Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/coJ90m2HzIaoAiKh0XroWC8zUs8.roa
File:                     coJ90m2HzIaoAiKh0XroWC8zUs8.roa (raw, json)
Hash identifier:          rQjIaqi2xY1UB+uMHChf8DrvNy2psms6fRQPl1Bb4AM=
Subject key identifier:   72:82:7D:D2:6D:87:CC:86:A8:02:22:A1:D1:7A:E8:58:2F:33:52:CF
Certificate issuer:       /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial:       018CC7942312ED2E3D27FCB4C7C6F5ADE154
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/coJ90m2HzIaoAiKh0XroWC8zUs8.roa
Signing time:             Tue 02 Jan 2024 00:30:23 +0000
ROA not before:           Tue 02 Jan 2024 00:30:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43811
IP address blocks:        194.176.54.0/23 maxlen: 23
                          85.206.140.0/24 maxlen: 24
                          85.206.141.0/24 maxlen: 24
                          85.206.142.0/24 maxlen: 24
                          85.206.143.0/24 maxlen: 24
                          82.135.217.0/24 maxlen: 24
                          82.135.218.0/24 maxlen: 24
                          85.206.148.0/22 maxlen: 22
                          193.105.146.0/24 maxlen: 24
                          195.12.180.0/24 maxlen: 24
                          194.176.36.0/24 maxlen: 24
                          194.176.32.0/24 maxlen: 24
                          194.176.33.0/24 maxlen: 24
                          194.176.35.0/24 maxlen: 24
                          88.119.222.0/24 maxlen: 24
                          88.119.220.0/24 maxlen: 24
                          88.119.221.0/24 maxlen: 24
                          212.47.123.0/24 maxlen: 24
                          88.119.246.0/24 maxlen: 24
                          31.193.192.0/24 maxlen: 24
                          193.200.124.0/24 maxlen: 24
                          193.200.125.0/24 maxlen: 24
                          31.193.197.0/24 maxlen: 24
                          31.193.198.0/24 maxlen: 24
                          31.193.199.0/24 maxlen: 24
                          31.193.193.0/24 maxlen: 24
                          31.193.194.0/24 maxlen: 24
                          31.193.195.0/24 maxlen: 24
                          31.193.196.0/24 maxlen: 24
                          88.119.180.0/24 maxlen: 24
                          81.7.105.0/24 maxlen: 24
                          88.118.143.0/24 maxlen: 24
                          81.7.107.0/24 maxlen: 24
                          81.7.106.0/24 maxlen: 24
                          81.7.114.0/24 maxlen: 24
                          81.7.115.0/24 maxlen: 24
                          82.135.132.0/24 maxlen: 24
                          82.135.133.0/24 maxlen: 24
                          92.61.32.0/20 maxlen: 32
                          185.3.231.0/24 maxlen: 24
                          185.3.228.0/24 maxlen: 24
                          185.3.229.0/24 maxlen: 24
                          185.3.230.0/24 maxlen: 24
                          2a00:1eb8:c004::/48 maxlen: 48
                          2a02:118:2::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 19 Mar 2024 09:49:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:23:12:ed:2e:3d:27:fc:b4:c7:c6:f5:ad:e1:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
        Validity
            Not Before: Jan  2 00:30:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=72827dd26d87cc86a80222a1d17ae8582f3352cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:8b:d0:ff:bd:44:52:79:7a:3d:c8:b0:70:11:
                    08:0a:59:c3:2a:22:ff:2b:34:23:00:3e:46:ce:41:
                    5c:ed:5b:52:e1:79:a7:5a:74:a4:5b:05:d3:a3:13:
                    28:9b:93:34:a3:37:16:6f:f1:22:66:10:45:f7:0f:
                    bd:af:04:7e:85:e3:20:4e:43:9d:2f:41:32:9b:0e:
                    c9:21:c9:1a:5f:17:23:09:2c:79:b6:b6:1b:38:80:
                    ff:17:e3:18:65:94:62:ad:86:b3:f9:f2:f6:5d:4e:
                    bd:4d:09:53:95:3e:c3:c3:b2:92:18:58:79:bc:3b:
                    3d:ac:e4:64:4f:82:48:59:f4:1c:77:ad:b6:b3:f2:
                    d5:5c:b5:05:4e:61:be:9f:90:6b:ba:29:94:57:06:
                    fa:6a:5c:d0:7e:f0:fe:05:d2:db:96:01:4c:ed:b8:
