Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9U1w4UxJUC-tHVdiyw05mMELX7w.roa
File:                     9U1w4UxJUC-tHVdiyw05mMELX7w.roa (raw, json)
Hash identifier:          zMVT4m20uMmttK4BxfPrcUmYtlO4q2gjiZBeNeAkEUM=
Subject key identifier:   F5:4D:70:E1:4C:49:50:2F:AD:1D:57:62:CB:0D:39:98:C1:0B:5F:BC
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0189B71956184C12506AB16C2C0D89FF33EF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9U1w4UxJUC-tHVdiyw05mMELX7w.roa
Signing time:             Wed 02 Aug 2023 16:33:58 +0000
ROA not before:           Wed 02 Aug 2023 16:33:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58057
IP address blocks:        194.50.94.0/24 maxlen: 24
                          194.50.92.0/24 maxlen: 24
                          185.238.188.0/22 maxlen: 24
                          45.136.136.0/22 maxlen: 24
                          94.177.122.0/24 maxlen: 24
                          45.12.68.0/22 maxlen: 24
                          31.42.183.0/24 maxlen: 24
                          93.88.200.0/21 maxlen: 24
                          193.163.85.0/24 maxlen: 24
                          193.163.86.0/24 maxlen: 24
                          139.28.96.0/22 maxlen: 24
                          45.148.116.0/22 maxlen: 24
                          45.131.184.0/22 maxlen: 24
                          77.81.50.0/23 maxlen: 24
                          185.232.117.0/24 maxlen: 24
                          85.202.203.0/24 maxlen: 24
                          109.61.104.0/21 maxlen: 24
                          2a0e:97c0:260::/44 maxlen: 44
                          2a04:ccc6::/32 maxlen: 48
                          2a0e:97c3:110::/44 maxlen: 48
                          2a0c:3b80::/32 maxlen: 48
                          2a04:ccc7::/32 maxlen: 48
                          2a04:ccc4::/32 maxlen: 48
                          2a0e:97c0:170::/48 maxlen: 48
                          2a0c:3b82::/32 maxlen: 48
                          2a10:2f00:193::/48 maxlen: 48
                          2a04:ccc5::/32 maxlen: 48
                          2a0e:b107:2220::/45 maxlen: 48
                          2a0e:97c0:1d0::/44 maxlen: 44
                          2a0e:b107:1165::/48 maxlen: 48
                          2a10:2f00:18d::/48 maxlen: 48
                          2a0e:b107:9f2::/48 maxlen: 48
                          2a0c:3b81::/32 maxlen: 48
                          2a10:cc40:250::/44 maxlen: 48
                          2a0f:e404:102::/48 maxlen: 48
                          2a0c:3b84::/32 maxlen: 48
                          2a04:ccc3::/32 maxlen: 48
                          2a0e:b107:1786::/48 maxlen: 48
                          2a0e:97c4:120::/44 maxlen: 48
                          2a10:ccc0:420::/44 maxlen: 48
                          2a0c:3b86::/32 maxlen: 48
                          2a0c:3b85::/32 maxlen: 48
                          2a0e:b107:21c0::/45 maxlen: 48
                          2a09:4c0::/29 maxlen: 64
                          2a04:ccc0:ffff::/48 maxlen: 48
                          2a10:cc45:130::/44 maxlen: 44
                          2a0c:3b83::/32 maxlen: 48
