Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/hHYXwRexZ9vtTcxX3GathqXQT5U.roa
File:                     hHYXwRexZ9vtTcxX3GathqXQT5U.roa (raw, json)
Hash identifier:          7ZGROVxL44jBcvHmOPX1SViTz76tSqun+WKRtj6vFS0=
Subject key identifier:   84:76:17:C1:17:B1:67:DB:ED:4D:CC:57:DC:66:AD:86:A5:D0:4F:95
Certificate issuer:       /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial:       01856C9CB863E343FD8EE0EB2E73B07CB217
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/hHYXwRexZ9vtTcxX3GathqXQT5U.roa
Signing time:             Sun 01 Jan 2023 09:14:48 +0000
ROA not before:           Sun 01 Jan 2023 09:14:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15685
IP address blocks:        82.208.56.0/24 maxlen: 24
                          82.208.58.0/24 maxlen: 24
                          82.208.60.0/22 maxlen: 24
                          109.123.202.0/23 maxlen: 24
                          109.123.205.0/24 maxlen: 24
                          82.208.4.0/22 maxlen: 22
                          109.123.206.0/23 maxlen: 24
                          82.208.8.0/22 maxlen: 22
                          109.123.208.0/22 maxlen: 24
                          82.208.14.0/24 maxlen: 24
                          109.123.216.0/21 maxlen: 24
                          82.208.16.0/23 maxlen: 23
                          82.208.17.0/24 maxlen: 24
                          82.208.12.0/24 maxlen: 24
                          82.208.16.0/24 maxlen: 24
                          109.123.214.0/23 maxlen: 24
                          82.208.18.0/24 maxlen: 24
                          82.208.28.0/23 maxlen: 23
                          82.208.26.0/23 maxlen: 23
                          82.208.32.0/22 maxlen: 22
                          82.208.44.0/24 maxlen: 24
                          82.208.39.0/24 maxlen: 24
                          82.208.40.0/23 maxlen: 23
                          82.208.50.0/24 maxlen: 24
                          82.208.46.0/23 maxlen: 23
                          82.208.48.0/23 maxlen: 23
                          217.11.254.0/24 maxlen: 24
                          217.11.224.0/23 maxlen: 23
                          217.11.230.0/24 maxlen: 24
                          217.11.232.0/23 maxlen: 23
                          217.11.227.0/24 maxlen: 24
                          217.11.228.0/23 maxlen: 23
                          217.11.236.0/24 maxlen: 24
                          217.11.235.0/24 maxlen: 24
                          217.11.246.0/23 maxlen: 23
                          217.11.242.0/23 maxlen: 23
                          217.11.251.0/24 maxlen: 24
                          217.11.248.0/23 maxlen: 23
                          109.123.192.0/21 maxlen: 24
                          81.0.217.0/24 maxlen: 24
                          81.0.214.0/24 maxlen: 24
                          81.0.226.0/24 maxlen: 24
                          81.0.225.0/24 maxlen: 24
                          81.0.230.0/23 maxlen: 23
                          77.78.96.0/20 maxlen: 20
                          81.0.232.0/21 maxlen: 21
                          77.78.94.0/23 maxlen: 23
                          81.0.228.0/24 maxlen: 24
                          81.0.240.0/22 maxlen: 22
                          77.78.112.0/21 maxlen: 21
                          81.0.250.0/24 maxlen: 24
                          77.78.123.0/24 maxlen: 24
                          77.78.124.0/22 maxlen: 22
