Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Q755YtoG8s2P6KrDg1MOMWEUdzc.roa
File:                     Q755YtoG8s2P6KrDg1MOMWEUdzc.roa (raw, json)
Hash identifier:          87ZnavEyidIf90u7x82xZUqdsydGzjnR8ETihtmetiM=
Subject key identifier:   43:BE:79:62:DA:06:F2:CD:8F:E8:AA:C3:83:53:0E:31:61:14:77:37
Certificate issuer:       /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial:       0187B28DF9C84A5B98735E026462EEE413E2
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Q755YtoG8s2P6KrDg1MOMWEUdzc.roa
Signing time:             Mon 24 Apr 2023 09:17:41 +0000
ROA not before:           Mon 24 Apr 2023 09:17:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28964
IP address blocks:        178.253.193.0/24 maxlen: 24
                          178.253.212.0/24 maxlen: 24
                          178.253.218.0/24 maxlen: 24
                          178.253.216.0/24 maxlen: 24
                          178.253.217.0/24 maxlen: 24
                          178.253.220.0/23 maxlen: 23
                          93.186.65.0/24 maxlen: 24
                          93.186.77.0/24 maxlen: 24
                          188.255.205.0/24 maxlen: 24
                          188.255.207.0/24 maxlen: 24
                          188.255.217.0/24 maxlen: 24
                          188.255.228.0/24 maxlen: 24
                          188.255.230.0/23 maxlen: 23
                          109.121.48.0/24 maxlen: 24
                          109.121.49.0/24 maxlen: 24
                          109.121.53.0/24 maxlen: 24
                          109.121.55.0/24 maxlen: 24
                          212.69.3.0/24 maxlen: 24
                          212.69.4.0/24 maxlen: 24
                          188.255.253.0/24 maxlen: 24
                          212.69.5.0/24 maxlen: 24
                          178.253.232.0/24 maxlen: 24
                          178.253.238.0/24 maxlen: 24
                          109.233.188.0/24 maxlen: 24
                          178.253.246.0/24 maxlen: 24
                          178.253.244.0/24 maxlen: 24
                          178.253.245.0/24 maxlen: 24
                          81.18.51.0/24 maxlen: 24
                          178.253.250.0/24 maxlen: 24
                          81.18.58.0/24 maxlen: 24
                          81.18.56.0/24 maxlen: 24
                          81.18.57.0/24 maxlen: 24
                          188.255.179.0/24 maxlen: 24
                          81.18.63.0/24 maxlen: 24
                          188.255.192.0/23 maxlen: 23
                          188.255.190.0/24 maxlen: 24
                          188.255.196.0/22 maxlen: 22
                          188.255.195.0/24 maxlen: 24
                          79.175.120.0/24 maxlen: 24
                          212.69.21.0/24 maxlen: 24
                          212.69.19.0/24 maxlen: 24
                          212.69.30.0/24 maxlen: 24
                          178.219.2.0/24 maxlen: 24
                          178.219.4.0/22 maxlen: 22
                          178.219.15.0/24 maxlen: 24
                          178.219.12.0/23 maxlen: 23
                          77.105.39.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Apr 2023 10:21:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b2:8d:f9:c8:4a:5b:98:73:5e:02:64:62:ee:e4:13:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
        Validity
            Not Before: Apr 24 09:17:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=43be7962da06f2cd8fe8aac383530e3161147737
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:68:07:76:55:48:fb:db:7a:20:53:41:ec:fa:
                    48:62:25:0f:87:3d:dc:c3:d3:f7:9f:60:ee:d5:be:
                    e6:02:0f:39:17:21:04:96:f6:69:41:8e:a9:05:3c:
                    5d:bf:0f:45:c9:ef:2c:07:9b:3b:c6:21:f2:7e:d9:
                    1a:17:04:94:a7:1e:d2:9a:98:37:b4:72:16:b0:72:
                    ae:4b:81:6d:f4:b9:8c:87:74:dd:16:91:d5:f9:d3:
                    a1:07:48:8b:f6:40:53:f9:9a:1d:8c:84:0e:b8:72:
                    4f:69:40:e6:f8:26:22:de:5e:bb:d7:07:37:68:6a:
                    23:39:83:7b:23:34:6f:6b:7e:5b:c7:52:fb:fc:4f:
                    55:5e:44:be:7b:ab:35:63:17:20:a2:f8:c9:00:cc:
                    a6:7c:ad:10:5c:dc:47:a2:d9:a2:8b:4e:ef:35:1d:
                    18:8d:70:d6:b0:91:5c:d1:0a:0a:34:a2:20:05:29:
                    a6:e6:3c:46:8d:e8:26:36:dd:5e:5b:5f:ba:5f:a2:
                    d5:c0:9e:8e:ec:e4:33:e8:7b:26:d0:eb:93:41:0c:
                    67:2c:42:53:8f:a8:c3:d5:84:3d:1e:39:61:a7:c2:
                    d4:44:94:c8:33:f3:52:7f:4f:b2:55:63:58:51:be:
                    be:48:d4:9f:31:93:20:d1:eb:a6:6b:09:0c:4c:6e:
                    d2:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:BE:79:62:DA:06:F2:CD:8F:E8:AA:C3:83:53:0E:31:61:14:77:37
            X509v3 Authority Key Identifier:
                keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/Q755YtoG8s2P6KrDg1MOMWEUdzc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.105.39.0/24
                  79.175.120.0/24
                  81.18.51.0/24
                  81.18.56.0-81.18.58.255
                  81.18.63.0/24
                  93.186.65.0/24
                  93.186.77.0/24
                  109.121.48.0/23
                  109.121.53.0/24
                  109.121.55.0/24
                  109.233.188.0/24
                  178.219.2.0/24
                  178.219.4.0/22
                  178.219.12.0/23
                  178.219.15.0/24
                  178.253.193.0/24
                  178.253.212.0/24
                  178.253.216.0-178.253.218.255
                  178.253.220.0/23
                  178.253.232.0/24
                  178.253.238.0/24
                  178.253.244.0-178.253.246.255
                  178.253.250.0/24
                  188.255.179.0/24
                  188.255.190.0/24
                  188.255.192.0/23
                  188.255.195.0-188.255.199.255
                  188.255.205.0/24
                  188.255.207.0/24
                  188.255.217.0/24
                  188.255.228.0/24
                  188.255.230.0/23
                  188.255.253.0/24
                  212.69.3.0-212.69.5.255
                  212.69.19.0/24
                  212.69.21.0/24
                  212.69.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:ed:7d:7e:cb:30:b1:92:53:c2:88:55:68:d5:84:9e:5c:15:
         b3:1d:90:73:07:92:36:39:87:12:b4:48:7f:09:8b:c3:58:a8:
         20:71:cd:9c:86:ff:72:e2:3f:40:69:3f:85:1d:8b:33:dc:d4:
         e0:a3:5e:20:37:2f:56:02:3a:f7:50:b0:2c:b0:18:e3:a1:43:
         e7:83:f7:dc:05:48:5d:36:29:7c:8f:74:ef:a8:6d:7b:8a:4b:
         ed:46:56:35:32:d8:50:66:7b:17:64:65:d1:4a:44:c7:44:b7:
         e3:64:d7:6a:7f:93:2a:1f:bf:7f:c5:f4:d5:c0:14:03:01:6f:
         61:73:7a:da:6f:49:51:17:d3:32:f8:67:3a:57:15:38:e5:bd:
         ff:d8:49:d7:ae:d4:a8:d2:63:d0:e0:25:3b:5d:d3:50:d0:80:
         80:36:48:06:24:bf:d7:82:77:9b:60:ef:5d:6e:8b:41:18:13:
         e2:b3:8b:4e:cc:c3:24:bf:d7:78:75:1a:ac:ab:a3:62:e0:47:
         65:74:9d:fb:79:38:44:26:81:79:e2:bc:b3:e5:e1:71:b7:5d:
         e4:dc:69:99:f8:68:03:e5:22:17:3d:a2:31:1c:d6:ad:55:9f:
         22:01:d6:0b:d0:9d:bc:b8:5e:86:f5:28:fe:52:59:d0:10:fa:
         ca:08:23:f1
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAYeyjfnISluYc14CZGLu5BPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwNDI0MDkxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2JlNzk2MmRhMDZmMmNkOGZlOGFhYzM4MzUzMGUzMTYxMTQ3NzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGgHdlVI+9t6IFNB7PpIYiUPhz3c
w9P3n2Du1b7mAg85FyEElvZpQY6pBTxdvw9Fye8sB5s7xiHyftkaFwSUpx7Smpg3
tHIWsHKuS4Ft9LmMh3TdFpHV+dOhB0iL9kBT+ZodjIQOuHJPaUDm+CYi3l671wc3
aGojOYN7IzRva35bx1L7/E9VXkS+e6s1YxcgovjJAMymfK0QXNxHotmii07vNR0Y
jXDWsJFc0QoKNKIgBSmm5jxGjegmNt1eW1+6X6LVwJ6O7OQz6Hsm0OuTQQxnLEJT
j6jD1YQ9Hjlhp8LURJTIM/NSf0+yVWNYUb6+SNSfMZMg0eumawkMTG7S3QIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFEO+eWLaBvLNj+iqw4NTDjFhFHc3MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvUTc1NVl0b0c4czJQNktyRGcxTU9NV0VVZHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAE1pJwMEAE+veAMEAFESMzAMAwQDURI4AwQAURI6AwQAURI/AwQAXbpBAwQA
XbpNAwQBbXkwAwQAbXk1AwQAbXk3AwQAbem8AwQAstsCAwQCstsEAwQBstsMAwQA
stsPAwQAsv3BAwQAsv3UMAwDBAOy/dgDBACy/doDBAGy/dwDBACy/egDBACy/e4w
DAMEArL99AMEALL99gMEALL9+gMEALz/swMEALz/vgMEAbz/wDAMAwQAvP/DAwQD
vP/AAwQAvP/NAwQAvP/PAwQAvP/ZAwQAvP/kAwQBvP/mAwQAvP/9MAwDBADURQMD
BAHURQQDBADURRMDBADURRUDBADURR4wDQYJKoZIhvcNAQELBQADggEBABftfX7L
MLGSU8KIVWjVhJ5cFbMdkHMHkjY5hxK0SH8Ji8NYqCBxzZyG/3LiP0BpP4UdizPc
1OCjXiA3L1YCOvdQsCywGOOhQ+eD99wFSF02KXyPdO+obXuKS+1GVjUy2FBmexdk
ZdFKRMdEt+Nk12p/kyofv3/F9NXAFAMBb2FzetpvSVEX0zL4ZzpXFTjlvf/YSdeu
1KjSY9DgJTtd01DQgIA2SAYkv9eCd5tg711ui0EYE+Kzi07MwyS/13h1Gqyro2Lg
R2V0nft5OEQmgXnivLPl4XG3XeTcaZn4aAPlIhc9ojEc1q1VnyIB1gvQnby4Xob1
KP5SWdAQ+soII/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org