Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/vOoKrCEMjIlGSMgXzFSABYVg8eQ.roa
File:                     vOoKrCEMjIlGSMgXzFSABYVg8eQ.roa (raw, json)
Hash identifier:          5hQRlFEfWdo7hHc3hCTYTe6wrspFnwxNEhuCPmpqg/4=
Subject key identifier:   BC:EA:0A:AC:21:0C:8C:89:46:48:C8:17:CC:54:80:05:85:60:F1:E4
Certificate issuer:       /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial:       018CC424F304EFF40DAF1DAD96C6BFDB2CDB
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/vOoKrCEMjIlGSMgXzFSABYVg8eQ.roa
Signing time:             Mon 01 Jan 2024 08:30:04 +0000
ROA not before:           Mon 01 Jan 2024 08:30:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        185.87.120.0/24 maxlen: 24
                          185.141.33.0/24 maxlen: 24
                          185.141.35.0/24 maxlen: 24
                          185.141.34.0/24 maxlen: 24
                          193.35.152.0/24 maxlen: 24
                          193.35.154.0/24 maxlen: 24
                          193.35.155.0/24 maxlen: 24
                          193.35.153.0/24 maxlen: 24
                          185.86.4.0/24 maxlen: 24
                          185.86.6.0/24 maxlen: 24
                          185.86.7.0/24 maxlen: 24
                          185.86.14.0/24 maxlen: 24
                          185.86.15.0/24 maxlen: 24
                          185.86.12.0/24 maxlen: 24
                          185.86.152.0/24 maxlen: 24
                          185.86.155.0/24 maxlen: 24
                          185.184.24.0/24 maxlen: 24
                          185.184.25.0/24 maxlen: 24
                          185.184.26.0/24 maxlen: 24
                          185.184.27.0/24 maxlen: 24
                          91.194.55.0/24 maxlen: 24
                          193.160.140.0/24 maxlen: 24
                          193.160.141.0/24 maxlen: 24
                          193.160.142.0/24 maxlen: 24
                          193.160.143.0/24 maxlen: 24
                          185.254.236.0/24 maxlen: 24
                          185.254.238.0/24 maxlen: 24
                          185.254.239.0/24 maxlen: 24
                          185.254.237.0/24 maxlen: 24
                          193.223.104.0/24 maxlen: 24
                          193.223.105.0/24 maxlen: 24
                          185.88.172.0/24 maxlen: 24
                          185.88.175.0/24 maxlen: 24
                          193.223.107.0/24 maxlen: 24
                          193.223.106.0/24 maxlen: 24
                          185.88.173.0/24 maxlen: 24
                          185.88.174.0/24 maxlen: 24
                          185.243.182.0/24 maxlen: 24
                          185.243.183.0/24 maxlen: 24
                          185.243.180.0/24 maxlen: 24
                          185.243.181.0/24 maxlen: 24
                          185.254.30.0/24 maxlen: 24
                          185.254.28.0/24 maxlen: 24
                          185.254.29.0/24 maxlen: 24
                          185.254.31.0/24 maxlen: 24
                          185.85.188.0/24 maxlen: 24
                          185.250.210.0/24 maxlen: 24
                          194.62.54.0/24 maxlen: 24
                          194.62.55.0/24 maxlen: 24
                          194.62.52.0/24 maxlen: 24
