Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/AXWHMuo0Lj5s2y7qMyXcA0eYUsA.roa
File:                     AXWHMuo0Lj5s2y7qMyXcA0eYUsA.roa (raw, json)
Hash identifier:          avXPsl7xYmI07ZxJewJ0nbX+SqaZCDBqkNjyM0OXfFo=
Subject key identifier:   01:75:87:32:EA:34:2E:3E:6C:DB:2E:EA:33:25:DC:03:47:98:52:C0
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018E762D9F72BB78DFC5CE27D7DA395FB529
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/AXWHMuo0Lj5s2y7qMyXcA0eYUsA.roa
Signing time:             Mon 25 Mar 2024 15:14:45 +0000
ROA not before:           Mon 25 Mar 2024 15:14:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3257
IP address blocks:        5.180.4.0/22 maxlen: 22
                          45.15.244.0/22 maxlen: 22
                          45.67.117.0/24 maxlen: 24
                          45.151.196.0/22 maxlen: 22
                          85.159.117.0/24 maxlen: 24
                          89.39.242.0/24 maxlen: 24
                          89.40.161.0/24 maxlen: 24
                          91.242.70.0/24 maxlen: 24
                          91.242.72.0/23 maxlen: 24
                          91.242.74.0/23 maxlen: 24
                          91.242.75.0/24 maxlen: 24
                          91.242.94.0/24 maxlen: 24
                          91.242.95.0/24 maxlen: 24
                          91.242.103.0/24 maxlen: 24
                          91.242.105.0/24 maxlen: 24
                          91.242.123.0/24 maxlen: 24
                          91.242.124.0/24 maxlen: 24
                          91.242.125.0/24 maxlen: 24
                          91.242.126.0/24 maxlen: 24
                          91.242.127.0/24 maxlen: 24
                          94.231.198.0/24 maxlen: 24
                          185.40.105.0/24 maxlen: 24
                          194.50.200.0/23 maxlen: 24
                          194.50.206.0/23 maxlen: 24
                          195.138.103.0/24 maxlen: 24
                          195.138.104.0/24 maxlen: 24
                          195.138.105.0/24 maxlen: 24
                          195.138.106.0/24 maxlen: 24
                          195.138.107.0/24 maxlen: 24
                          195.138.108.0/24 maxlen: 24
                          195.138.111.0/24 maxlen: 24
                          195.138.112.0/24 maxlen: 24
                          195.138.114.0/24 maxlen: 24
                          195.138.116.0/24 maxlen: 24
                          195.138.118.0/24 maxlen: 24
                          195.138.120.0/24 maxlen: 24
                          195.138.122.0/23 maxlen: 23
                          195.138.124.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 26 Mar 2024 20:08:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:76:2d:9f:72:bb:78:df:c5:ce:27:d7:da:39:5f:b5:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Mar 25 15:14:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=01758732ea342e3e6cdb2eea3325dc03479852c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:c9:2b:7f:d9:20:63:39:06:c0:32:16:46:a9:
                    4c:a1:99:d1:20:3d:bb:d7:7d:2e:9f:b2:e7:52:14:
                    a5:83:47:51:78:a6:2f:37:bf:c5:ac:17:20:4d:bd:
                    78:3c:2b:5e:fd:eb:ae:a6:fe:26:24:86:48:78:cd:
                    b1:28:28:2f:a6:00:f1:9f:69:6c:fc:43:c6:da:54:
                    e6:c1:9b:b5:85:07:fe:6e:86:69:e8:f9:84:84:b5:
                    b2:f1:7b:6f:66:b8:aa:48:98:7f:59:79:62:7b:03:
                    1a:d5:41:55:e2:40:9f:91:34:05:47:82:e6:8d:26:
                    66:86:80:45:17:e2:76:e3:9f:9f:39:49:83:a4:05:
                    c9:50:c1:cd:9b:62:25:85:f2:3c:f8:46:2e:d7:81:
                    dc:ae:a6:44:bb:e5:67:30:51:fc:61:e0:88:aa:07:
                    53:0c:f4:d0:0d:59:ff:00:00:95:fa:27:d2:7a:fd:
                    0f:11:42:39:ea:5a:16:d1:42:01:43:29:8a:c5:19:
