Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/_cNa3JTG7to6YR9d77I90f0u_e8.roa
File:                     _cNa3JTG7to6YR9d77I90f0u_e8.roa (raw, json)
Hash identifier:          y+/WI7H9NtbRUC9FeD8ktuIu9esVRw/kAXxsRCuDKHs=
Subject key identifier:   FD:C3:5A:DC:94:C6:EE:DA:3A:61:1F:5D:EF:B2:3D:D1:FD:2E:FD:EF
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018DAC187AB7FB72A78081D6F17631B3243E
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/_cNa3JTG7to6YR9d77I90f0u_e8.roa
Signing time:             Thu 15 Feb 2024 09:28:21 +0000
ROA not before:           Thu 15 Feb 2024 09:28:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44889
IP address blocks:        46.38.129.0/24 maxlen: 24
                          46.38.131.0/24 maxlen: 24
                          46.38.136.0/24 maxlen: 24
                          46.38.137.0/24 maxlen: 24
                          46.38.138.0/24 maxlen: 24
                          46.38.139.0/24 maxlen: 24
                          46.38.140.0/24 maxlen: 24
                          46.38.144.0/23 maxlen: 23
                          46.38.150.0/24 maxlen: 24
                          46.38.152.0/22 maxlen: 22
                          46.38.156.0/23 maxlen: 23
                          109.94.164.0/24 maxlen: 24
                          109.94.165.0/24 maxlen: 24
                          185.24.148.0/24 maxlen: 24
                          185.24.149.0/24 maxlen: 24
                          185.24.150.0/24 maxlen: 24
                          185.24.151.0/24 maxlen: 24
                          185.29.220.0/24 maxlen: 24
                          185.29.221.0/24 maxlen: 24
                          185.29.222.0/24 maxlen: 24
                          185.29.223.0/24 maxlen: 24
                          185.143.72.0/24 maxlen: 24
                          185.143.73.0/24 maxlen: 24
                          185.143.74.0/24 maxlen: 24
                          185.143.75.0/24 maxlen: 24
                          212.16.64.0/19 maxlen: 24
                          212.16.71.0/24 maxlen: 24
                          212.16.72.0/24 maxlen: 25
                          212.16.78.0/24 maxlen: 24
                          212.16.79.0/24 maxlen: 24
                          212.16.86.0/23 maxlen: 23
                          212.16.89.0/24 maxlen: 24
                          212.80.0.0/19 maxlen: 24
                          212.80.2.0/24 maxlen: 24
                          212.80.29.0/24 maxlen: 24
                          2a00:7d80::/29 maxlen: 64

Validation:               Failed, certificate revoked on Thu 15 Feb 2024 15:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ac:18:7a:b7:fb:72:a7:80:81:d6:f1:76:31:b3:24:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Feb 15 09:28:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fdc35adc94c6eeda3a611f5defb23dd1fd2efdef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:2e:e5:17:7b:19:15:d7:22:d6:39:58:73:e4:
                    bb:6c:30:a1:3b:0e:2d:10:97:b5:78:a0:ab:d2:32:
                    27:c3:a2:7a:ee:fa:9c:25:82:24:bb:73:9b:eb:35:
                    d3:bc:11:91:34:5b:3a:ed:d2:4c:62:50:35:fe:45:
                    0e:dc:4a:d4:c1:c1:aa:43:fd:f7:07:9a:7d:ce:35:
                    99:eb:62:87:99:bb:cb:91:e2:ad:eb:06:9a:5f:be:
                    84:89:30:18:8c:ce:cb:44:0d:76:a3:a6:da:52:c5:
                    15:4f:df:bf:8c:89:e0:c5:4f:a1:a9:e2:56:4a:7b:
                    14:f1:e0:22:9b:ff:21:0c:03:5e:13:72:b0:95:c5:
                    27:80:46:0e:f0:0c:53:89:08:f4:99:9b:32:b0:cf:
                    ff:99:41:36:39:23:c6:b4:53:24:23:f1:9a:35:3c:
                    3f:b0:f6:2f:14:54:9f:0b:d9:ca:23:78:8c:f8:4e:
                    ed:81:20:cb:55:61:ea:09:66:86:23:2f:a7:da:7e:
                    ef:f1:63:9e:b8:45:1e:23:e3:fe:4a:07:d4:84:6d:
                    60:f9:97:d1:8b:af:46:e5:43:88:1a:b0:39:de:88:
                    b6:d7:eb:79:5a:87:fe:98:b5:65:f7:da:84:60:79:
                    b8:4f:a6:f8:3a:07:f4:3f:bd:fd:57:12:5b:19:06:
                    12:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:C3:5A:DC:94:C6:EE:DA:3A:61:1F:5D:EF:B2:3D:D1:FD:2E:FD:EF
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/_cNa3JTG7to6YR9d77I90f0u_e8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.129.0/24
                  46.38.131.0/24
                  46.38.136.0-46.38.140.255
                  46.38.144.0/23
                  46.38.150.0/24
                  46.38.152.0-46.38.157.255
                  109.94.164.0/23
                  185.24.148.0/22
                  185.29.220.0/22
                  185.143.72.0/22
                  212.16.64.0/19
                  212.80.0.0/19
                IPv6:
                  2a00:7d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         46:51:a5:e6:5d:cb:21:76:c6:fd:7d:36:a6:2b:4d:34:4c:5d:
         89:f5:eb:9e:7b:1c:b9:62:87:f7:6e:99:53:42:3f:c7:90:ac:
         67:7b:d1:bb:c9:b6:aa:07:83:6e:8d:5d:5d:d2:f3:8a:64:17:
         46:ea:3a:ef:dc:9d:ef:9d:09:49:aa:ad:87:83:af:38:d2:d8:
         aa:6b:f2:91:98:51:cf:b1:ee:9c:53:89:a1:14:98:e0:66:76:
         c7:1e:73:da:2a:ff:d5:96:75:09:ab:e5:f7:6d:73:2e:38:cf:
         5b:15:f5:30:b7:9f:0e:4a:ff:db:95:44:f3:91:33:1a:3c:25:
         c8:33:08:cc:2a:8d:b0:8a:2c:17:41:bd:32:a1:45:83:09:5d:
         72:46:37:99:a9:32:54:6e:2b:b3:bf:1d:d1:10:63:0f:ec:30:
         7f:e6:22:90:21:0d:87:b2:86:52:87:a9:74:31:ef:5c:dd:86:
         28:1c:12:64:46:d2:97:6c:70:0d:11:46:98:aa:e0:48:57:c3:
         b5:97:99:df:9a:27:1c:aa:8e:f9:e3:52:9a:fa:80:16:7a:3d:
         73:79:84:64:37:62:66:ff:01:52:52:55:5e:73:4b:05:0f:3b:
         89:be:18:86:c2:12:2f:a5:c2:54:1e:85:f4:e9:ac:7b:73:c6:
         3d:9e:df:75
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAY2sGHq3+3KngIHW8XYxsyQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjE1MDkyODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGMzNWFkYzk0YzZlZWRhM2E2MTFmNWRlZmIyM2RkMWZkMmVmZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAky7lF3sZFdci1jlYc+S7bDChOw4t
EJe1eKCr0jInw6J67vqcJYIku3Ob6zXTvBGRNFs67dJMYlA1/kUO3ErUwcGqQ/33
B5p9zjWZ62KHmbvLkeKt6waaX76EiTAYjM7LRA12o6baUsUVT9+/jIngxU+hqeJW
SnsU8eAim/8hDANeE3KwlcUngEYO8AxTiQj0mZsysM//mUE2OSPGtFMkI/GaNTw/
sPYvFFSfC9nKI3iM+E7tgSDLVWHqCWaGIy+n2n7v8WOeuEUeI+P+SgfUhG1g+ZfR
i69G5UOIGrA53oi21+t5Wof+mLVl99qEYHm4T6b4Ogf0P739VxJbGQYSBQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFP3DWtyUxu7aOmEfXe+yPdH9Lv3vMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvX2NOYTNKVEc3dG82WVI5ZDc3STkwZjB1X2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wXgQCAAEwWAMEAC4mgQME
AC4mgzAMAwQDLiaIAwQALiaMAwQBLiaQAwQALiaWMAwDBAMuJpgDBAEuJpwDBAFt
XqQDBAK5GJQDBAK5HdwDBAK5j0gDBAXUEEADBAXUUAAwDQQCAAIwBwMFAyoAfYAw
DQYJKoZIhvcNAQELBQADggEBAEZRpeZdyyF2xv19NqYrTTRMXYn16557HLlih/du
mVNCP8eQrGd70bvJtqoHg26NXV3S84pkF0bqOu/cne+dCUmqrYeDrzjS2Kpr8pGY
Uc+x7pxTiaEUmOBmdscec9oq/9WWdQmr5fdtcy44z1sV9TC3nw5K/9uVRPORMxo8
JcgzCMwqjbCKLBdBvTKhRYMJXXJGN5mpMlRuK7O/HdEQYw/sMH/mIpAhDYeyhlKH
qXQx71zdhigcEmRG0pdscA0RRpiq4EhXw7WXmd+aJxyqjvnjUpr6gBZ6PXN5hGQ3
Ymb/AVJSVV5zSwUPO4m+GIbCEi+lwlQehfTprHtzxj2e33U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org