Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/w3bAEimE4LlvFkQdxmn2FNAzb3A.roa
File:                     w3bAEimE4LlvFkQdxmn2FNAzb3A.roa (raw, json)
Hash identifier:          DDqUYtZPLwWwcWsoNeXOAp7/T9Gvwvacy5jnK/ZrEvM=
Subject key identifier:   C3:76:C0:12:29:84:E0:B9:6F:16:44:1D:C6:69:F6:14:D0:33:6F:70
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018C9118697227A133076BA5DF0C80D06F81
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/w3bAEimE4LlvFkQdxmn2FNAzb3A.roa
Signing time:             Fri 22 Dec 2023 10:35:45 +0000
ROA not before:           Fri 22 Dec 2023 10:35:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        212.16.78.0/24 maxlen: 24
                          212.16.79.0/24 maxlen: 24
                          212.16.85.0/24 maxlen: 24
                          212.16.80.0/24 maxlen: 24
                          212.16.94.0/24 maxlen: 24
                          185.29.222.0/24 maxlen: 24
                          185.29.223.0/24 maxlen: 24
                          185.29.220.0/24 maxlen: 24
                          185.29.221.0/24 maxlen: 24
                          212.80.0.0/24 maxlen: 24
                          212.80.7.0/24 maxlen: 24
                          212.80.6.0/24 maxlen: 24
                          212.80.23.0/24 maxlen: 24
                          212.80.21.0/24 maxlen: 24
                          212.80.22.0/24 maxlen: 24
                          212.80.20.0/24 maxlen: 24
                          185.24.151.0/24 maxlen: 24
                          185.24.149.0/24 maxlen: 24
                          185.24.150.0/24 maxlen: 24
                          185.24.148.0/24 maxlen: 24
                          46.38.138.0/24 maxlen: 24
                          46.38.139.0/24 maxlen: 24
                          46.38.136.0/24 maxlen: 24
                          46.38.137.0/24 maxlen: 24
                          46.38.135.0/24 maxlen: 24
                          46.38.133.0/24 maxlen: 24
                          46.38.134.0/24 maxlen: 24
                          46.38.132.0/24 maxlen: 24
                          46.38.130.0/24 maxlen: 24
                          46.38.128.0/24 maxlen: 24
                          109.94.164.0/24 maxlen: 24
                          109.94.165.0/24 maxlen: 24
                          185.143.75.0/24 maxlen: 24
                          185.143.73.0/24 maxlen: 24
                          185.143.74.0/24 maxlen: 24
                          185.143.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 31 Dec 2023 11:21:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:91:18:69:72:27:a1:33:07:6b:a5:df:0c:80:d0:6f:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Dec 22 10:35:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c376c0122984e0b96f16441dc669f614d0336f70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:45:a3:b9:e0:20:98:a3:ae:3a:67:8a:e6:d2:
                    6a:c5:06:06:47:00:08:93:eb:03:6a:c7:a3:9c:08:
                    cc:2b:64:24:ed:65:d5:49:fb:75:c8:77:39:63:3e:
                    1b:61:fd:b2:09:c8:91:3c:6f:b9:74:5f:12:22:b2:
                    dd:af:23:2a:df:90:a4:33:e9:7b:12:56:fc:9d:0a:
                    40:d2:0f:75:6a:bd:a6:22:fd:2b:79:14:11:67:d5:
                    78:36:d3:d3:ec:bc:a6:0c:c7:47:7a:91:40:42:26:
                    11:5b:cc:56:2e:df:d5:dd:f2:42:41:ac:70:8c:ff:
                    c9:29:30:0a:97:a4:19:58:62:86:09:b1:63:a0:ad:
                    04:a3:13:26:83:02:a9:fe:56:b5:1a:59:fc:14:10:
