Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/iHdlRHhDQ_dlF4WPXvNh_71bnWc.roa
File:                     iHdlRHhDQ_dlF4WPXvNh_71bnWc.roa (raw, json)
Hash identifier:          vlVn7VRJKaUQQNmqdrV2gDrczoGHu+gS6CZpPp2kTt8=
Subject key identifier:   88:77:65:44:78:43:43:F7:65:17:85:8F:5E:F3:61:FF:BD:5B:9D:67
Certificate issuer:       /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial:       0187702F6AA1022C3FD8AB196FFB217ECC45
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/iHdlRHhDQ_dlF4WPXvNh_71bnWc.roa
Signing time:             Tue 11 Apr 2023 11:59:28 +0000
ROA not before:           Tue 11 Apr 2023 11:59:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202422
IP address blocks:        80.93.209.0/24 maxlen: 24
                          80.93.210.0/24 maxlen: 24
                          5.188.36.0/24 maxlen: 24
                          80.93.219.0/24 maxlen: 24
                          80.93.218.0/24 maxlen: 24
                          80.93.214.0/24 maxlen: 24
                          80.93.215.0/24 maxlen: 24
                          80.93.217.0/24 maxlen: 24
                          80.93.223.0/24 maxlen: 24
                          5.188.148.0/24 maxlen: 24
                          87.121.53.0/24 maxlen: 24
                          5.45.184.0/24 maxlen: 24
                          5.45.185.0/24 maxlen: 24
                          79.133.110.0/24 maxlen: 24
                          92.38.187.0/24 maxlen: 24
                          37.9.33.0/24 maxlen: 24
                          37.9.32.0/24 maxlen: 24
                          37.9.35.0/24 maxlen: 24
                          79.133.124.0/24 maxlen: 24
                          89.42.178.0/24 maxlen: 24
                          95.85.71.0/24 maxlen: 24
                          139.28.6.0/24 maxlen: 24
                          95.85.76.0/24 maxlen: 24
                          92.223.102.0/24 maxlen: 24
                          5.189.204.0/24 maxlen: 24
                          5.189.206.0/24 maxlen: 24
                          202.78.168.0/24 maxlen: 24
                          180.149.36.0/24 maxlen: 24
                          180.149.47.0/24 maxlen: 24
                          89.44.194.0/24 maxlen: 24
                          92.223.90.0/24 maxlen: 24
                          92.38.148.0/24 maxlen: 24
                          92.38.155.0/24 maxlen: 24
                          213.156.143.0/24 maxlen: 24
                          213.156.145.0/24 maxlen: 24
                          213.156.147.0/24 maxlen: 24
                          92.38.173.0/24 maxlen: 24
                          92.38.186.0/23 maxlen: 24
                          213.156.155.0/24 maxlen: 24
                          213.156.157.0/24 maxlen: 24
                          92.38.181.0/24 maxlen: 24
                          92.38.184.0/24 maxlen: 24
                          92.38.186.0/24 maxlen: 24
                          92.38.180.0/24 maxlen: 24
                          185.163.1.0/24 maxlen: 24
                          5.8.24.0/24 maxlen: 24
                          5.8.41.0/24 maxlen: 24
                          92.38.132.0/24 maxlen: 24
                          78.111.105.0/24 maxlen: 24
                          78.111.99.0/24 maxlen: 24
                          78.111.102.0/24 maxlen: 24
                          103.215.218.0/24 maxlen: 24
                          217.195.193.0/24 maxlen: 24
