Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7qdhU2snPqvmB8uaJkGwOhCPtc4.roa
File:                     7qdhU2snPqvmB8uaJkGwOhCPtc4.roa (raw, json)
Hash identifier:          rh7fWMCD3jSe/8cvk32XcEzQXya9qcxuezK0FX97uAk=
Subject key identifier:   EE:A7:61:53:6B:27:3E:AB:E6:07:CB:9A:26:41:B0:3A:10:8F:B5:CE
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018964895C45D3F0B2D7A4455CDD6D998F97
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7qdhU2snPqvmB8uaJkGwOhCPtc4.roa
Signing time:             Mon 17 Jul 2023 15:47:50 +0000
ROA not before:           Mon 17 Jul 2023 15:47:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202656
IP address blocks:        45.149.83.0/24 maxlen: 24
                          195.245.110.0/24 maxlen: 24
                          45.140.171.0/24 maxlen: 24
                          45.139.28.0/24 maxlen: 24
                          45.139.31.0/24 maxlen: 24
                          194.33.9.0/24 maxlen: 24
                          194.33.8.0/24 maxlen: 24
                          92.249.13.0/24 maxlen: 24
                          92.249.14.0/24 maxlen: 24
                          194.55.104.0/24 maxlen: 24
                          194.55.103.0/24 maxlen: 24
                          91.220.126.0/24 maxlen: 24
                          213.139.194.0/24 maxlen: 24
                          45.152.225.0/24 maxlen: 24
                          45.137.191.0/24 maxlen: 24
                          45.154.162.0/24 maxlen: 24
                          91.220.84.0/24 maxlen: 24
                          91.220.90.0/24 maxlen: 24
                          45.141.186.0/24 maxlen: 24
                          45.141.187.0/24 maxlen: 24
                          91.212.82.0/24 maxlen: 24
                          194.61.76.0/24 maxlen: 24
                          193.150.171.0/24 maxlen: 24
                          193.150.170.0/24 maxlen: 24
                          45.137.55.0/24 maxlen: 24
                          45.137.53.0/24 maxlen: 24
                          45.137.52.0/24 maxlen: 24
                          45.145.162.0/24 maxlen: 24
                          45.147.1.0/24 maxlen: 24
                          193.150.98.0/24 maxlen: 24
                          91.221.38.0/24 maxlen: 24
                          85.202.166.0/24 maxlen: 24
                          85.202.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Jul 2023 19:28:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:64:89:5c:45:d3:f0:b2:d7:a4:45:5c:dd:6d:99:8f:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul 17 15:47:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eea761536b273eabe607cb9a2641b03a108fb5ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b2:22:3d:5f:45:85:a1:e8:d1:41:03:39:ec:
                    6e:dc:01:47:82:41:d3:eb:a9:db:83:59:ae:6f:b1:
                    1f:57:a8:3e:0a:e1:e6:2e:a5:b1:03:cb:68:6b:4b:
                    d0:f8:1f:9d:6b:b4:3a:01:52:f4:40:b9:77:42:df:
                    d0:e9:86:0d:4a:c2:06:78:ea:a1:e6:9f:5d:06:1f:
                    1c:e7:6e:7f:13:ac:2e:7b:7d:69:cb:b3:d8:f3:a4:
                    53:37:73:74:f3:31:0c:46:8b:ee:79:c1:c3:82:1e:
                    47:4c:26:60:00:78:32:b2:71:10:a5:3b:9c:cf:48:
                    11:0a:8d:32:aa:46:72:78:d1:f9:e5:4a:d4:96:79:
                    09:e0:34:39:0a:a0:64:c8:55:b1:98:d5:2a:e0:e7:
                    6f:31:ee:61:30:39:f1:3f:b4:f3:8c:03:10:cb:36:
                    ba:ed:91:a1:11:eb:79:f5:b6:6b:62:a8:ab:4a:0d:
                    ec:64:e7:d3:ee:20:ed:24:b2:ab:3d:cd:e5:48:e6:
                    c7:a2:60:30:7f:34:64:99:7c:4e:97:34:44:d9:e5:
                    d5:25:1d:ab:61:f3:61:e1:66:58:52:0e:d0:d4:14:
