Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/OvbsodTCiUTAckyRTc37vzJMUtI.roa
File:                     OvbsodTCiUTAckyRTc37vzJMUtI.roa (raw, json)
Hash identifier:          Dvu1ia2zktmjuCoiuRWDtE8VTSJf/FAxGwa49+dKmw4=
Subject key identifier:   3A:F6:EC:A1:D4:C2:89:44:C0:72:4C:91:4D:CD:FB:BF:32:4C:52:D2
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018F86A709AF8D62442E0868B572D74EBDC4
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/OvbsodTCiUTAckyRTc37vzJMUtI.roa
Signing time:             Fri 17 May 2024 13:04:04 +0000
ROA not before:           Fri 17 May 2024 13:04:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58061
IP address blocks:        2.56.112.0/24 maxlen: 24
                          2.56.113.0/24 maxlen: 24
                          5.183.128.0/24 maxlen: 24
                          31.222.248.0/24 maxlen: 24
                          45.157.136.0/24 maxlen: 24
                          62.68.83.0/24 maxlen: 24
                          62.68.86.0/24 maxlen: 24
                          62.68.87.0/24 maxlen: 24
                          62.204.36.0/24 maxlen: 24
                          62.204.57.0/24 maxlen: 24
                          62.233.35.0/24 maxlen: 24
                          62.233.45.0/24 maxlen: 24
                          62.233.49.0/24 maxlen: 24
                          62.233.56.0/24 maxlen: 24
                          62.233.60.0/24 maxlen: 24
                          80.68.145.0/24 maxlen: 24
                          80.68.158.0/24 maxlen: 24
                          80.91.209.0/24 maxlen: 24
                          80.91.210.0/24 maxlen: 24
                          91.213.117.0/24 maxlen: 24
                          91.226.247.0/24 maxlen: 24
                          91.242.225.0/24 maxlen: 24
                          91.242.227.0/24 maxlen: 24
                          91.242.236.0/24 maxlen: 24
                          91.242.238.0/24 maxlen: 24
                          93.177.104.0/24 maxlen: 24
                          93.177.105.0/24 maxlen: 24
                          94.143.226.0/24 maxlen: 24
                          94.158.191.0/24 maxlen: 24
                          130.193.79.0/24 maxlen: 24
                          130.255.169.0/24 maxlen: 24
                          146.19.108.0/24 maxlen: 24
                          146.19.137.0/24 maxlen: 24
                          146.19.148.0/24 maxlen: 24
                          146.19.150.0/24 maxlen: 24
                          146.19.152.0/24 maxlen: 24
                          146.19.185.0/24 maxlen: 24
                          146.19.187.0/24 maxlen: 24
                          146.19.190.0/24 maxlen: 24
                          146.19.194.0/24 maxlen: 24
                          176.56.37.0/24 maxlen: 24
                          176.56.38.0/24 maxlen: 24
                          178.211.140.0/24 maxlen: 24
                          185.122.206.0/24 maxlen: 24
                          185.140.172.0/24 maxlen: 24
                          185.155.101.0/24 maxlen: 24
                          185.198.153.0/24 maxlen: 24
                          185.218.1.0/24 maxlen: 24
                          185.232.47.0/24 maxlen: 24
                          193.3.22.0/24 maxlen: 24
                          193.141.53.0/24 maxlen: 24
                          193.239.209.0/24 maxlen: 24
                          194.26.216.0/24 maxlen: 24
                          194.26.221.0/24 maxlen: 24
                          194.32.243.0/24 maxlen: 24
                          195.64.106.0/24 maxlen: 24
                          195.64.109.0/24 maxlen: 24
                          195.64.110.0/24 maxlen: 24
                          195.64.112.0/24 maxlen: 24
