Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/lE2PTZJyCG80c1m7uxDUet3GEBA.roa
File:                     lE2PTZJyCG80c1m7uxDUet3GEBA.roa (raw, json)
Hash identifier:          PadcZRJAZ+UoD7LjstWnAPeSEj/FGbp9I+Cmmsia0BQ=
Subject key identifier:   94:4D:8F:4D:92:72:08:6F:34:73:59:BB:BB:10:D4:7A:DD:C6:10:10
Certificate issuer:       /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial:       018973900B0135D3D295A731CCC65EDAB2CD
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/lE2PTZJyCG80c1m7uxDUet3GEBA.roa
Signing time:             Thu 20 Jul 2023 13:49:27 +0000
ROA not before:           Thu 20 Jul 2023 13:49:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34450
IP address blocks:        89.43.42.0/24 maxlen: 24
                          89.43.43.0/24 maxlen: 24
                          89.43.44.0/24 maxlen: 24
                          89.43.40.0/24 maxlen: 24
                          93.114.187.0/24 maxlen: 24
                          86.106.80.0/24 maxlen: 24
                          89.43.46.0/24 maxlen: 24
                          89.34.8.0/21 maxlen: 21
                          89.43.73.0/24 maxlen: 24
                          89.39.252.0/24 maxlen: 24
                          188.213.18.0/24 maxlen: 24
                          188.240.14.0/24 maxlen: 24
                          85.204.127.0/24 maxlen: 24
                          93.113.158.0/24 maxlen: 24
                          89.33.163.0/24 maxlen: 24
                          89.37.136.0/24 maxlen: 24
                          93.114.55.0/24 maxlen: 24
                          188.215.72.0/23 maxlen: 24
                          188.215.72.0/24 maxlen: 24
                          188.215.73.0/24 maxlen: 24
                          2a05:b680:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 20 Jul 2023 13:56:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:73:90:0b:01:35:d3:d2:95:a7:31:cc:c6:5e:da:b2:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
        Validity
            Not Before: Jul 20 13:49:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=944d8f4d9272086f347359bbbb10d47addc61010
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:68:b9:07:99:5b:c5:64:39:7b:4e:ae:d1:24:
                    2a:82:3c:76:19:a2:6a:30:d4:d9:e5:8c:d5:92:24:
                    de:68:c0:33:47:80:fb:81:23:b5:a6:f1:7e:0c:e3:
                    d0:60:74:90:fe:7e:dc:d0:ad:60:cc:fb:5a:90:7c:
                    14:e0:f5:a2:f8:57:47:15:07:cd:92:6b:56:3a:1f:
                    54:85:60:39:9b:d6:06:3c:83:6b:9f:b7:30:35:76:
                    25:9f:f9:c2:db:72:17:d8:65:cd:91:85:3f:3e:93:
                    27:42:61:a3:11:a3:43:ef:ba:25:cc:19:bb:c6:49:
                    72:47:7a:c5:4f:d7:20:52:fb:65:c5:04:a7:d8:76:
                    1a:88:fe:cd:5b:15:aa:f4:e3:d8:29:6e:4a:6c:de:
                    67:05:2b:0b:59:a1:aa:46:69:73:c3:3a:2e:2c:79:
                    19:05:46:37:df:e2:a6:56:4a:20:dd:89:d7:c4:04:
                    0d:2e:38:87:74:48:2f:8e:21:05:5b:59:c4:af:c4:
                    17:c0:e9:9a:94:58:4a:45:2a:d7:ea:3d:49:0b:ba:
                    a5:0f:47:a7:41:da:53:a6:ac:36:01:c8:66:c1:7b:
                    28:ef:72:34:75:96:bd:15:4d:28:d5:8f:69:76:88:
                    b4:42:d6:a8:3e:92:05:5a:c5:4d:92:e7:b2:94:dd:
