Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/FE2z6slO2-PCnUqD5R3YX-A3kRg.roa
File:                     FE2z6slO2-PCnUqD5R3YX-A3kRg.roa (raw, json)
Hash identifier:          lQBTt0WEp/flEjOXW500lTmKq/k/TvRU/hx9IBoWyzI=
Subject key identifier:   14:4D:B3:EA:C9:4E:DB:E3:C2:9D:4A:83:E5:1D:D8:5F:E0:37:91:18
Certificate issuer:       /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial:       018BDEBCDE3E3E5B95BD4F061ABAE4E66446
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/FE2z6slO2-PCnUqD5R3YX-A3kRg.roa
Signing time:             Fri 17 Nov 2023 19:23:21 +0000
ROA not before:           Fri 17 Nov 2023 19:23:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1680
IP address blocks:        212.29.192.0/18 maxlen: 18
                          176.13.0.0/16 maxlen: 24
                          212.235.0.0/17 maxlen: 24
                          147.161.8.0/21 maxlen: 24
                          89.138.0.0/16 maxlen: 16
                          207.232.0.0/18 maxlen: 18
                          62.90.135.0/24 maxlen: 24
                          37.26.144.0/21 maxlen: 24
                          212.29.244.0/24 maxlen: 24
                          147.234.84.0/24 maxlen: 24
                          147.234.83.0/24 maxlen: 24
                          147.234.86.0/24 maxlen: 24
                          147.234.26.0/24 maxlen: 24
                          147.234.28.0/24 maxlen: 24
                          147.234.27.0/24 maxlen: 24
                          147.234.27.0/25 maxlen: 25
                          147.234.27.128/25 maxlen: 25
                          82.166.201.128/25 maxlen: 25
                          147.234.43.0/24 maxlen: 24
                          212.150.0.0/16 maxlen: 24
                          176.12.128.0/17 maxlen: 24
                          194.90.1.0/24 maxlen: 24
                          62.90.0.0/16 maxlen: 24
                          194.90.0.0/16 maxlen: 24
                          46.117.0.0/16 maxlen: 16
                          212.143.194.0/24 maxlen: 24
                          46.210.0.0/16 maxlen: 24
                          93.173.0.0/16 maxlen: 16
                          141.226.134.0/24 maxlen: 24
                          199.203.1.0/24 maxlen: 24
                          199.203.0.0/16 maxlen: 16
                          89.139.0.0/16 maxlen: 16
                          82.166.0.0/16 maxlen: 24
                          199.203.21.0/24 maxlen: 24
                          85.65.0.0/16 maxlen: 16
                          46.116.0.0/16 maxlen: 16
                          212.143.0.0/16 maxlen: 24
                          147.234.17.0/24 maxlen: 24
                          199.203.191.0/24 maxlen: 24
                          147.234.22.0/24 maxlen: 24
                          80.250.144.0/20 maxlen: 24
                          95.35.0.0/16 maxlen: 24
                          82.166.100.0/22 maxlen: 24
                          82.166.112.0/21 maxlen: 24
                          192.118.30.0/23 maxlen: 23
                          192.118.28.0/22 maxlen: 22
                          192.118.28.0/23 maxlen: 23
                          93.172.0.0/16 maxlen: 16
                          62.0.88.0/22 maxlen: 24
                          62.0.87.0/24 maxlen: 24
                          62.0.94.0/24 maxlen: 24
                          62.0.92.0/23 maxlen: 24
                          109.253.0.0/16 maxlen: 24
                          62.0.0.0/16 maxlen: 24