                          81.0.254.0/23 maxlen: 23
                          85.239.227.0/24 maxlen: 24
                          81.0.192.0/22 maxlen: 22
                          81.0.199.0/24 maxlen: 24
                          81.0.206.0/23 maxlen: 23
                          77.78.76.0/22 maxlen: 22
                          85.239.252.0/23 maxlen: 23
                          81.0.208.0/23 maxlen: 23
                          81.0.212.0/23 maxlen: 23
                          2001:1528::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 01 Dec 2023 12:50:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:9c:b8:63:e3:43:fd:8e:e0:eb:2e:73:b0:7c:b2:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
        Validity
            Not Before: Jan  1 09:14:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=847617c117b167dbed4dcc57dc66ad86a5d04f95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:ce:20:63:52:69:5d:15:87:41:be:a5:82:be:
                    b6:29:01:ec:e0:69:b2:7a:49:bf:14:5e:ca:5d:a5:
                    04:16:6d:98:3f:77:aa:6f:be:96:13:8b:23:41:8a:
                    15:e0:62:a6:3e:02:04:ad:49:e0:bd:94:5c:49:92:
                    0c:b2:80:c2:fd:87:af:a5:81:b0:63:43:07:84:60:
                    b1:dc:38:87:f2:52:0e:74:c2:cd:0d:a8:2c:c2:6d:
                    e9:60:b6:6a:ce:a7:9f:6c:f1:e8:aa:2c:d5:c2:68:
                    ed:f8:2f:0c:e6:3c:40:42:00:41:e3:58:42:b7:2a:
                    0c:03:f4:29:ce:d4:40:8e:d5:fc:1f:70:c0:e8:3c:
                    d8:8e:01:fb:f8:14:b3:99:32:f5:6c:64:39:d6:6f:
                    59:4e:a4:62:55:1d:d7:0c:3b:40:f1:df:65:82:ff:
                    7d:87:08:b4:e0:08:ab:2b:94:fe:b1:31:fb:61:e2:
                    10:df:b1:6c:65:37:5b:65:72:d5:eb:55:9c:27:e9:
                    b3:cb:18:21:8b:53:73:11:7d:ad:6b:b9:59:b4:75:
                    51:21:77:5d:86:79:ed:14:c0:4f:6e:7a:c4:99:10:
                    2a:7c:d7:4b:00:37:3e:8c:84:0c:0e:9d:05:f4:56:
                    b4:16:34:70:48:94:19:41:50:d8:55:3b:f6:e6:af:
                    74:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:76:17:C1:17:B1:67:DB:ED:4D:CC:57:DC:66:AD:86:A5:D0:4F:95
            X509v3 Authority Key Identifier:
                keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/hHYXwRexZ9vtTcxX3GathqXQT5U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.78.76.0/22
                  77.78.94.0-77.78.119.255
                  77.78.123.0-77.78.127.255
                  81.0.192.0/22
                  81.0.199.0/24
                  81.0.206.0-81.0.209.255
                  81.0.212.0-81.0.214.255
                  81.0.217.0/24
                  81.0.225.0-81.0.226.255
                  81.0.228.0/24
                  81.0.230.0-81.0.243.255
                  81.0.250.0/24
                  81.0.254.0/23
                  82.208.4.0-82.208.12.255
                  82.208.14.0/24
                  82.208.16.0-82.208.18.255
                  82.208.26.0-82.208.29.255
                  82.208.32.0/22
                  82.208.39.0-82.208.41.255
                  82.208.44.0/24
                  82.208.46.0-82.208.50.255
                  82.208.56.0/24
                  82.208.58.0/24
                  82.208.60.0/22
                  85.239.227.0/24
                  85.239.252.0/23
                  109.123.192.0/21
                  109.123.202.0/23
                  109.123.205.0-109.123.211.255
