Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/kYMyf94OO02h98fh98iSUSoVVos.roa
File:                     kYMyf94OO02h98fh98iSUSoVVos.roa (raw, json)
Hash identifier:          LPuY3SjK8q4Kmquek3jt1h0Cjq9tQwQjZE98FKC4ssk=
Subject key identifier:   91:83:32:7F:DE:0E:3B:4D:A1:F7:C7:E1:F7:C8:92:51:2A:15:56:8B
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018CC50078EBE13C38979735DCC7DFC782AF
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/kYMyf94OO02h98fh98iSUSoVVos.roa
Signing time:             Mon 01 Jan 2024 12:29:51 +0000
ROA not before:           Mon 01 Jan 2024 12:29:51 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     448891
IP address blocks:        212.16.78.0/24 maxlen: 24
                          212.16.79.0/24 maxlen: 24
                          212.16.80.0/24 maxlen: 24
                          212.16.85.0/24 maxlen: 24
                          212.16.94.0/24 maxlen: 24
                          185.29.220.0/24 maxlen: 24
                          185.29.221.0/24 maxlen: 24
                          185.29.222.0/24 maxlen: 24
                          185.29.223.0/24 maxlen: 24
                          212.80.0.0/24 maxlen: 24
                          212.80.6.0/24 maxlen: 24
                          212.80.7.0/24 maxlen: 24
                          212.80.23.0/24 maxlen: 24
                          212.80.21.0/24 maxlen: 24
                          212.80.22.0/24 maxlen: 24
                          212.80.20.0/24 maxlen: 24
                          185.24.148.0/24 maxlen: 24
                          185.24.149.0/24 maxlen: 24
                          185.24.151.0/24 maxlen: 24
                          185.24.150.0/24 maxlen: 24
                          46.38.135.0/24 maxlen: 24
                          46.38.136.0/24 maxlen: 24
                          46.38.133.0/24 maxlen: 24
                          46.38.134.0/24 maxlen: 24
                          46.38.138.0/24 maxlen: 24
                          46.38.139.0/24 maxlen: 24
                          46.38.137.0/24 maxlen: 24
                          46.38.128.0/24 maxlen: 24
                          46.38.132.0/24 maxlen: 24
                          46.38.130.0/24 maxlen: 24
                          109.94.164.0/24 maxlen: 24
                          109.94.165.0/24 maxlen: 24
                          185.143.74.0/24 maxlen: 24
                          185.143.72.0/24 maxlen: 24
                          185.143.73.0/24 maxlen: 24
                          185.143.75.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Jan 2024 08:16:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:78:eb:e1:3c:38:97:97:35:dc:c7:df:c7:82:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Jan  1 12:29:51 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9183327fde0e3b4da1f7c7e1f7c892512a15568b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:82:1a:2e:16:69:27:4e:99:75:62:05:bf:ec:
                    64:87:27:5e:ac:a6:ed:22:59:1d:23:af:74:12:d1:
                    37:b3:98:91:8a:e7:06:00:05:2f:10:df:20:24:28:
                    45:7e:8c:bc:5d:2d:31:fa:1e:d6:2f:7f:9b:a4:88:
                    76:3b:7d:80:61:cb:6e:1f:86:ac:b4:dc:29:8a:32:
                    50:9f:0d:a7:b0:5d:4f:70:66:fd:9b:4d:7b:f8:13:
                    7d:43:14:de:48:36:57:20:04:f5:8b:7d:df:f7:74:
                    77:5d:8c:f4:b3:76:1d:4b:40:05:cc:0e:3b:1b:51:
                    23:59:06:22:c3:c1:ee:77:1d:cc:fe:bb:a5:0f:36:
                    03:fe:3c:93:d6:f1:71:61:47:b5:70:30:aa:ff:b9:
                    eb:71:19:a3:46:8a:8f:82:e4:8f:78:68:a4:c7:05:
                    86:46:54:76:7e:eb:83:b7:aa:e5:ec:10:5a:a2:f9:
                    0d:9f:7d:57:81:80:4b:90:64:0e:da:89:63:af:42:
                    11:ac:d6:ce:ce:09:a1:15:0b:60:33:ca:cd:d4:32:
                    fa:5b:59:c7:e7:f9:77:6f:9b:6d:c2:36:44:10:7f:
                    25:95:22:63:e8:2e:da:bb:16:51:77:79:b7:6e:d1:
                    e4:4b:6a:f9:0f:23:06:0b:4e:3c:c2:f7:aa:ae:16:
                    f6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:83:32:7F:DE:0E:3B:4D:A1:F7:C7:E1:F7:C8:92:51:2A:15:56:8B
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/kYMyf94OO02h98fh98iSUSoVVos.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.128.0/24
                  46.38.130.0/24
                  46.38.132.0-46.38.139.255
                  109.94.164.0/23
                  185.24.148.0/22
                  185.29.220.0/22
                  185.143.72.0/22
                  212.16.78.0-212.16.80.255
                  212.16.85.0/24
                  212.16.94.0/24
                  212.80.0.0/24
                  212.80.6.0/23
                  212.80.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9e:d1:92:69:cd:44:3c:00:c2:c9:f0:90:9e:88:e3:a4:c0:21:
         4a:3f:02:9c:ce:37:03:b9:57:25:07:7e:ec:9e:a3:dc:a9:56:
         19:7f:73:32:c3:e5:fc:25:da:a9:c7:f0:c4:c3:cf:dc:c3:14:
         c7:d1:03:e2:d5:25:3f:63:9d:0a:6b:aa:d9:be:64:d5:eb:c5:
         e2:b4:e2:67:5d:60:cb:f9:b7:8c:33:d8:ea:ca:32:9c:f0:b5:
         79:03:53:7b:31:cb:aa:5e:65:67:4b:bb:53:e0:c4:44:ca:f4:
         a0:74:75:4c:19:3a:cd:7b:c8:eb:34:c2:ba:9c:d5:d4:01:56:
         a8:84:37:ff:ff:31:2b:b0:aa:85:5f:8b:6d:89:2d:ac:f6:86:
         cf:4f:83:44:17:d7:45:ee:d9:aa:26:ad:44:a2:a1:ff:43:95:
         27:ba:e2:8a:08:b3:2c:31:3a:09:bb:4e:8b:d4:a0:b2:a3:a0:
         61:fa:4d:a3:a3:73:ea:43:dc:f2:06:f0:d0:ba:7b:47:1f:12:
         b9:22:22:a1:21:50:c4:cc:65:61:e5:29:07:5c:65:e4:99:e6:
         ac:80:f3:23:1d:37:7b:d5:af:48:bb:4a:3e:d9:c1:0d:9a:42:
         9b:4a:43:a1:57:d1:75:1d:87:88:89:dc:79:54:b8:ff:19:07:
         6b:16:dc:10
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYzFAHjr4Tw4l5c13Mffx4KvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMTAxMTIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTgzMzI3ZmRlMGUzYjRkYTFmN2M3ZTFmN2M4OTI1MTJhMTU1NjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYIaLhZpJ06ZdWIFv+xkhyderKbt
IlkdI690EtE3s5iRiucGAAUvEN8gJChFfoy8XS0x+h7WL3+bpIh2O32AYctuH4as
tNwpijJQnw2nsF1PcGb9m017+BN9QxTeSDZXIAT1i33f93R3XYz0s3YdS0AFzA47
G1EjWQYiw8Hudx3M/rulDzYD/jyT1vFxYUe1cDCq/7nrcRmjRoqPguSPeGikxwWG
RlR2fuuDt6rl7BBaovkNn31XgYBLkGQO2oljr0IRrNbOzgmhFQtgM8rN1DL6W1nH
5/l3b5ttwjZEEH8llSJj6C7auxZRd3m3btHkS2r5DyMGC048wveqrhb2wQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFJGDMn/eDjtNoffH4ffIklEqFVaLMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEva1lNeWY5NE9PMDJoOThmaDk4aVNVU29WVm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQALiaAAwQA
LiaCMAwDBAIuJoQDBAIuJogDBAFtXqQDBAK5GJQDBAK5HdwDBAK5j0gwDAMEAdQQ
TgMEANQQUAMEANQQVQMEANQQXgMEANRQAAMEAdRQBgMEAtRQFDANBgkqhkiG9w0B
AQsFAAOCAQEAntGSac1EPADCyfCQnojjpMAhSj8CnM43A7lXJQd+7J6j3KlWGX9z
MsPl/CXaqcfwxMPP3MMUx9ED4tUlP2OdCmuq2b5k1evF4rTiZ11gy/m3jDPY6soy
nPC1eQNTezHLql5lZ0u7U+DERMr0oHR1TBk6zXvI6zTCupzV1AFWqIQ3//8xK7Cq
hV+LbYktrPaGz0+DRBfXRe7ZqiatRKKh/0OVJ7riigizLDE6CbtOi9SgsqOgYfpN
o6Nz6kPc8gbw0Lp7Rx8SuSIioSFQxMxlYeUpB1xl5JnmrIDzIx03e9WvSLtKPtnB
DZpCm0pDoVfRdR2HiInceVS4/xkHaxbcEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:07 2024 by rpki-client on console-ams.rpki-client.org