Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/hCdh3A-YwTN37H1zIpUieClGdyE.roa
File:                     hCdh3A-YwTN37H1zIpUieClGdyE.roa (raw, json)
Hash identifier:          HzBYODqnaa4y1jalxOE5wQQKcCXXF4ry4H4/D62f/EA=
Subject key identifier:   84:27:61:DC:0F:98:C1:33:77:EC:7D:73:22:95:22:78:29:46:77:21
Certificate issuer:       /CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
Certificate serial:       0186032B81BF3249F6B82315EF64F236B686
Authority key identifier: E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/hCdh3A-YwTN37H1zIpUieClGdyE.roa
Signing time:             Mon 30 Jan 2023 14:53:48 +0000
ROA not before:           Mon 30 Jan 2023 14:53:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36692
IP address blocks:        185.60.84.0/23 maxlen: 24
                          185.60.86.0/24 maxlen: 24
                          185.60.87.0/24 maxlen: 24
                          146.112.60.0/24 maxlen: 24
                          146.112.10.0/24 maxlen: 24
                          146.112.41.0/24 maxlen: 24
                          146.112.170.0/24 maxlen: 24
                          146.112.174.0/24 maxlen: 24
                          146.112.187.0/24 maxlen: 24
                          146.112.131.0/24 maxlen: 24
                          146.112.132.0/24 maxlen: 24
                          146.112.128.0/24 maxlen: 24
                          146.112.129.0/24 maxlen: 24
                          146.112.130.0/24 maxlen: 24
                          146.112.133.0/24 maxlen: 24
                          146.112.134.0/24 maxlen: 24
                          146.112.135.0/24 maxlen: 24
                          146.112.136.0/24 maxlen: 24
                          146.112.137.0/24 maxlen: 24
                          146.112.138.0/24 maxlen: 24
                          146.112.139.0/24 maxlen: 24
                          155.190.192.0/24 maxlen: 24
                          155.190.193.0/24 maxlen: 24
                          155.190.194.0/24 maxlen: 24
                          155.190.195.0/24 maxlen: 24
                          155.190.196.0/24 maxlen: 24
                          155.190.197.0/24 maxlen: 24
                          155.190.201.0/24 maxlen: 24
                          155.190.202.0/24 maxlen: 24
                          155.190.203.0/24 maxlen: 24
                          155.190.232.0/24 maxlen: 24
                          155.190.238.0/24 maxlen: 24
                          155.190.28.0/24 maxlen: 24
                          155.190.29.0/24 maxlen: 24
                          155.190.38.0/24 maxlen: 24
                          155.190.32.0/24 maxlen: 24
                          155.190.33.0/24 maxlen: 24
                          155.190.34.0/24 maxlen: 24
                          155.190.35.0/24 maxlen: 24
                          155.190.36.0/24 maxlen: 24
                          155.190.37.0/24 maxlen: 24
                          155.190.39.0/24 maxlen: 24
                          155.190.40.0/24 maxlen: 24
                          155.190.41.0/24 maxlen: 24
                          155.190.42.0/24 maxlen: 24
                          155.190.43.0/24 maxlen: 24
                          155.190.44.0/24 maxlen: 24
                          155.190.45.0/24 maxlen: 24
