Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/SOurSoIpPL5eQHQ8JXddjEbBPv0.roa
File:                     SOurSoIpPL5eQHQ8JXddjEbBPv0.roa (raw, json)
Hash identifier:          PA/r4Gau2ddSKjCbtb05OFtxbjkmEQwBkHCPOMoQf80=
Subject key identifier:   48:EB:AB:4A:82:29:3C:BE:5E:40:74:3C:25:77:5D:8C:46:C1:3E:FD
Certificate issuer:       /CN=610f8f99fca69aa73f88a531db46d228a7e2c3d3
Certificate serial:       01856CF846C3E0D0798433D105312E53AA93
Authority key identifier: 61:0F:8F:99:FC:A6:9A:A7:3F:88:A5:31:DB:46:D2:28:A7:E2:C3:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YQ-Pmfymmqc_iKUx20bSKKfiw9M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/SOurSoIpPL5eQHQ8JXddjEbBPv0.roa
Signing time:             Sun 01 Jan 2023 10:54:48 +0000
ROA not before:           Sun 01 Jan 2023 10:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60517
IP address blocks:        185.118.244.0/22 maxlen: 22
                          185.118.245.0/24 maxlen: 24
                          185.118.244.0/24 maxlen: 24
                          185.118.246.0/24 maxlen: 24
                          185.118.247.0/24 maxlen: 24
                          185.51.128.0/22 maxlen: 22
                          185.51.130.0/24 maxlen: 24
                          185.51.129.0/24 maxlen: 24
                          185.51.131.0/24 maxlen: 24
                          185.36.95.0/24 maxlen: 24
                          185.36.92.0/22 maxlen: 22
                          185.36.93.0/24 maxlen: 24
                          185.36.92.0/24 maxlen: 24
                          185.36.94.0/24 maxlen: 24
                          185.131.182.0/24 maxlen: 24
                          185.131.181.0/24 maxlen: 24
                          185.131.183.0/24 maxlen: 24
                          185.131.180.0/24 maxlen: 24
                          185.131.180.0/22 maxlen: 22
                          185.175.212.0/22 maxlen: 22
                          185.91.172.0/22 maxlen: 22
                          185.91.172.0/24 maxlen: 24
                          178.157.98.0/24 maxlen: 24
                          178.157.97.0/24 maxlen: 24
                          185.91.175.0/24 maxlen: 24
                          185.91.174.0/24 maxlen: 24
                          178.157.96.0/24 maxlen: 24
                          178.157.96.0/22 maxlen: 22
                          185.91.173.0/24 maxlen: 24
                          178.157.99.0/24 maxlen: 24
                          185.27.123.0/24 maxlen: 24
                          185.27.122.0/24 maxlen: 24
                          185.27.121.0/24 maxlen: 24
                          185.27.120.0/22 maxlen: 22
                          185.27.120.0/24 maxlen: 24
                          2a06:96c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 09:10:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:f8:46:c3:e0:d0:79:84:33:d1:05:31:2e:53:aa:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=610f8f99fca69aa73f88a531db46d228a7e2c3d3
        Validity
            Not Before: Jan  1 10:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=48ebab4a82293cbe5e40743c25775d8c46c13efd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:72:7d:53:35:3e:e3:18:91:b8:65:31:d7:5c:
                    cf:a4:a9:14:d6:b4:4f:0d:46:57:32:b4:d1:fd:db:
                    fb:bf:bb:85:9f:f9:12:83:dd:57:93:13:b9:79:e2:
                    78:c1:0d:ae:7c:fe:24:16:71:3a:2a:6c:4b:a0:d2:
                    11:16:a0:c3:5d:1b:42:7c:c3:7f:f4:2e:6b:54:5f:
                    f4:3f:a5:94:01:32:b6:8a:0f:d8:f6:af:d6:0c:84:
                    c0:73:82:9f:4f:13:26:7c:18:f6:0d:71:0f:6b:68:
                    62:c5:4d:4b:f7:7c:84:92:21:01:bb:bd:d0:a0:be:
                    35:9f:c9:2c:64:d9:da:14:e5:90:f1:cd:5e:b2:50:
                    ac:37:32:1a:72:83:0e:42:39:23:fb:f4:f8:8c:f2:
                    5e:86:9c:c8:97:af:fb:cd:96:d7:4d:9a:8a:42:21:
                    a9:1b:c3:d2:20:9e:ce:53:69:b1:56:39:0f:94:38:
                    e8:26:17:a2:1c:bb:e9:8b:3f:25:77:7f:0e:7f:6f:
                    e0:df:2e:1f:b9:7e:b7:03:69:71:78:df:df:12:88:
                    c1:32:85:fb:52:54:ff:11:62:f3:6c:5d:b1:b5:c3:
                    95:93:08:d3:a0:d5:e0:1f:bc:b8:ed:a4:d6:05:51:
                    67:c0:a2:95:94:79:96:75:e6:cb:95:2a:53:17:b9:
                    ff:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:EB:AB:4A:82:29:3C:BE:5E:40:74:3C:25:77:5D:8C:46:C1:3E:FD
            X509v3 Authority Key Identifier:
                keyid:61:0F:8F:99:FC:A6:9A:A7:3F:88:A5:31:DB:46:D2:28:A7:E2:C3:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQ-Pmfymmqc_iKUx20bSKKfiw9M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/SOurSoIpPL5eQHQ8JXddjEbBPv0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/YQ-Pmfymmqc_iKUx20bSKKfiw9M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.157.96.0/22
                  185.27.120.0/22
                  185.36.92.0/22
                  185.51.128.0/22
                  185.91.172.0/22
                  185.118.244.0/22
                  185.131.180.0/22
                  185.175.212.0/22
                IPv6:
                  2a06:96c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         36:43:66:0c:7a:51:44:d1:83:84:bc:6f:eb:9a:ce:3b:89:c4:
         19:ad:97:11:fe:c1:77:1d:6c:e8:38:1e:f4:72:8b:bb:b0:5d:
         6a:7a:81:c2:97:ff:5f:38:6e:15:b7:f1:69:ce:39:2c:d3:0c:
         a6:77:da:bc:2f:9d:08:4f:72:03:36:c6:41:a2:63:56:81:a8:
         ca:ce:5a:e2:c9:0e:39:95:61:52:82:27:72:78:d3:8a:65:cb:
         8b:7f:73:87:60:d7:e2:b3:8e:a8:04:a9:c5:09:b7:0c:2b:8b:
         90:71:6d:97:84:8b:ac:dc:f5:97:28:3b:15:72:b1:d3:46:91:
         51:dd:e9:ef:a0:03:32:a9:de:db:92:78:d5:06:80:bc:af:b9:
         5e:b0:83:5d:61:7e:af:9b:71:e9:57:0b:cb:01:40:18:a9:37:
         a3:60:6b:91:cc:3d:a2:cd:3d:ce:c5:1a:68:04:0d:9e:f2:6f:
         dd:c9:81:08:93:6c:a3:84:4e:27:f4:fb:29:e9:34:24:12:a2:
         5f:f3:89:e7:9a:79:75:de:d1:28:00:92:d8:95:58:c2:21:55:
         07:31:df:5d:9d:4f:f4:2a:18:c7:95:f0:c5:43:aa:d1:34:1d:
         38:e2:cb:81:c6:a6:2d:64:43:36:55:78:2a:e6:21:16:26:4b:
         2f:93:cc:d9
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVs+EbD4NB5hDPRBTEuU6qTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMGY4Zjk5ZmNhNjlhYTczZjg4YTUzMWRiNDZkMjI4YTdl
MmMzZDMwHhcNMjMwMTAxMTA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGViYWI0YTgyMjkzY2JlNWU0MDc0M2MyNTc3NWQ4YzQ2YzEzZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHJ9UzU+4xiRuGUx11zPpKkU1rRP
DUZXMrTR/dv7v7uFn/kSg91XkxO5eeJ4wQ2ufP4kFnE6KmxLoNIRFqDDXRtCfMN/
9C5rVF/0P6WUATK2ig/Y9q/WDITAc4KfTxMmfBj2DXEPa2hixU1L93yEkiEBu73Q
oL41n8ksZNnaFOWQ8c1eslCsNzIacoMOQjkj+/T4jPJehpzIl6/7zZbXTZqKQiGp
G8PSIJ7OU2mxVjkPlDjoJheiHLvpiz8ld38Of2/g3y4fuX63A2lxeN/fEojBMoX7
UlT/EWLzbF2xtcOVkwjToNXgH7y47aTWBVFnwKKVlHmWdebLlSpTF7n/OQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEjrq0qCKTy+XkB0PCV3XYxGwT79MB8GA1UdIwQY
MBaAFGEPj5n8ppqnP4ilMdtG0iin4sPTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVEtUG1meW1tcWNfaUtVeDIwYlNLS2ZpdzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kOTQ2ODEtYWJlNi00ZTIzLTliOTgt
NzlhMGE1MjhlMGE0LzEvU091clNvSXBQTDVlUUhROEpYZGRqRWJCUHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9kOTQ2ODEtYWJlNi00ZTIzLTliOTgtNzlhMGE1MjhlMGE0
LzEvWVEtUG1meW1tcWNfaUtVeDIwYlNLS2ZpdzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCsp1gAwQC
uRt4AwQCuSRcAwQCuTOAAwQCuVusAwQCuXb0AwQCuYO0AwQCua/UMA0EAgACMAcD
BQMqBpbAMA0GCSqGSIb3DQEBCwUAA4IBAQA2Q2YMelFE0YOEvG/rms47icQZrZcR
/sF3HWzoOB70cou7sF1qeoHCl/9fOG4Vt/Fpzjks0wymd9q8L50IT3IDNsZBomNW
gajKzlriyQ45lWFSgidyeNOKZcuLf3OHYNfis46oBKnFCbcMK4uQcW2XhIus3PWX
KDsVcrHTRpFR3envoAMyqd7bknjVBoC8r7lesINdYX6vm3HpVwvLAUAYqTejYGuR
zD2izT3OxRpoBA2e8m/dyYEIk2yjhE4n9Psp6TQkEqJf84nnmnl13tEoAJLYlVjC
IVUHMd9dnU/0KhjHlfDFQ6rRNB044suBxqYtZEM2VXgq5iEWJksvk8zZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:52 2024 by rpki-client on console-fra.rpki-client.org