Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/tBjbpWfwDpMIE_3LXJ71Mjfrfes.roa
File:                     tBjbpWfwDpMIE_3LXJ71Mjfrfes.roa (raw, json)
Hash identifier:          WhEALbCyQLhC7+t3kwjkFjjUMjPP4gbhPYgrZCT6NpQ=
Subject key identifier:   B4:18:DB:A5:67:F0:0E:93:08:13:FD:CB:5C:9E:F5:32:37:EB:7D:EB
Certificate issuer:       /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial:       0188E45578FAD9CF4AED7B2E06851DAD1B1C
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/tBjbpWfwDpMIE_3LXJ71Mjfrfes.roa
Signing time:             Thu 22 Jun 2023 18:19:46 +0000
ROA not before:           Thu 22 Jun 2023 18:19:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203020
IP address blocks:        109.198.32.0/20 maxlen: 32
                          109.198.48.0/20 maxlen: 32
                          94.176.80.0/20 maxlen: 32
                          43.252.28.0/22 maxlen: 32
                          89.184.192.0/19 maxlen: 32
                          203.78.168.0/21 maxlen: 32
                          103.211.184.0/23 maxlen: 32
                          37.61.226.0/24 maxlen: 32
                          92.255.86.0/23 maxlen: 32
                          103.225.128.0/22 maxlen: 32
                          185.10.7.0/24 maxlen: 32
                          37.200.104.0/21 maxlen: 32
                          37.61.227.0/24 maxlen: 32
                          193.151.52.0/22 maxlen: 32
                          213.188.80.0/20 maxlen: 32
                          103.30.12.0/22 maxlen: 32
                          85.208.148.0/22 maxlen: 32
                          206.204.0.0/18 maxlen: 32
                          194.32.88.0/22 maxlen: 32
                          139.5.104.0/22 maxlen: 32
                          45.114.240.0/22 maxlen: 32
                          89.104.110.0/23 maxlen: 32
                          78.156.160.0/20 maxlen: 32
                          78.156.176.0/20 maxlen: 32
                          216.194.80.0/20 maxlen: 32
                          94.46.32.0/21 maxlen: 32
                          89.223.14.0/23 maxlen: 32
                          89.223.18.0/23 maxlen: 32
                          46.182.168.0/22 maxlen: 32
                          45.130.120.0/22 maxlen: 32
                          92.255.32.0/21 maxlen: 32
                          45.12.56.0/22 maxlen: 32
                          116.212.188.0/22 maxlen: 32
                          180.94.216.0/22 maxlen: 32
                          94.46.2.0/23 maxlen: 32
                          94.46.0.0/21 maxlen: 32

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 12:41:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:e4:55:78:fa:d9:cf:4a:ed:7b:2e:06:85:1d:ad:1b:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
        Validity
            Not Before: Jun 22 18:19:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b418dba567f00e930813fdcb5c9ef53237eb7deb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:0d:df:52:fd:8f:5b:35:07:06:a4:fa:aa:dc:
                    63:3b:09:f0:f4:79:03:a5:d6:a9:d1:8e:76:ef:55:
                    a7:32:0a:e0:78:90:28:f7:84:c5:6b:58:be:7e:8c:
                    28:8f:cd:e1:6a:a8:67:b1:a1:76:c4:c3:ce:90:bb:
                    f9:d0:c5:30:ed:7e:52:da:66:f3:ff:0b:ee:e5:3b:
                    5b:46:99:75:ca:02:01:bd:fa:af:3b:58:49:a2:a5:
                    46:d1:34:7c:d8:85:e9:a1:8b:a0:1c:2d:5d:67:ff:
                    4a:70:ee:e1:73:b0:bd:19:9b:d2:73:4a:20:10:e3:
                    90:ae:72:cd:78:0f:4f:03:92:f7:b8:2f:87:da:fa:
                    6f:53:1a:e1:a0:29:50:c2:22:4e:7a:e1:38:76:ce:
                    a9:fc:1f:af:78:fc:9d:2a:0c:bf:f8:42:33:d1:66:
                    fc:13:99:2d:fb:c5:a3:ba:32:fc:ce:63:cb:b6:11:
                    31:46:03:c0:0c:d0:d9:ae:cd:65:fa:26:3d:49:18:
                    30:83:20:99:f0:da:c8:c7:50:98:89:e1:34:45:c9:
                    2f:67:6b:2b:26:92:6b:11:af:a0:24:c8:a0:76:33:
                    2e:f5:a6:ea:06:ea:bf:63:56:c4:c2:d3:9b:ff:04:
