Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/LvsfTI1HiXxeU8L5NdeFmhZwW-U.roa
File:                     LvsfTI1HiXxeU8L5NdeFmhZwW-U.roa (raw, json)
Hash identifier:          BV6OMUvDlhMlJijwLwttazdQ7frZ/v6N2LatgSiA/2A=
Subject key identifier:   2E:FB:1F:4C:8D:47:89:7C:5E:53:C2:F9:35:D7:85:9A:16:70:5B:E5
Certificate issuer:       /CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Certificate serial:       01888621091889697A5E2A1D379491E19597
Authority key identifier: 1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/LvsfTI1HiXxeU8L5NdeFmhZwW-U.roa
Signing time:             Sun 04 Jun 2023 11:18:11 +0000
ROA not before:           Sun 04 Jun 2023 11:18:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39273
IP address blocks:        78.110.79.0/24 maxlen: 24
                          81.22.30.0/24 maxlen: 24
                          81.22.31.0/24 maxlen: 24
                          81.22.28.0/24 maxlen: 24
                          81.22.29.0/24 maxlen: 24
                          81.22.27.0/24 maxlen: 24
                          81.22.25.0/24 maxlen: 24
                          81.22.26.0/24 maxlen: 24
                          77.92.165.0/24 maxlen: 24
                          77.92.166.0/24 maxlen: 24
                          77.92.163.0/24 maxlen: 24
                          77.92.164.0/24 maxlen: 24
                          77.92.161.0/24 maxlen: 24
                          77.92.160.0/21 maxlen: 21
                          77.92.160.0/19 maxlen: 19
                          77.92.162.0/24 maxlen: 24
                          77.92.160.0/24 maxlen: 24
                          77.92.172.0/24 maxlen: 24
                          77.92.170.0/24 maxlen: 24
                          77.92.171.0/24 maxlen: 24
                          77.92.168.0/24 maxlen: 24
                          77.92.169.0/24 maxlen: 24
                          77.92.167.0/24 maxlen: 24
                          77.92.168.0/21 maxlen: 21
                          77.92.173.0/24 maxlen: 24
                          77.92.179.0/24 maxlen: 24
                          77.92.177.0/24 maxlen: 24
                          77.92.178.0/24 maxlen: 24
                          77.92.175.0/24 maxlen: 24
                          77.92.176.0/24 maxlen: 24
                          77.92.176.0/21 maxlen: 21
                          77.92.174.0/24 maxlen: 24
                          77.92.186.0/24 maxlen: 24
                          77.92.184.0/21 maxlen: 21
                          77.92.184.0/24 maxlen: 24
                          77.92.185.0/24 maxlen: 24
                          77.92.182.0/24 maxlen: 24
                          77.92.183.0/24 maxlen: 24
                          77.92.181.0/24 maxlen: 24
                          77.92.180.0/24 maxlen: 24
                          77.92.191.0/24 maxlen: 24
                          77.92.189.0/24 maxlen: 24
                          77.92.190.0/24 maxlen: 24
                          77.92.188.0/24 maxlen: 24
                          77.92.187.0/24 maxlen: 24
                          81.22.16.0/20 maxlen: 20
                          81.22.16.0/24 maxlen: 24
                          81.22.17.0/24 maxlen: 24
                          81.22.23.0/24 maxlen: 24
                          81.22.24.0/24 maxlen: 24
                          81.22.21.0/24 maxlen: 24
                          81.22.22.0/24 maxlen: 24
                          81.22.20.0/24 maxlen: 24