                    36:57:a1:59:30:74:b2:e8:10:84:15:58:70:17:ee:
                    a4:7c:25:0d:2a:d6:8f:d5:e7:c5:f0:56:70:97:de:
                    79:31:10:a7:79:74:d2:93:19:4d:5c:63:ea:d6:71:
                    af:ff:4a:35:c5:0d:cb:f4:53:c0:b4:f3:54:95:4b:
                    85:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:75:87:32:EA:34:2E:3E:6C:DB:2E:EA:33:25:DC:03:47:98:52:C0
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/AXWHMuo0Lj5s2y7qMyXcA0eYUsA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.4.0/22
                  45.15.244.0/22
                  45.67.117.0/24
                  45.151.196.0/22
                  85.159.117.0/24
                  89.39.242.0/24
                  89.40.161.0/24
                  91.242.70.0/24
                  91.242.72.0/22
                  91.242.94.0/23
                  91.242.103.0/24
                  91.242.105.0/24
                  91.242.123.0-91.242.127.255
                  94.231.198.0/24
                  185.40.105.0/24
                  194.50.200.0/23
                  194.50.206.0/23
                  195.138.103.0-195.138.108.255
                  195.138.111.0-195.138.112.255
                  195.138.114.0/24
                  195.138.116.0/24
                  195.138.118.0/24
                  195.138.120.0/24
                  195.138.122.0-195.138.127.255

    Signature Algorithm: sha256WithRSAEncryption
         20:bf:60:04:1a:ef:80:72:1e:fd:1a:34:bd:e9:17:01:be:6f:
         6d:e6:52:76:2d:ea:c8:1f:79:5c:83:3c:58:f8:0e:bb:ab:a5:
         28:ca:ba:b5:44:62:3a:ec:95:74:9d:f2:e0:68:a4:0d:33:de:
         13:7c:37:7e:cd:7e:08:9e:98:db:5f:30:49:d3:80:a2:71:87:
         5e:03:d0:33:69:58:c4:24:26:a7:c3:f5:50:d0:79:86:7d:dd:
         6e:4c:fc:c9:41:f6:79:d7:f1:53:ec:4c:b6:1d:97:35:1e:ec:
         16:18:cd:7c:ae:b7:e1:3d:91:bc:e3:8d:8f:92:e7:3b:06:0e:
         ea:76:2a:83:5f:fd:d6:86:f4:b4:7c:68:10:58:87:78:6d:7e:
         4d:13:c5:67:a5:5e:e2:96:8e:30:a7:07:2e:db:a6:ca:3c:80:
         89:e7:13:2d:75:e3:81:54:09:60:fa:48:e4:61:45:87:4f:51:
         7e:a1:55:c5:84:67:f4:e7:db:24:42:cf:48:43:72:9e:a9:51:
         d0:c7:44:0a:14:f4:84:08:b2:a9:30:c3:f9:39:3d:45:12:c9:
         86:26:96:36:df:34:4b:0d:b3:c0:a2:6a:59:d8:2c:f8:88:fe:
         f6:a5:3c:2b:0d:d2:0b:a5:80:55:3f:4d:10:0c:99:24:ac:c1:
         7c:cd:bb:18
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAY52LZ9yu3jfxc4n19o5X7UpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMzI1MTUxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTc1ODczMmVhMzQyZTNlNmNkYjJlZWEzMzI1ZGMwMzQ3OTg1MmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlskrf9kgYzkGwDIWRqlMoZnRID27
130un7LnUhSlg0dReKYvN7/FrBcgTb14PCte/euupv4mJIZIeM2xKCgvpgDxn2ls
/EPG2lTmwZu1hQf+boZp6PmEhLWy8XtvZriqSJh/WXliewMa1UFV4kCfkTQFR4Lm
jSZmhoBFF+J245+fOUmDpAXJUMHNm2IlhfI8+EYu14HcrqZEu+VnMFH8YeCIqgdT
DPTQDVn/AACV+ifSev0PEUI56loW0UIBQymKxRk2V6FZMHSy6BCEFVhwF+6kfCUN
KtaP1efF8FZwl955MRCneXTSkxlNXGPq1nGv/0o1xQ3L9FPAtPNUlUuFhQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFAF1hzLqNC4+bNsu6jMl3ANHmFLAMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvQVhXSE11bzBMajVzMnk3cU15WGNBMGVZVXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAIF
tAQDBAItD/QDBAAtQ3UDBAItl8QDBABVn3UDBABZJ/IDBABZKKEDBABb8kYDBAJb
8kgDBAFb8l4DBABb8mcDBABb8mkwDAMEAFvyewMEB1vyAAMEAF7nxgMEALkoaQME
AcIyyAMEAcIyzjAMAwQAw4pnAwQAw4psMAwDBADDim8DBADDinADBADDinIDBADD
inQDBADDinYDBADDingwDAMEAcOKegMEB8OKADANBgkqhkiG9w0BAQsFAAOCAQEA
IL9gBBrvgHIe/Ro0vekXAb5vbeZSdi3qyB95XIM8WPgOu6ulKMq6tURiOuyVdJ3y
4GikDTPeE3w3fs1+CJ6Y218wSdOAonGHXgPQM2lYxCQmp8P1UNB5hn3dbkz8yUH2
edfxU+xMth2XNR7sFhjNfK634T2RvOONj5LnOwYO6nYqg1/91ob0tHxoEFiHeG1+
TRPFZ6Ve4paOMKcHLtumyjyAiecTLXXjgVQJYPpI5GFFh09RfqFVxYRn9OfbJELP
SENynqlR0MdEChT0hAiyqTDD+Tk9RRLJhiaWNt80Sw2zwKJqWdgs+Ij+9qU8Kw3S
C6WAVT9NEAyZJKzBfM27GA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org