                    de:34:4e:ca:b8:57:b2:6c:89:89:71:70:c5:cc:d7:
                    b6:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:18:DB:A5:67:F0:0E:93:08:13:FD:CB:5C:9E:F5:32:37:EB:7D:EB
            X509v3 Authority Key Identifier:
                keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/tBjbpWfwDpMIE_3LXJ71Mjfrfes.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.61.226.0/23
                  37.200.104.0/21
                  43.252.28.0/22
                  45.12.56.0/22
                  45.114.240.0/22
                  45.130.120.0/22
                  46.182.168.0/22
                  78.156.160.0/19
                  85.208.148.0/22
                  89.104.110.0/23
                  89.184.192.0/19
                  89.223.14.0/23
                  89.223.18.0/23
                  92.255.32.0/21
                  92.255.86.0/23
                  94.46.0.0/21
                  94.46.32.0/21
                  94.176.80.0/20
                  103.30.12.0/22
                  103.211.184.0/23
                  103.225.128.0/22
                  109.198.32.0/19
                  116.212.188.0/22
                  139.5.104.0/22
                  180.94.216.0/22
                  185.10.7.0/24
                  193.151.52.0/22
                  194.32.88.0/22
                  203.78.168.0/21
                  206.204.0.0/18
                  213.188.80.0/20
                  216.194.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         23:a3:c3:5a:cd:a6:93:c4:8c:72:de:8e:27:5b:ec:20:6d:00:
         67:e0:16:46:30:61:85:b1:6b:eb:d3:61:3e:ee:67:55:fc:d6:
         54:8d:02:11:32:c6:60:37:77:3c:fb:fc:fd:f2:7a:8f:8e:1c:
         b4:ca:3b:00:d2:c0:a7:1d:d8:c4:30:f1:ed:2b:d7:83:09:07:
         bd:30:58:35:59:a9:97:d8:cf:3b:8d:f7:b2:8d:d9:5b:9e:bf:
         09:f4:58:66:b0:45:f2:f7:6f:7a:60:6c:e4:f2:75:3e:75:aa:
         ff:4a:77:f3:1d:06:04:29:18:f8:69:ff:00:75:7d:67:6b:18:
         b0:ff:67:a8:1d:d4:2a:81:06:c1:d8:84:7e:04:2f:a2:ba:3f:
         49:f0:eb:69:d7:8e:3c:eb:11:c5:7d:d7:19:cc:0b:c9:3f:f1:
         e9:b5:86:fe:d8:f6:32:32:ed:4b:a0:79:ef:13:3d:bd:4c:b0:
         b8:d8:e7:ec:f7:4d:37:19:9e:57:37:b4:fc:45:30:47:1a:14:
         d8:14:71:fd:3b:13:cf:da:97:c1:80:ce:11:08:dc:04:b1:17:
         d6:22:f4:32:6b:7f:1a:5e:4f:61:a5:b1:93:09:3e:31:1a:db:
         42:70:ea:2a:2b:a6:c6:68:df:b2:4d:c0:57:bd:c6:08:46:cf:
         1e:3f:5c:e1
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYjkVXj62c9K7XsuBoUdrRscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjMwNjIyMTgxOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDE4ZGJhNTY3ZjAwZTkzMDgxM2ZkY2I1YzllZjUzMjM3ZWI3ZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ3fUv2PWzUHBqT6qtxjOwnw9HkD
pdap0Y5271WnMgrgeJAo94TFa1i+fowoj83haqhnsaF2xMPOkLv50MUw7X5S2mbz
/wvu5TtbRpl1ygIBvfqvO1hJoqVG0TR82IXpoYugHC1dZ/9KcO7hc7C9GZvSc0og
EOOQrnLNeA9PA5L3uC+H2vpvUxrhoClQwiJOeuE4ds6p/B+vePydKgy/+EIz0Wb8
E5kt+8WjujL8zmPLthExRgPADNDZrs1l+iY9SRgwgyCZ8NrIx1CYieE0RckvZ2sr
JpJrEa+gJMigdjMu9abqBuq/Y1bEwtOb/wTeNE7KuFeybImJcXDFzNe2YwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFLQY26Vn8A6TCBP9y1ye9TI3633rMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvdEJqYnBXZndEcE1JRV8zTFhKNzFNamZyZmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBAEl
PeIDBAMlyGgDBAIr/BwDBAItDDgDBAItcvADBAItgngDBAIutqgDBAVOnKADBAJV
0JQDBAFZaG4DBAVZuMADBAFZ3w4DBAFZ3xIDBANc/yADBAFc/1YDBANeLgADBANe
LiADBAResFADBAJnHgwDBAFn07gDBAJn4YADBAVtxiADBAJ01LwDBAKLBWgDBAK0
XtgDBAC5CgcDBALBlzQDBALCIFgDBAPLTqgDBAbOzAADBATVvFADBATYwlAwDQYJ
KoZIhvcNAQELBQADggEBACOjw1rNppPEjHLejidb7CBtAGfgFkYwYYWxa+vTYT7u
Z1X81lSNAhEyxmA3dzz7/P3yeo+OHLTKOwDSwKcd2MQw8e0r14MJB70wWDVZqZfY
zzuN97KN2Vuevwn0WGawRfL3b3pgbOTydT51qv9Kd/MdBgQpGPhp/wB1fWdrGLD/
Z6gd1CqBBsHYhH4EL6K6P0nw62nXjjzrEcV91xnMC8k/8em1hv7Y9jIy7Uugee8T
Pb1MsLjY5+z3TTcZnlc3tPxFMEcaFNgUcf07E8/al8GAzhEI3ASxF9Yi9DJrfxpe
T2GlsZMJPjEa20Jw6iorpsZo37JNwFe9xghGzx4/XOE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:24 2024 by rpki-client on console-fra.rpki-client.org