Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/SizAjAB8PbZjQ-eySJajqvzbIkQ.roa
File:                     SizAjAB8PbZjQ-eySJajqvzbIkQ.roa (raw, json)
Hash identifier:          6GK7ChOmPQrGNPkLOcWHBeP+CzCURxOYDSCl3VnPhfk=
Subject key identifier:   4A:2C:C0:8C:00:7C:3D:B6:63:43:E7:B2:48:96:A3:AA:FC:DB:22:44
Certificate issuer:       /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial:       0187BEC73F39E7851583115ABB0D3489A523
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/SizAjAB8PbZjQ-eySJajqvzbIkQ.roa
Signing time:             Wed 26 Apr 2023 18:15:41 +0000
ROA not before:           Wed 26 Apr 2023 18:15:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8903
IP address blocks:        213.9.128.0/17 maxlen: 17
                          213.9.142.0/23 maxlen: 23
                          213.9.144.0/24 maxlen: 24
                          213.9.162.0/23 maxlen: 23
                          212.49.189.0/24 maxlen: 24
                          213.9.240.0/23 maxlen: 23
                          213.9.245.0/24 maxlen: 24
                          213.9.244.0/24 maxlen: 24
                          213.9.246.0/24 maxlen: 24
                          213.9.248.0/24 maxlen: 24
                          213.9.247.0/24 maxlen: 24
                          213.9.182.0/24 maxlen: 24
                          213.9.186.0/24 maxlen: 24
                          213.9.185.0/24 maxlen: 24
                          213.9.190.0/23 maxlen: 23
                          213.9.217.0/24 maxlen: 24
                          212.163.185.0/24 maxlen: 24
                          212.163.193.0/24 maxlen: 24
                          212.163.92.0/24 maxlen: 24
                          212.163.94.0/24 maxlen: 24
                          212.163.130.0/24 maxlen: 24
                          212.49.128.0/18 maxlen: 18
                          212.49.129.0/24 maxlen: 24
                          212.163.216.0/22 maxlen: 22
                          212.163.220.0/22 maxlen: 22
                          212.163.225.0/24 maxlen: 24
                          212.163.226.0/24 maxlen: 24
                          212.163.227.0/24 maxlen: 24
                          212.163.235.0/24 maxlen: 24
                          185.66.60.0/24 maxlen: 24
                          185.66.60.0/22 maxlen: 22
                          185.66.62.0/24 maxlen: 24
                          185.66.61.0/24 maxlen: 24
                          212.163.240.0/20 maxlen: 20
                          212.163.48.0/24 maxlen: 24
                          212.163.91.0/24 maxlen: 24
                          212.163.1.0/24 maxlen: 24
                          212.163.5.0/24 maxlen: 24
                          212.163.0.0/16 maxlen: 16
                          212.163.31.0/24 maxlen: 24
                          92.60.160.0/20 maxlen: 20
                          92.60.170.0/24 maxlen: 24
                          92.60.174.0/24 maxlen: 24
                          92.60.173.0/24 maxlen: 24
                          2001:ac0:30fd::/48 maxlen: 48
                          2001:ac0::/32 maxlen: 32
                          2001:ac0:c880::/44 maxlen: 44
                          2001:ac0:c0c0::/44 maxlen: 44
                          2001:ac0:c040::/44 maxlen: 44

Validation:               Failed, certificate revoked on Wed 26 Apr 2023 19:03:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:be:c7:3f:39:e7:85:15:83:11:5a:bb:0d:34:89:a5:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
        Validity
            Not Before: Apr 26 18:15:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4a2cc08c007c3db66343e7b24896a3aafcdb2244
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:a0:e7:db:d9:cb:24:5b:0e:52:ca:0a:5d:0d:
                    6d:47:3f:f3:da:69:4b:9b:ce:41:6f:4e:82:0a:76:
                    50:9c:73:22:10:d6:02:ab:95:fc:3f:24:14:39:0c:
                    c0:49:2f:dc:b5:c4:24:da:0e:fa:7f:b4:6d:be:85:
                    1f:7d:1e:0c:5c:20:df:d0:64:55:22:7f:33:04:18:
                    2c:15:3c:89:a2:37:40:ba:60:e9:a0:8a:33:b2:8b:
                    32:70:b4:32:2d:f8:e0:4d:0f:be:f0:1d:cf:c2:05:
                    f7:01:20:a6:b8:a4:82:4b:af:c8:a8:3e:6c:8d:06:
                    e2:eb:21:ce:7e:b8:a2:19:84:9b:3e:69:05:34:19:
                    d2:0d:9c:85:df:12:ad:69:7a:e5:4f:32:8d:94:cc:
                    cd:9c:1f:69:1a:5a:82:1a:4f:de:af:9f:ed:04:30:
                    0e:42:45:1f:b7:ce:49:a1:a6:c6:cb:71:c9:ff:7c:
                    34:da:01:7e:ad:41:b9:57:dc:5a:34:d3:58:30:b7:
                    6f:7d:4e:57:62:3f:a8:e6:be:22:17:33:7b:9c:8b:
                    e2:c9:c6:c0:65:06:ef:f7:50:37:0c:fe:18:bc:f4:
                    b7:ea:e5:8b:ea:e0:45:4f:e5:ab:ef:cb:d0:01:4a:
                    5b:df:8b:17:ff:f9:da:ee:af:bc:5b:e5:ae:e1:25:
                    7b:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:2C:C0:8C:00:7C:3D:B6:63:43:E7:B2:48:96:A3:AA:FC:DB:22:44
            X509v3 Authority Key Identifier:
                keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/SizAjAB8PbZjQ-eySJajqvzbIkQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.60.160.0/20
                  185.66.60.0/22
                  212.49.128.0/18
                  212.163.0.0/16
                  213.9.128.0/17
                IPv6:
                  2001:ac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         82:22:4e:37:07:11:fd:46:9d:5c:aa:fe:5d:af:63:20:44:77:
         a2:51:94:0c:39:e9:03:2b:8c:be:02:a3:a5:07:fe:78:ec:d7:
         6c:dd:7d:1b:aa:f7:0b:b1:0f:c2:9b:55:3c:f8:e6:5e:12:bc:
         53:10:82:68:16:4f:da:be:75:83:c4:3e:12:0f:ee:2d:c6:cd:
         08:72:cb:87:51:51:7d:78:7f:22:20:05:7d:c4:3f:65:01:df:
         98:64:19:ca:bf:07:71:9a:40:d1:22:e7:67:55:2d:2d:c8:56:
         33:35:53:b7:3e:f0:b0:3d:3f:06:82:e5:71:df:e4:62:e9:ed:
         07:ee:33:8b:f5:62:a3:38:0e:0c:24:dd:3f:5b:79:31:cd:48:
         c7:e3:c9:b4:6f:b5:46:3d:27:3b:ec:31:0c:de:a4:4d:94:4b:
         81:fb:2c:c4:3f:98:3f:8a:e1:7a:b0:ac:c9:ca:45:41:e7:d0:
         39:ec:76:12:4e:e8:11:70:cc:b1:37:b9:d0:bc:02:39:4d:d7:
         7d:36:01:0f:8f:0c:37:da:ea:53:74:12:b2:01:75:44:1d:41:
         fc:93:25:1b:55:cb:1f:9d:a2:ac:30:b1:7d:c4:81:25:fe:13:
         21:2c:d3:5f:a4:76:fb:a4:6c:cd:1b:06:31:44:f9:7c:0e:f8:
         a5:e3:f8:3f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYe+xz8554UVgxFauw00iaUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjMwNDI2MTgxNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTJjYzA4YzAwN2MzZGI2NjM0M2U3YjI0ODk2YTNhYWZjZGIyMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKDn29nLJFsOUsoKXQ1tRz/z2mlL
m85Bb06CCnZQnHMiENYCq5X8PyQUOQzASS/ctcQk2g76f7RtvoUffR4MXCDf0GRV
In8zBBgsFTyJojdAumDpoIozsosycLQyLfjgTQ++8B3PwgX3ASCmuKSCS6/IqD5s
jQbi6yHOfriiGYSbPmkFNBnSDZyF3xKtaXrlTzKNlMzNnB9pGlqCGk/er5/tBDAO
QkUft85JoabGy3HJ/3w02gF+rUG5V9xaNNNYMLdvfU5XYj+o5r4iFzN7nIviycbA
ZQbv91A3DP4YvPS36uWL6uBFT+Wr78vQAUpb34sX//na7q+8W+Wu4SV7+QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEoswIwAfD22Y0PnskiWo6r82yJEMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvU2l6QWpBQjhQYlpqUS1leVNKYWpxdnpiSWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQEXDygAwQC
uUI8AwQG1DGAAwMA1KMDBAfVCYAwDQQCAAIwBwMFACABCsAwDQYJKoZIhvcNAQEL
BQADggEBAIIiTjcHEf1GnVyq/l2vYyBEd6JRlAw56QMrjL4Co6UH/njs12zdfRuq
9wuxD8KbVTz45l4SvFMQgmgWT9q+dYPEPhIP7i3GzQhyy4dRUX14fyIgBX3EP2UB
35hkGcq/B3GaQNEi52dVLS3IVjM1U7c+8LA9PwaC5XHf5GLp7QfuM4v1YqM4Dgwk
3T9beTHNSMfjybRvtUY9JzvsMQzepE2US4H7LMQ/mD+K4XqwrMnKRUHn0DnsdhJO
6BFwzLE3udC8AjlN1302AQ+PDDfa6lN0ErIBdUQdQfyTJRtVyx+doqwwsX3EgSX+
EyEs01+kdvukbM0bBjFE+XwO+KXj+D8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:57 2024 by rpki-client on console-ams.rpki-client.org