Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/X_dzeiPIXoHIJGpPXko1HTX-W6s.roa
File:                     X_dzeiPIXoHIJGpPXko1HTX-W6s.roa (raw, json)
Hash identifier:          W1v3obAVYpVbCzkdkheZozAivWhdKEYD+C1Ky9m2nSM=
Subject key identifier:   5F:F7:73:7A:23:C8:5E:81:C8:24:6A:4F:5E:4A:35:1D:35:FE:5B:AB
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       0189BF26345A095E198EBA7F48A7109D9B40
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/X_dzeiPIXoHIJGpPXko1HTX-W6s.roa
Signing time:             Fri 04 Aug 2023 06:04:58 +0000
ROA not before:           Fri 04 Aug 2023 06:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34450
IP address blocks:        89.43.42.0/24 maxlen: 24
                          89.43.43.0/24 maxlen: 24
                          89.43.44.0/24 maxlen: 24
                          89.43.40.0/24 maxlen: 24
                          93.114.187.0/24 maxlen: 24
                          86.106.80.0/24 maxlen: 24
                          89.43.46.0/24 maxlen: 24
                          89.34.8.0/21 maxlen: 21
                          89.43.73.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          188.213.18.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.114.99.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          89.37.136.0/24 maxlen: 24
                          89.45.34.0/24 maxlen: 24
                          93.114.55.0/24 maxlen: 24
                          188.215.72.0/23 maxlen: 24
                          188.215.72.0/24 maxlen: 24
                          188.215.73.0/24 maxlen: 24
                          2a05:b680:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 04 Aug 2023 12:32:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:bf:26:34:5a:09:5e:19:8e:ba:7f:48:a7:10:9d:9b:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Aug  4 06:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5ff7737a23c85e81c8246a4f5e4a351d35fe5bab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:2d:40:ac:a3:92:d0:a5:fd:56:1a:67:c0:0b:
                    e6:15:65:2b:f2:f1:7c:bf:1d:ae:9a:4e:6a:65:92:
                    ad:5e:78:81:50:94:f9:57:b1:0e:3c:8f:e9:09:c4:
                    e2:0b:08:97:73:c0:83:fe:ae:50:c0:8a:84:49:83:
                    f3:e3:70:25:f0:76:02:cb:06:8a:80:ca:7a:f4:9f:
                    e0:ec:3b:c3:5a:d7:d3:81:46:59:da:12:46:2d:c8:
                    c2:06:cc:95:f8:a5:f1:1f:ee:e6:38:bb:d1:91:fc:
                    39:56:c6:0a:de:6d:56:26:1b:64:e5:2c:ce:66:16:
                    4a:03:d9:0f:19:86:21:2f:96:d3:95:4b:97:6e:a9:
                    2c:16:ac:84:68:d1:26:b1:91:b6:f5:fc:3d:1d:b6:
                    b1:8c:e7:32:54:cb:14:ea:bb:2d:4e:18:7d:05:48:
                    ec:29:2e:18:23:24:f6:ec:0a:af:5e:77:c9:6f:3c:
                    c4:c9:95:b1:11:03:70:90:92:a6:b9:74:26:86:03:
                    01:11:b6:ce:04:5c:87:2c:28:b5:74:3c:10:1c:6e:
                    8e:0b:08:f0:cf:9d:77:c6:4c:49:c7:13:86:06:00:
                    14:b8:25:7e:b1:c3:10:57:bd:82:51:17:a9:24:c0:
                    99:f5:38:d6:55:82:18:98:0f:52:2e:63:1a:d7:a0:
                    6d:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:F7:73:7A:23:C8:5E:81:C8:24:6A:4F:5E:4A:35:1D:35:FE:5B:AB
