Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/ko2cwn8jbk9q7CyKATCCmA57FKU.roa
File:                     ko2cwn8jbk9q7CyKATCCmA57FKU.roa (raw, json)
Hash identifier:          F9JI5D4EURKK4UioQ8syjv8SoMNvnYpdKem3JJr8ne8=
Subject key identifier:   92:8D:9C:C2:7F:23:6E:4F:6A:EC:2C:8A:01:30:82:98:0E:7B:14:A5
Certificate issuer:       /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial:       0187C23F4F0297D0D058E660C8ABF7A80376
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/ko2cwn8jbk9q7CyKATCCmA57FKU.roa
Signing time:             Thu 27 Apr 2023 10:25:41 +0000
ROA not before:           Thu 27 Apr 2023 10:25:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8903
IP address blocks:        213.9.128.0/17 maxlen: 17
                          213.9.142.0/23 maxlen: 23
                          213.9.144.0/24 maxlen: 24
                          213.9.162.0/23 maxlen: 23
                          212.49.189.0/24 maxlen: 24
                          213.9.240.0/23 maxlen: 23
                          213.9.245.0/24 maxlen: 24
                          213.9.244.0/24 maxlen: 24
                          213.9.246.0/24 maxlen: 24
                          213.9.248.0/24 maxlen: 24
                          213.9.247.0/24 maxlen: 24
                          213.9.182.0/24 maxlen: 24
                          213.9.186.0/24 maxlen: 24
                          213.9.185.0/24 maxlen: 24
                          213.9.190.0/23 maxlen: 23
                          213.9.217.0/24 maxlen: 24
                          212.163.185.0/24 maxlen: 24
                          212.163.193.0/24 maxlen: 24
                          212.163.92.0/24 maxlen: 24
                          212.163.94.0/24 maxlen: 24
                          212.163.130.0/24 maxlen: 24
                          212.49.128.0/18 maxlen: 18
                          212.49.129.0/24 maxlen: 24
                          212.163.216.0/22 maxlen: 22
                          212.163.220.0/22 maxlen: 22
                          212.163.225.0/24 maxlen: 24
                          212.163.226.0/24 maxlen: 24
                          212.163.227.0/24 maxlen: 24
                          212.163.235.0/24 maxlen: 24
                          185.66.60.0/24 maxlen: 24
                          185.66.60.0/22 maxlen: 22
                          185.66.62.0/24 maxlen: 24
                          185.66.61.0/24 maxlen: 24
                          212.163.240.0/20 maxlen: 20
                          84.18.0.0/19 maxlen: 19
                          213.192.216.0/21 maxlen: 21
                          213.192.224.0/22 maxlen: 22
                          213.192.232.0/22 maxlen: 22
                          213.192.228.0/23 maxlen: 23
                          213.192.238.0/24 maxlen: 24
                          213.192.240.0/24 maxlen: 24
                          213.192.239.0/24 maxlen: 24
                          213.192.235.0/24 maxlen: 24
                          213.192.244.0/23 maxlen: 23
                          213.192.246.0/24 maxlen: 24
                          213.192.242.0/23 maxlen: 23
                          213.192.241.0/24 maxlen: 24
                          213.192.252.0/23 maxlen: 23
                          213.192.251.0/24 maxlen: 24
                          213.192.253.0/24 maxlen: 24
                          213.192.249.0/24 maxlen: 24
                          213.192.248.0/21 maxlen: 21
                          213.192.247.0/24 maxlen: 24
                          213.192.254.0/24 maxlen: 24
                          213.192.255.0/24 maxlen: 24
                          212.163.48.0/24 maxlen: 24
                          212.163.91.0/24 maxlen: 24
                          212.163.1.0/24 maxlen: 24
                          212.163.5.0/24 maxlen: 24
                          212.163.0.0/16 maxlen: 16
                          212.163.31.0/24 maxlen: 24
                          92.60.160.0/20 maxlen: 20
                          92.60.170.0/24 maxlen: 24
                          92.60.174.0/24 maxlen: 24
                          92.60.173.0/24 maxlen: 24
                          213.192.193.0/24 maxlen: 24
                          213.192.192.0/18 maxlen: 18
                          213.192.203.0/24 maxlen: 24
                          213.192.200.0/22 maxlen: 22
                          213.192.206.0/23 maxlen: 23
                          213.192.212.0/22 maxlen: 22
                          213.192.213.0/24 maxlen: 24
                          2001:ac0:30fd::/48 maxlen: 48
                          2001:ac0::/32 maxlen: 32
