Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/t_6qmpD1U7PxrpaXB8YqBn9w22k.roa
File:                     t_6qmpD1U7PxrpaXB8YqBn9w22k.roa (raw, json)
Hash identifier:          o+efej5HAOkJ/uagvcaXi1Fl1lUBIJITYKsqKxNICNw=
Subject key identifier:   B7:FE:AA:9A:90:F5:53:B3:F1:AE:96:97:07:C6:2A:06:7F:70:DB:69
Certificate issuer:       /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial:       018D22ED45659B5E62D93D4B674987C07952
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/t_6qmpD1U7PxrpaXB8YqBn9w22k.roa
Signing time:             Fri 19 Jan 2024 18:13:11 +0000
ROA not before:           Fri 19 Jan 2024 18:13:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     50810
IP address blocks:        5.201.128.0/18 maxlen: 18
                          5.201.128.0/21 maxlen: 21
                          5.201.138.0/24 maxlen: 24
                          5.201.142.0/23 maxlen: 23
                          5.201.144.0/21 maxlen: 21
                          5.201.144.0/23 maxlen: 23
                          5.201.152.0/22 maxlen: 22
                          5.201.156.0/22 maxlen: 22
                          5.201.160.0/23 maxlen: 23
                          5.201.162.0/24 maxlen: 24
                          5.201.168.0/22 maxlen: 22
                          5.201.174.0/24 maxlen: 24
                          37.156.16.0/21 maxlen: 21
                          37.156.24.0/22 maxlen: 22
                          37.156.30.0/23 maxlen: 23
                          37.156.31.0/24 maxlen: 24
                          89.37.0.0/20 maxlen: 20
                          89.37.0.0/24 maxlen: 24
                          89.37.8.0/22 maxlen: 22
                          89.37.8.0/24 maxlen: 24
                          89.37.12.0/24 maxlen: 24
                          89.37.14.0/24 maxlen: 24
                          89.37.15.0/24 maxlen: 24
                          89.43.0.0/21 maxlen: 21
                          89.43.4.0/22 maxlen: 22
                          89.43.8.0/22 maxlen: 22
                          89.43.10.0/23 maxlen: 23
                          89.43.12.0/23 maxlen: 23
                          92.114.16.0/20 maxlen: 24
                          92.114.20.0/23 maxlen: 23
                          92.114.20.0/24 maxlen: 24
                          92.114.21.0/24 maxlen: 24
                          92.114.22.0/23 maxlen: 23
                          92.114.24.0/21 maxlen: 21
                          92.114.25.0/24 maxlen: 24
                          92.114.28.0/22 maxlen: 22
                          94.101.128.0/20 maxlen: 24
                          94.101.128.0/21 maxlen: 21
                          94.101.136.0/22 maxlen: 22
                          94.101.139.0/24 maxlen: 24
                          94.101.140.0/23 maxlen: 23
                          94.101.142.0/23 maxlen: 23
                          94.101.142.0/24 maxlen: 24
                          185.22.30.0/23 maxlen: 23
                          185.103.84.0/22 maxlen: 22
                          185.103.84.0/24 maxlen: 24
                          185.103.85.0/24 maxlen: 24
                          185.135.228.0/22 maxlen: 22
                          185.136.100.0/22 maxlen: 22
                          185.162.40.0/22 maxlen: 22
                          185.175.76.0/23 maxlen: 23
                          185.175.78.0/23 maxlen: 23
                          185.176.32.0/22 maxlen: 22
                          185.182.220.0/22 maxlen: 22
                          185.182.220.0/24 maxlen: 24
                          185.182.221.0/24 maxlen: 24
                          185.182.222.0/23 maxlen: 23
                          188.213.64.0/20 maxlen: 21
                          188.213.72.0/24 maxlen: 24
                          188.213.73.0/24 maxlen: 24
                          188.213.74.0/24 maxlen: 24
                          188.213.75.0/24 maxlen: 24
                          188.213.76.0/22 maxlen: 22
                          2a00:5ca0::/29 maxlen: 29
                          2a00:5ca0::/31 maxlen: 31
                          2a00:5ca0::/32 maxlen: 32
                          2a00:5ca2::/31 maxlen: 31
                          2a00:5ca4::/31 maxlen: 31

Validation:               Failed, certificate revoked on Fri 19 Jan 2024 21:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:22:ed:45:65:9b:5e:62:d9:3d:4b:67:49:87:c0:79:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
        Validity
