Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/fYmss1Pk0vB0dQf2XLcj_eHdMsk.roa
File:                     fYmss1Pk0vB0dQf2XLcj_eHdMsk.roa (raw, json)
Hash identifier:          of07G19iwZOwKUfHI0xtQkUbWg28JTPnRowCyWJXm0E=
Subject key identifier:   7D:89:AC:B3:53:E4:D2:F0:74:75:07:F6:5C:B7:23:FD:E1:DD:32:C9
Certificate issuer:       /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial:       018C24131C978A1C7A585E759CF8C72EF434
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/fYmss1Pk0vB0dQf2XLcj_eHdMsk.roa
Signing time:             Fri 01 Dec 2023 06:31:21 +0000
ROA not before:           Fri 01 Dec 2023 06:31:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212477
IP address blocks:        94.154.115.0/24 maxlen: 24
                          193.221.208.0/24 maxlen: 24
                          45.90.116.0/22 maxlen: 24
                          146.19.119.0/24 maxlen: 24
                          37.77.151.0/24 maxlen: 24
                          178.212.79.0/24 maxlen: 24
                          62.3.53.0/24 maxlen: 24
                          77.87.126.0/24 maxlen: 24
                          45.90.12.0/22 maxlen: 24
                          146.19.231.0/24 maxlen: 24
                          185.149.150.0/24 maxlen: 24
                          185.138.165.0/24 maxlen: 24
                          109.205.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Dec 2023 13:37:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:24:13:1c:97:8a:1c:7a:58:5e:75:9c:f8:c7:2e:f4:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
        Validity
            Not Before: Dec  1 06:31:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7d89acb353e4d2f0747507f65cb723fde1dd32c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:3d:04:dd:a0:e3:c3:5d:a9:b3:8e:8a:a7:12:
                    07:08:1c:d3:2d:f1:44:e7:b0:ab:7c:c4:ba:18:a0:
                    79:43:7e:c0:7d:97:77:50:e6:4c:1e:99:fa:d7:96:
                    8b:c5:7b:fc:92:a1:4b:a8:00:9b:88:e8:c6:96:b6:
                    cb:08:d7:ee:9f:73:81:26:4c:63:2c:bc:92:98:3f:
                    43:60:b6:6c:55:75:79:61:bd:ef:d0:2d:b9:b4:8d:
                    6f:97:9d:b5:02:6b:0b:f8:60:02:00:69:ef:a9:28:
                    fd:83:0d:8f:53:73:af:b2:5f:fb:ab:9f:b6:b0:c0:
                    0b:e9:14:ea:c3:88:56:62:65:24:e9:95:59:1b:30:
                    b4:0f:c0:ac:ae:1e:67:79:56:e5:82:a0:ba:09:50:
                    12:05:df:4f:00:78:29:84:80:64:cf:81:12:dd:c6:
                    7d:db:79:88:74:74:1b:9b:b5:8e:a3:38:55:74:d5:
                    4d:9f:10:d2:98:d0:c8:ba:dc:dc:d8:68:a3:b6:03:
                    05:64:6a:ee:c0:ad:87:cd:23:4d:26:4c:1b:c8:27:
                    0b:3b:e2:05:a8:a1:0f:94:1c:2c:d7:fc:55:6c:5a:
                    1b:74:79:cb:b6:bc:c6:a8:1a:cb:04:a9:be:00:2e:
                    d1:07:05:f4:92:89:ee:35:e3:79:51:1b:4f:b8:ed:
                    ea:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:89:AC:B3:53:E4:D2:F0:74:75:07:F6:5C:B7:23:FD:E1:DD:32:C9
