Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/lQVt6Jd7dDIVTjEAY5Y2oV2qzzc.roa
File:                     lQVt6Jd7dDIVTjEAY5Y2oV2qzzc.roa (raw, json)
Hash identifier:          LECGcKBcaFFjC6dbvhlOR1Jj65U8PgjzwKensXo9leM=
Subject key identifier:   95:05:6D:E8:97:7B:74:32:15:4E:31:00:63:96:36:A1:5D:AA:CF:37
Certificate issuer:       /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial:       0188197E0676B69263F9B567E9289BD4EE80
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/lQVt6Jd7dDIVTjEAY5Y2oV2qzzc.roa
Signing time:             Sun 14 May 2023 09:01:09 +0000
ROA not before:           Sun 14 May 2023 09:01:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203217
IP address blocks:        144.86.230.0/23 maxlen: 23
                          144.86.228.0/23 maxlen: 23
                          144.86.228.0/22 maxlen: 22
                          144.86.228.0/24 maxlen: 24
                          144.86.229.0/24 maxlen: 24
                          144.86.230.0/24 maxlen: 24
                          144.86.231.0/24 maxlen: 24
                          185.254.13.0/24 maxlen: 24
                          185.254.15.0/24 maxlen: 24
                          185.138.121.0/24 maxlen: 24
                          185.138.122.0/24 maxlen: 24
                          185.138.120.0/23 maxlen: 23
                          185.138.123.0/24 maxlen: 24
                          185.138.122.0/23 maxlen: 23
                          185.138.120.0/24 maxlen: 24
                          93.180.219.0/24 maxlen: 24
                          199.74.191.0/24 maxlen: 24
                          199.74.190.0/23 maxlen: 23
                          93.180.218.0/24 maxlen: 24
                          93.180.218.0/23 maxlen: 23
                          199.74.188.0/23 maxlen: 23
                          199.74.188.0/24 maxlen: 24
                          93.180.216.0/24 maxlen: 24
                          93.180.217.0/24 maxlen: 24
                          199.74.189.0/24 maxlen: 24
                          199.74.190.0/24 maxlen: 24
                          93.180.220.0/24 maxlen: 24
                          93.180.221.0/24 maxlen: 24
                          93.180.222.0/24 maxlen: 24
                          93.180.223.0/24 maxlen: 24
                          195.133.220.0/24 maxlen: 24
                          195.133.221.0/24 maxlen: 24
                          195.133.222.0/24 maxlen: 24
                          195.133.223.0/24 maxlen: 24
                          195.133.220.0/23 maxlen: 23
                          185.20.198.0/23 maxlen: 23
                          185.20.196.0/24 maxlen: 24
                          185.20.197.0/24 maxlen: 24
                          185.20.196.0/23 maxlen: 23
                          185.20.198.0/24 maxlen: 24
                          185.20.199.0/24 maxlen: 24
                          2a0b:1880::/48 maxlen: 48
                          2a0b:1880:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:19:7e:06:76:b6:92:63:f9:b5:67:e9:28:9b:d4:ee:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
        Validity
            Not Before: May 14 09:01:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95056de8977b7432154e3100639636a15daacf37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:89:d7:26:2b:b8:48:15:45:a7:e9:e2:dc:65:
                    07:7d:96:e7:60:d3:1b:7c:06:ab:87:87:d6:4d:5f:
                    bd:db:b6:81:37:ec:e8:eb:28:88:2f:4f:9b:80:d1:
                    87:8d:2e:7e:41:88:c0:87:ea:e9:c8:76:ae:a3:dd:
                    b5:b1:29:d9:e0:27:8f:34:ce:e4:a2:ce:03:55:f2:
                    b8:ee:b8:bd:a5:60:0a:5c:36:a7:65:60:02:3c:41:
                    08:88:6b:77:63:c5:3d:31:8c:88:59:40:39:5a:ad:
                    19:f6:a1:51:93:64:1a:d6:cc:98:33:5d:5f:83:12:
                    8c:c9:43:4b:96:1e:d8:3a:cf:e1:4e:5e:ab:21:ed:
                    4e:b7:a7:7e:5a:3f:6d:07:fd:16:8c:cc:c6:73:68:
                    f7:d1:b6:da:b1:07:24:8f:3e:7d:1a:cd:a4:3b:61:
                    72:e7:ae:8e:be:a1:5f:13:59:42:86:d3:e1:c8:87:
                    ca:33:80:71:43:0c:cc:3b:83:cb:fc:82:2a:71:f0:
                    25:8d:9e:48:00:24:13:67:e8:5d:56:b0:f3:fb:37:
                    76:bb:84:ab:61:6d:33:b8:36:d2:60:95:da:3e:2e:
                    1c:bf:e6:46:45:76:3a:f0:a8:09:e4:f3:8f:f5:38:
                    6f:e6:e8:34:a0:ca:6d:ba:20:f4:8a:aa:ff:1b:d4:
                    1c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:05:6D:E8:97:7B:74:32:15:4E:31:00:63:96:36:A1:5D:AA:CF:37
            X509v3 Authority Key Identifier:
                keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/lQVt6Jd7dDIVTjEAY5Y2oV2qzzc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.180.216.0/21
                  144.86.228.0/22
                  185.20.196.0/22
                  185.138.120.0/22
                  185.254.13.0/24
                  185.254.15.0/24
                  195.133.220.0/22
                  199.74.188.0/22
                IPv6:
                  2a0b:1880::/47

    Signature Algorithm: sha256WithRSAEncryption
         43:34:c8:15:85:b9:c4:62:be:7e:a2:98:49:e6:86:80:9c:60:
         f7:87:ae:0b:7a:b8:bc:3e:62:47:c2:e2:ab:2b:c0:ad:28:04:
         c0:d2:5a:54:c1:93:d6:d3:c2:0a:f8:f2:a1:bb:69:d2:5f:37:
         1b:20:f3:6b:12:e3:c3:cb:f1:75:36:ef:70:d8:d6:2d:e3:6f:
         a2:29:62:02:e4:fc:83:b2:76:8b:9b:35:59:ae:ba:50:71:c8:
         95:93:1e:dc:bf:40:a8:68:c0:a1:68:5a:d3:c8:50:0e:10:8c:
         2a:ec:63:6d:6a:8c:82:e4:6b:cc:24:86:40:e6:e3:25:53:74:
         b5:93:c0:42:a0:ce:e6:44:65:93:b4:81:51:2d:d2:99:d8:72:
         51:3d:bb:7b:9f:db:66:e4:bf:e6:ff:ea:e8:3f:4b:d7:6e:c4:
         ac:0e:43:f9:94:8e:d1:9b:57:fe:81:d9:3e:6f:b2:00:b7:ef:
         7a:e9:1f:09:c1:51:af:24:05:01:1d:56:66:da:4c:06:86:3c:
         71:b0:da:a5:84:ed:41:ee:2d:29:fb:47:55:67:1e:79:4c:29:
         b4:59:1b:5b:db:88:e4:2d:2e:48:9b:f0:2a:d3:22:83:58:35:
         78:95:51:fd:27:fc:33:d0:9b:eb:d3:c1:06:85:17:b6:9b:cf:
         54:f5:38:76
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYgZfgZ2tpJj+bVn6Sib1O6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjMwNTE0MDkwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTA1NmRlODk3N2I3NDMyMTU0ZTMxMDA2Mzk2MzZhMTVkYWFjZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4nXJiu4SBVFp+ni3GUHfZbnYNMb
fAarh4fWTV+927aBN+zo6yiIL0+bgNGHjS5+QYjAh+rpyHauo921sSnZ4CePNM7k
os4DVfK47ri9pWAKXDanZWACPEEIiGt3Y8U9MYyIWUA5Wq0Z9qFRk2Qa1syYM11f
gxKMyUNLlh7YOs/hTl6rIe1Ot6d+Wj9tB/0WjMzGc2j30bbasQckjz59Gs2kO2Fy
566OvqFfE1lChtPhyIfKM4BxQwzMO4PL/IIqcfAljZ5IACQTZ+hdVrDz+zd2u4Sr
YW0zuDbSYJXaPi4cv+ZGRXY68KgJ5POP9Thv5ug0oMptuiD0iqr/G9QcAwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFJUFbeiXe3QyFU4xAGOWNqFdqs83MB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvbFFWdDZKZDdkRElWVGpFQVk1WTJvVjJxenpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQDXbTYAwQC
kFbkAwQCuRTEAwQCuYp4AwQAuf4NAwQAuf4PAwQCw4XcAwQCx0q8MA8EAgACMAkD
BwEqCxiAAAAwDQYJKoZIhvcNAQELBQADggEBAEM0yBWFucRivn6imEnmhoCcYPeH
rgt6uLw+YkfC4qsrwK0oBMDSWlTBk9bTwgr48qG7adJfNxsg82sS48PL8XU273DY
1i3jb6IpYgLk/IOydoubNVmuulBxyJWTHty/QKhowKFoWtPIUA4QjCrsY21qjILk
a8wkhkDm4yVTdLWTwEKgzuZEZZO0gVEt0pnYclE9u3uf22bkv+b/6ug/S9duxKwO
Q/mUjtGbV/6B2T5vsgC373rpHwnBUa8kBQEdVmbaTAaGPHGw2qWE7UHuLSn7R1Vn
HnlMKbRZG1vbiOQtLkib8CrTIoNYNXiVUf0n/DPQm+vTwQaFF7abz1T1OHY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:27 2024 by rpki-client on console-ams.rpki-client.org