                          2001:ac0:c880::/44 maxlen: 44
                          2001:ac0:c0c0::/44 maxlen: 44
                          2001:ac0:c040::/44 maxlen: 44

Validation:               Failed, certificate revoked on Thu 27 Apr 2023 15:03:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c2:3f:4f:02:97:d0:d0:58:e6:60:c8:ab:f7:a8:03:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
        Validity
            Not Before: Apr 27 10:25:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=928d9cc27f236e4f6aec2c8a013082980e7b14a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:f7:19:00:cf:bf:78:26:bb:6e:53:4f:6f:b6:
                    64:eb:a5:9c:ea:95:19:bf:34:ce:b7:87:d2:4c:22:
                    ee:8a:d1:d9:ac:d1:27:59:9e:99:44:06:37:5d:c5:
                    20:b1:cc:a4:4f:c9:e6:47:44:95:f5:fe:5d:9a:0e:
                    9c:68:68:b9:e5:d7:af:3f:24:aa:7d:e1:35:18:5d:
                    97:d0:3a:98:eb:2f:ae:5e:f0:07:b0:33:f8:42:c5:
                    b7:d0:fc:4e:8e:72:01:fc:9d:72:ab:da:7d:ca:11:
                    12:d2:80:09:a6:e9:17:df:36:e2:3b:e2:45:4b:7e:
                    52:64:7c:24:46:3d:72:e6:ba:66:0e:7e:7a:9b:e5:
                    86:00:da:19:d8:df:60:20:22:91:73:65:6c:0a:20:
                    7a:a2:62:7c:24:2e:7a:9a:4c:16:5d:48:ac:fe:dc:
                    15:d0:a1:a7:dc:65:75:98:f1:6e:b3:51:fc:59:1e:
                    cc:d5:fe:04:16:c1:8f:63:88:b1:5a:97:e0:74:c7:
                    97:64:75:94:96:f4:a7:f2:72:d6:8a:be:fc:ff:1d:
                    39:e8:3a:43:b1:4d:53:9c:d4:5b:e4:ba:d3:7f:e8:
                    8b:d2:cb:7d:0b:61:59:b4:9a:b2:0b:e4:07:fd:23:
                    28:77:69:f3:64:40:18:16:ab:4b:b1:51:e7:a4:b1:
                    bd:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:8D:9C:C2:7F:23:6E:4F:6A:EC:2C:8A:01:30:82:98:0E:7B:14:A5
            X509v3 Authority Key Identifier:
                keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/ko2cwn8jbk9q7CyKATCCmA57FKU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.18.0.0/19
                  92.60.160.0/20
                  185.66.60.0/22
                  212.49.128.0/18
                  212.163.0.0/16
                  213.9.128.0/17
                  213.192.192.0/18
                IPv6:
                  2001:ac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         89:05:0c:9a:a2:65:c7:0d:d9:ae:17:99:38:f0:44:ac:76:d1:
         8f:f8:7d:7a:cf:cc:16:2f:02:ef:4a:bd:84:40:72:33:e2:1e:
         1a:9e:81:fc:ac:36:57:37:09:ab:1b:cd:a3:1c:71:41:2b:e5:
         c5:a3:be:ea:1e:42:a3:4d:c1:1a:11:0a:6a:5f:27:25:2c:e5:
         1f:2b:18:8c:db:92:b1:8a:68:cd:df:0e:f6:4d:e7:8e:b2:9b:
         17:3f:d7:fd:60:03:dc:be:5a:48:2e:44:bf:eb:75:7f:36:b4:
         d5:f4:77:47:46:46:3a:9d:d0:29:33:b8:82:be:e4:e0:31:a4:
         c7:cf:46:c9:a1:4a:21:32:09:3b:bf:63:30:88:35:e5:dc:0f:
         c5:a5:d8:34:03:95:2b:f4:68:36:5e:25:ee:13:0f:a7:5f:dc:
         4b:47:0d:27:61:7c:eb:91:38:82:c2:fe:cc:47:42:b8:47:ff:
         05:74:3a:17:78:3f:8c:a7:41:1b:da:b0:c9:72:e9:e7:36:d4:
         a0:15:5c:eb:88:8a:15:cd:0c:06:ed:f2:cc:64:56:0f:4d:d5:
         41:bf:e5:0f:25:11:37:a1:39:f2:da:69:59:3b:b3:10:29:36:
         51:54:3e:02:45:68:2b:5a:d3:54:9f:dd:25:fd:c6:99:e2:f9:
         27:05:0b:5a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYfCP08Cl9DQWOZgyKv3qAN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjMwNDI3MTAyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjhkOWNjMjdmMjM2ZTRmNmFlYzJjOGEwMTMwODI5ODBlN2IxNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfcZAM+/eCa7blNPb7Zk66Wc6pUZ
vzTOt4fSTCLuitHZrNEnWZ6ZRAY3XcUgscykT8nmR0SV9f5dmg6caGi55devPySq
feE1GF2X0DqY6y+uXvAHsDP4QsW30PxOjnIB/J1yq9p9yhES0oAJpukX3zbiO+JF
S35SZHwkRj1y5rpmDn56m+WGANoZ2N9gICKRc2VsCiB6omJ8JC56mkwWXUis/twV
0KGn3GV1mPFus1H8WR7M1f4EFsGPY4ixWpfgdMeXZHWUlvSn8nLWir78/x056DpD
sU1TnNRb5LrTf+iL0st9C2FZtJqyC+QH/SMod2nzZEAYFqtLsVHnpLG9SwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJKNnMJ/I25PauwsigEwgpgOexSlMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEva28yY3duOGpiazlxN0N5S0FUQ0NtQTU3RktVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQFVBIAAwQE
XDygAwQCuUI8AwQG1DGAAwMA1KMDBAfVCYADBAbVwMAwDQQCAAIwBwMFACABCsAw
DQYJKoZIhvcNAQELBQADggEBAIkFDJqiZccN2a4XmTjwRKx20Y/4fXrPzBYvAu9K
vYRAcjPiHhqegfysNlc3CasbzaMccUEr5cWjvuoeQqNNwRoRCmpfJyUs5R8rGIzb
krGKaM3fDvZN546ymxc/1/1gA9y+WkguRL/rdX82tNX0d0dGRjqd0CkzuIK+5OAx
pMfPRsmhSiEyCTu/YzCINeXcD8Wl2DQDlSv0aDZeJe4TD6df3EtHDSdhfOuROILC
/sxHQrhH/wV0Ohd4P4ynQRvasMly6ec21KAVXOuIihXNDAbt8sxkVg9N1UG/5Q8l
ETehOfLaaVk7sxApNlFUPgJFaCta01Sf3SX9xpni+ScFC1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:57 2024 by rpki-client on console-ams.rpki-client.org