                          5.188.169.0/24 maxlen: 24
                          5.188.168.0/24 maxlen: 24
                          5.188.190.0/24 maxlen: 24
                          146.185.236.0/24 maxlen: 24
                          146.185.237.0/24 maxlen: 24
                          146.185.248.0/24 maxlen: 24
                          146.185.250.0/24 maxlen: 24
                          92.243.82.0/24 maxlen: 24
                          217.195.205.0/24 maxlen: 24
                          146.185.216.0/24 maxlen: 24
                          146.185.217.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Apr 2023 15:27:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:70:2f:6a:a1:02:2c:3f:d8:ab:19:6f:fb:21:7e:cc:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
        Validity
            Not Before: Apr 11 11:59:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=88776544784343f76517858f5ef361ffbd5b9d67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e6:b2:02:69:b3:02:bf:3d:a4:f1:98:1d:c9:
                    c0:c9:64:dd:73:bd:49:c7:fb:3c:50:a8:ed:5e:c0:
                    c6:9a:e8:a6:ba:87:8c:9e:da:13:48:ae:1f:f2:c3:
                    b7:21:31:8c:9a:6a:ad:01:cb:05:ad:2c:6b:48:c7:
                    ba:8b:19:18:d6:54:5d:1f:a8:7d:db:32:82:29:04:
                    db:27:e5:9a:9e:ac:04:4e:f3:da:ca:71:08:e9:5b:
                    44:a3:91:57:17:62:29:45:68:cd:41:97:7a:a0:54:
                    df:c5:32:07:8b:4a:df:ae:6d:b3:ee:f2:eb:7e:43:
                    31:1b:b5:33:3d:4b:3b:e0:8f:d9:5b:ca:89:5b:3b:
                    98:82:44:7d:5f:23:93:2d:7d:42:d0:95:67:65:b1:
                    9a:c1:da:61:1f:cc:5b:b7:21:7e:21:6a:e2:6e:2a:
                    5c:9e:71:7d:73:83:03:e4:65:14:24:fd:8a:3e:c7:
                    9c:3d:61:03:4a:85:d3:49:b2:6b:63:1d:c2:dc:b3:
                    d0:df:80:e9:a4:44:a0:6e:24:03:20:c3:e4:ec:45:
                    9d:fa:18:87:d6:15:e5:29:0a:d1:81:9a:05:f0:f3:
                    f9:7b:fb:a7:9c:0f:2d:a7:b0:fb:df:00:b0:87:6c:
                    d1:a2:79:0b:91:00:05:47:e7:54:31:1a:0c:e7:1c:
                    d8:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:77:65:44:78:43:43:F7:65:17:85:8F:5E:F3:61:FF:BD:5B:9D:67
            X509v3 Authority Key Identifier:
                keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/iHdlRHhDQ_dlF4WPXvNh_71bnWc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.24.0/24
                  5.8.41.0/24
                  5.45.184.0/23
                  5.188.36.0/24
                  5.188.148.0/24
                  5.188.168.0/23
                  5.188.190.0/24
                  5.189.204.0/24
                  5.189.206.0/24
                  37.9.32.0/23
                  37.9.35.0/24
                  78.111.99.0/24
                  78.111.102.0/24
                  78.111.105.0/24
                  79.133.110.0/24
                  79.133.124.0/24
                  80.93.209.0-80.93.210.255
                  80.93.214.0/23
                  80.93.217.0-80.93.219.255
                  80.93.223.0/24
                  87.121.53.0/24
                  89.42.178.0/24
                  89.44.194.0/24
                  92.38.132.0/24
                  92.38.148.0/24
                  92.38.155.0/24
                  92.38.173.0/24
                  92.38.180.0/23
                  92.38.184.0/24
                  92.38.186.0/23
                  92.223.90.0/24
                  92.223.102.0/24