                          194.62.53.0/24 maxlen: 24
                          93.190.12.0/24 maxlen: 24
                          93.190.13.0/24 maxlen: 24
                          160.20.109.0/24 maxlen: 24
                          160.20.108.0/24 maxlen: 24
                          109.236.48.0/24 maxlen: 24
                          109.236.49.0/24 maxlen: 24
                          109.236.51.0/24 maxlen: 24
                          109.236.50.0/24 maxlen: 24
                          185.185.232.0/24 maxlen: 24
                          185.185.233.0/24 maxlen: 24
                          185.185.234.0/24 maxlen: 24
                          185.249.200.0/24 maxlen: 24
                          185.249.201.0/24 maxlen: 24
                          185.249.202.0/24 maxlen: 24
                          185.249.203.0/24 maxlen: 24
                          185.98.63.0/24 maxlen: 24
                          185.98.61.0/24 maxlen: 24
                          185.98.62.0/24 maxlen: 24
                          2a0b:2780::/29 maxlen: 29
                          2a07:e700::/29 maxlen: 29
                          2a0d:49c0::/29 maxlen: 29
                          2a05:bf00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sat 05 Oct 2024 19:11:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:f3:04:ef:f4:0d:af:1d:ad:96:c6:bf:db:2c:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
        Validity
            Not Before: Jan  1 08:30:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bcea0aac210c8c894648c817cc5480058560f1e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:74:b1:9c:d0:32:6c:c0:af:55:dd:ea:49:7f:
                    8d:54:5e:b6:cc:8a:72:b8:90:8f:12:3a:7e:f6:32:
                    89:f8:68:a3:b9:83:27:6c:82:79:dc:04:95:6a:a4:
                    6a:8d:4f:cf:9d:8a:f7:93:c4:e5:25:62:01:a5:fe:
                    41:ad:ca:d4:37:e5:39:2b:d7:91:bf:da:d9:b2:e5:
                    f2:85:e9:33:a8:df:76:b4:30:eb:b0:15:a5:4f:8b:
                    8c:21:c3:d2:7f:15:fb:54:84:0d:9a:f5:7b:97:d1:
                    d9:46:73:26:82:9b:d1:db:3e:58:fb:99:09:19:2a:
                    d6:fd:5e:8c:e4:5d:66:07:55:b4:52:18:c4:bf:6a:
                    a7:05:87:ee:b1:cc:d7:69:e2:c5:ab:78:30:e8:b5:
                    46:1d:83:c8:b8:8b:dc:e1:23:f2:29:92:b3:36:a2:
                    c7:b2:7b:50:6f:46:e0:16:dd:b1:61:e9:97:23:f4:
                    6e:5e:ca:8f:34:ec:fa:ca:ab:18:74:78:4b:d8:a2:
                    d5:b4:43:ae:c6:77:c8:cf:f9:e2:30:bb:35:1e:b7:
                    f9:28:0d:c7:3d:3c:1a:0e:d0:54:4f:20:a0:8d:ad:
                    8b:62:08:50:25:32:c8:26:ea:bf:1b:58:44:47:2f:
                    8b:b6:87:73:19:fb:4c:a6:c1:e6:f4:e2:79:37:e1:
                    ad:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:EA:0A:AC:21:0C:8C:89:46:48:C8:17:CC:54:80:05:85:60:F1:E4
            X509v3 Authority Key Identifier:
                keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/vOoKrCEMjIlGSMgXzFSABYVg8eQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.194.55.0/24
                  93.190.12.0/23
                  109.236.48.0/22
                  160.20.108.0/23
                  185.85.188.0/24
                  185.86.4.0/24
                  185.86.6.0/23
                  185.86.12.0/24
                  185.86.14.0/23
                  185.86.152.0/24
