Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/o3tgxrybeK_U1oZTs5DP7Dm3Arw.roa
File:                     o3tgxrybeK_U1oZTs5DP7Dm3Arw.roa (raw, json)
Hash identifier:          KWRfcuQmWmWcyU+DYKwYr/r9TYu6eK328GUOXmcmQ6k=
Subject key identifier:   A3:7B:60:C6:BC:9B:78:AF:D4:D6:86:53:B3:90:CF:EC:39:B7:02:BC
Certificate issuer:       /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial:       018A181D402ECC1C3CD6901D14D79912400D
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/o3tgxrybeK_U1oZTs5DP7Dm3Arw.roa
Signing time:             Mon 21 Aug 2023 12:41:24 +0000
ROA not before:           Mon 21 Aug 2023 12:41:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203020
IP address blocks:        109.198.32.0/20 maxlen: 32
                          109.198.48.0/20 maxlen: 32
                          43.252.28.0/22 maxlen: 32
                          89.184.192.0/19 maxlen: 32
                          203.78.168.0/21 maxlen: 32
                          103.211.184.0/23 maxlen: 32
                          37.61.226.0/24 maxlen: 32
                          92.255.86.0/23 maxlen: 32
                          103.225.128.0/22 maxlen: 32
                          185.10.7.0/24 maxlen: 32
                          37.200.104.0/21 maxlen: 32
                          37.61.227.0/24 maxlen: 32
                          193.151.52.0/22 maxlen: 32
                          213.188.80.0/20 maxlen: 32
                          103.30.12.0/22 maxlen: 32
                          85.208.148.0/22 maxlen: 32
                          206.204.0.0/18 maxlen: 32
                          194.32.88.0/22 maxlen: 32
                          89.104.110.0/23 maxlen: 32
                          78.156.160.0/20 maxlen: 32
                          78.156.176.0/20 maxlen: 32
                          216.194.80.0/20 maxlen: 32
                          94.46.32.0/21 maxlen: 32
                          89.223.14.0/23 maxlen: 32
                          89.223.18.0/23 maxlen: 32
                          46.182.168.0/22 maxlen: 32
                          45.130.120.0/22 maxlen: 32
                          92.255.32.0/21 maxlen: 32
                          45.12.56.0/22 maxlen: 32
                          116.212.188.0/22 maxlen: 32
                          180.94.216.0/22 maxlen: 32
                          94.46.2.0/23 maxlen: 32
                          94.46.0.0/21 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:18:1d:40:2e:cc:1c:3c:d6:90:1d:14:d7:99:12:40:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
        Validity
            Not Before: Aug 21 12:41:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a37b60c6bc9b78afd4d68653b390cfec39b702bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:44:4b:c9:82:30:90:a2:ae:c1:fb:85:4f:53:
                    0a:7b:8a:2f:7e:55:95:27:7a:fd:c5:58:95:b3:f9:
                    4d:62:6d:1a:0f:07:f8:8a:83:58:50:08:28:1c:a5:
                    de:85:2b:db:6c:e7:fd:39:65:21:a5:39:0f:51:72:
                    0f:3a:c4:40:49:a6:69:6d:47:3f:b2:15:ef:22:ab:
                    28:73:0e:b1:6e:6a:c6:4f:cd:7c:d7:44:e2:41:e2:
                    3d:e8:a3:ab:aa:1f:0d:76:0e:a4:10:e5:39:2f:d1:
                    69:09:57:a6:ca:e5:30:04:33:a6:da:88:e7:fc:3b:
                    4d:cd:06:09:b5:cf:34:e6:e6:1c:ec:e3:9c:32:d8:
                    cc:35:53:16:b0:f8:56:cf:44:a9:98:1d:17:e2:23:
                    2a:88:a6:92:5a:40:f0:11:07:93:c3:73:17:af:08:
                    7d:c2:b0:f4:03:e8:be:8a:dc:87:32:b7:f2:f7:56:
                    33:0e:59:30:c5:ac:27:60:3c:02:5a:4e:1d:5a:32:
                    cd:f9:01:cd:8c:08:98:db:20:16:9c:90:8c:e4:df:
                    66:3b:70:6e:e1:3f:af:3a:b9:00:b6:36:9b:c2:11:
                    d1:b8:d6:26:45:7b:cd:2b:8e:cb:f4:8b:2a:13:40:
                    32:ce:4e:4e:26:71:ac:fc:c7:13:cf:e0:22:25:dd:
