Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/zdVfWFrW8e-uaFBNzCEjKVDflXc.roa
File:                     zdVfWFrW8e-uaFBNzCEjKVDflXc.roa (raw, json)
Hash identifier:          2qeCqoiisMfcLLyH8nPNoXnTFzdh9Ub2NVdIZ8MTkjg=
Subject key identifier:   CD:D5:5F:58:5A:D6:F1:EF:AE:68:50:4D:CC:21:23:29:50:DF:95:77
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       01896553B69E3C6677D24C20D4F4969FA019
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/zdVfWFrW8e-uaFBNzCEjKVDflXc.roa
Signing time:             Mon 17 Jul 2023 19:28:52 +0000
ROA not before:           Mon 17 Jul 2023 19:28:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49505
IP address blocks:        195.245.103.0/24 maxlen: 24
                          194.32.222.0/24 maxlen: 24
                          45.140.175.0/24 maxlen: 24
                          45.144.37.0/24 maxlen: 24
                          92.249.15.0/24 maxlen: 24
                          92.249.12.0/24 maxlen: 24
                          45.154.163.0/24 maxlen: 24
                          45.154.160.0/24 maxlen: 24
                          45.154.161.0/24 maxlen: 24
                          91.191.184.0/24 maxlen: 24
                          45.94.20.0/24 maxlen: 24
                          45.150.60.0/24 maxlen: 24
                          45.150.61.0/24 maxlen: 24
                          45.146.230.0/24 maxlen: 24
                          45.146.231.0/24 maxlen: 24
                          45.146.168.0/24 maxlen: 24
                          45.146.169.0/24 maxlen: 24
                          45.146.171.0/24 maxlen: 24
                          45.147.0.0/24 maxlen: 24
                          193.150.99.0/24 maxlen: 24
                          91.221.39.0/24 maxlen: 24
                          45.85.66.0/24 maxlen: 24
                          91.230.38.0/24 maxlen: 24
                          91.230.39.0/24 maxlen: 24
                          194.55.105.0/24 maxlen: 24
                          194.55.102.0/24 maxlen: 24
                          45.153.54.0/24 maxlen: 24
                          45.153.55.0/24 maxlen: 24
                          45.153.52.0/24 maxlen: 24
                          45.153.53.0/24 maxlen: 24
                          109.196.172.0/24 maxlen: 24
                          45.149.132.0/24 maxlen: 24
                          45.152.226.0/24 maxlen: 24
                          45.152.224.0/24 maxlen: 24
                          45.149.135.0/24 maxlen: 24
                          91.220.81.0/24 maxlen: 24
                          194.156.93.0/24 maxlen: 24
                          45.155.61.0/24 maxlen: 24
                          45.141.197.0/24 maxlen: 24
                          194.61.77.0/24 maxlen: 24
                          45.148.240.0/24 maxlen: 24
                          45.148.241.0/24 maxlen: 24
                          45.148.242.0/24 maxlen: 24
                          45.145.169.0/24 maxlen: 24
                          45.145.170.0/24 maxlen: 24
                          45.145.88.0/24 maxlen: 24
                          45.145.89.0/24 maxlen: 24
                          45.145.91.0/24 maxlen: 24
                          109.94.210.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:65:53:b6:9e:3c:66:77:d2:4c:20:d4:f4:96:9f:a0:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul 17 19:28:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cdd55f585ad6f1efae68504dcc21232950df9577
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:a1:b8:80:aa:9a:cd:1f:d0:0d:66:7e:5c:4c:
                    fd:29:6c:c4:57:21:60:91:e0:58:d5:cd:be:71:93:
                    c7:89:2d:d8:92:2b:a9:33:3b:9c:01:b2:55:60:99:
                    ec:de:ff:f2:67:cf:ed:39:05:82:1f:c0:12:c7:8a:
                    70:f9:d1:b8:9b:ae:4f:89:6e:68:f7:bf:0e:2d:28:
                    1b:b5:0c:9c:2e:da:f5:6c:75:a5:eb:f6:9a:b6:ed:
                    6d:b7:4f:5f:06:3f:16:5d:41:df:ed:31:95:6a:1c:
                    70:82:e1:17:8f:00:94:51:7a:10:0b:ae:e9:09:9b:
                    e4:f1:b2:92:c5:81:24:e4:51:82:ff:7d:d4:2d:90:
                    aa:20:9d:6f:ff:28:6c:b5:5a:6d:e4:95:57:c1:84:
                    82:0d:61:33:e6:dc:fa:dd:55:64:e5:fd:e5:24:a4:
                    76:77:bc:46:97:7c:90:a3:c0:50:ce:7d:d5:76:5a:
                    a2:78:09:60:2e:f5:ad:5e:be:99:53:e2:6f:3a:bb:
