Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mrofyLna-t7Ka--wa6LQjgS6jY4.roa
File:                     mrofyLna-t7Ka--wa6LQjgS6jY4.roa (raw, json)
Hash identifier:          iSlQEV5GGnhfBFp0MiPuYv5Dnwn5OCK7UQhMLmGKB10=
Subject key identifier:   9A:BA:1F:C8:B9:DA:FA:DE:CA:6B:EF:B0:6B:A2:D0:8E:04:BA:8D:8E
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018F781582B4705289FF6F29C03D9CE835A0
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mrofyLna-t7Ka--wa6LQjgS6jY4.roa
Signing time:             Tue 14 May 2024 17:10:26 +0000
ROA not before:           Tue 14 May 2024 17:10:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202656
IP address blocks:        45.15.239.0/24 maxlen: 24
                          45.129.1.0/24 maxlen: 24
                          45.132.39.0/24 maxlen: 24
                          45.135.35.0/24 maxlen: 24
                          45.138.7.0/24 maxlen: 24
                          45.138.156.0/24 maxlen: 24
                          45.138.212.0/24 maxlen: 24
                          45.138.215.0/24 maxlen: 24
                          45.140.65.0/24 maxlen: 24
                          45.149.130.0/24 maxlen: 24
                          45.149.131.0/24 maxlen: 24
                          45.152.118.0/24 maxlen: 24
                          45.152.119.0/24 maxlen: 24
                          83.138.51.0/24 maxlen: 24
                          83.138.52.0/24 maxlen: 24
                          84.246.82.0/24 maxlen: 24
                          91.206.69.0/24 maxlen: 24
                          91.237.104.0/24 maxlen: 24
                          91.237.105.0/24 maxlen: 24
                          176.116.5.0/24 maxlen: 24
                          176.116.20.0/24 maxlen: 24
                          176.116.23.0/24 maxlen: 24
                          176.126.109.0/24 maxlen: 24
                          176.126.112.0/24 maxlen: 24
                          176.126.115.0/24 maxlen: 24
                          193.0.245.0/24 maxlen: 24
                          193.0.246.0/24 maxlen: 24
                          193.5.1.0/24 maxlen: 24
                          193.58.171.0/24 maxlen: 24
                          193.58.178.0/24 maxlen: 24
                          194.107.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 May 2024 14:36:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:78:15:82:b4:70:52:89:ff:6f:29:c0:3d:9c:e8:35:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: May 14 17:10:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9aba1fc8b9dafadeca6befb06ba2d08e04ba8d8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:20:dc:b7:02:9d:16:79:ce:43:70:54:f7:41:
                    da:7d:e1:0a:cb:3f:a1:c1:df:38:dd:89:83:83:7c:
                    00:dd:8b:35:25:a5:87:22:fc:7f:41:ef:84:b3:8a:
                    b7:96:47:f5:d4:24:ed:88:e8:83:4c:a3:52:6a:d6:
                    e6:de:6d:1f:33:1b:16:dd:06:a8:66:f7:c3:e2:a4:
                    5f:cf:f4:c1:a7:c2:00:53:63:b9:bb:df:2f:21:dc:
                    31:e4:76:d1:3d:e1:e9:6e:9c:65:3d:ed:29:94:56:
                    10:0d:92:e1:22:95:11:2c:23:5f:59:95:0b:df:80:
                    59:23:57:67:b8:01:cd:f1:20:20:3e:d6:25:6c:59:
                    fc:a0:ea:cd:31:55:05:46:32:1d:cd:7b:3f:de:2d:
                    7a:3a:8a:c6:1f:7f:28:1f:38:01:16:c3:24:34:d0:
                    61:71:90:ad:7b:bd:c0:59:0e:0c:46:28:12:f7:d3:
                    00:1d:06:bd:02:ee:95:fa:e4:99:14:dd:dd:06:00:
                    b3:85:46:df:66:b0:cd:c6:52:4c:2a:f0:92:0e:e7:
                    3b:fe:76:51:a8:4d:ab:d0:3a:9d:a6:9b:99:f9:0c:
                    9c:d6:42:b0:51:b4:b8:92:a9:30:f1:dc:18:46:2d:
                    d2:b1:32:5c:c9:79:43:3f:d7:86:3b:27:77:92:8d:
                    c1:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:BA:1F:C8:B9:DA:FA:DE:CA:6B:EF:B0:6B:A2:D0:8E:04:BA:8D:8E
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mrofyLna-t7Ka--wa6LQjgS6jY4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.15.239.0/24
                  45.129.1.0/24
                  45.132.39.0/24
                  45.135.35.0/24
                  45.138.7.0/24
                  45.138.156.0/24
                  45.138.212.0/24
                  45.138.215.0/24
                  45.140.65.0/24
                  45.149.130.0/23
                  45.152.118.0/23
                  83.138.51.0-83.138.52.255
                  84.246.82.0/24
                  91.206.69.0/24
                  91.237.104.0/23
                  176.116.5.0/24
                  176.116.20.0/24
                  176.116.23.0/24
                  176.126.109.0/24
                  176.126.112.0/24
                  176.126.115.0/24
                  193.0.245.0-193.0.246.255
                  193.5.1.0/24
                  193.58.171.0/24
                  193.58.178.0/24
                  194.107.200.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:82:85:0c:63:8b:6e:94:10:74:b8:28:fe:72:75:61:2a:63:
         34:24:41:63:1a:58:06:ab:34:4f:41:98:c2:de:fb:af:09:5a:
         20:f8:f2:22:b8:32:cf:7e:55:b0:22:ab:25:8a:8f:85:04:d6:
         13:d7:a6:d0:95:65:76:a6:81:41:2b:72:43:08:6d:49:9d:9f:
         fb:21:19:e7:67:c3:91:ae:5b:bc:73:26:4d:d4:10:77:23:96:
         b8:87:cc:ca:a5:b5:9d:48:f3:58:e1:60:26:06:43:5d:2b:ac:
         a2:4b:4a:ea:e2:ce:66:b4:54:f6:25:34:ab:e5:bb:66:8c:b6:
         d7:51:fc:cf:f3:dd:30:3f:3b:d9:d8:d0:39:cd:40:26:70:1a:
         b1:5a:ad:d1:7a:ef:ba:3e:ab:2f:e7:83:aa:fa:2c:ed:ba:00:
         64:38:e9:e9:b5:16:d3:09:24:d8:1f:4d:c7:9e:27:36:9c:8b:
         9e:de:46:4a:62:b8:5a:33:62:8a:3f:f6:f3:d0:08:f5:3e:12:
         e4:5e:86:84:da:dc:89:8b:fc:0c:67:8a:9c:56:f4:15:bd:b5:
         82:c9:01:32:42:d1:84:4f:ab:1b:74:85:8c:aa:80:86:b3:d7:
         10:f4:e3:1d:6b:d5:dd:5f:2b:8d:28:72:b2:71:ed:95:41:a6:
         a9:1e:6e:4c
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAY94FYK0cFKJ/28pwD2c6DWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNTE0MTcxMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWJhMWZjOGI5ZGFmYWRlY2E2YmVmYjA2YmEyZDA4ZTA0YmE4ZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yDctwKdFnnOQ3BU90HafeEKyz+h
wd843YmDg3wA3Ys1JaWHIvx/Qe+Es4q3lkf11CTtiOiDTKNSatbm3m0fMxsW3Qao
ZvfD4qRfz/TBp8IAU2O5u98vIdwx5HbRPeHpbpxlPe0plFYQDZLhIpURLCNfWZUL
34BZI1dnuAHN8SAgPtYlbFn8oOrNMVUFRjIdzXs/3i16OorGH38oHzgBFsMkNNBh
cZCte73AWQ4MRigS99MAHQa9Au6V+uSZFN3dBgCzhUbfZrDNxlJMKvCSDuc7/nZR
qE2r0DqdppuZ+Qyc1kKwUbS4kqkw8dwYRi3SsTJcyXlDP9eGOyd3ko3B+wIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFJq6H8i52vreymvvsGui0I4Euo2OMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvbXJvZnlMbmEtdDdLYS0td2E2TFFqZ1M2alk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAAt
D+8DBAAtgQEDBAAthCcDBAAthyMDBAAtigcDBAAtipwDBAAtitQDBAAtitcDBAAt
jEEDBAEtlYIDBAEtmHYwDAMEAFOKMwMEAFOKNAMEAFT2UgMEAFvORQMEAVvtaAME
ALB0BQMEALB0FAMEALB0FwMEALB+bQMEALB+cAMEALB+czAMAwQAwQD1AwQAwQD2
AwQAwQUBAwQAwTqrAwQAwTqyAwQAwmvIMA0GCSqGSIb3DQEBCwUAA4IBAQAlgoUM
Y4tulBB0uCj+cnVhKmM0JEFjGlgGqzRPQZjC3vuvCVog+PIiuDLPflWwIqslio+F
BNYT16bQlWV2poFBK3JDCG1JnZ/7IRnnZ8ORrlu8cyZN1BB3I5a4h8zKpbWdSPNY
4WAmBkNdK6yiS0rq4s5mtFT2JTSr5btmjLbXUfzP890wPzvZ2NA5zUAmcBqxWq3R
eu+6Pqsv54Oq+iztugBkOOnptRbTCSTYH03Hnic2nIue3kZKYrhaM2KKP/bz0Aj1
PhLkXoaE2tyJi/wMZ4qcVvQVvbWCyQEyQtGET6sbdIWMqoCGs9cQ9OMda9XdXyuN
KHKyce2VQaapHm5M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:49 2024 by rpki-client on console-ams.rpki-client.org