Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/w8zIBXG2_UNvGU_4QyoxLBG6-Io.roa
File:                     w8zIBXG2_UNvGU_4QyoxLBG6-Io.roa (raw, json)
Hash identifier:          KuoN495n8n/o6MIvrUFnrugovb2rLKS9FdzmkrNjqxY=
Subject key identifier:   C3:CC:C8:05:71:B6:FD:43:6F:19:4F:F8:43:2A:31:2C:11:BA:F8:8A
Certificate issuer:       /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial:       018770EEC23CA48A7D4E4A3632087FCC1937
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/w8zIBXG2_UNvGU_4QyoxLBG6-Io.roa
Signing time:             Tue 11 Apr 2023 15:28:28 +0000
ROA not before:           Tue 11 Apr 2023 15:28:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202422
IP address blocks:        5.188.0.0/24 maxlen: 24
                          5.188.6.0/24 maxlen: 24
                          80.93.209.0/24 maxlen: 24
                          80.93.210.0/24 maxlen: 24
                          5.188.36.0/24 maxlen: 24
                          31.184.206.0/24 maxlen: 24
                          80.93.219.0/24 maxlen: 24
                          80.93.218.0/24 maxlen: 24
                          80.93.214.0/24 maxlen: 24
                          80.93.215.0/24 maxlen: 24
                          80.93.217.0/24 maxlen: 24
                          80.93.223.0/24 maxlen: 24
                          5.188.148.0/24 maxlen: 24
                          87.121.53.0/24 maxlen: 24
                          83.229.4.0/24 maxlen: 24
                          45.80.211.0/24 maxlen: 24
                          45.80.210.0/24 maxlen: 24
                          2.56.223.0/24 maxlen: 24
                          89.43.109.0/24 maxlen: 24
                          5.188.93.0/24 maxlen: 24
                          5.45.184.0/24 maxlen: 24
                          5.45.185.0/24 maxlen: 24
                          79.133.110.0/24 maxlen: 24
                          92.38.187.0/24 maxlen: 24
                          37.9.33.0/24 maxlen: 24
                          37.9.32.0/24 maxlen: 24
                          37.9.35.0/24 maxlen: 24
                          79.133.124.0/24 maxlen: 24
                          89.42.178.0/24 maxlen: 24
                          95.85.71.0/24 maxlen: 24
                          95.85.67.0/24 maxlen: 24
                          139.28.6.0/24 maxlen: 24
                          95.85.76.0/24 maxlen: 24
                          95.85.77.0/24 maxlen: 24
                          92.223.102.0/24 maxlen: 24
                          95.85.91.0/24 maxlen: 24
                          5.189.204.0/24 maxlen: 24
                          5.189.206.0/24 maxlen: 24
                          202.78.168.0/24 maxlen: 24
                          180.149.36.0/24 maxlen: 24
                          180.149.47.0/24 maxlen: 24
                          89.44.194.0/24 maxlen: 24
                          89.44.199.0/24 maxlen: 24
                          45.65.9.0/24 maxlen: 24
                          45.65.11.0/24 maxlen: 24
                          92.223.90.0/24 maxlen: 24
                          92.38.148.0/24 maxlen: 24
                          92.38.155.0/24 maxlen: 24