                  92.243.82.0/24
                  95.85.71.0/24
                  95.85.76.0/24
                  103.215.218.0/24
                  139.28.6.0/24
                  146.185.216.0/23
                  146.185.236.0/23
                  146.185.248.0/24
                  146.185.250.0/24
                  180.149.36.0/24
                  180.149.47.0/24
                  185.163.1.0/24
                  202.78.168.0/24
                  213.156.143.0/24
                  213.156.145.0/24
                  213.156.147.0/24
                  213.156.155.0/24
                  213.156.157.0/24
                  217.195.193.0/24
                  217.195.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d2:78:bc:76:ee:0f:f9:0c:b2:74:23:f0:51:88:9b:8e:ba:92:
         22:83:ee:e5:4d:7d:6f:25:85:77:61:b7:85:23:83:8a:89:bb:
         0d:30:31:47:89:8b:6e:a4:49:83:35:84:6c:76:f3:a0:0f:4e:
         be:81:d8:be:80:15:bd:d7:7b:45:e5:9d:3e:41:0e:7f:8b:42:
         cf:f6:8d:9d:96:3f:35:31:48:53:c3:db:bd:f6:19:35:01:f0:
         a0:4a:da:a4:f3:22:e4:68:69:49:28:3f:fb:ff:fe:48:e7:66:
         9c:04:a3:70:98:15:14:0a:0f:1f:d1:9e:9d:09:ca:a1:63:4e:
         7f:95:22:be:c8:45:8f:44:a9:9e:10:c1:1e:93:47:5d:e6:c0:
         2b:56:ab:d0:39:74:46:43:87:9f:57:22:6b:d0:43:eb:58:f4:
         73:86:1f:bb:fe:c8:0a:27:09:d2:e0:36:26:16:fe:86:45:8e:
         5b:75:6a:a6:87:3b:3d:19:e9:ce:c8:99:e7:e7:b9:42:97:84:
         1e:94:ff:dc:e6:08:32:f8:4e:32:c2:2c:b0:39:21:ff:25:98:
         77:3b:65:70:56:a4:c9:20:a3:56:7f:3c:d3:c5:24:20:46:87:
         e7:f9:ec:90:0d:89:8a:a5:bc:3d:e6:01:43:d1:a5:fd:31:32:
         62:06:b4:2b
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgISAYdwL2qhAiw/2KsZb/shfsxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjMwNDExMTE1OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODc3NjU0NDc4NDM0M2Y3NjUxNzg1OGY1ZWYzNjFmZmJkNWI5ZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuayAmmzAr89pPGYHcnAyWTdc71J
x/s8UKjtXsDGmuimuoeMntoTSK4f8sO3ITGMmmqtAcsFrSxrSMe6ixkY1lRdH6h9
2zKCKQTbJ+WanqwETvPaynEI6VtEo5FXF2IpRWjNQZd6oFTfxTIHi0rfrm2z7vLr
fkMxG7UzPUs74I/ZW8qJWzuYgkR9XyOTLX1C0JVnZbGawdphH8xbtyF+IWribipc
nnF9c4MD5GUUJP2KPsecPWEDSoXTSbJrYx3C3LPQ34DppESgbiQDIMPk7EWd+hiH
1hXlKQrRgZoF8PP5e/unnA8tp7D73wCwh2zRonkLkQAFR+dUMRoM5xzYowIDAQAB
o4IDVTCCA1EwHQYDVR0OBBYEFIh3ZUR4Q0P3ZReFj17zYf+9W51nMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvaUhkbFJIaERRX2RsRjRXUFh2TmhfNzFibldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBaQYIKwYBBQUHAQcBAf8EggFYMIIBVDCCAVAEAgABMIIB
SAMEAAUIGAMEAAUIKQMEAQUtuAMEAAW8JAMEAAW8lAMEAQW8qAMEAAW8vgMEAAW9
zAMEAAW9zgMEASUJIAMEACUJIwMEAE5vYwMEAE5vZgMEAE5vaQMEAE+FbgMEAE+F
fDAMAwQAUF3RAwQAUF3SAwQBUF3WMAwDBABQXdkDBAJQXdgDBABQXd8DBABXeTUD
BABZKrIDBABZLMIDBABcJoQDBABcJpQDBABcJpsDBABcJq0DBAFcJrQDBABcJrgD
BAFcJroDBABc31oDBABc32YDBABc81IDBABfVUcDBABfVUwDBABn19oDBACLHAYD
BAGSudgDBAGSuewDBACSufgDBACSufoDBAC0lSQDBAC0lS8DBAC5owEDBADKTqgD
BADVnI8DBADVnJEDBADVnJMDBADVnJsDBADVnJ0DBADZw8EDBADZw80wDQYJKoZI
hvcNAQELBQADggEBANJ4vHbuD/kMsnQj8FGIm466kiKD7uVNfW8lhXdht4Ujg4qJ
uw0wMUeJi26kSYM1hGx286APTr6B2L6AFb3Xe0XlnT5BDn+LQs/2jZ2WPzUxSFPD
2732GTUB8KBK2qTzIuRoaUkoP/v//kjnZpwEo3CYFRQKDx/Rnp0JyqFjTn+VIr7I
RY9EqZ4QwR6TR13mwCtWq9A5dEZDh59XImvQQ+tY9HOGH7v+yAonCdLgNiYW/oZF
jlt1aqaHOz0Z6c7ImefnuUKXhB6U/9zmCDL4TjLCLLA5If8lmHc7ZXBWpMkgo1Z/
PNPFJCBGh+f57JANiYqlvD3mAUPRpf0xMmIGtCs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:46 2024 by rpki-client on console-ams.rpki-client.org