                  109.123.214.0-109.123.223.255
                  217.11.224.0/23
                  217.11.227.0-217.11.230.255
                  217.11.232.0/23
                  217.11.235.0-217.11.236.255
                  217.11.242.0/23
                  217.11.246.0-217.11.249.255
                  217.11.251.0/24
                  217.11.254.0/24
                IPv6:
                  2001:1528::/32

    Signature Algorithm: sha256WithRSAEncryption
         89:0f:2f:5f:7c:a7:23:0a:3d:e3:42:45:83:61:8e:4e:5f:97:
         20:56:0b:99:87:7a:f7:c6:ad:d8:c5:fc:39:38:f2:e4:a5:64:
         19:eb:df:bc:98:4f:b1:d8:de:34:91:b3:43:09:b2:b0:08:ca:
         71:7f:0e:4b:f3:49:bc:72:38:6d:7b:49:89:72:1f:04:9d:85:
         16:bf:f5:5b:88:14:20:b0:b7:f4:ac:c3:50:80:e6:21:4e:80:
         4e:de:2c:98:96:d9:67:d5:69:67:57:36:5b:af:c1:34:5e:87:
         e9:a6:0a:77:31:5b:7e:14:ec:6e:7c:f4:27:45:7b:e4:2b:2f:
         f8:82:a3:ea:42:b1:5d:2d:06:26:dd:f8:1d:14:a1:a0:09:4f:
         01:31:cc:a1:29:f0:07:c9:c6:d7:8f:1b:fd:a8:6e:d9:55:0b:
         99:95:59:9e:00:83:aa:63:77:ef:cd:b7:a2:0f:79:b5:d4:6a:
         4d:93:82:90:a8:01:39:be:3d:af:9b:53:66:f4:1b:11:91:78:
         0e:d4:78:05:b8:58:b8:d6:4f:4a:7f:62:dc:a1:aa:86:88:e1:
         7a:9d:27:d6:a6:83:6f:6a:bb:13:dd:09:5d:0d:aa:97:60:0e:
         0d:bc:cb:15:9b:23:81:75:f5:e9:8f:e2:49:e3:ca:bb:40:c0:
         16:1d:51:21
-----BEGIN CERTIFICATE-----
MIIGdDCCBVygAwIBAgISAYVsnLhj40P9juDrLnOwfLIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDg0N2Y4NjY3ZDUyZmEyY2Y5Y2Y5YWZjYzQzYTA3OTE1
NTc1Y2EwHhcNMjMwMTAxMDkxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDc2MTdjMTE3YjE2N2RiZWQ0ZGNjNTdkYzY2YWQ4NmE1ZDA0Zjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlc4gY1JpXRWHQb6lgr62KQHs4Gmy
ekm/FF7KXaUEFm2YP3eqb76WE4sjQYoV4GKmPgIErUngvZRcSZIMsoDC/YevpYGw
Y0MHhGCx3DiH8lIOdMLNDagswm3pYLZqzqefbPHoqizVwmjt+C8M5jxAQgBB41hC
tyoMA/QpztRAjtX8H3DA6DzYjgH7+BSzmTL1bGQ51m9ZTqRiVR3XDDtA8d9lgv99
hwi04AirK5T+sTH7YeIQ37FsZTdbZXLV61WcJ+mzyxghi1NzEX2ta7lZtHVRIXdd
hnntFMBPbnrEmRAqfNdLADc+jIQMDp0F9Fa0FjRwSJQZQVDYVTv25q90yQIDAQAB
o4IDgDCCA3wwHQYDVR0OBBYEFIR2F8EXsWfb7U3MV9xmrYal0E+VMB8GA1UdIwQY
MBaAFBdIR/hmfVL6LPnPmvzEOgeRVXXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2Ut
MTQ1NGZmZTYxODJjLzEvaEhZWHdSZXhaOXZ0VGN4WDNHYXRocVhRVDVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2UtMTQ1NGZmZTYxODJj
LzEvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlAYIKwYBBQUHAQcBAf8EggGDMIIBfzCCAWwEAgABMIIB
ZAMEAk1OTDAMAwQBTU5eAwQDTU5wMAwDBABNTnsDBAdNTgADBAJRAMADBABRAMcw
DAMEAVEAzgMEAVEA0DAMAwQCUQDUAwQAUQDWAwQAUQDZMAwDBABRAOEDBABRAOID
BABRAOQwDAMEAVEA5gMEAlEA8AMEAFEA+gMEAVEA/jAMAwQCUtAEAwQAUtAMAwQA
UtAOMAwDBARS0BADBABS0BIwDAMEAVLQGgMEAVLQHAMEAlLQIDAMAwQAUtAnAwQB
UtAoAwQAUtAsMAwDBAFS0C4DBABS0DIDBABS0DgDBABS0DoDBAJS0DwDBABV7+MD
BAFV7/wDBANte8ADBAFte8owDAMEAG17zQMEAm170DAMAwQBbXvWAwQFbXvAAwQB
2QvgMAwDBADZC+MDBADZC+YDBAHZC+gwDAMEANkL6wMEANkL7AMEAdkL8jAMAwQB
2Qv2AwQB2Qv4AwQA2Qv7AwQA2Qv+MA0EAgACMAcDBQAgARUoMA0GCSqGSIb3DQEB
CwUAA4IBAQCJDy9ffKcjCj3jQkWDYY5OX5cgVguZh3r3xq3Yxfw5OPLkpWQZ69+8
mE+x2N40kbNDCbKwCMpxfw5L80m8cjhte0mJch8EnYUWv/VbiBQgsLf0rMNQgOYh
ToBO3iyYltln1WlnVzZbr8E0Xofppgp3MVt+FOxufPQnRXvkKy/4gqPqQrFdLQYm
3fgdFKGgCU8BMcyhKfAHycbXjxv9qG7ZVQuZlVmeAIOqY3fvzbeiD3m11GpNk4KQ
qAE5vj2vm1Nm9BsRkXgO1HgFuFi41k9Kf2LcoaqGiOF6nSfWpoNvarsT3QldDaqX
YA4NvMsVmyOBdfXpj+JJ48q7QMAWHVEh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:38 2024 by rpki-client on console-ams.rpki-client.org