                          85.64.0.0/16 maxlen: 16
                          217.132.0.0/16 maxlen: 16
                          109.186.0.0/16 maxlen: 16
                          85.250.0.0/16 maxlen: 16
                          141.226.132.0/24 maxlen: 24
                          62.0.116.0/22 maxlen: 24
                          62.0.114.0/23 maxlen: 24
                          62.0.120.0/21 maxlen: 24
                          62.0.128.0/23 maxlen: 24
                          2001:4df0::/32 maxlen: 32
                          2a02:148::/32 maxlen: 32
                          2a02:149::/32 maxlen: 32
                          2001:4df2::/32 maxlen: 32
                          2001:4df3::/32 maxlen: 32
                          2a02:148::/29 maxlen: 32
                          2a02:14b::/32 maxlen: 32
                          2a03:c5c0::/32 maxlen: 48
                          2a02:14f::/32 maxlen: 32
                          2001:4df7::/32 maxlen: 32
                          2a02:14e::/32 maxlen: 32
                          2001:4df6::/32 maxlen: 32
                          2001:4df5::/32 maxlen: 32
                          2a02:14c::/32 maxlen: 32
                          2001:4df0::/29 maxlen: 32
                          2001:4df1::/32 maxlen: 32
                          2a02:14a::/32 maxlen: 32
                          2001:4df4::/32 maxlen: 32
                          2a02:14d::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:de:bc:de:3e:3e:5b:95:bd:4f:06:1a:ba:e4:e6:64:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
        Validity
            Not Before: Nov 17 19:23:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=144db3eac94edbe3c29d4a83e51dd85fe0379118
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:a1:69:00:0b:22:a3:bd:6a:67:09:64:09:14:
                    d7:00:85:ad:7d:ab:1c:3b:d0:f8:e7:e8:22:7f:05:
                    74:9f:af:c8:99:7a:d4:5e:b4:75:71:1d:28:61:53:
                    09:b9:b9:63:f3:b5:5e:9f:e8:21:9c:20:5d:4e:88:
                    02:49:4b:46:6f:79:c2:63:4f:4c:d4:e3:75:1e:f1:
                    a7:db:af:84:31:be:be:ac:22:ad:1c:fa:47:f8:80:
                    b3:79:73:ad:73:ff:a1:10:b5:b5:72:fd:2b:68:f3:
                    99:6a:37:bd:c0:18:56:3e:b0:58:f8:18:74:80:f5:
                    23:cb:d9:a1:5e:fb:da:8e:be:3d:57:ff:35:85:1a:
                    8c:b0:42:7e:fe:7e:06:01:fb:4c:87:f8:0c:a8:59:
                    3b:18:d6:08:62:85:4a:fb:66:95:93:6a:14:e3:82:
                    22:da:58:7b:09:28:b9:21:3f:f3:42:fc:21:b3:b1:
                    e6:63:96:46:09:dd:d8:b7:74:58:f7:68:48:bc:49:
                    41:2e:ac:3c:e7:f4:43:b8:e8:42:fb:a1:94:df:c2:
                    ae:05:24:02:18:f3:a7:6c:93:bc:8a:4e:55:c4:20:
                    d1:fb:e8:63:c4:b7:7e:80:a9:cf:cb:1a:42:fb:bf:
                    c0:4e:0a:c0:ff:36:4a:25:11:25:66:8f:6b:05:ef:
                    c9:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:4D:B3:EA:C9:4E:DB:E3:C2:9D:4A:83:E5:1D:D8:5F:E0:37:91:18
            X509v3 Authority Key Identifier:
                keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/FE2z6slO2-PCnUqD5R3YX-A3kRg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.26.144.0/21
                  46.116.0.0/15
                  46.210.0.0/16
                  62.0.0.0/16
                  62.90.0.0/16
                  80.250.144.0/20
                  82.166.0.0/16
                  85.64.0.0/15
                  85.250.0.0/16
                  89.138.0.0/15
                  93.172.0.0/15