                    40:92:18:34:51:47:ba:18:dc:ed:ad:12:d8:d6:68:
                    6b:a4:fd:ad:02:34:d6:71:3c:35:cd:c5:32:d8:bc:
                    a3:32:c4:f8:b0:bc:17:f6:da:70:d5:37:2b:3e:79:
                    a2:95:9a:89:8d:90:c6:99:3d:eb:4a:ef:63:7a:e4:
                    b5:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:D5:5F:58:5A:D6:F1:EF:AE:68:50:4D:CC:21:23:29:50:DF:95:77
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/zdVfWFrW8e-uaFBNzCEjKVDflXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.66.0/24
                  45.94.20.0/24
                  45.140.175.0/24
                  45.141.197.0/24
                  45.144.37.0/24
                  45.145.88.0/23
                  45.145.91.0/24
                  45.145.169.0-45.145.170.255
                  45.146.168.0/23
                  45.146.171.0/24
                  45.146.230.0/23
                  45.147.0.0/24
                  45.148.240.0-45.148.242.255
                  45.149.132.0/24
                  45.149.135.0/24
                  45.150.60.0/23
                  45.152.224.0/24
                  45.152.226.0/24
                  45.153.52.0/22
                  45.154.160.0/23
                  45.154.163.0/24
                  45.155.61.0/24
                  91.191.184.0/24
                  91.220.81.0/24
                  91.221.39.0/24
                  91.230.38.0/23
                  92.249.12.0/24
                  92.249.15.0/24
                  109.94.210.0/24
                  109.196.172.0/24
                  193.150.99.0/24
                  194.32.222.0/24
                  194.55.102.0/24
                  194.55.105.0/24
                  194.61.77.0/24
                  194.156.93.0/24
                  195.245.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:78:ac:b5:ea:ea:d2:16:19:0d:be:a8:2d:8c:0f:a8:a1:21:
         92:a7:69:c6:37:1d:88:c0:02:04:0f:54:f8:fe:22:80:90:1c:
         97:95:64:18:ff:d2:b2:b4:a9:ca:fd:7b:d5:5a:5f:f3:51:d7:
         79:13:77:67:4f:fd:47:9f:e3:33:2d:cb:c3:e7:dd:5d:0f:6b:
         14:8d:67:15:53:c6:ad:c4:dc:9f:39:d9:29:01:35:10:c1:70:
         e5:7a:d1:e2:53:19:30:3c:d5:1a:d8:ef:77:13:ad:0f:63:27:
         8c:bd:0a:3b:0a:82:d4:e1:98:e7:7c:9b:11:d9:f9:46:ba:62:
         18:db:9e:f4:66:46:3c:56:39:47:60:eb:30:a2:80:0b:db:f0:
         b7:86:5d:34:21:0a:39:c8:f3:08:dd:3c:f2:60:a5:25:53:3e:
         09:26:7d:3b:b5:90:31:10:29:f3:eb:eb:16:53:1c:17:92:dc:
         22:67:2d:46:fd:f2:76:ec:38:be:85:c3:6d:e3:c4:fa:43:69:
         85:46:0d:03:de:e5:2f:7e:c2:df:c5:3b:f9:34:01:39:7e:3a:
         b3:0a:f0:35:0d:85:51:3d:e2:8a:8b:56:05:5d:e8:93:08:4f:
         35:90:b8:40:de:00:4b:be:e7:a1:23:08:51:e1:6f:d4:24:45:
         fa:88:da:4d
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYllU7aePGZ30kwg1PSWn6AZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzE3MTkyODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGQ1NWY1ODVhZDZmMWVmYWU2ODUwNGRjYzIxMjMyOTUwZGY5NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaG4gKqazR/QDWZ+XEz9KWzEVyFg
keBY1c2+cZPHiS3YkiupMzucAbJVYJns3v/yZ8/tOQWCH8ASx4pw+dG4m65PiW5o
978OLSgbtQycLtr1bHWl6/aatu1tt09fBj8WXUHf7TGVahxwguEXjwCUUXoQC67p
CZvk8bKSxYEk5FGC/33ULZCqIJ1v/yhstVpt5JVXwYSCDWEz5tz63VVk5f3lJKR2
d7xGl3yQo8BQzn3VdlqieAlgLvWtXr6ZU+JvOrtAkhg0UUe6GNztrRLY1mhrpP2t
AjTWcTw1zcUy2LyjMsT4sLwX9tpw1TcrPnmilZqJjZDGmT3rSu9jeuS15QIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFM3VX1ha1vHvrmhQTcwhIylQ35V3MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvemRWZldGclc4ZS11YUZCTnpDRWpLVkRmbFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA
LVVCAwQALV4UAwQALYyvAwQALY3FAwQALZAlAwQBLZFYAwQALZFbMAwDBAAtkakD
BAAtkaoDBAEtkqgDBAAtkqsDBAEtkuYDBAAtkwAwDAMEBC2U8AMEAC2U8gMEAC2V
hAMEAC2VhwMEAS2WPAMEAC2Y4AMEAC2Y4gMEAi2ZNAMEAS2aoAMEAC2aowMEAC2b
PQMEAFu/uAMEAFvcUQMEAFvdJwMEAVvmJgMEAFz5DAMEAFz5DwMEAG1e0gMEAG3E
rAMEAMGWYwMEAMIg3gMEAMI3ZgMEAMI3aQMEAMI9TQMEAMKcXQMEAMP1ZzANBgkq
hkiG9w0BAQsFAAOCAQEAlnisterq0hYZDb6oLYwPqKEhkqdpxjcdiMACBA9U+P4i
gJAcl5VkGP/SsrSpyv171Vpf81HXeRN3Z0/9R5/jMy3Lw+fdXQ9rFI1nFVPGrcTc
nznZKQE1EMFw5XrR4lMZMDzVGtjvdxOtD2MnjL0KOwqC1OGY53ybEdn5RrpiGNue
9GZGPFY5R2DrMKKAC9vwt4ZdNCEKOcjzCN088mClJVM+CSZ9O7WQMRAp8+vrFlMc
F5LcImctRv3yduw4voXDbePE+kNphUYNA97lL37C38U7+TQBOX46swrwNQ2FUT3i
iotWBV3okwhPNZC4QN4AS77noSMIUeFv1CRF+ojaTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org