Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/gwjEj9Hugg-DoYkVoVw5wtOMCkY.roa
File:                     gwjEj9Hugg-DoYkVoVw5wtOMCkY.roa (raw, json)
Hash identifier:          IsEzBLooPI+CPXtWmu6SoFv0TxWUTl7iF4ltl8HKnp8=
Subject key identifier:   83:08:C4:8F:D1:EE:82:0F:83:A1:89:15:A1:5C:39:C2:D3:8C:0A:46
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018D9D2852E44048A238C4A5ACCB67334831
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/gwjEj9Hugg-DoYkVoVw5wtOMCkY.roa
Signing time:             Mon 12 Feb 2024 11:51:22 +0000
ROA not before:           Mon 12 Feb 2024 11:51:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44889
IP address blocks:        46.38.129.0/24 maxlen: 24
                          46.38.131.0/24 maxlen: 24
                          46.38.132.0/24 maxlen: 24
                          46.38.133.0/24 maxlen: 24
                          46.38.134.0/24 maxlen: 24
                          46.38.135.0/24 maxlen: 24
                          46.38.136.0/24 maxlen: 24
                          46.38.137.0/24 maxlen: 24
                          46.38.138.0/24 maxlen: 24
                          46.38.139.0/24 maxlen: 24
                          46.38.140.0/24 maxlen: 24
                          46.38.144.0/21 maxlen: 21
                          46.38.144.0/23 maxlen: 23
                          46.38.150.0/24 maxlen: 24
                          46.38.152.0/22 maxlen: 22
                          46.38.156.0/23 maxlen: 23
                          46.38.158.0/24 maxlen: 24
                          109.94.164.0/24 maxlen: 24
                          109.94.165.0/24 maxlen: 24
                          185.24.148.0/24 maxlen: 24
                          185.24.149.0/24 maxlen: 24
                          185.24.150.0/24 maxlen: 24
                          185.24.151.0/24 maxlen: 24
                          185.29.220.0/24 maxlen: 24
                          185.29.221.0/24 maxlen: 24
                          185.29.222.0/24 maxlen: 24
                          185.29.223.0/24 maxlen: 24
                          185.143.72.0/24 maxlen: 24
                          185.143.73.0/24 maxlen: 24
                          185.143.74.0/24 maxlen: 24
                          185.143.75.0/24 maxlen: 24
                          212.16.64.0/19 maxlen: 24
                          212.16.71.0/24 maxlen: 24
                          212.16.72.0/24 maxlen: 25
                          212.16.78.0/24 maxlen: 24
                          212.16.79.0/24 maxlen: 24
                          212.16.86.0/23 maxlen: 23
                          212.16.89.0/24 maxlen: 24
                          212.80.0.0/19 maxlen: 24
                          212.80.2.0/24 maxlen: 24
                          212.80.6.0/24 maxlen: 24
                          212.80.7.0/24 maxlen: 24
                          212.80.29.0/24 maxlen: 24
                          2a00:7d80::/29 maxlen: 64

Validation:               Failed, certificate revoked on Tue 13 Feb 2024 11:31:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:9d:28:52:e4:40:48:a2:38:c4:a5:ac:cb:67:33:48:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Feb 12 11:51:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8308c48fd1ee820f83a18915a15c39c2d38c0a46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:27:3d:2d:31:cb:8c:cd:0a:75:b0:4a:84:6f:
                    a0:1b:1d:3c:29:f4:f9:7d:af:c2:9f:a8:bf:91:30:
                    53:30:a8:bb:dc:b2:80:fd:f8:78:65:40:9a:e2:71:
                    30:66:e5:f9:9e:fc:43:1c:fe:f9:d7:59:61:c5:57:
                    85:ed:a5:89:af:3c:9f:ae:ea:f8:f5:b9:ae:c7:43:
                    eb:d6:04:e5:ab:30:e4:9c:84:9f:12:64:d7:1d:13:
                    27:34:f6:3a:5e:04:d6:ae:c9:06:27:6a:07:e5:f3:
                    75:0f:ec:f7:de:7e:2f:c6:72:23:89:1b:fc:08:0f:
                    cf:95:0f:3c:33:7a:c9:f0:ca:33:8f:99:0b:1e:3c:
                    8a:bf:c7:a0:a8:c3:3e:34:f8:a2:e2:94:be:65:c4:
                    f8:e0:ef:0c:f7:8a:25:c7:86:4d:89:ff:dd:a2:e4:
                    91:e1:75:dd:28:4e:17:f7:70:80:e5:5f:aa:10:ee:
                    6a:45:b6:c8:08:57:1c:d6:37:a7:11:eb:3f:11:7f:
                    93:a8:45:4f:b6:11:e3:0f:15:3a:6e:32:6b:28:eb:
                    b4:64:24:14:a8:75:fd:a1:a3:4f:10:5a:82:ec:b3:
                    24:fa:b1:d0:e1:31:f7:c0:14:25:e5:6f:e3:10:42:
                    2d:52:c1:21:99:a6:ab:db:f4:7c:2e:f0:8c:1d:ee:
                    69:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:08:C4:8F:D1:EE:82:0F:83:A1:89:15:A1:5C:39:C2:D3:8C:0A:46
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/gwjEj9Hugg-DoYkVoVw5wtOMCkY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.129.0/24
                  46.38.131.0-46.38.140.255
                  46.38.144.0-46.38.158.255
                  109.94.164.0/23
                  185.24.148.0/22
                  185.29.220.0/22
                  185.143.72.0/22
                  212.16.64.0/19
                  212.80.0.0/19
                IPv6:
                  2a00:7d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         29:86:2a:85:c5:17:2a:57:5e:c7:9a:27:e5:a0:4c:8f:d8:55:
         04:54:91:69:28:4f:36:3c:74:8f:07:2d:c8:07:6b:04:a6:fd:
         b1:9a:e5:8a:16:ea:23:0b:e8:b7:1f:85:f2:39:6c:7b:d7:f0:
         b3:19:43:d4:a1:b2:5a:16:35:69:1f:54:c1:12:97:b0:1f:a6:
         e2:b1:04:d9:3d:12:6f:95:84:1e:cb:0a:68:fb:35:83:da:33:
         87:4f:0a:cc:1a:54:f8:93:66:e5:6c:e2:b3:f3:f7:00:ea:7d:
         89:d7:67:5c:a2:67:fd:06:7f:eb:ae:31:f1:50:d2:82:c9:8e:
         c1:18:3e:c4:1d:82:8e:c9:be:fc:d7:49:7a:fb:55:4e:90:e9:
         93:e7:cc:9a:6a:b6:89:af:f7:67:70:e6:27:ae:86:e1:d9:6a:
         fe:d4:f6:cb:47:d3:4a:6f:46:5e:c3:a0:6d:39:6b:a0:3f:07:
         79:37:85:a1:a6:26:80:69:a7:e9:1f:ee:9e:0e:a9:cb:59:17:
         8b:a9:4a:2e:46:09:2f:51:9c:80:6e:b8:b7:73:c8:35:cf:83:
         7b:aa:4e:2c:4e:0e:c0:a3:f6:a4:47:bc:e7:a4:47:0b:74:9f:
         3a:7f:60:61:c5:97:ba:21:7d:e1:17:d9:f2:cd:cd:89:75:ce:
         f7:6e:c1:be
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAY2dKFLkQEiiOMSlrMtnM0gxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjEyMTE1MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzA4YzQ4ZmQxZWU4MjBmODNhMTg5MTVhMTVjMzljMmQzOGMwYTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnic9LTHLjM0KdbBKhG+gGx08KfT5
fa/Cn6i/kTBTMKi73LKA/fh4ZUCa4nEwZuX5nvxDHP7511lhxVeF7aWJrzyfrur4
9bmux0Pr1gTlqzDknISfEmTXHRMnNPY6XgTWrskGJ2oH5fN1D+z33n4vxnIjiRv8
CA/PlQ88M3rJ8Mozj5kLHjyKv8egqMM+NPii4pS+ZcT44O8M94olx4ZNif/douSR
4XXdKE4X93CA5V+qEO5qRbbICFcc1jenEes/EX+TqEVPthHjDxU6bjJrKOu0ZCQU
qHX9oaNPEFqC7LMk+rHQ4TH3wBQl5W/jEEItUsEhmaar2/R8LvCMHe5prwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFIMIxI/R7oIPg6GJFaFcOcLTjApGMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvZ3dqRWo5SHVnZy1Eb1lrVm9WdzV3dE9NQ2tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQALiaBMAwD
BAAuJoMDBAAuJowwDAMEBC4mkAMEAC4mngMEAW1epAMEArkYlAMEArkd3AMEArmP
SAMEBdQQQAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEA
KYYqhcUXKldex5on5aBMj9hVBFSRaShPNjx0jwctyAdrBKb9sZrlihbqIwvotx+F
8jlse9fwsxlD1KGyWhY1aR9UwRKXsB+m4rEE2T0Sb5WEHssKaPs1g9ozh08KzBpU
+JNm5Wzis/P3AOp9iddnXKJn/QZ/664x8VDSgsmOwRg+xB2Cjsm+/NdJevtVTpDp
k+fMmmq2ia/3Z3DmJ66G4dlq/tT2y0fTSm9GXsOgbTlroD8HeTeFoaYmgGmn6R/u
ng6py1kXi6lKLkYJL1GcgG64t3PINc+De6pOLE4OwKP2pEe856RHC3SfOn9gYcWX
uiF94RfZ8s3NiXXO927Bvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org