                          81.22.18.0/24 maxlen: 24
                          81.22.19.0/24 maxlen: 24
                          78.110.64.0/24 maxlen: 24
                          78.110.64.0/21 maxlen: 21
                          78.110.64.0/20 maxlen: 20
                          78.110.70.0/24 maxlen: 24
                          78.110.71.0/24 maxlen: 24
                          78.110.68.0/24 maxlen: 24
                          78.110.69.0/24 maxlen: 24
                          78.110.67.0/24 maxlen: 24
                          78.110.65.0/24 maxlen: 24
                          78.110.66.0/24 maxlen: 24
                          78.110.75.0/24 maxlen: 24
                          78.110.77.0/24 maxlen: 24
                          77.83.91.0/24 maxlen: 24
                          78.110.78.0/24 maxlen: 24
                          77.83.89.0/24 maxlen: 24
                          78.110.76.0/24 maxlen: 24
                          77.83.90.0/24 maxlen: 24
                          78.110.74.0/24 maxlen: 24
                          77.83.88.0/24 maxlen: 24
                          77.83.88.0/22 maxlen: 22
                          78.110.72.0/21 maxlen: 21
                          78.110.72.0/24 maxlen: 24
                          78.110.73.0/24 maxlen: 24
                          87.236.50.0/24 maxlen: 24
                          87.236.48.0/21 maxlen: 21
                          87.236.51.0/24 maxlen: 24
                          87.236.48.0/24 maxlen: 24
                          87.236.49.0/24 maxlen: 24
                          185.33.178.0/24 maxlen: 24
                          185.33.179.0/24 maxlen: 24
                          185.33.177.0/24 maxlen: 24
                          185.33.176.0/24 maxlen: 24
                          185.33.176.0/22 maxlen: 22
                          87.236.54.0/24 maxlen: 24
                          87.236.52.0/24 maxlen: 24
                          87.236.53.0/24 maxlen: 24
                          87.236.55.0/24 maxlen: 24
                          2a04:8ac0::/29 maxlen: 29
                          2a00:6600::/29 maxlen: 29
                          2a00:6600::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 06 Jun 2023 10:38:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:86:21:09:18:89:69:7a:5e:2a:1d:37:94:91:e1:95:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
        Validity
            Not Before: Jun  4 11:18:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2efb1f4c8d47897c5e53c2f935d7859a16705be5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b7:50:9d:0e:86:ca:ae:da:7c:d4:3a:64:87:
                    14:be:e8:eb:41:32:16:e7:6a:64:75:ef:43:2d:de:
                    5c:92:92:8b:40:36:ca:03:cd:b0:c3:ca:f2:4e:07:
                    7e:d6:23:6c:80:26:c1:9d:54:a9:64:d3:61:e3:e0:
                    c6:cb:e8:3c:d9:69:1b:78:d5:dc:8d:b3:d6:c7:e5:
                    42:4b:4d:f2:f8:b0:23:c5:d6:6f:a8:4e:fd:14:06:
                    be:a9:f5:86:0a:d8:ea:84:b1:6d:56:59:6d:bd:3f:
                    74:65:7e:e9:9a:6a:7d:54:b6:eb:5b:c9:5a:81:40:
                    8e:f5:e9:db:53:22:43:66:8c:f0:f7:bd:e2:dc:42:
                    a0:ed:27:72:27:35:79:7d:bd:57:30:0c:2f:4b:ce:
                    84:ab:e6:2e:10:8c:73:ad:b4:fc:d9:3c:1a:16:ee:
                    95:4d:84:10:33:60:09:e2:08:d3:28:5a:3f:c9:01:
                    d1:8a:cd:6f:3c:55:cd:8e:aa:32:7c:55:f7:7c:be:
                    c7:2b:2a:fc:66:93:e3:a1:e2:a7:76:2c:38:03:4e:
                    9d:f6:4e:80:d7:55:e4:d6:60:31:03:9b:98:a5:cb:
                    c0:ba:32:88:57:6d:ef:34:f5:69:26:28:d4:23:48:
                    1a:27:59:0d:32:06:0a:01:ee:a3:55:e4:03:2f:e0:
                    88:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:FB:1F:4C:8D:47:89:7C:5E:53:C2:F9:35:D7:85:9A:16:70:5B:E5
            X509v3 Authority Key Identifier:
                keyid:1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/LvsfTI1HiXxeU8L5NdeFmhZwW-U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/HCiwfBV6XcYTySZNr4nnyGDjPmM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.83.88.0/22
                  77.92.160.0/19
                  78.110.64.0/20
                  81.22.16.0/20
                  87.236.48.0/21
                  185.33.176.0/22
                IPv6:
                  2a00:6600::/29
                  2a04:8ac0::/29

    Signature Algorithm: sha256WithRSAEncryption
         ce:7f:b1:3d:6c:a4:0e:f8:b5:43:ab:be:33:52:6e:18:ec:ff:
         fa:e9:99:84:11:b9:84:07:f1:34:a4:65:fd:33:00:aa:e3:41:
         54:1c:6a:9d:dd:dd:23:1c:bd:d6:85:61:20:70:2d:ec:12:6a:
         bc:60:f0:d9:28:9f:e0:1c:87:bf:43:31:9c:92:8a:c2:ea:61:
         1e:33:74:db:2b:59:70:60:98:f6:7b:e6:f4:e7:e9:1b:5d:1d:
         77:ee:8d:4f:5b:c1:52:3c:60:53:37:68:30:ab:04:51:85:13:
         63:e8:4d:04:15:b5:ac:aa:a7:02:2b:31:96:b3:f6:82:11:1b:
         04:81:36:6a:22:a3:6e:af:56:9e:58:df:73:1f:5a:4e:3c:c2:
         d9:3e:8e:55:c2:c6:d4:34:7a:5d:e5:6e:2e:92:c2:01:c7:64:
         be:87:73:00:f7:4c:18:7e:99:a3:ae:10:de:55:ef:dc:d0:7f:
         3d:2d:41:06:59:c0:cf:1e:d6:e0:f0:4d:25:29:c7:db:43:bc:
         e7:7c:bf:6f:78:5d:eb:b6:58:29:c6:38:5e:45:da:7b:72:11:
         47:4b:4b:fb:2e:48:41:18:0a:a7:0b:8b:ba:ed:84:37:d3:17:
         82:96:b1:a8:99:8d:8d:07:e5:64:ac:e1:7d:1d:b8:9a:ae:63:
         bc:55:17:53
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYiGIQkYiWl6XiodN5SR4ZWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjhiMDdjMTU3YTVkYzYxM2M5MjY0ZGFmODllN2M4NjBl
MzNlNjMwHhcNMjMwNjA0MTExODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWZiMWY0YzhkNDc4OTdjNWU1M2MyZjkzNWQ3ODU5YTE2NzA1YmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbdQnQ6Gyq7afNQ6ZIcUvujrQTIW
52pkde9DLd5ckpKLQDbKA82ww8ryTgd+1iNsgCbBnVSpZNNh4+DGy+g82WkbeNXc
jbPWx+VCS03y+LAjxdZvqE79FAa+qfWGCtjqhLFtVlltvT90ZX7pmmp9VLbrW8la
gUCO9enbUyJDZozw973i3EKg7SdyJzV5fb1XMAwvS86Eq+YuEIxzrbT82TwaFu6V
TYQQM2AJ4gjTKFo/yQHRis1vPFXNjqoyfFX3fL7HKyr8ZpPjoeKndiw4A06d9k6A
11Xk1mAxA5uYpcvAujKIV23vNPVpJijUI0gaJ1kNMgYKAe6jVeQDL+CIFQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFC77H0yNR4l8XlPC+TXXhZoWcFvlMB8GA1UdIwQY
MBaAFBwosHwVel3GE8kmTa+J58hg4z5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2Mt
OTYzMzM0ODllODU1LzEvTHZzZlRJMUhpWHhlVThMNU5kZUZtaFp3Vy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2MtOTYzMzM0ODllODU1
LzEvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCTVNYAwQF
TVygAwQETm5AAwQEURYQAwQDV+wwAwQCuSGwMBQEAgACMA4DBQMqAGYAAwUDKgSK
wDANBgkqhkiG9w0BAQsFAAOCAQEAzn+xPWykDvi1Q6u+M1JuGOz/+umZhBG5hAfx
NKRl/TMAquNBVBxqnd3dIxy91oVhIHAt7BJqvGDw2Sif4ByHv0MxnJKKwuphHjN0
2ytZcGCY9nvm9OfpG10dd+6NT1vBUjxgUzdoMKsEUYUTY+hNBBW1rKqnAisxlrP2
ghEbBIE2aiKjbq9Wnljfcx9aTjzC2T6OVcLG1DR6XeVuLpLCAcdkvodzAPdMGH6Z
o64Q3lXv3NB/PS1BBlnAzx7W4PBNJSnH20O853y/b3hd67ZYKcY4XkXae3IRR0tL
+y5IQRgKpwuLuu2EN9MXgpaxqJmNjQflZKzhfR24mq5jvFUXUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:35 2024 by rpki-client on console-fra.rpki-client.org