                    e1:a1:8d:5b:bd:98:20:9a:27:0c:5a:a2:16:cf:2e:
                    7b:ee:a1:37:21:a6:3a:a5:81:b8:1e:f7:e4:74:71:
                    8a:c2:af:4f:be:6c:a7:7f:c9:af:f9:e8:24:5f:e9:
                    bf:79:e8:47:c9:3c:db:f8:b0:8d:59:bc:cc:1f:a1:
                    36:28:78:dc:99:e5:ab:2c:b6:b3:9f:81:98:f1:c8:
                    ef:9c:05:94:48:89:ef:3a:15:a3:6b:7e:d1:c9:59:
                    50:7b:b6:02:52:bb:e3:04:8e:bf:30:ee:da:f6:1d:
                    79:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:76:C0:12:29:84:E0:B9:6F:16:44:1D:C6:69:F6:14:D0:33:6F:70
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/w3bAEimE4LlvFkQdxmn2FNAzb3A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.128.0/24
                  46.38.130.0/24
                  46.38.132.0-46.38.139.255
                  109.94.164.0/23
                  185.24.148.0/22
                  185.29.220.0/22
                  185.143.72.0/22
                  212.16.78.0-212.16.80.255
                  212.16.85.0/24
                  212.16.94.0/24
                  212.80.0.0/24
                  212.80.6.0/23
                  212.80.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:dc:bb:db:57:f5:e5:4a:c3:a6:e9:ed:70:35:b4:19:a0:7a:
         ba:bc:95:0e:49:30:a1:af:61:e6:bb:c3:f4:30:a8:c3:0c:2d:
         c2:63:11:76:ed:aa:0f:09:1a:e4:da:09:03:3d:b4:75:48:85:
         40:25:a4:41:38:e1:d8:94:3d:6b:fc:a2:0f:47:9a:46:01:68:
         9f:78:46:c9:91:92:31:a4:ae:c9:f5:4e:99:b2:21:2d:64:c2:
         11:1f:56:87:bc:ad:f6:3d:df:c1:e4:5c:14:9e:17:fa:41:7a:
         97:34:fd:32:43:ce:a7:bc:7d:fe:7c:34:17:97:10:4e:b8:6e:
         af:f3:79:a1:9f:df:b1:ea:3d:48:de:3d:ed:14:ee:9a:a2:c2:
         1e:3a:e3:02:0b:67:c6:78:ca:aa:b6:c4:cf:07:0d:55:a3:39:
         99:44:f0:9b:ba:a6:b4:88:f1:68:7d:cc:55:5e:f1:b7:40:29:
         79:82:7b:ad:10:d9:fb:24:3b:0c:06:17:6d:44:39:e3:3f:aa:
         e5:2b:9a:6c:56:87:6c:f3:a5:75:1b:86:e9:c4:e6:52:97:29:
         58:ba:ae:40:18:ea:92:e6:18:78:d4:fb:15:69:1a:c5:06:fc:
         2f:a2:d2:6c:ee:2a:21:bd:dc:ac:c2:75:25:bc:c9:43:a3:c5:
         3f:54:21:8e
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYyRGGlyJ6EzB2ul3wyA0G+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjMxMjIyMTAzNTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzc2YzAxMjI5ODRlMGI5NmYxNjQ0MWRjNjY5ZjYxNGQwMzM2ZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkWjueAgmKOuOmeK5tJqxQYGRwAI
k+sDasejnAjMK2Qk7WXVSft1yHc5Yz4bYf2yCciRPG+5dF8SIrLdryMq35CkM+l7
Elb8nQpA0g91ar2mIv0reRQRZ9V4NtPT7LymDMdHepFAQiYRW8xWLt/V3fJCQaxw
jP/JKTAKl6QZWGKGCbFjoK0EoxMmgwKp/la1Gln8FBDhoY1bvZggmicMWqIWzy57
7qE3IaY6pYG4HvfkdHGKwq9Pvmynf8mv+egkX+m/eehHyTzb+LCNWbzMH6E2KHjc
meWrLLazn4GY8cjvnAWUSInvOhWja37RyVlQe7YCUrvjBI6/MO7a9h15XQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFMN2wBIphOC5bxZEHcZp9hTQM29wMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvdzNiQUVpbUU0TGx2RmtRZHhtbjJGTkF6YjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQALiaAAwQA
LiaCMAwDBAIuJoQDBAIuJogDBAFtXqQDBAK5GJQDBAK5HdwDBAK5j0gwDAMEAdQQ
TgMEANQQUAMEANQQVQMEANQQXgMEANRQAAMEAdRQBgMEAtRQFDANBgkqhkiG9w0B
AQsFAAOCAQEAONy721f15UrDpuntcDW0GaB6uryVDkkwoa9h5rvD9DCowwwtwmMR
du2qDwka5NoJAz20dUiFQCWkQTjh2JQ9a/yiD0eaRgFon3hGyZGSMaSuyfVOmbIh
LWTCER9Wh7yt9j3fweRcFJ4X+kF6lzT9MkPOp7x9/nw0F5cQTrhur/N5oZ/fseo9
SN497RTumqLCHjrjAgtnxnjKqrbEzwcNVaM5mUTwm7qmtIjxaH3MVV7xt0ApeYJ7
rRDZ+yQ7DAYXbUQ54z+q5SuabFaHbPOldRuG6cTmUpcpWLquQBjqkuYYeNT7FWka
xQb8L6LSbO4qIb3crMJ1JbzJQ6PFP1Qhjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org