Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/lZNkPV9zUps0Z_dCeHXip1YzYeg.roa
File:                     lZNkPV9zUps0Z_dCeHXip1YzYeg.roa (raw, json)
Hash identifier:          JWmCQRggX/hQfAG/mWXO7die3U5xuMku9VUo9WzgcJk=
Subject key identifier:   95:93:64:3D:5F:73:52:9B:34:67:F7:42:78:75:E2:A7:56:33:61:E8
Certificate issuer:       /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial:       018AF5B60EE06277B8FBABA2FFF36C0CBC27
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/lZNkPV9zUps0Z_dCeHXip1YzYeg.roa
Signing time:             Tue 03 Oct 2023 13:24:23 +0000
ROA not before:           Tue 03 Oct 2023 13:24:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209372
IP address blocks:        88.218.80.0/24 maxlen: 24
                          194.124.41.0/24 maxlen: 24
                          176.118.189.0/24 maxlen: 24
                          176.118.188.0/24 maxlen: 24
                          176.118.191.0/24 maxlen: 24
                          45.130.184.0/24 maxlen: 24
                          45.130.185.0/24 maxlen: 24
                          45.130.186.0/24 maxlen: 24
                          194.53.188.0/22 maxlen: 24
                          5.104.74.0/24 maxlen: 24
                          5.104.72.0/24 maxlen: 24
                          88.218.239.0/24 maxlen: 24
                          194.28.157.0/24 maxlen: 24
                          84.252.64.0/22 maxlen: 24
                          45.140.4.0/24 maxlen: 24
                          45.140.7.0/24 maxlen: 24
                          45.140.6.0/24 maxlen: 24
                          193.160.68.0/24 maxlen: 24
                          193.160.72.0/24 maxlen: 24
                          91.245.239.0/24 maxlen: 24
                          95.214.83.0/24 maxlen: 24
                          185.177.76.0/24 maxlen: 24
                          185.177.77.0/24 maxlen: 24
                          95.214.92.0/24 maxlen: 24
                          95.214.95.0/24 maxlen: 24
                          95.214.93.0/24 maxlen: 24
                          212.69.135.0/24 maxlen: 24
                          77.83.20.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f5:b6:0e:e0:62:77:b8:fb:ab:a2:ff:f3:6c:0c:bc:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
        Validity
            Not Before: Oct  3 13:24:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9593643d5f73529b3467f7427875e2a7563361e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:64:71:d8:1e:b4:14:ab:fa:8c:d6:29:7d:95:
                    0a:14:48:5f:d1:ac:45:bf:b7:a9:5b:c3:33:b2:6a:
                    5b:a0:c7:ae:56:59:bc:be:5b:69:01:d8:0f:7a:f4:
                    60:0f:e3:69:60:91:e2:15:bb:e3:a6:a5:cd:9e:10:
                    a0:b8:8a:67:de:8f:aa:3f:1f:8b:81:3c:4b:0a:67:
                    b6:8f:0e:82:4f:4d:27:40:ab:87:e0:93:13:6a:c7:
                    0b:6a:e0:f7:f6:d2:86:5e:07:15:c4:d3:18:06:70:
                    0a:06:aa:03:46:1c:b6:52:c1:80:d2:8d:89:6f:9a:
                    51:13:1d:d9:92:a5:86:ab:48:e5:c5:83:0e:f2:51:
                    db:b0:84:4a:d2:a4:c9:bd:86:10:61:9e:b1:a4:94:
                    ef:7e:82:55:16:c4:a6:bd:c3:37:28:91:21:6f:bc:
                    e8:5d:72:39:e4:c6:6d:67:c4:0d:c7:d6:30:a1:6b:
                    70:66:86:a7:fb:a5:01:e9:85:e6:51:63:90:64:d9:
                    04:f1:21:b3:94:31:22:5e:f1:9d:80:6e:59:fe:ca:
                    a0:30:19:47:04:02:f2:6d:50:72:9a:d7:66:a0:41:
                    9a:71:ce:49:48:9a:63:d6:12:74:1d:be:41:21:24:
                    36:c9:93:76:f1:bf:7a:69:bb:b4:74:bf:1e:8c:6a:
                    e9:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:93:64:3D:5F:73:52:9B:34:67:F7:42:78:75:E2:A7:56:33:61:E8
            X509v3 Authority Key Identifier:
                keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/lZNkPV9zUps0Z_dCeHXip1YzYeg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.104.72.0/24
                  5.104.74.0/24
                  45.130.184.0-45.130.186.255
                  45.140.4.0/24
                  45.140.6.0/23
                  77.83.20.0/22
                  84.252.64.0/22
                  88.218.80.0/24
                  88.218.239.0/24
                  91.245.239.0/24
                  95.214.83.0/24
                  95.214.92.0/23
                  95.214.95.0/24
                  176.118.188.0/23
                  176.118.191.0/24
                  185.177.76.0/23
                  193.160.68.0/24
                  193.160.72.0/24
                  194.28.157.0/24
                  194.53.188.0/22
                  194.124.41.0/24
                  212.69.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:68:7c:3f:02:a5:5c:a0:ca:4e:16:8b:51:91:69:64:fe:61:
         59:9a:ea:5a:c3:fe:7f:c3:af:68:08:86:5c:4a:92:b5:7d:db:
         e6:28:7e:5a:b7:13:61:e4:d2:44:f1:b7:bf:ab:50:64:15:49:
         50:a6:f2:4f:3a:6d:57:16:de:be:0a:99:bc:81:c9:5f:8b:49:
         3a:84:47:30:de:6d:d3:76:18:75:19:6f:71:8f:e9:40:31:23:
         0a:7c:cd:02:3f:3c:c5:57:14:05:75:b6:77:14:23:fe:b8:44:
         03:4d:c5:39:8d:a4:7a:cb:3f:42:1e:98:04:de:8e:c7:40:58:
         51:6e:ba:38:0e:90:8a:2e:a0:4e:39:6a:6c:dd:d0:b0:c0:e8:
         22:f6:be:74:91:fb:cc:be:2d:8e:94:60:58:c5:bd:6a:02:3d:
         06:eb:ee:77:a5:52:bd:ff:35:0f:3c:2e:23:9d:f1:da:a7:f2:
         19:57:7f:42:8a:2c:b9:97:e3:2d:78:15:b9:1c:0d:5d:30:f5:
         6f:2f:cc:ec:47:91:2d:5a:e7:6a:47:7a:0c:ba:0d:fc:84:a8:
         ef:4c:a6:3c:45:77:7e:8a:2e:56:fa:63:ad:93:b3:c4:05:17:
         6d:50:6c:b6:be:2b:d7:d4:ed:d8:6d:02:d0:17:48:85:9c:b4:
         b9:11:6d:aa
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYr1tg7gYne4+6ui//NsDLwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMxMDAzMTMyNDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTkzNjQzZDVmNzM1MjliMzQ2N2Y3NDI3ODc1ZTJhNzU2MzM2MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2Rx2B60FKv6jNYpfZUKFEhf0axF
v7epW8MzsmpboMeuVlm8vltpAdgPevRgD+NpYJHiFbvjpqXNnhCguIpn3o+qPx+L
gTxLCme2jw6CT00nQKuH4JMTascLauD39tKGXgcVxNMYBnAKBqoDRhy2UsGA0o2J
b5pREx3ZkqWGq0jlxYMO8lHbsIRK0qTJvYYQYZ6xpJTvfoJVFsSmvcM3KJEhb7zo
XXI55MZtZ8QNx9YwoWtwZoan+6UB6YXmUWOQZNkE8SGzlDEiXvGdgG5Z/sqgMBlH
BALybVBymtdmoEGacc5JSJpj1hJ0Hb5BISQ2yZN28b96abu0dL8ejGrpDQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFJWTZD1fc1KbNGf3Qnh14qdWM2HoMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvbFpOa1BWOXpVcHMwWl9kQ2VIWGlwMVl6WWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAAF
aEgDBAAFaEowDAMEAy2CuAMEAC2CugMEAC2MBAMEAS2MBgMEAk1TFAMEAlT8QAME
AFjaUAMEAFja7wMEAFv17wMEAF/WUwMEAV/WXAMEAF/WXwMEAbB2vAMEALB2vwME
AbmxTAMEAMGgRAMEAMGgSAMEAMIcnQMEAsI1vAMEAMJ8KQMEANRFhzANBgkqhkiG
9w0BAQsFAAOCAQEAKGh8PwKlXKDKThaLUZFpZP5hWZrqWsP+f8OvaAiGXEqStX3b
5ih+WrcTYeTSRPG3v6tQZBVJUKbyTzptVxbevgqZvIHJX4tJOoRHMN5t03YYdRlv
cY/pQDEjCnzNAj88xVcUBXW2dxQj/rhEA03FOY2kess/Qh6YBN6Ox0BYUW66OA6Q
ii6gTjlqbN3QsMDoIva+dJH7zL4tjpRgWMW9agI9Buvud6VSvf81DzwuI53x2qfy
GVd/QoosuZfjLXgVuRwNXTD1by/M7EeRLVrnakd6DLoN/ISo70ymPEV3foouVvpj
rZOzxAUXbVBstr4r19Tt2G0C0BdIhZy0uRFtqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:20 2024 by rpki-client on console-ams.rpki-client.org