                          213.156.136.0/24 maxlen: 24
                          213.156.138.0/24 maxlen: 24
                          92.38.160.0/24 maxlen: 24
                          92.38.166.0/24 maxlen: 24
                          213.156.143.0/24 maxlen: 24
                          213.156.145.0/24 maxlen: 24
                          194.99.81.0/24 maxlen: 24
                          213.156.148.0/24 maxlen: 24
                          213.156.147.0/24 maxlen: 24
                          92.38.173.0/24 maxlen: 24
                          92.38.186.0/23 maxlen: 24
                          213.156.155.0/24 maxlen: 24
                          213.156.157.0/24 maxlen: 24
                          92.38.181.0/24 maxlen: 24
                          92.38.184.0/24 maxlen: 24
                          92.38.186.0/24 maxlen: 24
                          92.38.180.0/24 maxlen: 24
                          185.163.1.0/24 maxlen: 24
                          5.8.24.0/24 maxlen: 24
                          5.8.33.0/24 maxlen: 24
                          5.8.41.0/24 maxlen: 24
                          92.38.132.0/24 maxlen: 24
                          5.188.225.0/24 maxlen: 24
                          78.111.105.0/24 maxlen: 24
                          78.111.99.0/24 maxlen: 24
                          78.111.102.0/24 maxlen: 24
                          5.188.230.0/24 maxlen: 24
                          103.215.218.0/24 maxlen: 24
                          217.195.193.0/24 maxlen: 24
                          5.188.169.0/24 maxlen: 24
                          5.188.168.0/24 maxlen: 24
                          5.188.190.0/24 maxlen: 24
                          146.185.236.0/24 maxlen: 24
                          146.185.237.0/24 maxlen: 24
                          146.185.248.0/24 maxlen: 24
                          146.185.250.0/24 maxlen: 24
                          146.185.251.0/24 maxlen: 24
                          92.243.82.0/24 maxlen: 24
                          217.195.205.0/24 maxlen: 24
                          185.101.139.0/24 maxlen: 24
                          146.185.216.0/24 maxlen: 24
                          146.185.217.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 11 Apr 2023 15:47:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:70:ee:c2:3c:a4:8a:7d:4e:4a:36:32:08:7f:cc:19:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
        Validity
            Not Before: Apr 11 15:28:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c3ccc80571b6fd436f194ff8432a312c11baf88a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:62:e9:ab:70:12:1b:e9:a3:ce:79:68:90:d3:
                    9a:78:53:f2:df:43:3b:5c:f4:78:8d:8e:7e:c1:cc:
                    76:05:d7:bb:5a:18:2c:0b:26:66:d8:04:c0:72:b0:
                    61:db:60:00:d4:6e:96:67:d7:c6:1b:33:55:36:df:
                    2c:fc:89:6a:be:c8:a3:32:65:bd:b5:8d:7a:79:49:
                    be:1e:cc:34:1b:1a:18:66:2d:9c:c1:51:28:ce:c6:
                    6e:49:5d:90:3f:a1:d8:cb:d1:ef:89:e9:3e:f6:fd:
                    a5:c4:39:9e:64:66:b1:0b:63:14:ab:7c:0c:03:09:
                    54:bc:c0:69:03:64:fa:d9:f4:4c:31:53:72:bc:7d:
                    73:c3:c3:3f:5c:d4:a1:af:60:bf:8d:73:d9:67:d1:
                    e8:2c:ea:e9:bf:a1:01:22:0f:cf:8f:9c:81:9c:fd:
                    ee:b2:f8:99:d2:58:c1:f9:ae:bf:12:b8:e1:d8:03:
                    0e:ae:77:17:96:cd:de:56:13:6e:d9:4f:17:d8:9d:
                    dc:18:c8:6f:8d:66:8d:74:3e:db:64:38:d0:0b:07:
                    b0:b4:e6:96:c1:07:c2:c5:9b:f8:3b:40:68:85:1f:
                    80:9b:34:c2:7d:e7:6c:a6:b7:2d:ab:cd:0f:ae:87:
                    2a:3a:27:c9:b3:a2:1a:96:4a:8c:de:37:59:5d:d1:
                    ab:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:CC:C8:05:71:B6:FD:43:6F:19:4F:F8:43:2A:31:2C:11:BA:F8:8A
            X509v3 Authority Key Identifier:
                keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/w8zIBXG2_UNvGU_4QyoxLBG6-Io.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.223.0/24
                  5.8.24.0/24
                  5.8.33.0/24
                  5.8.41.0/24
                  5.45.184.0/23
                  5.188.0.0/24
                  5.188.6.0/24
                  5.188.36.0/24
                  5.188.93.0/24
                  5.188.148.0/24
                  5.188.168.0/23
                  5.188.190.0/24
                  5.188.225.0/24
                  5.188.230.0/24
                  5.189.204.0/24
                  5.189.206.0/24
                  31.184.206.0/24
                  37.9.32.0/23
                  37.9.35.0/24
                  45.65.9.0/24
                  45.65.11.0/24
                  45.80.210.0/23
                  78.111.99.0/24
                  78.111.102.0/24
                  78.111.105.0/24
                  79.133.110.0/24
                  79.133.124.0/24
                  80.93.209.0-80.93.210.255
                  80.93.214.0/23
                  80.93.217.0-80.93.219.255
                  80.93.223.0/24
                  83.229.4.0/24
                  87.121.53.0/24
                  89.42.178.0/24
                  89.43.109.0/24
                  89.44.194.0/24
                  89.44.199.0/24
                  92.38.132.0/24
                  92.38.148.0/24
                  92.38.155.0/24
                  92.38.160.0/24
                  92.38.166.0/24
                  92.38.173.0/24
                  92.38.180.0/23
                  92.38.184.0/24
                  92.38.186.0/23
                  92.223.90.0/24
                  92.223.102.0/24
                  92.243.82.0/24
                  95.85.67.0/24
                  95.85.71.0/24
                  95.85.76.0/23
                  95.85.91.0/24
                  103.215.218.0/24
                  139.28.6.0/24
                  146.185.216.0/23
                  146.185.236.0/23
                  146.185.248.0/24
                  146.185.250.0/23
                  180.149.36.0/24
                  180.149.47.0/24
                  185.101.139.0/24
                  185.163.1.0/24
                  194.99.81.0/24
                  202.78.168.0/24
                  213.156.136.0/24
                  213.156.138.0/24
                  213.156.143.0/24
