Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/g2SVYp1x6dZOtG7rGogWtYMmNdY.roa
File:                     g2SVYp1x6dZOtG7rGogWtYMmNdY.roa (raw, json)
Hash identifier:          Mrdo4KcNJ6HI66WUXk6713YT2TTaepMGtKTdnFulttg=
Subject key identifier:   83:64:95:62:9D:71:E9:D6:4E:B4:6E:EB:1A:88:16:B5:83:26:35:D6
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018F59764F64976CB74CDB61D488836293FD
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/g2SVYp1x6dZOtG7rGogWtYMmNdY.roa
Signing time:             Wed 08 May 2024 18:27:56 +0000
ROA not before:           Wed 08 May 2024 18:27:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44889
IP address blocks:        46.38.129.0/24 maxlen: 24
                          46.38.131.0/24 maxlen: 24
                          46.38.136.0/24 maxlen: 24
                          46.38.137.0/24 maxlen: 24
                          46.38.138.0/24 maxlen: 24
                          46.38.139.0/24 maxlen: 24
                          46.38.140.0/24 maxlen: 24
                          46.38.144.0/23 maxlen: 23
                          46.38.150.0/24 maxlen: 24
                          109.94.164.0/24 maxlen: 24
                          109.94.165.0/24 maxlen: 24
                          185.24.148.0/24 maxlen: 24
                          185.24.149.0/24 maxlen: 24
                          185.24.150.0/24 maxlen: 24
                          185.24.151.0/24 maxlen: 24
                          185.29.220.0/24 maxlen: 24
                          185.29.221.0/24 maxlen: 24
                          185.29.222.0/24 maxlen: 24
                          185.29.223.0/24 maxlen: 24
                          185.143.74.0/24 maxlen: 24
                          185.143.75.0/24 maxlen: 24
                          212.16.64.0/19 maxlen: 24
                          212.16.71.0/24 maxlen: 24
                          212.16.72.0/24 maxlen: 25
                          212.16.86.0/23 maxlen: 23
                          212.16.89.0/24 maxlen: 24
                          212.80.0.0/19 maxlen: 24
                          212.80.2.0/24 maxlen: 24
                          2a00:7d80::/29 maxlen: 64

Validation:               Failed, certificate revoked on Wed 05 Jun 2024 06:16:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:59:76:4f:64:97:6c:b7:4c:db:61:d4:88:83:62:93:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: May  8 18:27:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=836495629d71e9d64eb46eeb1a8816b5832635d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:7f:0d:20:c2:05:17:5f:6d:d5:71:37:54:09:
                    35:ad:35:1c:30:dc:1e:f6:e2:55:08:eb:9b:2a:46:
                    5b:0f:31:38:04:78:c3:70:b9:87:34:57:55:41:ce:
                    c2:f7:bd:44:bf:65:05:0f:c1:09:dc:01:86:95:ee:
                    4a:43:23:64:97:c1:ab:91:dc:34:7b:c8:46:d8:2f:
                    6d:59:5b:d1:ad:e2:d3:2c:ca:8a:15:d8:8b:4a:53:
                    c1:73:77:1f:93:ec:ee:ba:ea:25:b2:d9:90:60:73:
                    64:6a:71:5c:dd:5e:5d:96:90:b2:00:d7:fa:69:70:
                    4c:1c:e1:74:83:27:34:e6:14:95:dc:39:78:0a:b2:
                    5d:94:05:a1:67:e4:de:be:54:eb:f8:f2:a6:46:72:
                    8a:e1:bc:b2:98:b2:f1:d5:39:24:34:c7:28:79:55:
                    2f:a0:66:e6:c9:33:b4:dd:6c:74:6f:16:13:2f:b7:
                    c8:39:cb:c2:78:1f:c5:6d:a5:d1:09:9f:1b:a4:5c:
                    38:e7:d7:4b:ca:68:db:c6:c8:00:04:3d:39:55:fc:
                    77:ce:3a:3e:43:ce:8c:ee:4e:a1:25:15:2a:eb:39:
                    bd:2f:e5:1e:34:92:f0:15:bd:12:b9:b0:f8:31:a1:
                    b7:67:cb:5a:88:18:6a:5c:52:db:1c:2b:e7:8c:6b:
                    e2:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:64:95:62:9D:71:E9:D6:4E:B4:6E:EB:1A:88:16:B5:83:26:35:D6
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/g2SVYp1x6dZOtG7rGogWtYMmNdY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.129.0/24
                  46.38.131.0/24
                  46.38.136.0-46.38.140.255
                  46.38.144.0/23
                  46.38.150.0/24
                  109.94.164.0/23
                  185.24.148.0/22
                  185.29.220.0/22
                  185.143.74.0/23
                  212.16.64.0/19
                  212.80.0.0/19
                IPv6:
                  2a00:7d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         1f:dc:01:33:fd:e5:fa:1b:72:dd:fb:43:83:2f:8f:13:2f:8c:
         1d:cc:e1:e9:be:89:5b:6d:9a:02:d4:f6:5e:71:0f:76:47:89:
         59:83:13:15:80:31:2b:8a:93:37:d4:68:32:09:17:07:e0:a1:
         69:c5:56:69:09:e6:af:f6:df:28:9e:60:a1:ea:f9:12:d5:10:
         21:b3:cd:50:4d:50:26:a2:60:bf:65:3c:de:ba:13:33:1f:ae:
         6a:34:7b:62:26:1b:42:00:91:45:1d:26:4c:9f:35:5e:04:71:
         22:5f:48:2d:58:b7:78:9e:fa:a9:79:c7:10:f1:dc:b0:2a:57:
         98:55:aa:21:b6:4e:65:f6:33:ae:96:36:9a:dc:8a:f2:36:ec:
         d8:cf:d6:70:c3:39:f5:4d:5c:40:13:25:22:b3:65:0f:3e:5d:
         cb:d4:21:93:46:2f:09:b4:48:a4:34:09:35:33:11:0b:25:1a:
         d3:b3:9a:09:58:b2:a3:0a:25:b0:e1:86:8b:1d:14:48:8b:0a:
         ba:ae:ee:77:f4:e0:5e:f3:7f:64:4f:48:75:ab:57:67:57:12:
         54:22:f2:18:7d:a3:6f:e9:ed:b5:9b:63:93:c5:de:31:5b:1a:
         ce:2d:65:a0:11:7f:6d:d0:a5:b1:80:77:c2:1b:32:9d:75:06:
         65:c7:46:c4
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAY9Zdk9kl2y3TNth1IiDYpP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNTA4MTgyNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzY0OTU2MjlkNzFlOWQ2NGViNDZlZWIxYTg4MTZiNTgzMjYzNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzX8NIMIFF19t1XE3VAk1rTUcMNwe
9uJVCOubKkZbDzE4BHjDcLmHNFdVQc7C971Ev2UFD8EJ3AGGle5KQyNkl8Grkdw0
e8hG2C9tWVvRreLTLMqKFdiLSlPBc3cfk+zuuuolstmQYHNkanFc3V5dlpCyANf6
aXBMHOF0gyc05hSV3Dl4CrJdlAWhZ+TevlTr+PKmRnKK4byymLLx1TkkNMcoeVUv
oGbmyTO03Wx0bxYTL7fIOcvCeB/FbaXRCZ8bpFw459dLymjbxsgABD05Vfx3zjo+
Q86M7k6hJRUq6zm9L+UeNJLwFb0SubD4MaG3Z8taiBhqXFLbHCvnjGvizQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFINklWKdcenWTrRu6xqIFrWDJjXWMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvZzJTVllwMXg2ZFpPdEc3ckdvZ1d0WU1tTmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQALiaBAwQA
LiaDMAwDBAMuJogDBAAuJowDBAEuJpADBAAuJpYDBAFtXqQDBAK5GJQDBAK5HdwD
BAG5j0oDBAXUEEADBAXUUAAwDQQCAAIwBwMFAyoAfYAwDQYJKoZIhvcNAQELBQAD
ggEBAB/cATP95fobct37Q4MvjxMvjB3M4em+iVttmgLU9l5xD3ZHiVmDExWAMSuK
kzfUaDIJFwfgoWnFVmkJ5q/23yieYKHq+RLVECGzzVBNUCaiYL9lPN66EzMfrmo0
e2ImG0IAkUUdJkyfNV4EcSJfSC1Yt3ie+ql5xxDx3LAqV5hVqiG2TmX2M66WNprc
ivI27NjP1nDDOfVNXEATJSKzZQ8+XcvUIZNGLwm0SKQ0CTUzEQslGtOzmglYsqMK
JbDhhosdFEiLCrqu7nf04F7zf2RPSHWrV2dXElQi8hh9o2/p7bWbY5PF3jFbGs4t
ZaARf23QpbGAd8IbMp11BmXHRsQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org