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/X_dzeiPIXoHIJGpPXko1HTX-W6s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.127.0/24
                  86.106.80.0/24
                  89.33.163.0/24
                  89.34.8.0/21
                  89.37.136.0/24
                  89.39.252.0/24
                  89.43.40.0/24
                  89.43.42.0-89.43.44.255
                  89.43.46.0/24
                  89.43.73.0/24
                  89.45.34.0/24
                  93.113.158.0/24
                  93.114.55.0/24
                  93.114.99.0/24
                  93.114.187.0/24
                  188.213.18.0/24
                  188.215.72.0/23
                  188.240.14.0/24
                IPv6:
                  2a05:b680:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         a2:fb:ae:de:03:58:6b:ef:e8:b0:85:b0:c3:c3:f3:8c:ca:5d:
         f8:12:d2:2c:7f:a8:5d:1f:0f:2b:40:f9:ec:ba:a7:2c:c6:e0:
         d7:0e:2b:19:67:b5:1c:a9:de:44:12:f2:10:92:5e:d8:13:8a:
         c2:67:28:ad:a0:f5:a8:50:1a:72:b5:49:40:c3:6f:19:27:35:
         7b:76:6c:20:a7:f0:46:ff:d2:e1:14:6a:35:4c:3a:f6:71:42:
         2f:64:e1:b7:a2:26:3f:77:82:1c:d7:29:9e:ee:c1:bb:d1:7a:
         8c:ea:f6:b9:2a:e1:03:60:b9:aa:46:3e:0d:fb:b9:44:9a:86:
         9c:ce:6a:b6:64:ac:d0:ea:36:b2:60:b6:bf:46:10:81:a1:3d:
         5f:17:42:b5:e0:cc:d8:5a:be:b0:aa:35:89:70:b6:c0:b5:b8:
         2f:fe:86:46:79:08:80:e6:3e:35:d5:12:82:e8:03:c7:b8:8d:
         bc:d3:b3:66:5d:04:04:5d:25:74:02:75:da:b9:0c:a1:72:da:
         a2:8b:65:90:1f:cd:c7:b2:50:f4:03:49:b5:14:78:82:69:f2:
         6f:c8:cc:2a:bb:1c:16:1f:e1:ae:dd:a0:66:de:76:dc:d2:d1:
         5f:25:1d:d0:ae:1b:45:c3:69:e2:d3:69:1d:37:b9:4c:c7:60:
         75:fc:7a:ba
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYm/JjRaCV4Zjrp/SKcQnZtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwODA0MDYwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY3NzM3YTIzYzg1ZTgxYzgyNDZhNGY1ZTRhMzUxZDM1ZmU1YmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC1ArKOS0KX9VhpnwAvmFWUr8vF8
vx2umk5qZZKtXniBUJT5V7EOPI/pCcTiCwiXc8CD/q5QwIqESYPz43Al8HYCywaK
gMp69J/g7DvDWtfTgUZZ2hJGLcjCBsyV+KXxH+7mOLvRkfw5VsYK3m1WJhtk5SzO
ZhZKA9kPGYYhL5bTlUuXbqksFqyEaNEmsZG29fw9HbaxjOcyVMsU6rstThh9BUjs
KS4YIyT27AqvXnfJbzzEyZWxEQNwkJKmuXQmhgMBEbbOBFyHLCi1dDwQHG6OCwjw
z513xkxJxxOGBgAUuCV+scMQV72CURepJMCZ9TjWVYIYmA9SLmMa16BtiwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFF/3c3ojyF6ByCRqT15KNR01/lurMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvWF9kemVpUElYb0hJSkdwUFhrbzFIVFgtVzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB6BAIAATB0AwQAVcx/
AwQAVmpQAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQAWSsoMAwDBAFZKyoDBABZ
KywDBABZKy4DBABZK0kDBABZLSIDBABdcZ4DBABdcjcDBABdcmMDBABdcrsDBAC8
1RIDBAG810gDBAC88A4wDwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0BAQsFAAOC
AQEAovuu3gNYa+/osIWww8PzjMpd+BLSLH+oXR8PK0D57LqnLMbg1w4rGWe1HKne
RBLyEJJe2BOKwmcoraD1qFAacrVJQMNvGSc1e3ZsIKfwRv/S4RRqNUw69nFCL2Th
t6ImP3eCHNcpnu7Bu9F6jOr2uSrhA2C5qkY+Dfu5RJqGnM5qtmSs0Oo2smC2v0YQ
gaE9XxdCteDM2Fq+sKo1iXC2wLW4L/6GRnkIgOY+NdUSgugDx7iNvNOzZl0EBF0l
dAJ12rkMoXLaootlkB/Nx7JQ9ANJtRR4gmnyb8jMKrscFh/hrt2gZt523NLRXyUd
0K4bRcNp4tNpHTe5TMdgdfx6ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org