                    dc:90:6b:41:26:ae:c7:ab:e0:6e:07:d9:6d:60:4c:
                    4e:5c:87:96:1a:e1:2a:43:57:de:1e:e8:c0:0b:30:
                    46:6d:f8:04:57:4b:30:ac:14:6f:34:53:8e:d1:15:
                    1f:99:a8:e0:c5:40:9c:ec:0c:22:a8:44:ad:df:aa:
                    65:ca:90:66:d7:99:2d:5a:ba:da:e2:e4:10:56:91:
                    ee:de:72:93:b5:31:16:21:4f:7e:71:00:ae:43:ad:
                    fd:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:82:7D:D2:6D:87:CC:86:A8:02:22:A1:D1:7A:E8:58:2F:33:52:CF
            X509v3 Authority Key Identifier:
                keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/coJ90m2HzIaoAiKh0XroWC8zUs8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.193.192.0/21
                  81.7.105.0-81.7.107.255
                  81.7.114.0/23
                  82.135.132.0/23
                  82.135.217.0-82.135.218.255
                  85.206.140.0/22
                  85.206.148.0/22
                  88.118.143.0/24
                  88.119.180.0/24
                  88.119.220.0-88.119.222.255
                  88.119.246.0/24
                  92.61.32.0/20
                  185.3.228.0/22
                  193.105.146.0/24
                  193.200.124.0/23
                  194.176.32.0/23
                  194.176.35.0-194.176.36.255
                  194.176.54.0/23
                  195.12.180.0/24
                  212.47.123.0/24
                IPv6:
                  2a00:1eb8:c004::/48
                  2a02:118:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         3d:1d:89:57:cf:e2:70:59:ee:13:e2:21:0a:b6:29:b7:1a:bd:
         67:63:2d:4f:b7:3f:0a:76:33:3d:0e:b6:3e:0c:38:5a:6f:1a:
         35:39:bc:ba:54:13:47:f6:a2:99:d8:fe:d7:50:08:bc:85:a5:
         81:f6:c9:e0:83:04:55:3f:3b:13:09:c3:f5:14:ac:aa:7a:9c:
         68:d1:04:03:74:7b:e6:20:34:02:11:a2:f4:38:0d:02:61:cb:
         69:08:10:5a:17:c1:32:22:7f:ac:d1:96:29:ae:9f:b9:82:28:
         04:f2:ca:46:c4:7a:80:9b:4a:02:39:26:e8:c1:1a:00:c5:18:
         eb:3a:82:81:20:a3:d1:9f:3d:33:89:02:dd:f7:14:43:6d:cd:
         55:4e:02:46:6e:b7:da:88:0d:a6:f6:fe:e6:92:60:58:17:e6:
         f3:85:72:6f:44:a4:19:0b:8b:d0:a7:cd:28:ca:1d:9a:bf:ca:
         a0:45:e6:67:e0:2c:e3:80:35:6d:51:f2:5a:50:af:ce:20:05:
         ba:94:f4:ff:cd:21:9b:6e:ef:43:bf:98:a0:34:28:2c:dc:2a:
         88:47:da:a8:92:7e:e1:27:0a:06:77:31:2c:4e:fc:90:11:48:
         fe:b9:90:5d:9e:2b:08:3c:d0:19:53:59:da:68:39:61:80:5e:
         26:cc:ad:c9
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYzHlCMS7S49J/y0x8b1reFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjQwMTAyMDAzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjgyN2RkMjZkODdjYzg2YTgwMjIyYTFkMTdhZTg1ODJmMzM1MmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiovQ/71EUnl6PciwcBEIClnDKiL/
KzQjAD5GzkFc7VtS4XmnWnSkWwXToxMom5M0ozcWb/EiZhBF9w+9rwR+heMgTkOd
L0Eymw7JIckaXxcjCSx5trYbOID/F+MYZZRirYaz+fL2XU69TQlTlT7Dw7KSGFh5
vDs9rORkT4JIWfQcd622s/LVXLUFTmG+n5BruimUVwb6alzQfvD+BdLblgFM7bjc
kGtBJq7Hq+BuB9ltYExOXIeWGuEqQ1feHujACzBGbfgEV0swrBRvNFOO0RUfmajg
xUCc7AwiqESt36plypBm15ktWrra4uQQVpHu3nKTtTEWIU9+cQCuQ639eQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFHKCfdJth8yGqAIiodF66FgvM1LPMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL2NvSjkwbTJIeklhb0FpS2gwWHJvV0M4elVzOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgc8GCCsGAQUFBwEHAQH/BIG/MIG8MIGfBAIAATCBmAME
Ax/BwDAMAwQAUQdpAwQCUQdoAwQBUQdyAwQBUoeEMAwDBABSh9kDBABSh9oDBAJV
zowDBAJVzpQDBABYdo8DBABYd7QwDAMEAlh33AMEAFh33gMEAFh39gMEBFw9IAME
ArkD5AMEAMFpkgMEAcHIfAMEAcKwIDAMAwQAwrAjAwQAwrAkAwQBwrA2AwQAwwy0
AwQA1C97MBgEAgACMBIDBwAqAB64wAQDBwAqAgEYAAIwDQYJKoZIhvcNAQELBQAD
ggEBAD0diVfP4nBZ7hPiIQq2KbcavWdjLU+3Pwp2Mz0Otj4MOFpvGjU5vLpUE0f2
opnY/tdQCLyFpYH2yeCDBFU/OxMJw/UUrKp6nGjRBAN0e+YgNAIRovQ4DQJhy2kI
EFoXwTIif6zRlimun7mCKATyykbEeoCbSgI5JujBGgDFGOs6goEgo9GfPTOJAt33
FENtzVVOAkZut9qIDab2/uaSYFgX5vOFcm9EpBkLi9CnzSjKHZq/yqBF5mfgLOOA
NW1R8lpQr84gBbqU9P/NIZtu70O/mKA0KCzcKohH2qiSfuEnCgZ3MSxO/JARSP65
kF2eKwg80BlTWdpoOWGAXibMrck=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:18 2024 by rpki-client on console-fra.rpki-client.org