Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Dvv_gS9z1vF0wY2cMDqNftjkHOw.roa
File:                     Dvv_gS9z1vF0wY2cMDqNftjkHOw.roa (raw, json)
Hash identifier:          hzoQQGCWGQC6Ykzbx7lrRyuqL5iK3m2Ud0NrTO9Og5E=
Subject key identifier:   0E:FB:FF:81:2F:73:D6:F1:74:C1:8D:9C:30:3A:8D:7E:D8:E4:1C:EC
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0186DFA65FD8CE29388AC921B0A90BFE6DB2
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Dvv_gS9z1vF0wY2cMDqNftjkHOw.roa
Signing time:             Tue 14 Mar 2023 10:24:27 +0000
ROA not before:           Tue 14 Mar 2023 10:24:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34450
IP address blocks:        89.43.42.0/24 maxlen: 24
                          89.43.44.0/24 maxlen: 24
                          89.43.40.0/24 maxlen: 24
                          93.114.187.0/24 maxlen: 24
                          86.106.80.0/24 maxlen: 24
                          89.43.46.0/24 maxlen: 24
                          89.34.8.0/21 maxlen: 21
                          89.43.73.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          188.213.18.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          85.204.125.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          89.37.136.0/24 maxlen: 24
                          93.114.55.0/24 maxlen: 24
                          188.215.72.0/23 maxlen: 24
                          188.215.73.0/24 maxlen: 24
                          2a05:b680:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 08 May 2023 18:55:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:df:a6:5f:d8:ce:29:38:8a:c9:21:b0:a9:0b:fe:6d:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Mar 14 10:24:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0efbff812f73d6f174c18d9c303a8d7ed8e41cec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c8:db:81:d3:87:57:99:38:58:95:1f:ee:27:
                    82:ca:5f:97:aa:9e:3c:ee:70:60:3b:3f:30:88:70:
                    b9:9c:88:4d:99:1d:1d:87:10:a9:46:64:32:eb:a2:
                    9d:b5:8d:a8:5f:48:ef:ef:cf:fe:ae:6c:00:e3:78:
                    c8:c2:20:fb:a0:35:c2:71:85:6b:e2:07:89:76:42:
                    b5:f1:ee:1e:26:85:42:3d:2f:c2:f9:87:af:5d:9a:
                    6a:e3:b2:66:37:77:bb:4d:c9:75:05:43:f5:20:2b:
                    be:69:86:f1:a7:de:83:f1:a5:97:74:dc:1a:3c:76:
                    b7:c0:81:b0:c7:d0:af:e9:de:ae:fa:71:f2:90:a3:
                    6f:e9:6c:f4:f9:74:2f:66:5d:f7:2a:e3:ae:14:92:
                    0c:fa:f8:d1:83:b0:62:fa:09:ff:8b:50:c6:23:d3:
                    c6:0a:6d:5d:94:72:a8:56:de:69:7f:f4:de:53:66:
                    c2:06:58:65:8b:9d:62:06:6d:78:bf:79:b8:16:2c:
                    f5:1e:c7:6c:6d:68:8b:84:dc:a9:2a:30:ba:c7:4b:
                    b4:4d:7f:e3:57:a8:1a:dd:6e:15:1b:f5:2f:f6:dc:
                    74:9f:b0:6a:87:9b:01:57:16:f1:4b:a8:93:6e:6c:
                    61:69:a5:fe:cc:1c:a8:f2:44:26:7a:56:b3:39:d1:
                    1d:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:FB:FF:81:2F:73:D6:F1:74:C1:8D:9C:30:3A:8D:7E:D8:E4:1C:EC
