Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XO3rx082kbu-V2xn52pZ7X_yFIQ.roa
File:                     XO3rx082kbu-V2xn52pZ7X_yFIQ.roa (raw, json)
Hash identifier:          J2Q/4JFmGu6OrUMtiC7GttAUVzckzT3PMRGbOJHfHO0=
Subject key identifier:   5C:ED:EB:C7:4F:36:91:BB:BE:57:6C:67:E7:6A:59:ED:7F:F2:14:84
Certificate issuer:       /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial:       018B5907F696FDBF7C79AF062C98065BBC39
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XO3rx082kbu-V2xn52pZ7X_yFIQ.roa
Signing time:             Sun 22 Oct 2023 20:16:15 +0000
ROA not before:           Sun 22 Oct 2023 20:16:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48159
IP address blocks:        2.188.1.0/24 maxlen: 24
                          2.188.0.0/24 maxlen: 24
                          2.188.22.0/24 maxlen: 24
                          2.188.28.0/24 maxlen: 24
                          78.39.240.0/24 maxlen: 24
                          78.39.149.0/24 maxlen: 24
                          78.39.150.0/24 maxlen: 24
                          78.39.151.0/24 maxlen: 24
                          78.39.156.0/24 maxlen: 24
                          78.39.153.0/24 maxlen: 24
                          78.39.155.0/24 maxlen: 24
                          80.191.56.0/24 maxlen: 24
                          217.218.67.0/24 maxlen: 24
                          2.185.18.0/24 maxlen: 24
                          2.185.40.0/21 maxlen: 21
                          2.188.64.0/21 maxlen: 21
                          2.188.76.0/24 maxlen: 24
                          2.185.0.0/20 maxlen: 20
                          2.185.0.0/16 maxlen: 16
                          78.38.243.0/24 maxlen: 24
                          78.38.246.0/24 maxlen: 24
                          78.38.251.0/24 maxlen: 24
                          78.38.250.0/24 maxlen: 24
                          78.38.248.0/24 maxlen: 24
                          78.38.254.0/24 maxlen: 24
                          78.39.0.0/16 maxlen: 24
                          2.177.0.0/16 maxlen: 16
                          2.191.0.0/16 maxlen: 16
                          80.191.0.0/16 maxlen: 16
                          217.218.0.0/16 maxlen: 24
                          2.181.0.0/16 maxlen: 24
                          78.39.43.0/24 maxlen: 24
                          78.39.40.0/24 maxlen: 24
                          78.39.51.0/24 maxlen: 24
                          78.39.47.0/24 maxlen: 24
                          78.39.50.0/24 maxlen: 24
                          78.39.46.0/24 maxlen: 24
                          78.39.49.0/24 maxlen: 24
                          78.39.48.0/24 maxlen: 24
                          78.39.55.0/24 maxlen: 24
                          78.39.58.0/24 maxlen: 24
                          78.39.54.0/24 maxlen: 24
                          78.39.57.0/24 maxlen: 24
                          78.39.53.0/24 maxlen: 24
                          78.39.56.0/24 maxlen: 24
                          78.39.59.0/24 maxlen: 24
                          78.39.62.0/23 maxlen: 24
                          217.219.236.0/22 maxlen: 22
                          78.38.0.0/16 maxlen: 24
                          78.38.160.0/19 maxlen: 19
                          2.176.128.0/17 maxlen: 17
                          2.185.164.0/24 maxlen: 24
                          2.185.160.0/19 maxlen: 19
                          2.188.179.0/24 maxlen: 24
                          2.185.88.0/22 maxlen: 22
                          217.219.0.0/16 maxlen: 24
                          2.188.185.0/24 maxlen: 24
                          2.188.184.0/24 maxlen: 24
                          2.188.187.0/24 maxlen: 24
                          2.182.0.0/16 maxlen: 24
                          2.189.68.0/24 maxlen: 24
                          2.189.72.0/24 maxlen: 24
                          2.189.42.0/24 maxlen: 24
                          2.189.43.0/24 maxlen: 24
                          2.189.56.0/24 maxlen: 24
                          2.189.58.0/24 maxlen: 24
                          2.182.128.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Sun 22 Oct 2023 20:21:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:59:07:f6:96:fd:bf:7c:79:af:06:2c:98:06:5b:bc:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
        Validity
            Not Before: Oct 22 20:16:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5cedebc74f3691bbbe576c67e76a59ed7ff21484
