Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ddk7eUbaH1ngJLZEFu6Ac4uzt6I.roa
File:                     ddk7eUbaH1ngJLZEFu6Ac4uzt6I.roa (raw, json)
Hash identifier:          stcRm17M2HlcYqrB1lHqs8xlFiMgPI79X/2Z/2o78g8=
Subject key identifier:   75:D9:3B:79:46:DA:1F:59:E0:24:B6:44:16:EE:80:73:8B:B3:B7:A2
Certificate issuer:       /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial:       018C3F596F60819895E7D7D7D2710FF14C9D
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ddk7eUbaH1ngJLZEFu6Ac4uzt6I.roa
Signing time:             Wed 06 Dec 2023 13:37:54 +0000
ROA not before:           Wed 06 Dec 2023 13:37:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212477
IP address blocks:        45.90.116.0/22 maxlen: 24
                          94.154.115.0/24 maxlen: 24
                          193.221.208.0/24 maxlen: 24
                          37.77.151.0/24 maxlen: 24
                          178.212.79.0/24 maxlen: 24
                          146.19.119.0/24 maxlen: 24
                          62.3.53.0/24 maxlen: 24
                          89.248.65.0/24 maxlen: 24
                          77.87.126.0/24 maxlen: 24
                          45.90.12.0/22 maxlen: 24
                          185.138.165.0/24 maxlen: 24
                          146.19.231.0/24 maxlen: 24
                          185.149.150.0/24 maxlen: 24
                          109.205.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:3f:59:6f:60:81:98:95:e7:d7:d7:d2:71:0f:f1:4c:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
        Validity
            Not Before: Dec  6 13:37:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=75d93b7946da1f59e024b64416ee80738bb3b7a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:6c:c1:a6:a9:86:4c:97:23:fe:ac:c9:fe:15:
                    45:ed:5f:9a:32:5d:fc:e5:6b:8e:e3:4b:f3:8f:4a:
                    51:05:5b:6f:72:ba:39:c5:4d:b2:61:f1:21:56:82:
                    2c:01:ef:3e:1d:e3:c4:bc:4f:39:0d:d0:48:0f:4b:
                    f4:81:94:af:46:0b:a3:62:9a:54:33:70:5d:61:5e:
                    36:81:5b:2a:4e:cd:13:6d:1b:25:e5:2c:48:b2:4b:
                    e7:a4:15:6a:ed:22:5f:19:5f:aa:50:eb:8c:ad:c6:
                    03:c0:94:33:b0:22:8a:13:d3:42:e2:9f:e4:22:23:
                    73:04:04:e8:7c:c9:28:35:cb:80:83:f1:43:bc:6c:
                    fb:fd:df:14:cc:2a:4f:fd:d4:90:04:aa:3d:fa:50:
                    69:f8:d6:9d:14:c3:3f:3f:10:f2:78:84:ec:85:93:
                    0f:74:4d:0d:3f:9a:2d:48:ee:c8:0c:30:98:4e:4e:
                    81:09:f4:c1:cd:58:bc:76:6e:4d:1a:c0:d8:31:9a:
                    f0:42:0e:df:a2:dd:41:72:a7:e0:e5:bb:ba:c1:2b:
                    f2:b3:09:b3:2e:21:1b:3c:1b:32:91:87:25:4b:5f:
                    40:53:9b:58:91:c1:4c:b2:d2:58:86:69:3f:5b:b8:
                    6e:fe:28:31:ad:7d:14:c1:1f:0d:0b:12:46:1f:0e:
                    e9:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:D9:3B:79:46:DA:1F:59:E0:24:B6:44:16:EE:80:73:8B:B3:B7:A2
            X509v3 Authority Key Identifier:
                keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ddk7eUbaH1ngJLZEFu6Ac4uzt6I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.77.151.0/24
                  45.90.12.0/22
                  45.90.116.0/22
                  62.3.53.0/24
                  77.87.126.0/24
                  89.248.65.0/24
                  94.154.115.0/24
                  109.205.63.0/24
                  146.19.119.0/24
                  146.19.231.0/24
                  178.212.79.0/24
                  185.138.165.0/24
                  185.149.150.0/24
                  193.221.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:1b:18:9e:5d:da:69:9b:3f:00:67:5c:1c:d5:d8:69:99:6b:
         36:50:3b:ac:20:fb:27:49:fa:c3:1d:3b:e8:e7:3f:d5:a3:56:
         62:10:87:13:0e:88:e8:d3:01:0a:0a:38:48:45:9e:c0:13:3f:
         18:66:60:c1:76:5d:c2:0c:dd:9c:97:33:62:c4:f0:fd:50:72:
         45:3d:0b:8c:c4:4e:41:b3:ef:5f:8d:2b:f4:6c:eb:75:38:a4:
         09:dd:cc:d9:97:85:cb:18:6d:5c:d8:76:0d:40:a0:29:78:ee:
         90:f1:20:a0:16:c8:98:9b:f9:aa:f8:58:b0:21:d3:5a:9a:8a:
         3d:28:6e:19:c3:31:fe:30:e5:f9:63:ea:3c:b3:54:e0:b9:47:
         33:ec:9e:09:93:b2:40:c8:7a:46:38:c1:2f:0f:98:88:61:4b:
         c0:5b:bd:43:90:69:08:0e:38:bd:68:58:47:c6:41:d6:65:de:
         f8:48:29:32:79:b0:58:84:de:ab:20:18:57:50:ae:53:78:54:
         d4:96:5c:34:41:37:4a:2a:48:87:43:49:c9:28:81:5d:a1:e6:
         8f:28:94:3b:74:7a:b5:0c:27:d2:ad:c8:ac:bf:18:7c:8b:2f:
         d0:4b:31:67:f7:8c:08:fe:a1:18:df:7e:2c:4c:44:06:9a:14:
         4b:6e:23:a5
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYw/WW9ggZiV59fX0nEP8UydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMjA2MTMzNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWQ5M2I3OTQ2ZGExZjU5ZTAyNGI2NDQxNmVlODA3MzhiYjNiN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmzBpqmGTJcj/qzJ/hVF7V+aMl38
5WuO40vzj0pRBVtvcro5xU2yYfEhVoIsAe8+HePEvE85DdBID0v0gZSvRgujYppU
M3BdYV42gVsqTs0TbRsl5SxIskvnpBVq7SJfGV+qUOuMrcYDwJQzsCKKE9NC4p/k
IiNzBATofMkoNcuAg/FDvGz7/d8UzCpP/dSQBKo9+lBp+NadFMM/PxDyeITshZMP
dE0NP5otSO7IDDCYTk6BCfTBzVi8dm5NGsDYMZrwQg7fot1Bcqfg5bu6wSvyswmz
LiEbPBsykYclS19AU5tYkcFMstJYhmk/W7hu/igxrX0UwR8NCxJGHw7ppwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHXZO3lG2h9Z4CS2RBbugHOLs7eiMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvZGRrN2VVYmFIMW5nSkxaRUZ1NkFjNHV6dDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAJU2XAwQC
LVoMAwQCLVp0AwQAPgM1AwQATVd+AwQAWfhBAwQAXppzAwQAbc0/AwQAkhN3AwQA
khPnAwQAstRPAwQAuYqlAwQAuZWWAwQAwd3QMA0GCSqGSIb3DQEBCwUAA4IBAQBP
GxieXdppmz8AZ1wc1dhpmWs2UDusIPsnSfrDHTvo5z/Vo1ZiEIcTDojo0wEKCjhI
RZ7AEz8YZmDBdl3CDN2clzNixPD9UHJFPQuMxE5Bs+9fjSv0bOt1OKQJ3czZl4XL
GG1c2HYNQKApeO6Q8SCgFsiYm/mq+FiwIdNamoo9KG4ZwzH+MOX5Y+o8s1TguUcz
7J4Jk7JAyHpGOMEvD5iIYUvAW71DkGkIDji9aFhHxkHWZd74SCkyebBYhN6rIBhX
UK5TeFTUllw0QTdKKkiHQ0nJKIFdoeaPKJQ7dHq1DCfSrcisvxh8iy/QSzFn94wI
/qEY334sTEQGmhRLbiOl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:24 2024 by rpki-client on console-ams.rpki-client.org