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Dvv_gS9z1vF0wY2cMDqNftjkHOw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.125.0/24
                  85.204.127.0/24
                  86.106.80.0/24
                  89.33.163.0/24
                  89.34.8.0/21
                  89.37.136.0/24
                  89.39.252.0/24
                  89.43.40.0/24
                  89.43.42.0/24
                  89.43.44.0/24
                  89.43.46.0/24
                  89.43.73.0/24
                  93.113.158.0/24
                  93.114.55.0/24
                  93.114.187.0/24
                  188.213.18.0/24
                  188.215.72.0/23
                  188.240.14.0/24
                IPv6:
                  2a05:b680:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         24:7b:f2:fc:dc:59:f7:f4:b9:e1:5c:ac:40:72:7a:d1:d6:d1:
         5b:e3:47:0a:ac:e7:d2:cb:fa:1e:2a:67:27:e1:10:f2:89:4e:
         c2:6b:4f:23:0a:6a:3d:15:2d:27:b8:e1:fd:b8:8c:ef:b1:57:
         8b:9b:0f:3f:63:e9:23:2e:ce:a9:ee:a5:30:1f:da:0a:78:7a:
         d0:3e:61:d0:31:ae:68:27:a2:c1:1f:3f:db:b3:1b:f1:5d:4e:
         39:59:96:d9:45:90:2d:e9:99:a6:4c:40:76:26:f2:c3:09:cb:
         3e:ff:b5:93:ee:5c:77:30:37:e2:73:ce:ae:df:02:48:d3:94:
         53:ed:f2:86:60:6d:45:aa:30:90:2b:fb:5d:9f:ad:67:0b:bf:
         a0:f1:de:3a:71:2c:04:5e:e3:4c:d8:23:cb:ac:40:17:b3:e3:
         e7:8d:08:14:3f:bb:01:1b:9f:95:3e:2e:17:06:96:04:db:98:
         08:5d:38:78:b2:d8:9c:81:78:09:2e:d9:14:b4:9f:70:55:bb:
         e1:aa:be:00:99:75:ef:55:db:b0:fd:5f:b6:c0:b4:84:01:d2:
         dc:ef:1b:b0:e8:17:f3:89:d0:4f:a6:40:87:bb:5f:68:3f:d6:
         24:e6:d0:6f:c9:1a:27:6c:a3:40:b5:79:2e:5d:39:3e:d4:be:
         2a:71:56:87
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYbfpl/Yzik4iskhsKkL/m2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMzE0MTAyNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWZiZmY4MTJmNzNkNmYxNzRjMThkOWMzMDNhOGQ3ZWQ4ZTQxY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8jbgdOHV5k4WJUf7ieCyl+Xqp48
7nBgOz8wiHC5nIhNmR0dhxCpRmQy66KdtY2oX0jv78/+rmwA43jIwiD7oDXCcYVr
4geJdkK18e4eJoVCPS/C+YevXZpq47JmN3e7Tcl1BUP1ICu+aYbxp96D8aWXdNwa
PHa3wIGwx9Cv6d6u+nHykKNv6Wz0+XQvZl33KuOuFJIM+vjRg7Bi+gn/i1DGI9PG
Cm1dlHKoVt5pf/TeU2bCBlhli51iBm14v3m4Fiz1HsdsbWiLhNypKjC6x0u0TX/j
V6ga3W4VG/Uv9tx0n7Bqh5sBVxbxS6iTbmxhaaX+zByo8kQmelazOdEdRwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFA77/4Evc9bxdMGNnDA6jX7Y5BzsMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvRHZ2X2dTOXoxdkYwd1kyY01EcU5mdGprSE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTByBAIAATBsAwQAVcx9
AwQAVcx/AwQAVmpQAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQAWSsoAwQAWSsq
AwQAWSssAwQAWSsuAwQAWStJAwQAXXGeAwQAXXI3AwQAXXK7AwQAvNUSAwQBvNdI
AwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcNAQELBQADggEBACR78vzc
Wff0ueFcrEByetHW0VvjRwqs59LL+h4qZyfhEPKJTsJrTyMKaj0VLSe44f24jO+x
V4ubDz9j6SMuzqnupTAf2gp4etA+YdAxrmgnosEfP9uzG/FdTjlZltlFkC3pmaZM
QHYm8sMJyz7/tZPuXHcwN+Jzzq7fAkjTlFPt8oZgbUWqMJAr+12frWcLv6Dx3jpx
LARe40zYI8usQBez4+eNCBQ/uwEbn5U+LhcGlgTbmAhdOHiy2JyBeAku2RS0n3BV
u+GqvgCZde9V27D9X7bAtIQB0tzvG7DoF/OJ0E+mQIe7X2g/1iTm0G/JGidso0C1
eS5dOT7UvipxVoc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org