                  213.156.145.0/24
                  213.156.147.0-213.156.148.255
                  213.156.155.0/24
                  213.156.157.0/24
                  217.195.193.0/24
                  217.195.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d7:3e:ff:16:95:46:53:61:23:5c:6b:54:8f:9b:32:78:df:e3:
         a1:40:6d:df:fe:a1:01:61:55:80:78:ec:9e:c1:14:db:6e:05:
         7c:b9:f0:5c:78:26:b1:44:30:85:50:f1:2c:31:14:9d:05:6a:
         19:32:08:3c:74:a4:dd:35:39:eb:65:39:ea:72:44:7f:8e:97:
         df:f9:8d:21:25:22:2b:cd:04:d2:7b:bf:09:72:d1:c4:c2:04:
         ce:bc:94:46:a0:95:ee:dc:46:54:69:5a:92:db:a4:b9:ae:8e:
         dc:4c:fc:19:b8:64:6e:be:66:a2:19:ac:76:a3:25:93:70:a2:
         62:16:e1:ea:c8:68:fe:e1:8f:86:60:59:50:55:74:1a:31:18:
         64:74:c8:80:ed:1e:07:24:9e:d9:af:8b:1d:71:4b:bf:89:80:
         7a:78:0e:f2:a9:ef:17:d5:48:ad:02:1b:0b:22:dc:4b:3e:74:
         e2:d3:05:ae:4f:c7:a2:3a:1c:58:0a:ed:f4:ad:b4:16:5c:ce:
         64:e2:87:cc:29:d8:3a:e8:cd:b3:c5:4a:21:d2:b7:b7:d7:76:
         b0:8f:b4:1c:17:4a:42:d6:7f:30:de:6b:a7:b3:10:ce:29:c1:
         87:ec:e5:27:f1:c8:9b:0e:f9:8c:d0:af:75:2d:32:28:c9:f7:
         4f:8f:42:a9
-----BEGIN CERTIFICATE-----
MIIG1TCCBb2gAwIBAgISAYdw7sI8pIp9Tko2Mgh/zBk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjMwNDExMTUyODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2NjYzgwNTcxYjZmZDQzNmYxOTRmZjg0MzJhMzEyYzExYmFmODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWLpq3ASG+mjznlokNOaeFPy30M7
XPR4jY5+wcx2Bde7WhgsCyZm2ATAcrBh22AA1G6WZ9fGGzNVNt8s/IlqvsijMmW9
tY16eUm+Hsw0GxoYZi2cwVEozsZuSV2QP6HYy9Hviek+9v2lxDmeZGaxC2MUq3wM
AwlUvMBpA2T62fRMMVNyvH1zw8M/XNShr2C/jXPZZ9HoLOrpv6EBIg/Pj5yBnP3u
sviZ0ljB+a6/Erjh2AMOrncXls3eVhNu2U8X2J3cGMhvjWaNdD7bZDjQCwewtOaW
wQfCxZv4O0BohR+AmzTCfedsprctq80ProcqOifJs6IalkqM3jdZXdGrrQIDAQAB
o4ID4TCCA90wHQYDVR0OBBYEFMPMyAVxtv1DbxlP+EMqMSwRuviKMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvdzh6SUJYRzJfVU52R1VfNFF5b3hMQkc2LUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB9QYIKwYBBQUHAQcBAf8EggHkMIIB4DCCAdwEAgABMIIB
1AMEAAI43wMEAAUIGAMEAAUIIQMEAAUIKQMEAQUtuAMEAAW8AAMEAAW8BgMEAAW8
JAMEAAW8XQMEAAW8lAMEAQW8qAMEAAW8vgMEAAW84QMEAAW85gMEAAW9zAMEAAW9
zgMEAB+4zgMEASUJIAMEACUJIwMEAC1BCQMEAC1BCwMEAS1Q0gMEAE5vYwMEAE5v
ZgMEAE5vaQMEAE+FbgMEAE+FfDAMAwQAUF3RAwQAUF3SAwQBUF3WMAwDBABQXdkD
BAJQXdgDBABQXd8DBABT5QQDBABXeTUDBABZKrIDBABZK20DBABZLMIDBABZLMcD
BABcJoQDBABcJpQDBABcJpsDBABcJqADBABcJqYDBABcJq0DBAFcJrQDBABcJrgD
BAFcJroDBABc31oDBABc32YDBABc81IDBABfVUMDBABfVUcDBAFfVUwDBABfVVsD
BABn19oDBACLHAYDBAGSudgDBAGSuewDBACSufgDBAGSufoDBAC0lSQDBAC0lS8D
BAC5ZYsDBAC5owEDBADCY1EDBADKTqgDBADVnIgDBADVnIoDBADVnI8DBADVnJEw
DAMEANWckwMEANWclAMEANWcmwMEANWcnQMEANnDwQMEANnDzTANBgkqhkiG9w0B
AQsFAAOCAQEA1z7/FpVGU2EjXGtUj5syeN/joUBt3/6hAWFVgHjsnsEU224FfLnw
XHgmsUQwhVDxLDEUnQVqGTIIPHSk3TU562U56nJEf46X3/mNISUiK80E0nu/CXLR
xMIEzryURqCV7txGVGlaktukua6O3Ez8Gbhkbr5mohmsdqMlk3CiYhbh6sho/uGP
hmBZUFV0GjEYZHTIgO0eBySe2a+LHXFLv4mAengO8qnvF9VIrQIbCyLcSz504tMF
rk/HojocWArt9K20FlzOZOKHzCnYOujNs8VKIdK3t9d2sI+0HBdKQtZ/MN5rp7MQ
zinBh+zlJ/HImw75jNCvdS0yKMn3T49CqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:35 2024 by rpki-client on console-fra.rpki-client.org