                          2a04:ccc1::/32 maxlen: 48
                          2a0e:97c1:200::/40 maxlen: 48
                          2a0e:b107:2228::/45 maxlen: 48
                          2a10:2f00:18f::/48 maxlen: 48
                          2a0e:97c4:100::/44 maxlen: 48

Validation:               Failed, certificate revoked on Wed 09 Aug 2023 14:12:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b7:19:56:18:4c:12:50:6a:b1:6c:2c:0d:89:ff:33:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Aug  2 16:33:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f54d70e14c49502fad1d5762cb0d3998c10b5fbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:ab:a6:44:56:02:2a:c3:5d:73:cd:5f:ba:63:
                    d5:0a:85:30:8a:4b:7c:3b:1a:48:4b:a2:b8:68:d7:
                    44:57:ff:bc:a6:49:88:7f:9a:5c:3e:6d:77:54:cd:
                    36:03:cb:a3:84:76:4f:58:23:c6:cd:f4:52:38:e7:
                    3b:95:95:7e:17:40:df:f0:8e:4e:ce:61:62:87:81:
                    d0:39:8d:5b:b3:d0:45:ce:ec:21:4a:01:24:45:7c:
                    fa:73:0a:19:ef:d1:23:80:72:a2:28:f8:d1:2e:ce:
                    b0:7b:07:a9:29:60:3b:f2:c8:ef:c1:20:b1:6b:f8:
                    06:66:63:c2:d0:9f:56:d8:3a:a2:a6:d6:09:8b:1c:
                    38:50:c5:2b:e3:b0:f7:23:fe:36:15:31:b1:c6:19:
                    fa:a9:7d:d5:9f:25:1e:17:a4:72:da:5a:a5:52:b4:
                    bd:93:08:c6:c7:70:04:ef:b3:f0:62:48:a9:4f:90:
                    d6:d3:6b:d0:2f:c9:c9:5a:f3:ae:d6:81:5e:80:43:
                    5c:58:f6:3a:c3:b3:4e:24:db:29:ea:86:a1:07:7b:
                    3a:aa:ae:31:aa:7b:4d:b6:67:4e:23:8f:b4:f7:20:
                    8a:f2:d5:53:fe:13:11:c8:d0:de:e9:6a:ac:fc:c2:
                    25:d5:7e:f2:0e:41:1f:c2:ac:7e:0f:d9:f6:07:0d:
                    f5:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:4D:70:E1:4C:49:50:2F:AD:1D:57:62:CB:0D:39:98:C1:0B:5F:BC
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9U1w4UxJUC-tHVdiyw05mMELX7w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.42.183.0/24
                  45.12.68.0/22
                  45.131.184.0/22
                  45.136.136.0/22
                  45.148.116.0/22
                  77.81.50.0/23
                  85.202.203.0/24
                  93.88.200.0/21
                  94.177.122.0/24
                  109.61.104.0/21
                  139.28.96.0/22
                  185.232.117.0/24
                  185.238.188.0/22
                  193.163.85.0-193.163.86.255
                  194.50.92.0/24
                  194.50.94.0/24
                IPv6:
                  2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
                  2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
                  2a09:4c0::/29
                  2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0e:97c0:170::/48
                  2a0e:97c0:1d0::/44
                  2a0e:97c0:260::/44
                  2a0e:97c1:200::/40
                  2a0e:97c3:110::/44
                  2a0e:97c4:100::/44
                  2a0e:97c4:120::/44
                  2a0e:b107:9f2::/48
                  2a0e:b107:1165::/48