                          155.190.46.0/24 maxlen: 24
                          155.190.47.0/24 maxlen: 24
                          155.190.48.0/24 maxlen: 24
                          155.190.49.0/24 maxlen: 24
                          155.190.50.0/24 maxlen: 24
                          155.190.51.0/24 maxlen: 24
                          155.190.53.0/24 maxlen: 24
                          155.190.54.0/24 maxlen: 24
                          155.190.55.0/24 maxlen: 24
                          155.190.0.0/24 maxlen: 24
                          155.190.4.0/24 maxlen: 24
                          155.190.3.0/24 maxlen: 24
                          155.190.1.0/24 maxlen: 24
                          155.190.2.0/24 maxlen: 24
                          155.190.8.0/24 maxlen: 24
                          155.190.9.0/24 maxlen: 24
                          155.190.15.0/24 maxlen: 24
                          155.190.17.0/24 maxlen: 24
                          155.190.18.0/24 maxlen: 24
                          155.190.19.0/24 maxlen: 24
                          155.190.20.0/24 maxlen: 24
                          155.190.21.0/24 maxlen: 24
                          155.190.22.0/24 maxlen: 24
                          2a04:e4c0:25::/48 maxlen: 48
                          2a04:e4c0:14::/48 maxlen: 48
                          2a04:e4c0:22::/48 maxlen: 48
                          2a04:e4c0:11::/48 maxlen: 48
                          2a04:e4c0:47::/48 maxlen: 48
                          2a04:e4c0:55::/48 maxlen: 48
                          2a04:e4c0:30::/48 maxlen: 48
                          2a04:e4c0:44::/48 maxlen: 48
                          2a04:e4c7:fffd::/48 maxlen: 48
                          2a04:e4c0:52::/48 maxlen: 48
                          2a04:e4c4:3::/48 maxlen: 48
                          2a04:e4c0:63::/48 maxlen: 48
                          2a04:e4c0:41::/48 maxlen: 48
                          2a04:e4c0:60::/48 maxlen: 48
                          2a04:e4c0:13::/48 maxlen: 48
                          2a04:e4c0:16::/48 maxlen: 48
                          2a04:e4c7:ffff::/48 maxlen: 48
                          2a04:e4c0:10::/48 maxlen: 48
                          2a04:e4c0:49::/48 maxlen: 48
                          2a04:e4c0:24::/48 maxlen: 48
                          2a04:e4c0:43::/48 maxlen: 48
                          2a04:e4c0:46::/48 maxlen: 48
                          2a04:e4c0:21::/48 maxlen: 48
                          2a04:e4c0:40::/48 maxlen: 48
                          2a04:e4c7:fffe::/48 maxlen: 48
                          2a04:e4c4:1::/48 maxlen: 48
                          2a04:e4c0:54::/48 maxlen: 48
                          2a04:e4c0:62::/48 maxlen: 48
                          2a04:e4c0:18::/48 maxlen: 48
                          2a04:e4c4:4::/48 maxlen: 48
                          2a04:e4c0:51::/48 maxlen: 48
                          2a04:e4c0:15::/48 maxlen: 48
                          2a04:e4c0:12::/48 maxlen: 48
                          2a04:e4c0:48::/48 maxlen: 48
                          2a04:e4c0:23::/48 maxlen: 48
                          2a04:e4c0:45::/48 maxlen: 48
                          2a04:e4c0:20::/48 maxlen: 48
                          2a04:e4c0:59::/48 maxlen: 48