                  185.86.155.0/24
                  185.87.120.0/24
                  185.88.172.0/22
                  185.98.61.0-185.98.63.255
                  185.141.33.0-185.141.35.255
                  185.184.24.0/22
                  185.185.232.0-185.185.234.255
                  185.243.180.0/22
                  185.249.200.0/22
                  185.250.210.0/24
                  185.254.28.0/22
                  185.254.236.0/22
                  193.35.152.0/22
                  193.160.140.0/22
                  193.223.104.0/22
                  194.62.52.0/22
                IPv6:
                  2a05:bf00::/29
                  2a07:e700::/29
                  2a0b:2780::/29
                  2a0d:49c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         65:d7:df:d3:03:71:26:8a:01:33:a5:24:fd:81:3e:e5:2c:a6:
         c1:08:7d:9a:61:c7:45:ed:15:f0:e9:7c:6c:2d:74:e9:c9:5d:
         40:47:ad:37:30:85:be:10:e8:c5:60:c6:82:1e:00:46:9f:30:
         a6:2b:86:92:61:77:39:c0:7c:2c:6c:70:86:d0:a1:29:0d:14:
         99:ac:d6:cf:8b:1e:a6:d4:9a:1c:7e:39:fb:22:7a:dd:15:85:
         5c:b0:80:c8:e7:00:26:b8:28:62:fd:30:f9:ea:51:6c:92:3f:
         e5:94:47:d9:00:ef:22:cc:06:a7:5f:0a:6c:e5:70:92:97:c4:
         79:cb:4f:23:bf:fd:d0:d6:e8:68:91:4a:cc:17:cd:77:de:4d:
         1b:e7:c0:0b:cc:94:d9:c7:79:fb:6b:7b:a7:85:b8:24:60:6a:
         85:17:15:ce:f8:46:46:74:b9:c7:c3:21:b8:6f:32:e2:29:90:
         2a:99:bf:f5:05:23:ad:9a:9e:6d:3c:f4:80:65:f9:67:9e:6d:
         c1:08:71:40:ba:d9:52:bb:9b:98:3e:5d:c4:50:45:4b:b8:62:
         a0:d3:21:5d:47:65:a3:57:7c:ab:7c:d4:c9:05:11:a8:8a:bf:
         6b:94:63:04:6a:bc:a5:f9:83:a2:a5:ef:94:f3:1b:89:94:28:
         06:0d:61:fd
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYzEJPME7/QNrx2tlsa/2yzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMTAxMDgzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2VhMGFhYzIxMGM4Yzg5NDY0OGM4MTdjYzU0ODAwNTg1NjBmMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3SxnNAybMCvVd3qSX+NVF62zIpy
uJCPEjp+9jKJ+GijuYMnbIJ53ASVaqRqjU/PnYr3k8TlJWIBpf5BrcrUN+U5K9eR
v9rZsuXyhekzqN92tDDrsBWlT4uMIcPSfxX7VIQNmvV7l9HZRnMmgpvR2z5Y+5kJ
GSrW/V6M5F1mB1W0UhjEv2qnBYfusczXaeLFq3gw6LVGHYPIuIvc4SPyKZKzNqLH
sntQb0bgFt2xYemXI/RuXsqPNOz6yqsYdHhL2KLVtEOuxnfIz/niMLs1Hrf5KA3H
PTwaDtBUTyCgja2LYghQJTLIJuq/G1hERy+LtodzGftMpsHm9OJ5N+GtgQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFLzqCqwhDIyJRkjIF8xUgAWFYPHkMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvdk9vS3JDRU1qSWxHU01nWHpGU0FCWVZnOGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCBuwQCAAEwgbQDBABb
wjcDBAFdvgwDBAJt7DADBAGgFGwDBAC5VbwDBAC5VgQDBAG5VgYDBAC5VgwDBAG5
Vg4DBAC5VpgDBAC5VpsDBAC5V3gDBAK5WKwwDAMEALliPQMEBrliADAMAwQAuY0h
AwQCuY0gAwQCubgYMAwDBAO5uegDBAC5ueoDBAK587QDBAK5+cgDBAC5+tIDBAK5
/hwDBAK5/uwDBALBI5gDBALBoIwDBALB32gDBALCPjQwIgQCAAIwHAMFAyoFvwAD
BQMqB+cAAwUDKgsngAMFAyoNScAwDQYJKoZIhvcNAQELBQADggEBAGXX39MDcSaK
ATOlJP2BPuUspsEIfZphx0XtFfDpfGwtdOnJXUBHrTcwhb4Q6MVgxoIeAEafMKYr
hpJhdznAfCxscIbQoSkNFJms1s+LHqbUmhx+Ofsiet0VhVywgMjnACa4KGL9MPnq
UWySP+WUR9kA7yLMBqdfCmzlcJKXxHnLTyO//dDW6GiRSswXzXfeTRvnwAvMlNnH
eftre6eFuCRgaoUXFc74RkZ0ucfDIbhvMuIpkCqZv/UFI62anm089IBl+WeebcEI
cUC62VK7m5g+XcRQRUu4YqDTIV1HZaNXfKt81MkFEaiKv2uUYwRqvKX5g6Kl75Tz
G4mUKAYNYf0=
-----END CERTIFICATE-----
Generated at Sat Oct 5 23:39:19 2024 by rpki-client on console-ams.rpki-client.org