                    e6:a3:41:ab:53:ff:9e:80:c6:29:84:0b:ee:0e:65:
                    7f:d6:76:a6:71:47:d6:a9:be:08:82:3c:21:e2:dd:
                    7d:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:A7:61:53:6B:27:3E:AB:E6:07:CB:9A:26:41:B0:3A:10:8F:B5:CE
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7qdhU2snPqvmB8uaJkGwOhCPtc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.52.0/23
                  45.137.55.0/24
                  45.137.191.0/24
                  45.139.28.0/24
                  45.139.31.0/24
                  45.140.171.0/24
                  45.141.186.0/23
                  45.145.162.0/24
                  45.147.1.0/24
                  45.149.83.0/24
                  45.152.225.0/24
                  45.154.162.0/24
                  85.202.166.0/23
                  91.212.82.0/24
                  91.220.84.0/24
                  91.220.90.0/24
                  91.220.126.0/24
                  91.221.38.0/24
                  92.249.13.0-92.249.14.255
                  193.150.98.0/24
                  193.150.170.0/23
                  194.33.8.0/23
                  194.55.103.0-194.55.104.255
                  194.61.76.0/24
                  195.245.110.0/24
                  213.139.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:41:c3:e5:a6:bf:fb:c8:64:9b:fe:bf:39:2e:97:33:bc:26:
         a0:25:57:c3:41:df:a6:d8:f6:d3:f3:04:d4:d6:66:15:ff:ac:
         9e:8c:ed:d3:b9:03:a0:26:b7:c1:a3:be:3b:54:7a:dc:92:23:
         09:4a:42:91:fa:e3:6a:ad:d4:c3:42:8c:34:e2:24:92:96:a5:
         6f:52:87:bb:5d:7a:7d:0d:ea:5a:91:cf:c2:bf:89:d6:72:da:
         2c:e0:d4:c5:dd:89:a8:02:e3:e1:4d:6c:e4:c9:23:83:dc:64:
         04:df:a5:3a:24:84:b6:30:ac:d1:45:79:cf:51:a3:1e:bf:ff:
         8d:61:ed:3a:87:a9:0e:80:c0:8c:eb:e4:68:ac:45:2d:db:ce:
         e4:a3:05:9b:14:a5:3d:12:f8:76:61:83:cc:5d:d7:9b:dc:18:
         e8:17:b1:8d:a0:6a:32:34:4e:7a:0d:39:eb:f9:c7:cc:72:2e:
         8f:04:d6:cd:4f:a8:67:c6:8d:68:56:8c:73:fa:cf:28:84:f6:
         99:64:e1:56:68:49:80:5f:30:a3:ad:5e:2b:48:67:05:9d:55:
         fb:6d:0e:8d:ac:41:06:ed:01:6c:af:da:78:36:28:fa:27:78:
         4e:0b:08:e2:c2:b5:38:51:8d:ae:58:38:f2:9c:0f:8e:42:f2:
         ce:69:13:41
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYlkiVxF0/Cy16RFXN1tmY+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzE3MTU0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWE3NjE1MzZiMjczZWFiZTYwN2NiOWEyNjQxYjAzYTEwOGZiNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrIiPV9FhaHo0UEDOexu3AFHgkHT
66nbg1mub7EfV6g+CuHmLqWxA8toa0vQ+B+da7Q6AVL0QLl3Qt/Q6YYNSsIGeOqh
5p9dBh8c525/E6wue31py7PY86RTN3N08zEMRovuecHDgh5HTCZgAHgysnEQpTuc
z0gRCo0yqkZyeNH55UrUlnkJ4DQ5CqBkyFWxmNUq4OdvMe5hMDnxP7TzjAMQyza6
7ZGhEet59bZrYqirSg3sZOfT7iDtJLKrPc3lSObHomAwfzRkmXxOlzRE2eXVJR2r
YfNh4WZYUg7Q1BTmo0GrU/+egMYphAvuDmV/1namcUfWqb4Igjwh4t19OwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFO6nYVNrJz6r5gfLmiZBsDoQj7XOMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvN3FkaFUyc25QcXZtQjh1YUprR3dPaENQdGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAEt
iTQDBAAtiTcDBAAtib8DBAAtixwDBAAtix8DBAAtjKsDBAEtjboDBAAtkaIDBAAt
kwEDBAAtlVMDBAAtmOEDBAAtmqIDBAFVyqYDBABb1FIDBABb3FQDBABb3FoDBABb
3H4DBABb3SYwDAMEAFz5DQMEAFz5DgMEAMGWYgMEAcGWqgMEAcIhCDAMAwQAwjdn
AwQAwjdoAwQAwj1MAwQAw/VuAwQA1YvCMA0GCSqGSIb3DQEBCwUAA4IBAQAMQcPl
pr/7yGSb/r85LpczvCagJVfDQd+m2PbT8wTU1mYV/6yejO3TuQOgJrfBo747VHrc
kiMJSkKR+uNqrdTDQow04iSSlqVvUoe7XXp9Depakc/Cv4nWctos4NTF3YmoAuPh
TWzkySOD3GQE36U6JIS2MKzRRXnPUaMev/+NYe06h6kOgMCM6+RorEUt287kowWb
FKU9Evh2YYPMXdeb3BjoF7GNoGoyNE56DTnr+cfMci6PBNbNT6hnxo1oVoxz+s8o
hPaZZOFWaEmAXzCjrV4rSGcFnVX7bQ6NrEEG7QFsr9p4Nij6J3hOCwjiwrU4UY2u
WDjynA+OQvLOaRNB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org