                  2a0e:b107:1786::/48
                  2a0e:b107:21c0::/45
                  2a0e:b107:2220::/44
                  2a0f:e404:102::/48
                  2a10:2f00:18d::/48
                  2a10:2f00:18f::/48
                  2a10:2f00:193::/48
                  2a10:cc40:250::/44
                  2a10:cc45:130::/44
                  2a10:ccc0:420::/44

    Signature Algorithm: sha256WithRSAEncryption
         13:0c:e7:84:8b:7c:a7:7f:59:4e:2b:db:d6:63:23:b6:7a:31:
         61:4b:7f:ab:fd:f8:f7:a8:83:d4:6b:ae:ee:31:72:5f:8b:eb:
         f6:48:e2:46:c4:1d:21:f0:8b:6c:1d:3e:a2:34:fe:d4:17:c7:
         3d:40:00:be:60:bc:ca:bb:3d:08:25:52:93:6a:fd:88:5d:10:
         c1:35:02:14:52:c6:d6:5b:ba:6c:7d:90:10:93:2e:17:c5:e3:
         cf:4d:de:3e:2c:33:42:ce:60:ec:e1:8a:87:7f:04:20:c3:26:
         45:99:c6:45:fe:df:92:18:a6:db:10:7a:08:d9:4e:f7:2d:16:
         84:59:bc:3a:c4:69:ef:3b:6f:0d:b3:5a:e1:63:c3:92:18:c2:
         84:0c:e0:da:e6:ce:41:12:27:d2:5a:2d:57:ba:94:b3:fe:1d:
         9c:1f:8d:6b:7d:76:d3:21:38:f9:91:ec:db:22:77:58:eb:92:
         83:fd:b1:73:a5:7a:ac:a9:b5:36:11:b8:b1:42:ab:62:1c:7d:
         a5:f1:36:c3:42:df:d9:e8:a1:d1:2e:db:fe:a4:e3:12:66:33:
         0e:14:1d:74:66:d3:ad:14:0b:ca:86:8e:15:61:36:3d:6b:3e:
         d2:6b:92:a9:f1:1e:7b:21:b4:da:43:33:83:aa:64:e1:cd:3c:
         79:ce:fb:53
-----BEGIN CERTIFICATE-----
MIIGUjCCBTqgAwIBAgISAYm3GVYYTBJQarFsLA2J/zPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwODAyMTYzMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTRkNzBlMTRjNDk1MDJmYWQxZDU3NjJjYjBkMzk5OGMxMGI1ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaumRFYCKsNdc81fumPVCoUwikt8
OxpIS6K4aNdEV/+8pkmIf5pcPm13VM02A8ujhHZPWCPGzfRSOOc7lZV+F0Df8I5O
zmFih4HQOY1bs9BFzuwhSgEkRXz6cwoZ79EjgHKiKPjRLs6wewepKWA78sjvwSCx
a/gGZmPC0J9W2DqiptYJixw4UMUr47D3I/42FTGxxhn6qX3VnyUeF6Ry2lqlUrS9
kwjGx3AE77PwYkipT5DW02vQL8nJWvOu1oFegENcWPY6w7NOJNsp6oahB3s6qq4x
qntNtmdOI4+09yCK8tVT/hMRyNDe6Wqs/MIl1X7yDkEfwqx+D9n2Bw314QIDAQAB
o4IDXjCCA1owHQYDVR0OBBYEFPVNcOFMSVAvrR1XYssNOZjBC1+8MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOVUxdzRVeEpVQy10SFZkaXl3MDVtTUVMWDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcgYIKwYBBQUHAQcBAf8EggFhMIIBXTBuBAIAATBoAwQA
Hyq3AwQCLQxEAwQCLYO4AwQCLYiIAwQCLZR0AwQBTVEyAwQAVcrLAwQDXVjIAwQA
XrF6AwQDbT1oAwQCixxgAwQAueh1AwQCue68MAwDBADBo1UDBADBo1YDBADCMlwD
BADCMl4wgeoEAgACMIHjMBADBwAqBMzA//8DBQEqBMzAMA4DBQAqBMzDAwUDKgTM
wAMFAyoJBMAwDgMFByoMO4ADBQAqDDuGAwcAKg6XwAFwAwcEKg6XwAHQAwcEKg6X
wAJgAwYAKg6XwQIDBwQqDpfDARADBwQqDpfEAQADBwQqDpfEASADBwAqDrEHCfID
BwAqDrEHEWUDBwAqDrEHF4YDBwMqDrEHIcADBwQqDrEHIiADBwAqD+QEAQIDBwAq
EC8AAY0DBwAqEC8AAY8DBwAqEC8AAZMDBwQqEMxAAlADBwQqEMxFATADBwQqEMzA
BCAwDQYJKoZIhvcNAQELBQADggEBABMM54SLfKd/WU4r29ZjI7Z6MWFLf6v9+Peo
g9Rrru4xcl+L6/ZI4kbEHSHwi2wdPqI0/tQXxz1AAL5gvMq7PQglUpNq/YhdEME1
AhRSxtZbumx9kBCTLhfF489N3j4sM0LOYOzhiod/BCDDJkWZxkX+35IYptsQegjZ
TvctFoRZvDrEae87bw2zWuFjw5IYwoQM4NrmzkESJ9JaLVe6lLP+HZwfjWt9dtMh
OPmR7Nsid1jrkoP9sXOleqyptTYRuLFCq2IcfaXxNsNC39noodEu2/6k4xJmMw4U
HXRm060UC8qGjhVhNj1rPtJrkqnxHnshtNpDM4OqZOHNPHnO+1M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:55 2024 by rpki-client on console-ams.rpki-client.org