Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/w6A7WIDnnrnOBNnSzHThrA6siow.roa
File:                     w6A7WIDnnrnOBNnSzHThrA6siow.roa (raw, json)
Hash identifier:          IuDhXCb29Q3vS9qdSCcPdJGEkuNbGHz06NvzL8hysf4=
Subject key identifier:   C3:A0:3B:58:80:E7:9E:B9:CE:04:D9:D2:CC:74:E1:AC:0E:AC:8A:8C
Certificate issuer:       /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial:       018BC8E1B69BA586FDB148423A1FCB43585C
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/w6A7WIDnnrnOBNnSzHThrA6siow.roa
Signing time:             Mon 13 Nov 2023 13:31:57 +0000
ROA not before:           Mon 13 Nov 2023 13:31:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44889
IP address blocks:        212.16.64.0/19 maxlen: 24
                          212.16.71.0/24 maxlen: 24
                          212.16.78.0/23 maxlen: 23
                          212.16.72.0/24 maxlen: 25
                          212.16.80.0/24 maxlen: 24
                          212.16.85.0/24 maxlen: 24
                          212.16.86.0/23 maxlen: 23
                          212.16.89.0/24 maxlen: 24
                          212.16.92.0/23 maxlen: 23
                          212.16.94.0/24 maxlen: 24
                          212.80.0.0/24 maxlen: 24
                          212.80.0.0/19 maxlen: 24
                          212.80.2.0/24 maxlen: 24
                          212.80.6.0/23 maxlen: 23
                          212.80.18.0/23 maxlen: 23
                          212.80.20.0/23 maxlen: 23
                          212.80.29.0/24 maxlen: 24
                          46.38.141.0/24 maxlen: 24
                          46.38.144.0/21 maxlen: 21
                          46.38.144.0/23 maxlen: 23
                          46.38.140.0/24 maxlen: 24
                          46.38.150.0/24 maxlen: 24
                          46.38.156.0/23 maxlen: 23
                          46.38.158.0/24 maxlen: 24
                          46.38.129.0/24 maxlen: 24
                          46.38.128.0/24 maxlen: 24
                          46.38.130.0/24 maxlen: 24
                          46.38.131.0/24 maxlen: 24
                          46.38.132.0/22 maxlen: 22
                          109.94.164.0/23 maxlen: 23
                          2a00:7d80::/29 maxlen: 64

Validation:               Failed, certificate revoked on Wed 15 Nov 2023 06:13:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:c8:e1:b6:9b:a5:86:fd:b1:48:42:3a:1f:cb:43:58:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
        Validity
            Not Before: Nov 13 13:31:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c3a03b5880e79eb9ce04d9d2cc74e1ac0eac8a8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:27:b7:49:0c:a3:18:99:7d:9a:44:94:8d:27:
                    d8:c3:9f:b6:f8:88:43:ad:f2:2e:96:69:ef:73:55:
                    2d:4f:f7:ab:21:ee:56:3e:28:8a:f1:55:a9:ce:40:
                    9a:f3:3e:71:50:55:ad:bd:5d:e9:1c:a5:63:78:18:
                    18:2e:24:5e:18:11:dc:90:2b:b3:f6:f8:b5:ea:1d:
                    c0:e6:71:cf:dd:a3:cf:2f:18:10:fe:88:7c:26:db:
                    6b:a3:2d:63:18:48:ed:f0:81:a7:5f:3f:ef:84:d1:
                    2a:2c:b8:1b:50:d7:73:ab:65:5b:0c:b9:76:d5:9c:
                    1f:90:2e:1f:c3:f1:09:fd:0b:a8:0c:3d:86:06:7c:
                    84:9c:c9:cb:21:06:8a:34:9f:ef:fa:5e:c7:ba:54:
                    41:61:33:1b:bb:5b:ee:50:8d:e3:3f:56:64:33:66:
                    25:c4:56:55:a2:d1:62:1d:97:a0:76:4f:29:41:66:
                    60:f8:d8:84:68:34:23:e7:0d:2a:2b:c3:6c:fb:4f:
                    ff:30:d3:41:75:14:5d:43:02:75:6b:f4:b6:e1:29:
                    63:61:c1:97:13:7a:4b:61:d6:0a:ca:a7:15:5b:5a:
                    02:6c:6f:a2:e0:df:f4:e0:15:ee:fa:d0:d2:c3:c6:
                    ce:fe:87:d6:58:2c:e8:26:f9:1d:20:ff:67:ba:0f:
                    73:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:A0:3B:58:80:E7:9E:B9:CE:04:D9:D2:CC:74:E1:AC:0E:AC:8A:8C
            X509v3 Authority Key Identifier:
                keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/w6A7WIDnnrnOBNnSzHThrA6siow.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.38.128.0/21
                  46.38.140.0/23
                  46.38.144.0/21
                  46.38.156.0-46.38.158.255
                  109.94.164.0/23
                  212.16.64.0/19
                  212.80.0.0/19
                IPv6:
                  2a00:7d80::/29

    Signature Algorithm: sha256WithRSAEncryption
         be:4f:b0:f4:11:69:b5:0f:5a:cd:ad:af:b7:3b:a7:f7:e7:75:
         27:e5:b5:c2:c9:6e:69:38:ab:7f:85:f7:73:af:03:de:2c:a3:
         29:3b:d6:ff:6f:5f:6d:6f:7a:b9:bc:95:d9:9a:f5:4e:c4:7a:
         e8:c7:57:a9:cc:cb:38:e3:a4:6c:3d:0f:42:cb:75:d3:a2:93:
         d1:55:38:72:4d:bc:29:80:82:2d:03:10:4e:62:f5:1d:7f:cb:
         72:56:82:b9:7a:3e:75:c9:09:75:08:92:f3:d3:ae:f5:c1:ad:
         14:1c:91:53:b8:68:9f:b2:56:31:20:7a:7b:0a:02:d4:e6:ef:
         e3:46:d6:6e:ea:e1:4d:fc:3d:78:88:53:83:79:fd:89:01:49:
         49:77:c1:0d:b4:df:91:c5:a1:fb:87:5b:02:93:07:9a:d4:06:
         08:fa:c3:ff:db:3b:01:19:50:68:23:31:61:db:c8:53:5f:91:
         06:15:7e:db:7a:a0:fa:57:dd:b9:a2:6f:46:55:3c:cd:d8:67:
         71:54:ee:99:36:75:9d:78:7b:c7:40:5a:c3:ed:84:be:4c:0e:
         6a:3b:a5:a1:a9:7e:5f:d9:3c:e3:34:5a:a2:7f:fd:32:43:e2:
         8a:f7:67:97:3f:c9:70:b8:ca:ef:86:21:c1:06:16:89:e7:b9:
         bc:de:35:4f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYvI4babpYb9sUhCOh/LQ1hcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjMxMTEzMTMzMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2EwM2I1ODgwZTc5ZWI5Y2UwNGQ5ZDJjYzc0ZTFhYzBlYWM4YThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSe3SQyjGJl9mkSUjSfYw5+2+IhD
rfIulmnvc1UtT/erIe5WPiiK8VWpzkCa8z5xUFWtvV3pHKVjeBgYLiReGBHckCuz
9vi16h3A5nHP3aPPLxgQ/oh8Jttroy1jGEjt8IGnXz/vhNEqLLgbUNdzq2VbDLl2
1ZwfkC4fw/EJ/QuoDD2GBnyEnMnLIQaKNJ/v+l7HulRBYTMbu1vuUI3jP1ZkM2Yl
xFZVotFiHZegdk8pQWZg+NiEaDQj5w0qK8Ns+0//MNNBdRRdQwJ1a/S24SljYcGX
E3pLYdYKyqcVW1oCbG+i4N/04BXu+tDSw8bO/ofWWCzoJvkdIP9nug9zzwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMOgO1iA5565zgTZ0sx04awOrIqMMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvdzZBN1dJRG5ucm5PQk5uU3pIVGhyQTZzaW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQDLiaAAwQB
LiaMAwQDLiaQMAwDBAIuJpwDBAAuJp4DBAFtXqQDBAXUEEADBAXUUAAwDQQCAAIw
BwMFAyoAfYAwDQYJKoZIhvcNAQELBQADggEBAL5PsPQRabUPWs2tr7c7p/fndSfl
tcLJbmk4q3+F93OvA94soyk71v9vX21verm8ldma9U7EeujHV6nMyzjjpGw9D0LL
ddOik9FVOHJNvCmAgi0DEE5i9R1/y3JWgrl6PnXJCXUIkvPTrvXBrRQckVO4aJ+y
VjEgensKAtTm7+NG1m7q4U38PXiIU4N5/YkBSUl3wQ2035HFofuHWwKTB5rUBgj6
w//bOwEZUGgjMWHbyFNfkQYVftt6oPpX3bmib0ZVPM3YZ3FU7pk2dZ14e8dAWsPt
hL5MDmo7paGpfl/ZPOM0WqJ//TJD4or3Z5c/yXC4yu+GIcEGFonnubzeNU8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org