                          195.64.114.0/24 maxlen: 24
                          195.64.117.0/24 maxlen: 24
                          195.93.249.0/24 maxlen: 24
                          195.96.136.0/24 maxlen: 24
                          195.96.146.0/24 maxlen: 24
                          195.96.148.0/24 maxlen: 24
                          195.96.155.0/24 maxlen: 24
                          195.96.157.0/24 maxlen: 24
                          212.18.96.0/24 maxlen: 24
                          212.18.103.0/24 maxlen: 24
                          212.52.5.0/24 maxlen: 24
                          217.114.32.0/24 maxlen: 24
                          217.119.130.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 May 2024 12:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a7:09:af:8d:62:44:2e:08:68:b5:72:d7:4e:bd:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: May 17 13:04:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3af6eca1d4c28944c0724c914dcdfbbf324c52d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ee:77:07:7e:fd:95:22:22:94:4d:3d:7b:2c:
                    bb:85:10:a4:6d:49:3c:1d:85:27:00:86:63:76:52:
                    40:2b:c3:27:20:9c:19:ba:13:59:4a:2b:47:dc:aa:
                    11:af:0e:8c:31:ab:08:a7:d0:70:40:14:fe:16:00:
                    b4:ba:71:ec:42:57:e3:78:ab:d3:2c:0a:44:a2:9f:
                    46:6c:db:60:68:69:7d:02:d2:9d:43:c8:13:da:0f:
                    32:5f:62:6f:57:10:92:c5:a9:14:6c:b7:97:1f:25:
                    11:73:83:c5:c3:b2:b6:fc:40:e0:d5:50:ac:8e:16:
                    d4:4c:aa:89:f1:26:17:64:79:20:d9:67:78:7a:41:
                    c1:79:dc:43:f3:ca:da:43:5a:3c:e6:5b:f3:c8:25:
                    25:9d:23:9e:9e:5c:09:6a:ba:39:15:54:3b:ac:93:
                    26:5a:ed:45:ba:d9:66:7f:73:56:68:ba:9e:1e:cd:
                    1a:cb:ad:47:01:2c:c5:a4:ab:a8:5b:d5:c0:b8:1a:
                    3e:1f:fb:b0:68:87:d2:f9:8f:2d:dd:ea:43:a6:22:
                    4b:54:76:47:ed:f7:f9:10:9c:fd:9a:43:f1:fc:a8:
                    f9:c0:f4:03:d5:7c:b0:35:31:22:47:14:ec:05:18:
                    04:28:d1:bd:a4:c9:7f:fc:72:5a:7f:42:f4:e3:d7:
                    ad:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:F6:EC:A1:D4:C2:89:44:C0:72:4C:91:4D:CD:FB:BF:32:4C:52:D2
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/OvbsodTCiUTAckyRTc37vzJMUtI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.112.0/23
                  5.183.128.0/24
                  31.222.248.0/24
                  45.157.136.0/24
                  62.68.83.0/24
                  62.68.86.0/23
                  62.204.36.0/24
                  62.204.57.0/24
                  62.233.35.0/24
                  62.233.45.0/24
                  62.233.49.0/24
                  62.233.56.0/24
                  62.233.60.0/24
                  80.68.145.0/24
                  80.68.158.0/24
                  80.91.209.0-80.91.210.255
                  91.213.117.0/24
                  91.226.247.0/24
                  91.242.225.0/24
                  91.242.227.0/24
                  91.242.236.0/24
                  91.242.238.0/24
                  93.177.104.0/23
                  94.143.226.0/24
                  94.158.191.0/24
                  130.193.79.0/24
                  130.255.169.0/24
                  146.19.108.0/24
                  146.19.137.0/24
                  146.19.148.0/24
                  146.19.150.0/24
                  146.19.152.0/24
                  146.19.185.0/24
                  146.19.187.0/24
                  146.19.190.0/24
                  146.19.194.0/24
                  176.56.37.0-176.56.38.255
                  178.211.140.0/24
                  185.122.206.0/24