            X509v3 Authority Key Identifier:
                keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/fYmss1Pk0vB0dQf2XLcj_eHdMsk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.77.151.0/24
                  45.90.12.0/22
                  45.90.116.0/22
                  62.3.53.0/24
                  77.87.126.0/24
                  94.154.115.0/24
                  109.205.63.0/24
                  146.19.119.0/24
                  146.19.231.0/24
                  178.212.79.0/24
                  185.138.165.0/24
                  185.149.150.0/24
                  193.221.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:ea:34:18:fe:79:b8:79:f5:58:92:14:fb:28:b1:9a:72:de:
         99:25:2f:5a:23:88:8a:57:7f:6c:65:b8:19:06:31:99:5a:73:
         a0:70:82:3d:2c:ca:e6:5c:35:d2:c9:90:72:8a:73:21:d7:63:
         16:c8:7a:2a:34:f9:9b:5d:c4:6f:ac:ac:1f:ff:55:a0:32:df:
         c2:00:23:18:3f:0d:22:ba:d4:4f:13:a6:1e:05:55:b2:5c:c5:
         c4:a9:5d:ef:cf:fa:8e:97:f6:bf:2c:02:65:6e:a3:7c:ed:1d:
         d0:53:65:6c:38:15:4c:a3:f3:21:1d:61:3a:68:ba:fb:08:b7:
         f2:c8:4a:8d:29:60:5e:0c:46:89:4e:36:ac:9b:b4:5c:9c:17:
         b1:28:d4:0b:1d:d0:f7:12:0a:bf:1b:2e:c5:01:cb:e6:04:18:
         9b:14:cd:ea:7c:8e:f3:38:6b:e6:74:08:ed:ba:bd:c0:e2:ea:
         29:08:dd:e4:2a:39:eb:b7:08:3b:03:ea:7b:af:94:e0:1b:99:
         98:47:8b:b3:10:6f:ed:82:08:d5:19:5a:fe:6a:f4:06:a6:f0:
         24:51:95:02:c3:16:75:cb:88:99:90:66:a7:73:7f:cf:25:f6:
         c8:b1:d2:82:b0:78:03:75:00:46:04:57:f4:64:d5:1b:8a:6b:
         2e:3f:c6:f0
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYwkExyXihx6WF51nPjHLvQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMjAxMDYzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDg5YWNiMzUzZTRkMmYwNzQ3NTA3ZjY1Y2I3MjNmZGUxZGQzMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT0E3aDjw12ps46KpxIHCBzTLfFE
57CrfMS6GKB5Q37AfZd3UOZMHpn615aLxXv8kqFLqACbiOjGlrbLCNfun3OBJkxj
LLySmD9DYLZsVXV5Yb3v0C25tI1vl521AmsL+GACAGnvqSj9gw2PU3Ovsl/7q5+2
sMAL6RTqw4hWYmUk6ZVZGzC0D8Csrh5neVblgqC6CVASBd9PAHgphIBkz4ES3cZ9
23mIdHQbm7WOozhVdNVNnxDSmNDIutzc2GijtgMFZGruwK2HzSNNJkwbyCcLO+IF
qKEPlBws1/xVbFobdHnLtrzGqBrLBKm+AC7RBwX0konuNeN5URtPuO3qMwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFH2JrLNT5NLwdHUH9ly3I/3h3TLJMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvZlltc3MxUGswdkIwZFFmMlhMY2pfZUhkTXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAJU2XAwQC
LVoMAwQCLVp0AwQAPgM1AwQATVd+AwQAXppzAwQAbc0/AwQAkhN3AwQAkhPnAwQA
stRPAwQAuYqlAwQAuZWWAwQAwd3QMA0GCSqGSIb3DQEBCwUAA4IBAQBa6jQY/nm4
efVYkhT7KLGact6ZJS9aI4iKV39sZbgZBjGZWnOgcII9LMrmXDXSyZByinMh12MW
yHoqNPmbXcRvrKwf/1WgMt/CACMYPw0iutRPE6YeBVWyXMXEqV3vz/qOl/a/LAJl
bqN87R3QU2VsOBVMo/MhHWE6aLr7CLfyyEqNKWBeDEaJTjasm7RcnBexKNQLHdD3
Egq/Gy7FAcvmBBibFM3qfI7zOGvmdAjtur3A4uopCN3kKjnrtwg7A+p7r5TgG5mY
R4uzEG/tggjVGVr+avQGpvAkUZUCwxZ1y4iZkGanc3/PJfbIsdKCsHgDdQBGBFf0
ZNUbimsuP8bw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:24 2024 by rpki-client on console-ams.rpki-client.org