Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/46GZ88YNMjwUrXvh5Y-83Z_-qUs.roa
File:                     46GZ88YNMjwUrXvh5Y-83Z_-qUs.roa (raw, json)
Hash identifier:          2aorcIT4Omtm030GmFVw0z/fZAVsk47c8NPlbO22qIk=
Subject key identifier:   E3:A1:99:F3:C6:0D:32:3C:14:AD:7B:E1:E5:8F:BC:DD:9F:FE:A9:4B
Certificate issuer:       /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial:       0192DD468DE6DE388EE42B07497BEEE890E7
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/46GZ88YNMjwUrXvh5Y-83Z_-qUs.roa
Signing time:             Wed 30 Oct 2024 11:54:01 +0000
ROA not before:           Wed 30 Oct 2024 11:54:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49367
IP address blocks:        31.193.188.0/24 maxlen: 24
                          37.156.174.0/24 maxlen: 24
                          45.83.56.0/22 maxlen: 22
                          45.86.144.0/22 maxlen: 22
                          77.81.103.0/24 maxlen: 24
                          85.204.255.0/24 maxlen: 24
                          86.107.110.0/24 maxlen: 24
                          89.34.236.0/23 maxlen: 23
                          89.34.239.0/24 maxlen: 24
                          89.39.254.0/24 maxlen: 24
                          89.40.142.0/23 maxlen: 23
                          89.40.227.0/24 maxlen: 24
                          89.42.134.0/24 maxlen: 24
                          89.43.35.0/24 maxlen: 24
                          89.43.52.0/24 maxlen: 24
                          91.212.52.0/24 maxlen: 24
                          91.229.186.0/24 maxlen: 24
                          93.113.144.0/21 maxlen: 21
                          93.113.144.0/22 maxlen: 22
                          93.113.144.0/24 maxlen: 24
                          93.113.145.0/24 maxlen: 24
                          93.113.146.0/24 maxlen: 24
                          93.113.147.0/24 maxlen: 24
                          93.113.148.0/22 maxlen: 22
                          93.113.148.0/24 maxlen: 24
                          93.113.149.0/24 maxlen: 24
                          93.113.150.0/24 maxlen: 24
                          93.113.151.0/24 maxlen: 24
                          94.176.212.0/24 maxlen: 24
                          94.177.48.0/23 maxlen: 23
                          185.184.240.0/22 maxlen: 22
                          185.184.240.0/24 maxlen: 24
                          185.184.241.0/24 maxlen: 24
                          185.184.242.0/24 maxlen: 24
                          185.184.243.0/24 maxlen: 24
                          188.208.16.0/23 maxlen: 23
                          188.208.16.0/24 maxlen: 24
                          188.208.17.0/24 maxlen: 24
                          188.211.248.0/24 maxlen: 24
                          188.215.6.0/23 maxlen: 23
                          188.215.6.0/24 maxlen: 24
                          188.215.7.0/24 maxlen: 24
                          188.240.228.0/23 maxlen: 23
                          188.240.228.0/24 maxlen: 24
                          188.240.229.0/24 maxlen: 24
                          193.239.140.0/23 maxlen: 23
                          217.198.177.0/24 maxlen: 24
                          2a04:68c0::/32 maxlen: 32
Validation:               Failed, certificate revoked on Tue 12 Nov 2024 14:20:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:dd:46:8d:e6:de:38:8e:e4:2b:07:49:7b:ee:e8:90:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
        Validity
            Not Before: Oct 30 11:54:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e3a199f3c60d323c14ad7be1e58fbcdd9ffea94b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:87:5d:26:07:02:68:2c:62:4c:85:c8:87:3d:
                    3b:c5:5b:87:b1:e0:9d:a2:82:ee:92:4b:17:0b:e8:
                    e0:ac:7d:1f:04:a3:6c:11:e3:18:07:c7:9f:8c:d3:
                    a3:dd:94:43:b6:ba:65:b4:e4:19:86:5e:a0:82:e3:
                    6d:2e:0d:40:3e:3b:d9:ca:4c:3a:52:db:53:c0:7c:
                    cd:76:91:02:3f:69:3a:03:b8:8d:b3:e9:2a:2f:dc:
                    bb:54:b7:af:e9:14:88:9d:7b:fe:ef:00:bf:43:82:
                    90:4b:ab:28:f6:5b:5a:32:72:2a:9a:86:c4:c2:95:
                    e3:c5:df:2f:5c:2c:e2:c3:f7:54:2b:12:f5:8a:f0:
                    60:a7:a4:0f:df:08:2e:80:6a:27:0d:e3:51:f6:21:
                    3e:32:a9:7f:7b:4e:0f:ff:9a:67:5c:08:f1:e2:3c:
                    37:be:6d:b7:0a:ee:9e:f7:24:b3:ee:43:fd:cd:80:
                    26:ef:ad:df:a9:3a:fe:e5:cf:6c:14:aa:85:1f:96:
                    16:37:30:42:c7:02:90:aa:cb:fd:6c:cb:d6:19:9f:
                    43:d6:cc:9a:42:77:84:34:da:90:13:ac:e6:2a:37:
                    9f:1d:97:33:70:27:69:50:ec:0c:e5:16:aa:4b:22:
                    51:30:1c:e1:2b:17:72:1f:ec:78:d5:a5:ea:a5:01:
                    8c:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:A1:99:F3:C6:0D:32:3C:14:AD:7B:E1:E5:8F:BC:DD:9F:FE:A9:4B
            X509v3 Authority Key Identifier:
                keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/46GZ88YNMjwUrXvh5Y-83Z_-qUs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.193.188.0/24
                  37.156.174.0/24
                  45.83.56.0/22
                  45.86.144.0/22
                  77.81.103.0/24
                  85.204.255.0/24
                  86.107.110.0/24
                  89.34.236.0/23
                  89.34.239.0/24
                  89.39.254.0/24
                  89.40.142.0/23
                  89.40.227.0/24
                  89.42.134.0/24
                  89.43.35.0/24
                  89.43.52.0/24
                  91.212.52.0/24
                  91.229.186.0/24
                  93.113.144.0/21
                  94.176.212.0/24
                  94.177.48.0/23
                  185.184.240.0/22
                  188.208.16.0/23
                  188.211.248.0/24
                  188.215.6.0/23
                  188.240.228.0/23
                  193.239.140.0/23
                  217.198.177.0/24
                IPv6:
                  2a04:68c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         b8:04:ba:e0:2f:6a:6a:d5:f1:4c:f4:b2:fe:02:ab:10:bf:01:
         97:4c:28:a3:ba:fd:1b:15:f7:61:52:c3:bc:01:a0:c5:5c:77:
         b0:54:be:81:20:8f:2a:12:cf:b3:bc:86:3a:54:db:9f:ab:34:
         2e:3f:37:b1:f8:92:d1:09:c9:60:b0:b0:0d:9d:9a:24:dc:48:
         d6:6c:f8:2c:76:9e:95:11:44:35:b3:ec:1e:f1:a6:8a:b7:14:
         c5:89:29:a9:1c:f7:79:2b:b7:3f:bc:43:83:6d:f4:c1:0f:73:
         22:95:15:3b:6e:ac:ec:68:28:16:93:16:da:92:a4:c6:48:5a:
         4f:89:5a:d1:67:57:0b:89:1c:c3:48:b2:c7:af:40:ed:3d:df:
         53:5c:81:43:a3:9b:56:37:5d:e4:57:92:8d:a9:b7:34:db:e0:
         e0:50:d7:30:54:32:f6:ee:6a:2d:ac:7d:fb:b1:ce:66:71:48:
         ad:c3:13:8d:ec:14:e4:6a:d0:e3:b3:76:a8:8d:b9:82:ee:8f:
         89:86:89:74:a7:30:8e:dd:2e:b5:3b:d3:d7:c8:23:fc:28:b4:
         d4:a1:b5:ad:c7:79:8f:c2:1c:ba:ef:4e:77:cd:a0:8e:59:28:
         6c:e2:d0:f8:12:4d:6f:7a:1c:c0:7c:a7:ee:f0:e3:2d:a0:66:
         73:4d:eb:5a
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZLdRo3m3jiO5CsHSXvu6JDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjQxMDMwMTE1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2ExOTlmM2M2MGQzMjNjMTRhZDdiZTFlNThmYmNkZDlmZmVhOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIddJgcCaCxiTIXIhz07xVuHseCd
ooLukksXC+jgrH0fBKNsEeMYB8efjNOj3ZRDtrpltOQZhl6gguNtLg1APjvZykw6
UttTwHzNdpECP2k6A7iNs+kqL9y7VLev6RSInXv+7wC/Q4KQS6so9ltaMnIqmobE
wpXjxd8vXCziw/dUKxL1ivBgp6QP3wgugGonDeNR9iE+Mql/e04P/5pnXAjx4jw3
vm23Cu6e9ySz7kP9zYAm763fqTr+5c9sFKqFH5YWNzBCxwKQqsv9bMvWGZ9D1sya
QneENNqQE6zmKjefHZczcCdpUOwM5RaqSyJRMBzhKxdyH+x41aXqpQGM3wIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFOOhmfPGDTI8FK174eWPvN2f/qlLMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvNDZHWjg4WU5NandVclh2aDVZLTgzWl8tcVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAAf
wbwDBAAlnK4DBAItUzgDBAItVpADBABNUWcDBABVzP8DBABWa24DBAFZIuwDBABZ
Iu8DBABZJ/4DBAFZKI4DBABZKOMDBABZKoYDBABZKyMDBABZKzQDBABb1DQDBABb
5boDBANdcZADBABesNQDBAFesTADBAK5uPADBAG80BADBAC80/gDBAG81wYDBAG8
8OQDBAHB74wDBADZxrEwDQQCAAIwBwMFACoEaMAwDQYJKoZIhvcNAQELBQADggEB
ALgEuuAvamrV8Uz0sv4CqxC/AZdMKKO6/RsV92FSw7wBoMVcd7BUvoEgjyoSz7O8
hjpU25+rNC4/N7H4ktEJyWCwsA2dmiTcSNZs+Cx2npURRDWz7B7xpoq3FMWJKakc
93krtz+8Q4Nt9MEPcyKVFTturOxoKBaTFtqSpMZIWk+JWtFnVwuJHMNIssevQO09
31NcgUOjm1Y3XeRXko2ptzTb4OBQ1zBUMvbuai2sffuxzmZxSK3DE43sFORq0OOz
dqiNuYLuj4mGiXSnMI7dLrU709fII/wotNShta3HeY/CHLrvTnfNoI5ZKGzi0PgS
TW96HMB8p+7w4y2gZnNN61o=
-----END CERTIFICATE-----
Generated at Tue Jun 10 03:22:06 2025 by rpki-client