                          2a04:e4c0:42::/48 maxlen: 48
                          2a04:e4c0:53::/48 maxlen: 48
                          2a04:e4c0:56::/48 maxlen: 48
                          2a04:e4c0:31::/48 maxlen: 48
                          2a04:e4c0:64::/48 maxlen: 48
                          2a04:e4c4:2::/48 maxlen: 48
                          2a04:e4c0:61::/48 maxlen: 48
                          2a04:e4c0:17::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 01 Feb 2023 19:58:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:03:2b:81:bf:32:49:f6:b8:23:15:ef:64:f2:36:b6:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
        Validity
            Not Before: Jan 30 14:53:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=842761dc0f98c13377ec7d732295227829467721
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:b7:4b:c2:ba:aa:fa:19:db:6f:42:f0:69:6c:
                    7c:ae:16:da:b7:38:c0:3c:00:ed:86:33:6c:7a:06:
                    9c:fc:95:14:fb:39:4b:9b:11:f3:26:23:16:49:46:
                    25:7f:2a:6a:10:4d:42:e8:1a:de:10:60:d8:e2:a0:
                    75:9d:8b:fe:36:6b:d3:53:ac:fd:59:84:a9:86:14:
                    b6:70:2c:f1:1e:24:c3:67:a5:e8:87:91:5c:ef:b8:
                    7c:49:4e:a7:36:f7:9b:ad:77:cb:32:af:61:d7:6e:
                    91:80:64:2a:c4:c7:dd:00:de:c2:28:a6:28:29:8d:
                    43:fb:42:56:84:9f:5f:31:14:fb:d9:d0:8f:3e:7d:
                    41:d4:e7:ca:03:64:b3:ca:96:4c:87:ca:2e:d6:b8:
                    89:8f:44:25:f5:a0:11:d6:2e:7e:e1:fc:9a:be:40:
                    07:06:24:3d:51:3d:87:90:d1:d8:c6:58:1c:b8:d6:
                    b5:c5:34:cd:5e:b6:66:26:48:79:00:56:3d:3d:c8:
                    c0:05:39:43:2c:a6:6c:96:d6:2f:9f:74:1b:46:95:
                    5b:c8:0c:43:6a:43:f8:3d:ef:44:74:25:15:28:6e:
                    a2:ee:66:89:58:cc:cb:fc:5d:9d:88:0e:39:fb:42:
                    44:77:d6:3e:0b:1d:fd:a7:44:af:ba:e0:22:0e:32:
                    6c:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:27:61:DC:0F:98:C1:33:77:EC:7D:73:22:95:22:78:29:46:77:21
            X509v3 Authority Key Identifier:
                keyid:E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/hCdh3A-YwTN37H1zIpUieClGdyE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.112.10.0/24
                  146.112.41.0/24
                  146.112.60.0/24
                  146.112.128.0-146.112.139.255
                  146.112.170.0/24
                  146.112.174.0/24
                  146.112.187.0/24
                  155.190.0.0-155.190.4.255
                  155.190.8.0/23
                  155.190.15.0/24
                  155.190.17.0-155.190.22.255
                  155.190.28.0/23
                  155.190.32.0-155.190.51.255
                  155.190.53.0-155.190.55.255
                  155.190.192.0-155.190.197.255
                  155.190.201.0-155.190.203.255
                  155.190.232.0/24
                  155.190.238.0/24
                  185.60.84.0/22
                IPv6:
                  2a04:e4c0:10::-2a04:e4c0:18:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:20::-2a04:e4c0:25:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:30::/47