                  185.140.172.0/24
                  185.155.101.0/24
                  185.198.153.0/24
                  185.218.1.0/24
                  185.232.47.0/24
                  193.3.22.0/24
                  193.141.53.0/24
                  193.239.209.0/24
                  194.26.216.0/24
                  194.26.221.0/24
                  194.32.243.0/24
                  195.64.106.0/24
                  195.64.109.0-195.64.110.255
                  195.64.112.0/24
                  195.64.114.0/24
                  195.64.117.0/24
                  195.93.249.0/24
                  195.96.136.0/24
                  195.96.146.0/24
                  195.96.148.0/24
                  195.96.155.0/24
                  195.96.157.0/24
                  212.18.96.0/24
                  212.18.103.0/24
                  212.52.5.0/24
                  217.114.32.0/24
                  217.119.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:a4:a1:07:2e:d8:f3:cc:0f:3b:13:9f:15:eb:3c:74:f7:66:
         b2:55:cf:7c:fc:a9:bb:09:ec:4f:f4:09:4d:b9:81:ab:41:d2:
         a4:38:93:95:97:7e:43:95:8d:3c:a6:56:ec:a8:ee:bb:06:33:
         a0:ba:40:e1:dc:ac:c1:38:08:c0:1b:6d:85:ee:1b:d0:4a:c2:
         5a:1b:16:1f:fb:51:01:4e:c1:da:11:e9:03:d4:eb:08:79:75:
         60:00:2a:7f:96:17:75:1a:96:b3:c0:5f:28:e2:a7:9a:ee:4b:
         0d:51:b8:f1:45:b5:3a:ae:bc:18:da:61:86:95:54:8a:69:8c:
         38:cf:f3:b0:ee:a8:e7:06:a0:bd:53:6a:1d:1d:c4:6c:64:b1:
         52:67:67:57:ed:c8:43:c1:ba:3a:52:68:0f:78:82:19:4f:ad:
         51:45:16:b2:75:b1:25:b9:5f:df:af:bb:3b:c4:41:d7:5f:31:
         0a:63:74:c3:7c:3b:f9:4b:f2:f6:c4:c3:24:27:c1:72:ab:e8:
         7d:96:9a:18:a8:99:ea:32:87:f9:06:e1:13:aa:fd:6e:bc:88:
         43:ec:88:0d:5a:47:df:ea:e5:a1:9a:c0:52:c3:a3:42:36:09:
         33:69:1b:1d:68:ea:6a:58:12:12:f8:dd:98:d5:ee:71:f9:cb:
         7b:5e:6a:cc
-----BEGIN CERTIFICATE-----
MIIGpTCCBY2gAwIBAgISAY+GpwmvjWJELghotXLXTr3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNTE3MTMwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWY2ZWNhMWQ0YzI4OTQ0YzA3MjRjOTE0ZGNkZmJiZjMyNGM1MmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+53B379lSIilE09eyy7hRCkbUk8
HYUnAIZjdlJAK8MnIJwZuhNZSitH3KoRrw6MMasIp9BwQBT+FgC0unHsQlfjeKvT
LApEop9GbNtgaGl9AtKdQ8gT2g8yX2JvVxCSxakUbLeXHyURc4PFw7K2/EDg1VCs
jhbUTKqJ8SYXZHkg2Wd4ekHBedxD88raQ1o85lvzyCUlnSOenlwJaro5FVQ7rJMm
Wu1Futlmf3NWaLqeHs0ay61HASzFpKuoW9XAuBo+H/uwaIfS+Y8t3epDpiJLVHZH
7ff5EJz9mkPx/Kj5wPQD1XywNTEiRxTsBRgEKNG9pMl//HJaf0L049etGQIDAQAB
o4IDsTCCA60wHQYDVR0OBBYEFDr27KHUwolEwHJMkU3N+78yTFLSMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvT3Zic29kVENpVVRBY2t5UlRjMzd2ekpNVXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBxQYIKwYBBQUHAQcBAf8EggG0MIIBsDCCAawEAgABMIIB
pAMEAQI4cAMEAAW3gAMEAB/e+AMEAC2diAMEAD5EUwMEAT5EVgMEAD7MJAMEAD7M
OQMEAD7pIwMEAD7pLQMEAD7pMQMEAD7pOAMEAD7pPAMEAFBEkQMEAFBEnjAMAwQA
UFvRAwQAUFvSAwQAW9V1AwQAW+L3AwQAW/LhAwQAW/LjAwQAW/LsAwQAW/LuAwQB
XbFoAwQAXo/iAwQAXp6/AwQAgsFPAwQAgv+pAwQAkhNsAwQAkhOJAwQAkhOUAwQA
khOWAwQAkhOYAwQAkhO5AwQAkhO7AwQAkhO+AwQAkhPCMAwDBACwOCUDBACwOCYD
BACy04wDBAC5es4DBAC5jKwDBAC5m2UDBAC5xpkDBAC52gEDBAC56C8DBADBAxYD
BADBjTUDBADB79EDBADCGtgDBADCGt0DBADCIPMDBADDQGowDAMEAMNAbQMEAMNA
bgMEAMNAcAMEAMNAcgMEAMNAdQMEAMNd+QMEAMNgiAMEAMNgkgMEAMNglAMEAMNg
mwMEAMNgnQMEANQSYAMEANQSZwMEANQ0BQMEANlyIAMEANl3gjANBgkqhkiG9w0B
AQsFAAOCAQEAbaShBy7Y88wPOxOfFes8dPdmslXPfPypuwnsT/QJTbmBq0HSpDiT
lZd+Q5WNPKZW7KjuuwYzoLpA4dyswTgIwBtthe4b0ErCWhsWH/tRAU7B2hHpA9Tr
CHl1YAAqf5YXdRqWs8BfKOKnmu5LDVG48UW1Oq68GNphhpVUimmMOM/zsO6o5wag
vVNqHR3EbGSxUmdnV+3IQ8G6OlJoD3iCGU+tUUUWsnWxJblf36+7O8RB118xCmN0
w3w7+Uvy9sTDJCfBcqvofZaaGKiZ6jKH+QbhE6r9bryIQ+yIDVpH3+rloZrAUsOj
QjYJM2kbHWjqalgSEvjdmNXucfnLe15qzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org