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:58:af:1d:b1:ec:97:b4:8d:d0:9f:c1:e6:2f:
                    af:7e:2d:32:b4:a1:d9:ce:51:07:e2:72:6b:ce:59:
                    be:37:4d:41:da:af:32:54:e2:6a:df:80:99:e6:94:
                    bf:0f:10:28:ad:e2:79:0c:16:55:6c:c6:c4:7d:1b:
                    ba:95:27:3d:2f:18:78:78:22:d2:44:33:c4:b7:a3:
                    cf:50:48:e2:d5:5e:12:b2:5d:20:07:6e:03:90:ef:
                    60:7e:e3:1f:82:f6:22:6e:89:ac:d9:18:4c:d0:34:
                    a9:4d:94:cf:54:a2:b9:50:51:6d:1f:3a:2f:d1:18:
                    56:f6:b6:f4:e9:44:a8:db:a7:ea:39:2e:95:60:19:
                    87:4b:05:8a:2e:c0:3c:11:73:00:5a:47:a3:e9:52:
                    3c:11:63:fe:46:8b:e3:fd:a1:01:ad:2e:cd:72:95:
                    65:8b:aa:41:40:08:32:56:3f:9d:e2:03:a6:60:c3:
                    af:6c:5c:15:af:19:c5:2e:3b:dc:bd:ca:0a:0c:81:
                    c4:85:32:ea:f7:1e:a5:96:52:88:a3:67:2a:a8:f1:
                    a5:8a:41:a7:55:f2:c6:b8:83:80:52:7c:11:49:b6:
                    c6:ef:84:9c:dd:e1:5f:3a:74:36:f3:64:7b:11:e2:
                    7f:81:c7:4d:c2:e7:55:88:78:cb:f5:a5:39:fa:f8:
                    59:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:ED:EB:C7:4F:36:91:BB:BE:57:6C:67:E7:6A:59:ED:7F:F2:14:84
            X509v3 Authority Key Identifier:
                keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/XO3rx082kbu-V2xn52pZ7X_yFIQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.176.128.0-2.177.255.255
                  2.181.0.0-2.182.255.255
                  2.185.0.0/16
                  2.188.0.0/23
                  2.188.22.0/24
                  2.188.28.0/24
                  2.188.64.0/21
                  2.188.76.0/24
                  2.188.179.0/24
                  2.188.184.0/23
                  2.188.187.0/24
                  2.189.42.0/23
                  2.189.56.0/24
                  2.189.58.0/24
                  2.189.68.0/24
                  2.189.72.0/24
                  2.191.0.0/16
                  78.38.0.0/15
                  80.191.0.0/16
                  217.218.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         84:e7:42:ec:cc:b1:6e:c6:66:71:e0:b5:e1:bb:e3:52:c9:15:
         e2:6e:0a:91:33:de:f6:f9:9b:58:f9:01:eb:d2:08:47:43:c5:
         03:fd:3b:18:1b:93:f2:be:fc:19:8a:fb:2a:99:c0:92:35:20:
         f6:1c:91:c7:7b:07:3f:79:13:fa:fd:e8:35:67:98:b5:69:75:
         e6:c2:8d:60:7f:e8:b7:b8:81:52:f9:7f:3c:6b:ee:f9:43:93:
         fc:3d:cb:7d:9a:a7:a1:25:2f:65:97:57:32:5f:6a:a3:ab:3c:
         63:b0:dd:7d:77:3d:1a:c6:c7:85:3b:a1:25:3a:b2:7e:74:00:
         b7:e8:61:c3:14:0c:70:e2:d7:81:04:4d:43:8b:7d:b1:cf:f7:
         3e:a2:8c:31:66:f4:63:82:e0:83:9c:9d:f4:d0:90:73:40:e0:
         d5:10:03:bf:08:d9:6e:f8:3d:33:25:1f:65:2d:63:0b:17:1b:
         23:c4:34:7f:25:d3:be:c0:d4:b0:c8:d4:d5:84:57:f1:93:d4:
         04:09:81:cc:bf:7a:ab:ae:45:65:93:ff:9d:02:53:89:f4:30:
         22:bc:8d:41:6d:16:0b:14:b1:07:19:45:f2:b5:8d:7d:66:3e:
         8c:aa:cb:47:f2:3a:3b:ca:e2:14:b1:c7:d6:a6:cf:73:07:50:
         81:33:39:82
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYtZB/aW/b98ea8GLJgGW7w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMxMDIyMjAxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2VkZWJjNzRmMzY5MWJiYmU1NzZjNjdlNzZhNTllZDdmZjIxNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllivHbHsl7SN0J/B5i+vfi0ytKHZ
zlEH4nJrzlm+N01B2q8yVOJq34CZ5pS/DxAoreJ5DBZVbMbEfRu6lSc9Lxh4eCLS
RDPEt6PPUEji1V4Ssl0gB24DkO9gfuMfgvYiboms2RhM0DSpTZTPVKK5UFFtHzov
0RhW9rb06USo26fqOS6VYBmHSwWKLsA8EXMAWkej6VI8EWP+Rovj/aEBrS7NcpVl
i6pBQAgyVj+d4gOmYMOvbFwVrxnFLjvcvcoKDIHEhTLq9x6lllKIo2cqqPGlikGn
VfLGuIOAUnwRSbbG74Sc3eFfOnQ282R7EeJ/gcdNwudViHjL9aU5+vhZkQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFFzt68dPNpG7vldsZ+dqWe1/8hSEMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvWE8zcngwODJrYnUtVjJ4bjUycFo3WF95RklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYAwCwME
BwKwgAMDAQKwMAoDAwACtQMDAAK2AwMAArkDBAECvAADBAACvBYDBAACvBwDBAMC
vEADBAACvEwDBAACvLMDBAECvLgDBAACvLsDBAECvSoDBAACvTgDBAACvToDBAAC
vUQDBAACvUgDAwACvwMDAU4mAwMAUL8DAwHZ2jANBgkqhkiG9w0BAQsFAAOCAQEA
hOdC7MyxbsZmceC14bvjUskV4m4KkTPe9vmbWPkB69IIR0PFA/07GBuT8r78GYr7
KpnAkjUg9hyRx3sHP3kT+v3oNWeYtWl15sKNYH/ot7iBUvl/PGvu+UOT/D3LfZqn
oSUvZZdXMl9qo6s8Y7DdfXc9GsbHhTuhJTqyfnQAt+hhwxQMcOLXgQRNQ4t9sc/3
PqKMMWb0Y4Lgg5yd9NCQc0Dg1RADvwjZbvg9MyUfZS1jCxcbI8Q0fyXTvsDUsMjU
1YRX8ZPUBAmBzL96q65FZZP/nQJTifQwIryNQW0WCxSxBxlF8rWNfWY+jKrLR/I6
O8riFLHH1qbPcwdQgTM5gg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org