                  2a04:e4c0:40::-2a04:e4c0:49:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:51::-2a04:e4c0:56:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c0:59::/48
                  2a04:e4c0:60::-2a04:e4c0:64:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c4:1::-2a04:e4c4:4:ffff:ffff:ffff:ffff:ffff
                  2a04:e4c7:fffd::-2a04:e4c7:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         12:33:fa:ed:5b:ba:4a:66:71:6d:7a:9d:1d:d7:a6:23:45:04:
         bb:09:7a:86:c2:8d:83:00:06:d9:e5:e7:93:52:02:4c:50:14:
         31:91:af:01:0d:94:5b:78:55:c7:0b:fe:28:2a:61:04:87:a3:
         e1:28:34:9b:60:16:24:78:7d:ef:19:d4:74:6c:9a:70:58:b6:
         4e:a2:da:52:df:bc:6f:1a:1f:8e:fe:4f:4c:a4:3a:5c:4a:16:
         0f:80:fb:de:53:1f:ba:af:15:72:1e:72:92:8b:8d:36:f1:3f:
         ad:53:8f:db:8f:33:09:6c:c2:ea:54:fc:99:bc:ef:21:f7:4f:
         bd:6d:7a:e0:e7:2c:57:b2:4f:41:17:f2:4d:a0:8f:32:08:3c:
         2d:23:ae:d3:74:f2:31:00:f2:1f:96:3f:b7:a7:a8:57:15:c0:
         e0:fd:85:f9:7c:61:ac:07:52:05:af:ae:4c:82:40:e8:f5:61:
         b9:2f:85:91:fa:ae:d3:ab:bf:d5:57:28:ea:4f:d0:e3:39:c4:
         d5:10:14:d7:1d:0d:61:ff:5c:f1:4f:14:84:7b:8f:eb:79:8e:
         ca:f1:8f:9a:fd:40:a6:6d:0b:cf:a3:dd:18:51:30:13:ff:61:
         bb:21:48:ea:b9:f1:b0:09:7a:b0:9e:ba:ba:33:5d:01:c7:a8:
         51:af:f1:57
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgISAYYDK4G/Mkn2uCMV72TyNraGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTMzZGNhZjJiMWViZjVkYWRlNWEzM2FhMWIyZmI5OWQy
Njg5YmEwHhcNMjMwMTMwMTQ1MzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDI3NjFkYzBmOThjMTMzNzdlYzdkNzMyMjk1MjI3ODI5NDY3NzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrdLwrqq+hnbb0LwaWx8rhbatzjA
PADthjNsegac/JUU+zlLmxHzJiMWSUYlfypqEE1C6BreEGDY4qB1nYv+NmvTU6z9
WYSphhS2cCzxHiTDZ6Xoh5Fc77h8SU6nNvebrXfLMq9h126RgGQqxMfdAN7CKKYo
KY1D+0JWhJ9fMRT72dCPPn1B1OfKA2SzypZMh8ou1riJj0Ql9aAR1i5+4fyavkAH
BiQ9UT2HkNHYxlgcuNa1xTTNXrZmJkh5AFY9PcjABTlDLKZsltYvn3QbRpVbyAxD
akP4Pe9EdCUVKG6i7maJWMzL/F2diA45+0JEd9Y+Cx39p0SvuuAiDjJsRwIDAQAB
o4IDWjCCA1YwHQYDVR0OBBYEFIQnYdwPmMEzd+x9cyKVIngpRnchMB8GA1UdIwQY
MBaAFOcTPcrysev12t5aM6obL7mdJom6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUt
MTljZTQ2YTQyZmE0LzEvaENkaDNBLVl3VE4zN0gxeklwVWllQ2xHZHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUtMTljZTQ2YTQyZmE0
LzEvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbgYIKwYBBQUHAQcBAf8EggFdMIIBWTCBsAQCAAEwgakD
BACScAoDBACScCkDBACScDwwDAMEB5JwgAMEApJwiAMEAJJwqgMEAJJwrgMEAJJw
uzALAwMBm74DBACbvgQDBAGbvggDBACbvg8wDAMEAJu+EQMEAJu+FgMEAZu+HDAM
AwQFm74gAwQCm74wMAwDBACbvjUDBAObvjAwDAMEBpu+wAMEAZu+xDAMAwQAm77J
AwQCm77IAwQAm77oAwQAm77uAwQCuTxUMIGjBAIAAjCBnDASAwcEKgTkwAAQAwcA
KgTkwAAYMBIDBwUqBOTAACADBwEqBOTAACQDBwEqBOTAADAwEgMHBioE5MAAQAMH
ASoE5MAASDASAwcAKgTkwABRAwcAKgTkwABWAwcAKgTkwABZMBIDBwUqBOTAAGAD
BwAqBOTAAGQwEgMHACoE5MQAAQMHACoE5MQABDAQAwcAKgTkx//9AwUDKgTkwDAN
BgkqhkiG9w0BAQsFAAOCAQEAEjP67Vu6SmZxbXqdHdemI0UEuwl6hsKNgwAG2eXn
k1ICTFAUMZGvAQ2UW3hVxwv+KCphBIej4Sg0m2AWJHh97xnUdGyacFi2TqLaUt+8
bxofjv5PTKQ6XEoWD4D73lMfuq8Vch5ykouNNvE/rVOP248zCWzC6lT8mbzvIfdP
vW164OcsV7JPQRfyTaCPMgg8LSOu03TyMQDyH5Y/t6eoVxXA4P2F+XxhrAdSBa+u
TIJA6PVhuS+Fkfqu06u/1Vco6k/Q4znE1RAU1x0NYf9c8U8UhHuP63mOyvGPmv1A
pm0Lz6PdGFEwE/9huyFI6rnxsAl6sJ66ujNdAceoUa/xVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:55 2024 by rpki-client on console-ams.rpki-client.org