Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/7P258AyW20FtibPdGh5gOKlwd9Y.roa
File:                     7P258AyW20FtibPdGh5gOKlwd9Y.roa (raw, json)
Hash identifier:          Mu51xvxPV02i/nrEENCxZ04J3g7Vv6TCzA0YWUqa3kg=
Subject key identifier:   EC:FD:B9:F0:0C:96:DB:41:6D:89:B3:DD:1A:1E:60:38:A9:70:77:D6
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018D8A0C90B25DD3872B3D6FA0C273F6EECC
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/7P258AyW20FtibPdGh5gOKlwd9Y.roa
Signing time:             Thu 08 Feb 2024 18:48:15 +0000
ROA not before:           Thu 08 Feb 2024 18:48:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44889
IP address blocks:        46.38.129.0/24 maxlen: 24
                          46.38.131.0/24 maxlen: 24
                          46.38.132.0/24 maxlen: 24
                          46.38.133.0/24 maxlen: 24
                          46.38.134.0/24 maxlen: 24
                          46.38.135.0/24 maxlen: 24
                          46.38.136.0/24 maxlen: 24
                          46.38.137.0/24 maxlen: 24
                          46.38.138.0/24 maxlen: 24
                          46.38.139.0/24 maxlen: 24
                          46.38.140.0/24 maxlen: 24
                          46.38.144.0/21 maxlen: 21
                          46.38.144.0/23 maxlen: 23
                          46.38.150.0/24 maxlen: 24
                          46.38.152.0/22 maxlen: 22
                          46.38.156.0/23 maxlen: 23
                          46.38.158.0/24 maxlen: 24
                          109.94.164.0/24 maxlen: 24
                          109.94.165.0/24 maxlen: 24
                          185.24.148.0/24 maxlen: 24
                          185.24.149.0/24 maxlen: 24
                          185.24.150.0/24 maxlen: 24
                          185.24.151.0/24 maxlen: 24
                          185.29.220.0/24 maxlen: 24
                          185.29.221.0/24 maxlen: 24
                          185.29.222.0/24 maxlen: 24
                          185.29.223.0/24 maxlen: 24
                          185.143.72.0/24 maxlen: 24
                          185.143.73.0/24 maxlen: 24
                          185.143.74.0/24 maxlen: 24
                          185.143.75.0/24 maxlen: 24
                          212.16.64.0/19 maxlen: 24
                          212.16.71.0/24 maxlen: 24
                          212.16.72.0/24 maxlen: 25
                          212.16.78.0/24 maxlen: 24
                          212.16.79.0/24 maxlen: 24
                          212.16.86.0/23 maxlen: 23
                          212.16.89.0/24 maxlen: 24
                          212.16.92.0/23 maxlen: 23
                          212.80.0.0/19 maxlen: 24
                          212.80.2.0/24 maxlen: 24
                          212.80.6.0/24 maxlen: 24
                          212.80.7.0/24 maxlen: 24
                          212.80.29.0/24 maxlen: 24
                          2a00:7d80::/29 maxlen: 64

Validation:               Failed, certificate revoked on Mon 12 Feb 2024 11:51:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:8a:0c:90:b2:5d:d3:87:2b:3d:6f:a0:c2:73:f6:ee:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Feb  8 18:48:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ecfdb9f00c96db416d89b3dd1a1e6038a97077d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:3a:48:d1:34:13:10:26:c4:7b:91:d7:1b:4a:
                    df:f7:4f:9d:29:a0:aa:b4:b4:dc:08:4c:ea:d1:b5:
                    46:31:84:85:ee:e8:92:00:55:28:29:44:1b:fa:46:
                    75:74:e2:76:b1:47:7f:6e:01:e7:b8:92:12:a2:ec:
                    01:05:52:c8:8c:ed:9b:8a:38:75:9f:0e:d2:63:91:
                    6b:16:20:f0:2d:dc:ee:61:1e:99:f5:56:8a:ee:19:
                    44:2b:a0:2c:c0:73:99:3f:d2:6a:c7:13:80:5b:78:
                    ad:31:e3:cf:1e:4f:37:45:f8:54:dc:62:67:4b:97:
                    b2:f9:19:d0:7b:49:b7:e0:31:f8:20:12:28:42:ba:
                    b4:a6:9e:21:ca:50:2f:e6:f7:50:49:28:d7:b5:fc:
                    09:1d:71:0a:fd:ab:7e:ab:2d:f2:18:80:ca:49:a2:
                    c7:1a:d4:8e:45:7e:23:51:b4:20:24:e9:45:a1:fa:
                    3b:a9:f5:29:a2:33:83:cc:d7:44:9d:85:2e:3c:1c:
                    5d:57:b7:ee:ec:2b:23:d2:e2:26:54:90:63:a3:cd:
                    10:77:35:3f:86:9b:53:82:58:e3:7a:30:ac:4e:13:
                    90:0b:bd:a1:fc:1b:c3:80:2b:4a:d9:a0:e1:6b:79:
                    7e:7a:1c:96:ea:64:5c:aa:54:69:23:e0:4c:d1:d2:
                    73:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:FD:B9:F0:0C:96:DB:41:6D:89:B3:DD:1A:1E:60:38:A9:70:77:D6
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/7P258AyW20FtibPdGh5gOKlwd9Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.129.0/24
                  46.38.131.0-46.38.140.255
                  46.38.144.0-46.38.158.255
                  109.94.164.0/23
                  185.24.148.0/22
                  185.29.220.0/22
                  185.143.72.0/22
                  212.16.64.0/19
                  212.80.0.0/19
                IPv6:
                  2a00:7d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         a6:98:ed:60:60:58:88:d7:c9:9e:26:c0:da:82:9e:24:72:40:
         1c:ea:3d:6e:38:52:4f:d8:65:2b:c5:b8:63:61:e9:7d:6c:e9:
         45:a0:b4:bc:cc:e0:95:32:87:91:c7:c2:06:f7:59:20:a0:ac:
         05:a6:ba:db:8d:f1:cb:bb:e9:de:86:36:6f:1b:80:08:2a:c4:
         27:84:59:76:3c:0d:e7:21:64:76:8d:e8:d4:64:64:7e:5f:ce:
         10:b8:1c:65:26:5e:6e:a0:74:4f:81:c2:dd:d5:7c:fc:c2:0d:
         12:00:d0:6d:60:f9:8b:9d:b8:3e:ae:95:f4:eb:44:c6:b0:73:
         fd:5f:55:28:a5:74:ac:ef:93:0f:af:19:a3:c6:d9:25:76:05:
         ce:14:95:63:14:9a:56:66:68:a1:3e:f2:25:35:7a:ce:54:eb:
         72:76:31:ae:38:b5:90:76:1c:a9:79:0c:83:04:ba:1d:39:91:
         01:f2:d6:05:eb:51:97:7d:a0:ef:da:b1:30:f3:2a:a9:7b:7b:
         00:26:bb:a1:ca:fd:c2:5e:99:d0:6d:dc:7e:f1:62:33:87:d8:
         6d:5a:64:b5:ff:d7:f9:59:86:bc:41:c4:c2:36:d3:b1:5d:e2:
         e6:e7:05:c6:d8:a5:88:17:e5:13:e5:06:33:31:d7:e5:e5:66:
         ea:94:f2:57
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAY2KDJCyXdOHKz1voMJz9u7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjA4MTg0ODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2ZkYjlmMDBjOTZkYjQxNmQ4OWIzZGQxYTFlNjAzOGE5NzA3N2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTpI0TQTECbEe5HXG0rf90+dKaCq
tLTcCEzq0bVGMYSF7uiSAFUoKUQb+kZ1dOJ2sUd/bgHnuJISouwBBVLIjO2bijh1
nw7SY5FrFiDwLdzuYR6Z9VaK7hlEK6AswHOZP9JqxxOAW3itMePPHk83RfhU3GJn
S5ey+RnQe0m34DH4IBIoQrq0pp4hylAv5vdQSSjXtfwJHXEK/at+qy3yGIDKSaLH
GtSORX4jUbQgJOlFofo7qfUpojODzNdEnYUuPBxdV7fu7Csj0uImVJBjo80QdzU/
hptTgljjejCsThOQC72h/BvDgCtK2aDha3l+ehyW6mRcqlRpI+BM0dJzyQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFOz9ufAMlttBbYmz3RoeYDipcHfWMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvN1AyNThBeVcyMEZ0aWJQZEdoNWdPS2x3ZDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQALiaBMAwD
BAAuJoMDBAAuJowwDAMEBC4mkAMEAC4mngMEAW1epAMEArkYlAMEArkd3AMEArmP
SAMEBdQQQAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEA
ppjtYGBYiNfJnibA2oKeJHJAHOo9bjhST9hlK8W4Y2HpfWzpRaC0vMzglTKHkcfC
BvdZIKCsBaa6243xy7vp3oY2bxuACCrEJ4RZdjwN5yFkdo3o1GRkfl/OELgcZSZe
bqB0T4HC3dV8/MINEgDQbWD5i524Pq6V9OtExrBz/V9VKKV0rO+TD68Zo8bZJXYF
zhSVYxSaVmZooT7yJTV6zlTrcnYxrji1kHYcqXkMgwS6HTmRAfLWBetRl32g79qx
MPMqqXt7ACa7ocr9wl6Z0G3cfvFiM4fYbVpktf/X+VmGvEHEwjbTsV3i5ucFxtil
iBflE+UGMzHX5eVm6pTyVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org