Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/4MwzghqfdaR7yFIU59306dBgKFk.roa
File:                     4MwzghqfdaR7yFIU59306dBgKFk.roa (raw, json)
Hash identifier:          CxJ6QpEua0lM57V4/Hkgs3U8k6NjKEftOGPKBHYbXs8=
Subject key identifier:   E0:CC:33:82:1A:9F:75:A4:7B:C8:52:14:E7:DD:F4:E9:D0:60:28:59
Certificate issuer:       /CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Certificate serial:       018CC8015D81973243F837F942311C8761F4
Authority key identifier: A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/4MwzghqfdaR7yFIU59306dBgKFk.roa
Signing time:             Tue 02 Jan 2024 02:29:41 +0000
ROA not before:           Tue 02 Jan 2024 02:29:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202087
IP address blocks:        185.83.148.0/23 maxlen: 23
                          185.83.150.0/23 maxlen: 23
                          94.26.98.0/23 maxlen: 23
                          94.26.97.0/24 maxlen: 24
                          94.26.95.0/24 maxlen: 24
                          94.26.93.0/24 maxlen: 24
                          94.26.101.0/24 maxlen: 24
                          94.26.103.0/24 maxlen: 24
                          94.26.109.0/24 maxlen: 24
                          104.255.128.0/21 maxlen: 21
                          185.75.80.0/22 maxlen: 22
                          185.49.216.0/22 maxlen: 22
                          153.94.56.0/21 maxlen: 21
                          185.94.78.0/23 maxlen: 23
                          185.94.76.0/23 maxlen: 23
                          45.94.8.0/22 maxlen: 24
                          185.9.212.0/22 maxlen: 22
                          192.190.168.0/22 maxlen: 22
                          94.190.197.0/24 maxlen: 24
                          94.190.196.0/22 maxlen: 22
                          94.190.196.0/24 maxlen: 24
                          94.190.199.0/24 maxlen: 24
                          94.190.198.0/24 maxlen: 24
                          45.89.212.0/22 maxlen: 22
                          2a03:50c0:1000::/36 maxlen: 36
                          2a03:50c0:3300::/40 maxlen: 40

Validation:               Failed, certificate revoked on Wed 13 Nov 2024 08:36:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:5d:81:97:32:43:f8:37:f9:42:31:1c:87:61:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
        Validity
            Not Before: Jan  2 02:29:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e0cc33821a9f75a47bc85214e7ddf4e9d0602859
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:dc:a4:78:2c:19:52:e9:08:af:91:b0:b1:e6:
                    52:6f:b1:5b:a1:04:4a:94:50:b6:56:99:9b:b2:dc:
                    64:9f:d2:d1:75:f6:6d:24:b6:d8:42:8a:2f:3e:e6:
                    6f:fe:b7:cd:16:0e:88:5c:37:d1:c3:b8:7b:4e:95:
                    54:48:52:e8:fc:72:a8:23:8c:9e:35:74:3c:a0:06:
                    df:49:a6:c4:aa:c4:48:79:5f:af:e7:75:46:94:b0:
                    dd:87:62:65:16:b9:b9:1b:05:1d:a6:74:46:1e:20:
                    ff:3d:e7:c6:9d:f7:7e:7c:64:78:ca:f8:4f:62:c6:
                    7e:59:65:f9:3b:b9:68:f0:1b:8f:d4:57:62:06:f6:
                    be:f0:4d:22:5f:2b:cb:73:75:b3:9c:4c:d9:59:e1:
                    a6:fc:7f:ce:7a:7a:e2:32:66:63:18:96:ff:c3:b4:
                    af:83:a4:af:34:ed:48:c9:8c:04:02:e4:41:2b:14:
                    8d:a4:5d:e2:1e:ad:8b:64:3a:5e:54:11:30:96:3b:
                    1a:20:39:a8:e7:41:5f:02:48:bd:a5:21:8b:b3:ad:
                    63:96:f1:3d:d2:48:2a:a0:1d:91:38:0f:5e:66:47:
                    25:27:36:26:e1:41:f4:a4:a2:86:5f:62:df:9a:59:
                    0e:21:33:6d:98:7a:b0:74:f8:19:ff:29:b8:20:68:
                    0f:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:CC:33:82:1A:9F:75:A4:7B:C8:52:14:E7:DD:F4:E9:D0:60:28:59
            X509v3 Authority Key Identifier:
                keyid:A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/4MwzghqfdaR7yFIU59306dBgKFk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.212.0/22
                  45.94.8.0/22
                  94.26.93.0/24
                  94.26.95.0/24
                  94.26.97.0-94.26.99.255
                  94.26.101.0/24
                  94.26.103.0/24
                  94.26.109.0/24
                  94.190.196.0/22
                  104.255.128.0/21
                  153.94.56.0/21
                  185.9.212.0/22
                  185.49.216.0/22
                  185.75.80.0/22
                  185.83.148.0/22
                  185.94.76.0/22
                  192.190.168.0/22
                IPv6:
                  2a03:50c0:1000::/36
                  2a03:50c0:3300::/40

    Signature Algorithm: sha256WithRSAEncryption
         22:21:63:71:bf:d3:a4:05:48:4f:5b:9a:c0:fd:dc:d3:10:de:
         c9:6d:97:58:e4:21:b6:cb:06:7e:d7:24:d7:69:6d:4d:bc:95:
         46:cc:00:89:fb:32:eb:d1:fb:f9:ee:bb:d1:0f:47:dd:64:1c:
         c5:e0:5c:e2:a7:bc:b0:7a:f8:63:86:df:94:b0:e4:e9:81:31:
         74:4a:2f:44:68:d4:d4:ad:c7:a6:6e:07:48:07:9b:6a:6d:51:
         60:00:79:9a:63:dd:c3:b9:3a:84:62:3d:97:17:ed:b2:85:bb:
         23:bc:00:e8:46:25:f0:6a:2b:f3:d5:97:c9:28:fb:fe:74:bb:
         39:e1:1c:93:93:37:d2:a8:e4:76:12:1e:cd:a2:37:51:5d:39:
         32:97:f6:2e:49:41:d1:93:c4:6f:f3:58:bb:ad:85:5c:95:b1:
         79:70:df:75:a9:05:fa:c8:54:f5:79:84:a3:88:51:98:d1:51:
         ea:93:09:a0:e5:56:2e:4e:0e:40:66:86:e2:04:03:ad:d7:dc:
         57:50:56:af:32:43:89:ca:47:ff:a8:e9:78:e4:67:0b:52:1f:
         33:1a:ea:75:32:73:84:45:63:13:40:97:ec:43:6a:4c:06:d7:
         a4:f7:a1:ae:11:e3:2f:a7:f9:aa:ed:16:c9:a5:7b:0d:7f:af:
         54:17:fd:c2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYzIAV2BlzJD+Df5QjEch2H0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OWM0ZTBjZjVjOGRiYmI2YTY3Y2YxZGEyZjMxZjQxNjI3
NDlmZGQwHhcNMjQwMTAyMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNjMzM4MjFhOWY3NWE0N2JjODUyMTRlN2RkZjRlOWQwNjAyODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtykeCwZUukIr5GwseZSb7FboQRK
lFC2Vpmbstxkn9LRdfZtJLbYQoovPuZv/rfNFg6IXDfRw7h7TpVUSFLo/HKoI4ye
NXQ8oAbfSabEqsRIeV+v53VGlLDdh2JlFrm5GwUdpnRGHiD/PefGnfd+fGR4yvhP
YsZ+WWX5O7lo8BuP1FdiBva+8E0iXyvLc3WznEzZWeGm/H/OenriMmZjGJb/w7Sv
g6SvNO1IyYwEAuRBKxSNpF3iHq2LZDpeVBEwljsaIDmo50FfAki9pSGLs61jlvE9
0kgqoB2ROA9eZkclJzYm4UH0pKKGX2LfmlkOITNtmHqwdPgZ/ym4IGgPAwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFODMM4Ian3Wke8hSFOfd9OnQYChZMB8GA1UdIwQY
MBaAFKScTgz1yNu7amfPHaLzH0FidJ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMt
ODhlZDhkNzcxN2E0LzEvNE13emdocWZkYVI3eUZJVTU5MzA2ZEJnS0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMtODhlZDhkNzcxN2E0
LzEvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB0BAIAATBuAwQCLVnU
AwQCLV4IAwQAXhpdAwQAXhpfMAwDBABeGmEDBAJeGmADBABeGmUDBABeGmcDBABe
Gm0DBAJevsQDBANo/4ADBAOZXjgDBAK5CdQDBAK5MdgDBAK5S1ADBAK5U5QDBAK5
XkwDBALAvqgwFgQCAAIwEAMGBCoDUMAQAwYAKgNQwDMwDQYJKoZIhvcNAQELBQAD
ggEBACIhY3G/06QFSE9bmsD93NMQ3sltl1jkIbbLBn7XJNdpbU28lUbMAIn7MuvR
+/nuu9EPR91kHMXgXOKnvLB6+GOG35Sw5OmBMXRKL0Ro1NStx6ZuB0gHm2ptUWAA
eZpj3cO5OoRiPZcX7bKFuyO8AOhGJfBqK/PVl8ko+/50uznhHJOTN9Ko5HYSHs2i
N1FdOTKX9i5JQdGTxG/zWLuthVyVsXlw33WpBfrIVPV5hKOIUZjRUeqTCaDlVi5O
DkBmhuIEA63X3FdQVq8yQ4nKR/+o6XjkZwtSHzMa6nUyc4RFYxNAl+xDakwG16T3
oa4R4y+n+artFsmlew1/r1QX/cI=
-----END CERTIFICATE-----
Generated at Wed Nov 13 11:26:55 2024 by rpki-client on console-ams.rpki-client.org