            Not Before: Jan 19 18:13:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b7feaa9a90f553b3f1ae969707c62a067f70db69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:7e:1e:39:c9:f8:cb:5b:24:72:2c:18:d3:ab:
                    34:58:56:c7:44:cf:86:3d:1d:55:f5:01:e4:b2:2a:
                    27:34:0b:25:be:cc:73:4b:12:a7:2a:30:76:79:5d:
                    31:8c:49:d8:b4:41:d7:77:6c:ba:d7:e1:72:0c:e3:
                    2f:1b:46:d3:8f:f7:85:48:0c:01:34:a7:97:c7:4e:
                    30:35:5d:51:f9:22:bc:39:64:26:de:a8:a3:31:b1:
                    fc:5b:09:32:e8:b8:d0:48:67:a2:3b:34:7f:15:ef:
                    7b:18:82:6f:18:80:3f:60:5c:3c:47:fa:4e:af:09:
                    61:18:14:0d:ba:b2:c9:82:9f:cc:a7:ae:c8:af:76:
                    a3:05:fc:1f:51:5b:95:9e:12:d2:fd:d0:03:81:ff:
                    da:44:c5:f0:10:d8:60:05:af:14:6d:ea:b4:5b:35:
                    1f:99:83:ee:83:a5:a3:af:0e:b7:73:9b:2d:ca:39:
                    25:14:6b:99:ed:0d:66:bb:72:62:4f:87:1f:27:cc:
                    c6:d2:56:01:0f:8c:12:b4:bf:b3:f1:f0:eb:96:98:
                    7e:21:b6:46:99:9b:20:58:e1:72:81:11:78:66:b2:
                    96:e0:07:fe:65:90:1d:8c:4d:a6:39:6d:50:84:46:
                    20:ae:42:81:77:4f:f5:97:31:09:8a:1f:ca:74:36:
                    a1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:FE:AA:9A:90:F5:53:B3:F1:AE:96:97:07:C6:2A:06:7F:70:DB:69
            X509v3 Authority Key Identifier:
                keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/t_6qmpD1U7PxrpaXB8YqBn9w22k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.201.128.0/18
                  37.156.16.0-37.156.27.255
                  37.156.30.0/23
                  89.37.0.0/20
                  89.43.0.0-89.43.13.255
                  92.114.16.0/20
                  94.101.128.0/20
                  185.22.30.0/23
                  185.103.84.0/22
                  185.135.228.0/22
                  185.136.100.0/22
                  185.162.40.0/22
                  185.175.76.0/22
                  185.176.32.0/22
                  185.182.220.0/22
                  188.213.64.0/20
                IPv6:
                  2a00:5ca0::/29

    Signature Algorithm: sha256WithRSAEncryption
         4d:c2:c5:46:e7:49:23:94:26:b1:dd:b7:f0:27:bd:a6:d2:d1:
         54:c0:e4:fd:57:64:1e:6c:f3:e8:1e:8a:e1:14:31:18:3a:ac:
         3b:18:66:f0:23:2b:9d:9f:8f:7b:9b:3e:15:b2:e8:c9:16:7a:
         04:cf:4e:13:dd:77:c4:bd:a6:a4:9d:5d:39:2e:4e:b2:98:25:
         3e:0d:bd:a8:70:b3:04:3a:b5:32:0d:f1:d4:e0:56:c4:1c:2d:
         fb:0c:ec:d7:a3:6b:38:65:19:78:64:c9:20:48:43:14:32:58:
         98:87:09:77:3d:20:5a:4d:3f:66:23:e6:4c:7e:f8:d2:dd:7e:
         fc:82:19:6a:ee:3f:7f:e2:68:87:2b:0b:ff:54:ff:72:d1:1e:
         ff:f6:ea:4f:9c:68:e3:d9:61:3e:22:fe:6d:ff:f9:f7:ac:37:
         f8:1f:5e:20:5e:f0:65:60:69:5c:9d:20:75:68:75:03:c5:e1:
         e3:dd:84:0b:1b:e0:3a:ec:89:3a:7d:53:2b:47:d0:3b:b1:66:
         b6:71:a1:bb:98:46:05:45:cf:dc:87:e9:3e:37:53:7d:81:2a:
         73:9e:4a:68:75:72:b6:ef:ec:7c:a7:7b:28:de:1d:35:11:ad:
         5d:ca:ef:46:a7:7c:6c:76:87:c9:ab:0f:b6:d8:f4:ea:0c:ff:
         db:cd:a1:08
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY0i7UVlm15i2T1LZ0mHwHlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjQwMTE5MTgxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2ZlYWE5YTkwZjU1M2IzZjFhZTk2OTcwN2M2MmEwNjdmNzBkYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX4eOcn4y1skciwY06s0WFbHRM+G
PR1V9QHksionNAslvsxzSxKnKjB2eV0xjEnYtEHXd2y61+FyDOMvG0bTj/eFSAwB
NKeXx04wNV1R+SK8OWQm3qijMbH8Wwky6LjQSGeiOzR/Fe97GIJvGIA/YFw8R/pO
rwlhGBQNurLJgp/Mp67Ir3ajBfwfUVuVnhLS/dADgf/aRMXwENhgBa8Ubeq0WzUf
mYPug6Wjrw63c5styjklFGuZ7Q1mu3JiT4cfJ8zG0lYBD4wStL+z8fDrlph+IbZG
mZsgWOFygRF4ZrKW4Af+ZZAdjE2mOW1QhEYgrkKBd0/1lzEJih/KdDahxwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFLf+qpqQ9VOz8a6WlwfGKgZ/cNtpMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvdF82cW1wRDFVN1B4cnBhWEI4WXFCbjl3MjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB1BAIAATBvAwQGBcmA
MAwDBAQlnBADBAIlnBgDBAElnB4DBARZJQAwCwMDAFkrAwQBWSsMAwQEXHIQAwQE
XmWAAwQBuRYeAwQCuWdUAwQCuYfkAwQCuYhkAwQCuaIoAwQCua9MAwQCubAgAwQC
ubbcAwQEvNVAMA0EAgACMAcDBQMqAFygMA0GCSqGSIb3DQEBCwUAA4IBAQBNwsVG
50kjlCax3bfwJ72m0tFUwOT9V2QebPPoHorhFDEYOqw7GGbwIyudn497mz4VsujJ
FnoEz04T3XfEvaaknV05Lk6ymCU+Db2ocLMEOrUyDfHU4FbEHC37DOzXo2s4ZRl4
ZMkgSEMUMliYhwl3PSBaTT9mI+ZMfvjS3X78ghlq7j9/4miHKwv/VP9y0R7/9upP
nGjj2WE+Iv5t//n3rDf4H14gXvBlYGlcnSB1aHUDxeHj3YQLG+A67Ik6fVMrR9A7
sWa2caG7mEYFRc/ch+k+N1N9gSpznkpodXK27+x8p3so3h01Ea1dyu9Gp3xsdofJ
qw+22PTqDP/bzaEI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:12 2024 by rpki-client on console-fra.rpki-client.org