Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Ft0OXK_AvkBw1CC1DD5JVcthNhE.roa
File:                     Ft0OXK_AvkBw1CC1DD5JVcthNhE.roa (raw, json)
Hash identifier:          yqHPapojkfweTYBPBmnaS+/cf7X+Sfi69Psf45omJaw=
Subject key identifier:   16:DD:0E:5C:AF:C0:BE:40:70:D4:20:B5:0C:3E:49:55:CB:61:36:11
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0188B1D1E86109B1401E2594F5D31F21A84A
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Ft0OXK_AvkBw1CC1DD5JVcthNhE.roa
Signing time:             Mon 12 Jun 2023 22:55:03 +0000
ROA not before:           Mon 12 Jun 2023 22:55:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28964
IP address blocks:        178.253.212.0/24 maxlen: 24
                          178.253.218.0/24 maxlen: 24
                          178.253.216.0/24 maxlen: 24
                          178.253.217.0/24 maxlen: 24
                          178.253.220.0/23 maxlen: 23
                          93.186.65.0/24 maxlen: 24
                          93.186.77.0/24 maxlen: 24
                          188.255.205.0/24 maxlen: 24
                          188.255.207.0/24 maxlen: 24
                          188.255.217.0/24 maxlen: 24
                          188.255.228.0/24 maxlen: 24
                          188.255.230.0/23 maxlen: 23
                          109.121.48.0/24 maxlen: 24
                          109.121.49.0/24 maxlen: 24
                          212.69.3.0/24 maxlen: 24
                          109.121.53.0/24 maxlen: 24
                          109.121.55.0/24 maxlen: 24
                          212.69.4.0/24 maxlen: 24
                          188.255.253.0/24 maxlen: 24
                          212.69.5.0/24 maxlen: 24
                          178.253.232.0/24 maxlen: 24
                          178.253.238.0/24 maxlen: 24
                          178.253.245.0/24 maxlen: 24
                          109.233.188.0/24 maxlen: 24
                          178.253.246.0/24 maxlen: 24
                          178.253.244.0/24 maxlen: 24
                          81.18.51.0/24 maxlen: 24
                          178.253.250.0/24 maxlen: 24
                          81.18.57.0/24 maxlen: 24
                          188.255.179.0/24 maxlen: 24
                          81.18.58.0/24 maxlen: 24
                          81.18.56.0/24 maxlen: 24
                          81.18.63.0/24 maxlen: 24
                          188.255.192.0/23 maxlen: 23
                          188.255.190.0/24 maxlen: 24
                          188.255.196.0/22 maxlen: 22
                          188.255.195.0/24 maxlen: 24
                          79.175.120.0/24 maxlen: 24
                          212.69.21.0/24 maxlen: 24
                          212.69.19.0/24 maxlen: 24
                          178.219.2.0/24 maxlen: 24
                          212.69.30.0/24 maxlen: 24
                          178.219.4.0/22 maxlen: 22
                          178.219.12.0/23 maxlen: 23
                          178.219.15.0/24 maxlen: 24
                          77.105.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 04 Aug 2023 09:18:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b1:d1:e8:61:09:b1:40:1e:25:94:f5:d3:1f:21:a8:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Jun 12 22:55:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=16dd0e5cafc0be4070d420b50c3e4955cb613611
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:59:5d:86:cd:77:80:4e:ac:fe:7c:c1:3d:69:
                    52:f7:5a:c4:50:51:e4:dd:a5:df:96:ec:55:c9:f1:
                    de:c0:7f:b3:03:f7:83:b6:74:01:bf:eb:f2:39:68:
                    f7:cb:c3:2e:73:f4:b9:15:1c:d8:c9:68:ba:53:2d:
                    fb:a5:a8:63:e1:92:6f:d5:8e:09:77:b3:57:50:66:
                    4b:38:e0:53:84:e8:8f:5d:64:30:04:19:67:51:2b:
                    22:db:48:b1:4d:d7:bf:65:51:f7:ff:37:1c:9a:ea:
                    dd:f1:43:b3:97:6c:2d:50:5b:bb:67:85:27:9e:ff:
                    2d:22:aa:af:82:fe:59:c2:61:56:5a:4d:38:9f:7f:
                    c1:68:3d:2e:72:d0:73:3f:47:0d:2c:f8:a6:3d:2e:
                    5b:43:74:c5:4c:a6:f0:8a:51:e4:76:6b:7f:f0:e4:
                    1a:4c:82:16:67:8a:c0:77:f2:84:82:84:ae:19:de:
                    43:93:72:20:20:cf:ef:4a:b3:9e:bd:b4:c6:f7:4e:
                    24:1c:a0:51:b5:63:0d:32:7d:46:d5:ff:0d:09:f2:
                    36:b6:5a:d0:c1:4e:d1:4a:5c:c3:c7:3b:55:d8:98:
                    e0:90:6d:31:d2:60:d2:2c:2f:ca:f7:7c:27:20:0e:
                    5e:8d:82:95:90:f0:3f:5c:e5:88:00:20:45:26:bd:
                    e3:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:DD:0E:5C:AF:C0:BE:40:70:D4:20:B5:0C:3E:49:55:CB:61:36:11
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Ft0OXK_AvkBw1CC1DD5JVcthNhE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.105.39.0/24
                  79.175.120.0/24
                  81.18.51.0/24
                  81.18.56.0-81.18.58.255
                  81.18.63.0/24
                  93.186.65.0/24
                  93.186.77.0/24
                  109.121.48.0/23
                  109.121.53.0/24
                  109.121.55.0/24
                  109.233.188.0/24
                  178.219.2.0/24
                  178.219.4.0/22
                  178.219.12.0/23
                  178.219.15.0/24
                  178.253.212.0/24
                  178.253.216.0-178.253.218.255
                  178.253.220.0/23
                  178.253.232.0/24
                  178.253.238.0/24
                  178.253.244.0-178.253.246.255
                  178.253.250.0/24
                  188.255.179.0/24
                  188.255.190.0/24
                  188.255.192.0/23
                  188.255.195.0-188.255.199.255
                  188.255.205.0/24
                  188.255.207.0/24
                  188.255.217.0/24
                  188.255.228.0/24
                  188.255.230.0/23
                  188.255.253.0/24
                  212.69.3.0-212.69.5.255
                  212.69.19.0/24
                  212.69.21.0/24
                  212.69.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:3a:12:20:ed:b7:ef:35:7e:5b:a3:6c:71:d0:d2:5b:a9:56:
         57:54:d7:4a:d4:77:ed:42:ef:c5:e1:f8:c6:93:44:68:9e:3d:
         ab:af:b4:61:e0:42:77:96:f7:ba:bb:6b:ea:1d:6f:2d:71:a4:
         42:1c:5c:26:1d:90:11:bb:48:12:9c:01:25:cd:65:7c:60:d8:
         ca:f2:db:6c:15:2a:01:23:70:9e:8f:9a:af:39:d1:11:d8:5c:
         fe:c6:3e:19:90:43:cd:a7:a8:a0:bc:14:f7:87:3e:99:44:21:
         91:d1:fa:68:1a:99:0d:cf:d3:b8:b6:9c:c8:7d:a4:64:c0:eb:
         e8:7d:8d:a4:68:9c:a7:5f:ed:70:e7:e6:bb:3c:6d:9f:d5:cd:
         9e:38:b3:c9:aa:98:dc:2a:c4:30:65:e2:40:be:ac:1f:12:dd:
         ad:ac:29:51:bf:6c:c8:6b:c7:c3:67:b8:f0:e8:f1:15:c0:65:
         bc:0d:d4:e4:53:9c:6c:9a:4f:dd:cd:19:03:c0:88:d3:38:ed:
         28:f8:26:6d:fe:f2:87:5a:89:4b:c2:14:ac:d2:a9:0d:d3:1f:
         f8:3b:f2:45:96:67:99:89:c3:04:f2:fe:76:68:d1:98:a4:a9:
         34:9b:fe:ad:45:93:dd:b0:ad:7d:5b:ea:44:be:ac:9a:1d:f5:
         55:49:b0:ec
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAYix0ehhCbFAHiWU9dMfIahKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNjEyMjI1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmRkMGU1Y2FmYzBiZTQwNzBkNDIwYjUwYzNlNDk1NWNiNjEzNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1ldhs13gE6s/nzBPWlS91rEUFHk
3aXfluxVyfHewH+zA/eDtnQBv+vyOWj3y8Muc/S5FRzYyWi6Uy37pahj4ZJv1Y4J
d7NXUGZLOOBThOiPXWQwBBlnUSsi20ixTde/ZVH3/zccmurd8UOzl2wtUFu7Z4Un
nv8tIqqvgv5ZwmFWWk04n3/BaD0uctBzP0cNLPimPS5bQ3TFTKbwilHkdmt/8OQa
TIIWZ4rAd/KEgoSuGd5Dk3IgIM/vSrOevbTG904kHKBRtWMNMn1G1f8NCfI2tlrQ
wU7RSlzDxztV2JjgkG0x0mDSLC/K93wnIA5ejYKVkPA/XOWIACBFJr3jQQIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFBbdDlyvwL5AcNQgtQw+SVXLYTYRMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvRnQwT1hLX0F2a0J3MUNDMURENUpWY3RoTmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEAE1pJwMEAE+veAMEAFESMzAMAwQDURI4AwQAURI6AwQAURI/AwQAXbpBAwQA
XbpNAwQBbXkwAwQAbXk1AwQAbXk3AwQAbem8AwQAstsCAwQCstsEAwQBstsMAwQA
stsPAwQAsv3UMAwDBAOy/dgDBACy/doDBAGy/dwDBACy/egDBACy/e4wDAMEArL9
9AMEALL99gMEALL9+gMEALz/swMEALz/vgMEAbz/wDAMAwQAvP/DAwQDvP/AAwQA
vP/NAwQAvP/PAwQAvP/ZAwQAvP/kAwQBvP/mAwQAvP/9MAwDBADURQMDBAHURQQD
BADURRMDBADURRUDBADURR4wDQYJKoZIhvcNAQELBQADggEBAEQ6EiDtt+81fluj
bHHQ0lupVldU10rUd+1C78Xh+MaTRGiePauvtGHgQneW97q7a+odby1xpEIcXCYd
kBG7SBKcASXNZXxg2Mry22wVKgEjcJ6Pmq850RHYXP7GPhmQQ82nqKC8FPeHPplE
IZHR+mgamQ3P07i2nMh9pGTA6+h9jaRonKdf7XDn5rs8bZ/VzZ44s8mqmNwqxDBl
4kC+rB8S3a2sKVG/bMhrx8NnuPDo8RXAZbwN1ORTnGyaT93NGQPAiNM47Sj4Jm3+
8odaiUvCFKzSqQ3TH/g78kWWZ5mJwwTy/nZo0ZikqTSb/q1Fk92wrX1b6kS+rJod
9VVJsOw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:03 2024 by rpki-client on console-ams.rpki-client.org