                  95.35.0.0/16
                  109.186.0.0/16
                  109.253.0.0/16
                  141.226.132.0/24
                  141.226.134.0/24
                  147.161.8.0/21
                  147.234.17.0/24
                  147.234.22.0/24
                  147.234.26.0-147.234.28.255
                  147.234.43.0/24
                  147.234.83.0-147.234.84.255
                  147.234.86.0/24
                  176.12.128.0-176.13.255.255
                  192.118.28.0/22
                  194.90.0.0/16
                  199.203.0.0/16
                  207.232.0.0/18
                  212.29.192.0/18
                  212.143.0.0/16
                  212.150.0.0/16
                  212.235.0.0/17
                  217.132.0.0/16
                IPv6:
                  2001:4df0::/29
                  2a02:148::/29
                  2a03:c5c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:94:97:c6:4b:b3:5c:26:55:c1:f8:8d:e7:fb:73:c4:d7:a6:
         36:fb:59:0a:96:30:15:b4:2f:74:6e:6c:ac:9a:6f:6a:99:21:
         a5:16:4b:2d:d6:2d:ed:0f:8c:8f:e9:8b:6a:05:16:dd:b3:52:
         22:ee:92:ad:12:c4:16:12:cb:4c:ff:fc:55:74:90:0d:8b:a2:
         c3:bd:07:87:bb:93:0d:b7:88:38:5a:a2:4d:b3:4c:de:cb:64:
         a8:ea:5b:f7:c9:ce:a4:2a:6a:f0:fa:d0:45:2e:6f:ea:ba:6a:
         e0:77:c7:55:67:aa:80:6e:3d:44:69:72:a9:d0:4b:aa:9a:f2:
         bc:a9:4a:c1:21:e1:a1:4e:e0:9d:7a:96:b1:17:cd:83:e2:b5:
         fd:d9:ae:fa:4f:dc:71:63:8a:9d:10:4a:cb:80:7e:e0:ea:a8:
         bb:0d:54:4a:c1:9a:57:18:43:29:12:54:5f:8b:d1:50:63:04:
         df:52:e5:9e:dd:32:eb:59:50:09:fa:cc:20:b2:c6:dc:8a:5d:
         f4:be:45:e7:68:12:99:5d:89:22:aa:13:96:7d:30:98:f3:98:
         e6:51:f4:94:b0:f5:48:30:7e:01:ac:d0:74:18:37:62:a2:a2:
         7c:9b:6c:09:93:42:a3:3d:d6:04:5c:97:1f:e4:b0:66:d2:73:
         97:82:19:d4
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYvevN4+PluVvU8GGrrk5mRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMxMTE3MTkyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDRkYjNlYWM5NGVkYmUzYzI5ZDRhODNlNTFkZDg1ZmUwMzc5MTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6FpAAsio71qZwlkCRTXAIWtfasc
O9D45+gifwV0n6/ImXrUXrR1cR0oYVMJublj87Ven+ghnCBdTogCSUtGb3nCY09M
1ON1HvGn26+EMb6+rCKtHPpH+ICzeXOtc/+hELW1cv0raPOZaje9wBhWPrBY+Bh0
gPUjy9mhXvvajr49V/81hRqMsEJ+/n4GAftMh/gMqFk7GNYIYoVK+2aVk2oU44Ii
2lh7CSi5IT/zQvwhs7HmY5ZGCd3Yt3RY92hIvElBLqw85/RDuOhC+6GU38KuBSQC
GPOnbJO8ik5VxCDR++hjxLd+gKnPyxpC+7/ATgrA/zZKJRElZo9rBe/J4QIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFBRNs+rJTtvjwp1Kg+Ud2F/gN5EYMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvRkUyejZzbE8yLVBDblVxRDVSM1lYLUEza1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgdMEAgABMIHMAwQD
JRqQAwMBLnQDAwAu0gMDAD4AAwMAPloDBARQ+pADAwBSpgMDAVVAAwMAVfoDAwFZ
igMDAV2sAwMAXyMDAwBtugMDAG39AwQAjeKEAwQAjeKGAwQDk6EIAwQAk+oRAwQA
k+oWMAwDBAGT6hoDBACT6hwDBACT6iswDAMEAJPqUwMEAJPqVAMEAJPqVjALAwQH
sAyAAwMBsAwDBALAdhwDAwDCWgMDAMfLAwQGz+gAAwQG1B3AAwMA1I8DAwDUlgME
B9TrAAMDANmEMBsEAgACMBUDBQMgAU3wAwUDKgIBSAMFACoDxcAwDQYJKoZIhvcN
AQELBQADggEBAEuUl8ZLs1wmVcH4jef7c8TXpjb7WQqWMBW0L3RubKyab2qZIaUW
Sy3WLe0PjI/pi2oFFt2zUiLukq0SxBYSy0z//FV0kA2LosO9B4e7kw23iDhaok2z
TN7LZKjqW/fJzqQqavD60EUub+q6auB3x1VnqoBuPURpcqnQS6qa8rypSsEh4aFO
4J16lrEXzYPitf3ZrvpP3HFjip0QSsuAfuDqqLsNVErBmlcYQykSVF+L0VBjBN9S
5Z7dMutZUAn6zCCyxtyKXfS+RedoEpldiSKqE5Z9MJjzmOZR9JSw9UgwfgGs0HQY
N2KionybbAmTQqM91gRclx/ksGbSc5eCGdQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:56 2024 by rpki-client on console-ams.rpki-client.org