Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/a91ESGcypVZGUeHHan3AkWVOjPg.roa
File:                     a91ESGcypVZGUeHHan3AkWVOjPg.roa (raw, json)
Hash identifier:          +q22F3pMBC+Y2NMVY+yvhJSDvM2nPHAQS/jatrvMDjE=
Subject key identifier:   6B:DD:44:48:67:32:A5:56:46:51:E1:C7:6A:7D:C0:91:65:4E:8C:F8
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018D5E48B4B7CD887774B1A485BFC76E6E78
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/a91ESGcypVZGUeHHan3AkWVOjPg.roa
Signing time:             Wed 31 Jan 2024 06:50:39 +0000
ROA not before:           Wed 31 Jan 2024 06:50:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44889
IP address blocks:        46.38.128.0/24 maxlen: 24
                          46.38.129.0/24 maxlen: 24
                          46.38.130.0/24 maxlen: 24
                          46.38.131.0/24 maxlen: 24
                          46.38.132.0/24 maxlen: 24
                          46.38.133.0/24 maxlen: 24
                          46.38.134.0/24 maxlen: 24
                          46.38.135.0/24 maxlen: 24
                          46.38.136.0/24 maxlen: 24
                          46.38.137.0/24 maxlen: 24
                          46.38.138.0/24 maxlen: 24
                          46.38.139.0/24 maxlen: 24
                          46.38.140.0/24 maxlen: 24
                          46.38.141.0/24 maxlen: 24
                          46.38.144.0/21 maxlen: 21
                          46.38.144.0/23 maxlen: 23
                          46.38.150.0/24 maxlen: 24
                          46.38.152.0/22 maxlen: 22
                          46.38.156.0/23 maxlen: 23
                          46.38.158.0/24 maxlen: 24
                          109.94.164.0/24 maxlen: 24
                          109.94.165.0/24 maxlen: 24
                          185.24.148.0/24 maxlen: 24
                          185.24.149.0/24 maxlen: 24
                          185.24.150.0/24 maxlen: 24
                          185.24.151.0/24 maxlen: 24
                          185.29.220.0/24 maxlen: 24
                          185.29.221.0/24 maxlen: 24
                          185.29.222.0/24 maxlen: 24
                          185.29.223.0/24 maxlen: 24
                          185.143.72.0/24 maxlen: 24
                          185.143.73.0/24 maxlen: 24
                          185.143.74.0/24 maxlen: 24
                          185.143.75.0/24 maxlen: 24
                          212.16.64.0/19 maxlen: 24
                          212.16.71.0/24 maxlen: 24
                          212.16.72.0/24 maxlen: 25
                          212.16.78.0/24 maxlen: 24
                          212.16.79.0/24 maxlen: 24
                          212.16.80.0/24 maxlen: 24
                          212.16.85.0/24 maxlen: 24
                          212.16.86.0/23 maxlen: 23
                          212.16.89.0/24 maxlen: 24
                          212.16.92.0/23 maxlen: 23
                          212.16.94.0/24 maxlen: 24
                          212.80.0.0/19 maxlen: 24
                          212.80.0.0/24 maxlen: 24
                          212.80.2.0/24 maxlen: 24
                          212.80.6.0/24 maxlen: 24
                          212.80.7.0/24 maxlen: 24
                          212.80.29.0/24 maxlen: 24
                          2a00:7d80::/29 maxlen: 64

Validation:               Failed, certificate revoked on Thu 01 Feb 2024 15:07:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:5e:48:b4:b7:cd:88:77:74:b1:a4:85:bf:c7:6e:6e:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Jan 31 06:50:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6bdd44486732a5564651e1c76a7dc091654e8cf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:1b:2b:6f:73:a5:3c:43:b2:f1:da:89:ea:42:
                    e7:6d:38:6c:93:85:55:d1:bb:95:ac:7b:2b:03:aa:
                    62:92:3d:43:5d:fb:26:c6:38:f6:b6:63:86:bc:94:
                    fb:50:2e:fe:7d:ad:f8:0a:97:c9:8a:48:00:17:3c:
                    c5:43:21:c3:e7:3b:5b:d5:b4:0d:f3:1b:74:a3:ab:
                    2e:dd:b0:f5:90:36:5c:27:7d:24:34:46:eb:66:e8:
                    8b:dc:6a:0c:b8:f4:88:57:be:0c:d2:f1:8e:40:2b:
                    e3:9f:f3:ce:39:d3:f5:d6:9e:7c:fe:c5:45:77:90:
                    fe:3c:08:d6:45:cd:bf:e6:a8:08:c6:17:69:4a:f4:
                    8e:b7:fc:e9:45:53:be:f5:59:32:4f:f6:c5:66:0d:
                    38:d4:bf:ac:70:6a:4c:fe:8d:83:f0:34:2a:b5:08:
                    17:e0:22:4d:21:f6:ff:ee:fa:a3:ff:1a:af:4b:69:
                    8c:e2:0b:16:ed:e7:51:3a:14:79:3f:a5:57:c0:71:
                    ab:ac:f6:d1:e1:03:5d:cd:9c:83:cf:fe:a1:30:dc:
                    e7:ab:0d:2b:e8:d3:4a:59:fb:8a:ef:f0:b7:61:d2:
                    c4:61:97:84:1c:66:1c:4b:72:76:d3:38:9a:2d:c4:
                    77:43:84:49:77:f5:d0:d6:31:da:ec:f4:b9:cf:77:
                    04:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:DD:44:48:67:32:A5:56:46:51:E1:C7:6A:7D:C0:91:65:4E:8C:F8
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/a91ESGcypVZGUeHHan3AkWVOjPg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.128.0-46.38.141.255
                  46.38.144.0-46.38.158.255
                  109.94.164.0/23
                  185.24.148.0/22
                  185.29.220.0/22
                  185.143.72.0/22
                  212.16.64.0/19
                  212.80.0.0/19
                IPv6:
                  2a00:7d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         5f:6f:a2:12:d0:b6:29:4b:5d:b0:9d:a4:6a:ae:da:c4:27:91:
         21:b1:37:29:11:98:e4:f6:8f:fe:b9:c8:d1:d6:89:d7:25:3d:
         15:7e:31:8d:fd:7c:fd:2d:fe:37:07:af:db:76:7a:de:71:14:
         68:b4:49:b4:02:79:3a:1d:e9:32:10:ce:3e:0b:f1:b4:2b:16:
         c0:2f:27:c3:9e:23:3b:1e:a4:78:28:ab:af:ea:63:8b:81:c2:
         c8:17:b7:19:cc:be:2b:17:a4:f3:f8:9b:02:96:82:4c:ba:f7:
         09:2e:1f:73:24:ea:35:58:cb:0a:62:f9:91:90:a4:b4:d4:51:
         73:77:f6:41:6e:49:18:c6:16:84:1a:87:7d:17:23:17:20:fb:
         50:43:02:72:c0:92:bc:e0:d4:b9:1b:20:9d:98:99:78:1a:71:
         5d:72:1b:aa:95:fe:96:80:00:2c:8a:4f:2b:f8:c0:90:b9:ee:
         a4:e7:3f:a5:b3:46:b8:24:6a:00:85:89:6e:37:13:ff:7b:7c:
         35:7d:24:2b:0d:75:5a:cb:6c:94:ce:e1:be:0c:19:f7:10:b8:
         02:0e:23:0e:a2:91:38:58:19:fb:e9:c9:19:3e:8e:84:01:92:
         7a:5e:ce:5d:88:bd:58:27:b0:cf:49:6a:a3:d0:94:41:ee:58:
         e7:96:17:34
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAY1eSLS3zYh3dLGkhb/Hbm54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMTMxMDY1MDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmRkNDQ0ODY3MzJhNTU2NDY1MWUxYzc2YTdkYzA5MTY1NGU4Y2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBsrb3OlPEOy8dqJ6kLnbThsk4VV
0buVrHsrA6pikj1DXfsmxjj2tmOGvJT7UC7+fa34CpfJikgAFzzFQyHD5ztb1bQN
8xt0o6su3bD1kDZcJ30kNEbrZuiL3GoMuPSIV74M0vGOQCvjn/POOdP11p58/sVF
d5D+PAjWRc2/5qgIxhdpSvSOt/zpRVO+9VkyT/bFZg041L+scGpM/o2D8DQqtQgX
4CJNIfb/7vqj/xqvS2mM4gsW7edROhR5P6VXwHGrrPbR4QNdzZyDz/6hMNznqw0r
6NNKWfuK7/C3YdLEYZeEHGYcS3J20ziaLcR3Q4RJd/XQ1jHa7PS5z3cEhwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFGvdREhnMqVWRlHhx2p9wJFlToz4MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvYTkxRVNHY3lwVlpHVWVISGFuM0FrV1ZPalBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBAcuJoAD
BAEuJowwDAMEBC4mkAMEAC4mngMEAW1epAMEArkYlAMEArkd3AMEArmPSAMEBdQQ
QAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEAX2+iEtC2
KUtdsJ2kaq7axCeRIbE3KRGY5PaP/rnI0daJ1yU9FX4xjf18/S3+Nwev23Z63nEU
aLRJtAJ5Oh3pMhDOPgvxtCsWwC8nw54jOx6keCirr+pji4HCyBe3Gcy+Kxek8/ib
ApaCTLr3CS4fcyTqNVjLCmL5kZCktNRRc3f2QW5JGMYWhBqHfRcjFyD7UEMCcsCS
vODUuRsgnZiZeBpxXXIbqpX+loAALIpPK/jAkLnupOc/pbNGuCRqAIWJbjcT/3t8
NX0kKw11WstslM7hvgwZ9xC4Ag4jDqKROFgZ++nJGT6OhAGSel7OXYi9WCewz0lq
o9CUQe5Y55YXNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org