdHBj9oreyf9-JjowQRQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.117.0/24
                  85.159.117.0/24
                  89.39.242.0/24
                  89.40.161.0/24
                  91.242.70.0/24
                  91.242.72.0/22
                  91.242.103.0/24
                  91.242.105.0/24
                  94.231.198.0/24
                  185.40.105.0/24
                  194.50.200.0/23
                  194.50.206.0/23
                  195.138.103.0-195.138.108.255
                  195.138.111.0/24
                  195.138.114.0/24
                  195.138.116.0/24
                  195.138.118.0/24
                  195.138.120.0/24
                  195.138.122.0-195.138.127.255

    Signature Algorithm: sha256WithRSAEncryption
         3f:14:d9:a7:a8:1d:3e:16:bf:40:7d:25:7f:c4:47:eb:ed:bb:
         71:bd:a2:0c:ca:8c:d8:96:3c:b4:d5:6d:ec:03:db:58:4f:c7:
         29:ba:52:07:0e:a2:05:6a:14:66:74:d5:a8:eb:98:06:8d:4d:
         28:aa:59:a4:3d:e1:51:a4:3b:93:4c:d1:6b:af:cc:2f:9f:d3:
         25:80:12:57:e5:7c:d4:04:08:51:b6:08:c9:66:a3:63:b7:0c:
         7b:9b:a9:33:2c:16:cb:1f:07:2f:20:e9:1c:9b:cd:ad:1b:8b:
         2d:a0:86:c5:c4:8b:e3:85:a6:e6:8a:e9:b1:7d:af:14:1b:68:
         3c:d4:cf:04:ee:88:89:42:ff:cf:26:c6:cf:61:27:2f:f3:fc:
         94:ee:64:66:b3:e7:2b:72:78:a1:1c:fc:65:1b:24:67:b6:a2:
         4a:49:a9:c3:3b:0d:4c:95:5b:2e:40:b8:ef:d1:d4:d5:34:ee:
         2b:cb:88:6c:17:4f:24:f2:8c:6d:99:c7:33:ba:9b:c8:a7:0c:
         8b:c4:e4:6f:de:31:11:7f:97:d9:2c:3f:b8:7f:b7:1c:dd:5c:
         c8:32:27:4b:fa:2a:37:16:78:7a:70:dc:e6:a3:3e:c8:ac:72:
         8c:df:b7:88:30:64:a9:c0:6f:4e:48:ba:e1:23:66:cb:93:10:
         e7:6e:c1:30
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAY3cBAkj1nIso5Kfr52EsNF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMjI0MTY0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODJhN2NjODJiZTE3NDcwNjNmNjhhZGVjOWZmN2UyNjNhMzA0MTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXCW9hQBzanHBpFPU8Nqws1os9ij
pVYDeQj7AsDwtUzgEZxdqfWqDw6Ufq5F6VBPuz0RFqODJiRp/zjsRI6sQD2rT/lb
kLSqcBVHEbpB5eItUFUrBM1X6JW2a8MJ1kjCMviLgIYtYO6MFAX1McVsFzCI+QNy
jajVAChH2TKenaBa4miJ3Os4E8YItoWCLXt0gERY6vf9cjGzCrYGDUzl4sW8fvMS
fJOT9ceQ7JYrJo3u+X6b1yyvVQeNlR0JGiK7FwKlrKB0FSDNZtceCe7Ksm4iZM18
U96jCOegq1s5dsRFBESvFAuiannI1cZqfoo16djgkA7HFCxHjTCxaw1FVwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFOgqfMgr4XRwY/aK3sn/fiY6MEEUMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNkNwOHlDdmhkSEJqOW9yZXlmOS1Kam93UVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAAt
Q3UDBABVn3UDBABZJ/IDBABZKKEDBABb8kYDBAJb8kgDBABb8mcDBABb8mkDBABe
58YDBAC5KGkDBAHCMsgDBAHCMs4wDAMEAMOKZwMEAMOKbAMEAMOKbwMEAMOKcgME
AMOKdAMEAMOKdgMEAMOKeDAMAwQBw4p6AwQHw4oAMA0GCSqGSIb3DQEBCwUAA4IB
AQA/FNmnqB0+Fr9AfSV/xEfr7btxvaIMyozYljy01W3sA9tYT8cpulIHDqIFahRm
dNWo65gGjU0oqlmkPeFRpDuTTNFrr8wvn9MlgBJX5XzUBAhRtgjJZqNjtwx7m6kz
LBbLHwcvIOkcm82tG4stoIbFxIvjhabmiumxfa8UG2g81M8E7oiJQv/PJsbPYScv
8/yU7mRms+crcnihHPxlGyRntqJKSanDOw1MlVsuQLjv0dTVNO4ry4hsF08k8oxt
mcczupvIpwyLxORv3jERf5fZLD+4f7cc3VzIMidL+io3Fnh6cNzmoz7IrHKM37eI
MGSpwG9OSLrhI2bLkxDnbsEw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org