                    19:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:4D:8F:4D:92:72:08:6F:34:73:59:BB:BB:10:D4:7A:DD:C6:10:10
            X509v3 Authority Key Identifier:
                keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/lE2PTZJyCG80c1m7uxDUet3GEBA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.204.127.0/24
                  86.106.80.0/24
                  89.33.163.0/24
                  89.34.8.0/21
                  89.37.136.0/24
                  89.39.252.0/24
                  89.43.40.0/24
                  89.43.42.0-89.43.44.255
                  89.43.46.0/24
                  89.43.73.0/24
                  93.113.158.0/24
                  93.114.55.0/24
                  93.114.187.0/24
                  188.213.18.0/24
                  188.215.72.0/23
                  188.240.14.0/24
                IPv6:
                  2a05:b680:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         65:bf:d0:13:0c:c2:ad:0d:6c:f4:97:44:e2:38:a4:1b:db:37:
         de:e7:07:82:24:03:ef:3c:02:92:9e:ee:10:18:a7:d6:a4:0a:
         55:52:5d:ac:0a:b5:20:d9:94:17:e7:40:84:5a:b1:84:95:54:
         5e:b7:11:80:2d:e2:d9:15:94:d5:17:a7:f3:2f:9a:be:d3:04:
         ea:2d:75:40:c4:8d:79:dd:3c:d8:a2:fd:ae:7a:c9:38:bd:dc:
         12:9f:85:d7:9c:1d:2f:17:13:a7:92:c3:81:be:f7:5c:4f:33:
         3f:20:18:f8:92:8b:ff:6a:f2:86:95:88:45:af:f5:4f:8a:bf:
         59:bb:58:04:1a:4b:ff:c9:a1:b9:79:1a:32:30:33:a4:54:b3:
         96:14:67:a1:21:69:f7:15:77:c0:3a:ea:52:f9:cb:d9:cb:8e:
         98:b3:e1:51:92:c3:80:b4:37:87:7a:94:fa:32:e2:00:d0:93:
         84:37:1c:2e:9f:ea:c4:c2:e3:ce:0f:4a:be:2f:3d:79:be:c1:
         62:73:b2:c2:89:9a:e1:61:b5:f8:89:ef:a4:ef:ab:ef:31:89:
         98:43:0f:79:1e:de:a8:d9:f4:e9:d4:e1:da:0c:e8:69:5c:ec:
         ae:cd:ce:81:39:32:4a:15:a7:50:d1:4a:94:a4:cf:ae:a6:57:
         a1:7e:78:cb
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYlzkAsBNdPSlacxzMZe2rLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwNzIwMTM0OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDRkOGY0ZDkyNzIwODZmMzQ3MzU5YmJiYjEwZDQ3YWRkYzYxMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGi5B5lbxWQ5e06u0SQqgjx2GaJq
MNTZ5YzVkiTeaMAzR4D7gSO1pvF+DOPQYHSQ/n7c0K1gzPtakHwU4PWi+FdHFQfN
kmtWOh9UhWA5m9YGPINrn7cwNXYln/nC23IX2GXNkYU/PpMnQmGjEaND77olzBm7
xklyR3rFT9cgUvtlxQSn2HYaiP7NWxWq9OPYKW5KbN5nBSsLWaGqRmlzwzouLHkZ
BUY33+KmVkog3YnXxAQNLjiHdEgvjiEFW1nEr8QXwOmalFhKRSrX6j1JC7qlD0en
QdpTpqw2AchmwXso73I0dZa9FU0o1Y9pdoi0QtaoPpIFWsVNkueylN0ZXQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFJRNj02ScghvNHNZu7sQ1HrdxhAQMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvbEUyUFRaSnlDRzgwYzFtN3V4RFVldDNHRUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBuBAIAATBoAwQAVcx/
AwQAVmpQAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQAWSsoMAwDBAFZKyoDBABZ
KywDBABZKy4DBABZK0kDBABdcZ4DBABdcjcDBABdcrsDBAC81RIDBAG810gDBAC8
8A4wDwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0BAQsFAAOCAQEAZb/QEwzCrQ1s
9JdE4jikG9s33ucHgiQD7zwCkp7uEBin1qQKVVJdrAq1INmUF+dAhFqxhJVUXrcR
gC3i2RWU1Ren8y+avtME6i11QMSNed082KL9rnrJOL3cEp+F15wdLxcTp5LDgb73
XE8zPyAY+JKL/2ryhpWIRa/1T4q/WbtYBBpL/8mhuXkaMjAzpFSzlhRnoSFp9xV3
wDrqUvnL2cuOmLPhUZLDgLQ3h3qU+jLiANCThDccLp/qxMLjzg9Kvi89eb7BYnOy
woma4WG1+InvpO+r7zGJmEMPeR7eqNn06dTh2gzoaVzsrs3OgTkyShWnUNFKlKTP
rqZXoX54yw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org