                    12:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:7B:60:C6:BC:9B:78:AF:D4:D6:86:53:B3:90:CF:EC:39:B7:02:BC
            X509v3 Authority Key Identifier:
                keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/o3tgxrybeK_U1oZTs5DP7Dm3Arw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.61.226.0/23
                  37.200.104.0/21
                  43.252.28.0/22
                  45.12.56.0/22
                  45.130.120.0/22
                  46.182.168.0/22
                  78.156.160.0/19
                  85.208.148.0/22
                  89.104.110.0/23
                  89.184.192.0/19
                  89.223.14.0/23
                  89.223.18.0/23
                  92.255.32.0/21
                  92.255.86.0/23
                  94.46.0.0/21
                  94.46.32.0/21
                  103.30.12.0/22
                  103.211.184.0/23
                  103.225.128.0/22
                  109.198.32.0/19
                  116.212.188.0/22
                  180.94.216.0/22
                  185.10.7.0/24
                  193.151.52.0/22
                  194.32.88.0/22
                  203.78.168.0/21
                  206.204.0.0/18
                  213.188.80.0/20
                  216.194.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         8c:c2:e6:0a:28:bd:3a:f5:ea:bf:f4:15:25:69:48:30:03:c0:
         c8:fd:3b:6c:7c:66:f9:92:cd:43:9c:91:fa:65:e9:63:aa:be:
         d7:33:74:6b:44:36:98:30:2f:6f:57:22:44:de:ed:98:ee:d4:
         23:5d:90:ee:d3:5d:60:a9:a4:38:21:be:bf:7b:5c:2c:b5:ea:
         b6:57:a7:2b:46:ce:43:52:bc:12:3d:a3:70:46:d2:27:30:fe:
         f6:72:40:68:d3:8c:68:09:f3:c1:70:e3:f5:aa:3a:66:59:61:
         32:4f:70:2f:2c:50:73:98:86:95:7f:78:c4:53:17:a5:54:0b:
         78:1e:42:27:ff:77:5c:2d:dd:67:00:29:19:7b:e6:40:00:a3:
         8b:48:c9:54:2a:46:3d:b0:f3:05:9e:a4:26:44:84:dd:4e:90:
         bd:d4:9d:d4:77:09:72:b4:03:1d:9d:f4:df:b9:fd:fa:55:4a:
         49:84:d6:12:9d:11:80:4a:86:1c:25:4a:9e:e3:72:ef:14:73:
         52:4e:2f:bb:66:17:84:a6:c9:22:28:99:59:96:0b:e1:b8:84:
         43:14:13:99:d3:3d:f4:40:b3:9e:1d:59:ed:02:23:39:eb:dd:
         ed:df:3b:d8:4f:7f:c0:a7:5b:bc:5a:34:8d:09:e2:67:f8:7e:
         2c:4d:8c:c4
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYoYHUAuzBw81pAdFNeZEkANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjMwODIxMTI0MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzdiNjBjNmJjOWI3OGFmZDRkNjg2NTNiMzkwY2ZlYzM5YjcwMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkRLyYIwkKKuwfuFT1MKe4ovflWV
J3r9xViVs/lNYm0aDwf4ioNYUAgoHKXehSvbbOf9OWUhpTkPUXIPOsRASaZpbUc/
shXvIqsocw6xbmrGT81810TiQeI96KOrqh8Ndg6kEOU5L9FpCVemyuUwBDOm2ojn
/DtNzQYJtc805uYc7OOcMtjMNVMWsPhWz0SpmB0X4iMqiKaSWkDwEQeTw3MXrwh9
wrD0A+i+ityHMrfy91YzDlkwxawnYDwCWk4dWjLN+QHNjAiY2yAWnJCM5N9mO3Bu
4T+vOrkAtjabwhHRuNYmRXvNK47L9IsqE0Ayzk5OJnGs/McTz+AiJd0ScQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFKN7YMa8m3iv1NaGU7OQz+w5twK8MB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvbzN0Z3hyeWJlS19VMW9aVHM1RFA3RG0zQXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAEl
PeIDBAMlyGgDBAIr/BwDBAItDDgDBAItgngDBAIutqgDBAVOnKADBAJV0JQDBAFZ
aG4DBAVZuMADBAFZ3w4DBAFZ3xIDBANc/yADBAFc/1YDBANeLgADBANeLiADBAJn
HgwDBAFn07gDBAJn4YADBAVtxiADBAJ01LwDBAK0XtgDBAC5CgcDBALBlzQDBALC
IFgDBAPLTqgDBAbOzAADBATVvFADBATYwlAwDQYJKoZIhvcNAQELBQADggEBAIzC
5goovTr16r/0FSVpSDADwMj9O2x8ZvmSzUOckfpl6WOqvtczdGtENpgwL29XIkTe
7Zju1CNdkO7TXWCppDghvr97XCy16rZXpytGzkNSvBI9o3BG0icw/vZyQGjTjGgJ
88Fw4/WqOmZZYTJPcC8sUHOYhpV/eMRTF6VUC3geQif/d1wt3WcAKRl75kAAo4tI
yVQqRj2w8wWepCZEhN1OkL3UndR3CXK0Ax2d9N+5/fpVSkmE1hKdEYBKhhwlSp7j
cu8Uc1JOL7tmF4SmySIomVmWC+G4hEMUE5nTPfRAs54dWe0CIznr3e3fO9hPf8Cn
W7xaNI0J4mf4fixNjMQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:24 2024 by rpki-client on console-fra.rpki-client.org