Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/movoT8YRL8aOUKHTP8NqfVNT-BI.roa
File:                     movoT8YRL8aOUKHTP8NqfVNT-BI.roa (raw, json)
Hash identifier:          C5d8AlJ6QtLYnJxO02CDRkMqr/dWdz0JeCUGgYXf4as=
Subject key identifier:   9A:8B:E8:4F:C6:11:2F:C6:8E:50:A1:D3:3F:C3:6A:7D:53:53:F8:12
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       018BAEA911234DEF5BE9D1FB104178841631
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/movoT8YRL8aOUKHTP8NqfVNT-BI.roa
Signing time:             Wed 08 Nov 2023 11:19:57 +0000
ROA not before:           Wed 08 Nov 2023 11:19:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200845
IP address blocks:        194.31.104.0/22 maxlen: 22
                          185.28.51.0/24 maxlen: 24
                          45.152.140.0/22 maxlen: 22
                          185.231.186.0/24 maxlen: 24
                          185.231.187.0/24 maxlen: 24
                          31.15.4.0/24 maxlen: 24
                          31.15.0.0/22 maxlen: 22
                          31.15.7.0/24 maxlen: 24
                          31.15.6.0/24 maxlen: 24
                          31.15.5.0/24 maxlen: 24
                          45.155.56.0/22 maxlen: 22
                          89.190.152.0/24 maxlen: 24
                          185.225.244.0/22 maxlen: 22
                          89.190.152.0/22 maxlen: 22
                          185.225.246.0/24 maxlen: 24
                          185.225.245.0/24 maxlen: 24
                          185.225.244.0/24 maxlen: 24
                          89.190.154.0/24 maxlen: 24
                          89.190.153.0/24 maxlen: 24
                          89.190.155.0/24 maxlen: 24
                          185.225.247.0/24 maxlen: 24
                          185.246.12.0/23 maxlen: 23
                          185.246.15.0/24 maxlen: 24
                          185.246.14.0/24 maxlen: 24
                          185.246.13.0/24 maxlen: 24
                          185.246.12.0/24 maxlen: 24
                          45.133.60.0/22 maxlen: 22
                          178.19.40.0/22 maxlen: 22
                          45.81.124.0/22 maxlen: 22
                          45.137.12.0/23 maxlen: 23
                          45.145.132.0/22 maxlen: 22
                          185.244.231.0/24 maxlen: 24
                          185.244.230.0/24 maxlen: 24
                          185.244.229.0/24 maxlen: 24
                          185.244.228.0/24 maxlen: 24
                          185.244.228.0/23 maxlen: 23
                          185.229.216.0/22 maxlen: 22
                          2.59.192.0/22 maxlen: 22
                          92.118.180.0/22 maxlen: 22
                          194.32.112.0/24 maxlen: 24
                          45.150.84.0/22 maxlen: 22
                          194.32.112.0/22 maxlen: 22
                          194.32.115.0/24 maxlen: 24
                          194.32.114.0/24 maxlen: 24
                          194.32.113.0/24 maxlen: 24
                          45.81.104.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 08 Nov 2023 14:05:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ae:a9:11:23:4d:ef:5b:e9:d1:fb:10:41:78:84:16:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Nov  8 11:19:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9a8be84fc6112fc68e50a1d33fc36a7d5353f812
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:d2:c1:b3:db:ec:f6:40:04:d6:43:53:51:96:
                    95:4c:c3:b8:fa:74:29:7e:07:ac:98:8a:28:05:9e:
                    60:5d:7e:65:8e:83:b8:60:20:b9:7f:9a:74:54:70:
                    bc:86:a6:5d:89:5d:5c:6f:33:14:17:cd:68:b7:04:
                    c8:f1:7e:a8:30:d4:5c:50:00:58:69:92:2b:1f:69:
                    ea:bb:f8:3a:a5:23:35:85:3e:1a:7b:12:09:52:6d:
                    eb:f5:db:24:c3:9b:4b:7d:52:ca:56:7c:2c:09:98:
                    bb:29:1c:2c:2b:19:06:61:63:c9:a2:51:29:20:ba:
                    09:64:84:30:07:b0:8d:ad:6c:ae:d5:28:2c:38:da:
                    d8:8a:68:3b:58:61:d0:d9:dd:0e:15:e2:3a:c5:4c:
                    9b:ae:37:a0:c5:34:57:2b:d6:c1:3f:ce:97:7a:f0:
                    0c:b5:7a:ad:39:64:00:03:6a:20:d3:4c:42:ec:33:
                    de:4c:e7:b7:9f:7c:98:66:9c:7c:e1:bf:c3:e0:c6:
                    e8:e9:4e:02:92:12:90:4a:3c:c0:ec:99:05:04:37:
                    db:1d:e6:29:cc:e6:bf:58:40:d6:86:1c:9e:3a:62:
                    38:89:d4:b3:98:d0:bd:34:f2:60:12:2c:f7:82:92:
                    b6:16:40:ff:05:05:9c:dc:a5:95:1e:40:48:bf:e8:
                    dd:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:8B:E8:4F:C6:11:2F:C6:8E:50:A1:D3:3F:C3:6A:7D:53:53:F8:12
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/movoT8YRL8aOUKHTP8NqfVNT-BI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.192.0/22
                  31.15.0.0/21
                  45.81.104.0/22
                  45.81.124.0/22
                  45.133.60.0/22
                  45.137.12.0/23
                  45.145.132.0/22
                  45.150.84.0/22
                  45.152.140.0/22
                  45.155.56.0/22
                  89.190.152.0/22
                  92.118.180.0/22
                  178.19.40.0/22
                  185.28.51.0/24
                  185.225.244.0/22
                  185.229.216.0/22
                  185.231.186.0/23
                  185.244.228.0/22
                  185.246.12.0/22
                  194.31.104.0/22
                  194.32.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         86:14:ec:40:65:64:32:01:86:65:bc:06:45:ad:f5:47:b1:37:
         81:aa:77:0e:e0:c7:fa:6b:fd:74:32:de:77:54:27:a9:3d:a5:
         cb:cc:96:53:78:cb:6d:e1:bb:cd:c0:b3:d5:5e:79:c0:be:52:
         81:38:fc:fd:c8:fd:46:dd:d0:39:59:f9:66:80:37:9a:59:1b:
         8f:b2:16:a9:8c:d1:71:39:06:9c:ca:11:0d:4d:d3:86:06:51:
         8d:f9:53:d8:fe:fb:58:68:1c:ca:37:6d:63:80:92:72:de:1b:
         1a:da:1d:72:3d:de:c5:93:5a:0e:f5:bc:9e:6b:e1:e9:fb:09:
         1c:5a:77:46:2f:82:6c:d6:e8:ce:dd:0d:ca:d1:f5:f5:55:cd:
         f4:ec:bf:09:f0:4c:ff:74:99:31:cb:48:ef:7b:8d:2f:ef:35:
         8b:39:3c:54:8b:a1:08:4c:4e:6f:72:7e:4d:4c:ae:37:81:d8:
         fb:d4:cf:5d:44:c4:ea:f9:00:af:eb:15:d7:27:39:a0:8b:32:
         f2:91:34:93:4d:43:da:a8:f2:ff:e2:2a:d6:ca:90:d0:9f:96:
         4f:c4:0a:6d:64:ab:05:2b:47:04:c1:22:cd:14:c0:10:98:70:
         67:df:66:58:0f:3e:a9:18:63:d8:22:23:f5:c5:43:1a:f8:e5:
         76:0c:eb:36
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYuuqREjTe9b6dH7EEF4hBYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMxMTA4MTExOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YThiZTg0ZmM2MTEyZmM2OGU1MGExZDMzZmMzNmE3ZDUzNTNmODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dLBs9vs9kAE1kNTUZaVTMO4+nQp
fgesmIooBZ5gXX5ljoO4YCC5f5p0VHC8hqZdiV1cbzMUF81otwTI8X6oMNRcUABY
aZIrH2nqu/g6pSM1hT4aexIJUm3r9dskw5tLfVLKVnwsCZi7KRwsKxkGYWPJolEp
ILoJZIQwB7CNrWyu1SgsONrYimg7WGHQ2d0OFeI6xUybrjegxTRXK9bBP86XevAM
tXqtOWQAA2og00xC7DPeTOe3n3yYZpx84b/D4Mbo6U4CkhKQSjzA7JkFBDfbHeYp
zOa/WEDWhhyeOmI4idSzmNC9NPJgEiz3gpK2FkD/BQWc3KWVHkBIv+jdywIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFJqL6E/GES/GjlCh0z/Dan1TU/gSMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvbW92b1Q4WVJMOGFPVUtIVFA4TnFmVk5ULUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgI7
wAMEAx8PAAMEAi1RaAMEAi1RfAMEAi2FPAMEAS2JDAMEAi2RhAMEAi2WVAMEAi2Y
jAMEAi2bOAMEAlm+mAMEAlx2tAMEArITKAMEALkcMwMEArnh9AMEArnl2AMEAbnn
ugMEArn05AMEArn2DAMEAsIfaAMEAsIgcDANBgkqhkiG9w0BAQsFAAOCAQEAhhTs
QGVkMgGGZbwGRa31R7E3gap3DuDH+mv9dDLed1QnqT2ly8yWU3jLbeG7zcCz1V55
wL5SgTj8/cj9Rt3QOVn5ZoA3mlkbj7IWqYzRcTkGnMoRDU3ThgZRjflT2P77WGgc
yjdtY4CSct4bGtodcj3exZNaDvW8nmvh6fsJHFp3Ri+CbNbozt0NytH19VXN9Oy/
CfBM/3SZMctI73uNL+81izk8VIuhCExOb3J+TUyuN4HY+9TPXUTE6vkAr+sV1yc5
oIsy8pE0k01D2qjy/+Iq1sqQ0J+WT8QKbWSrBStHBMEizRTAEJhwZ99mWA8+qRhj
2CIj9cVDGvjldgzrNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org