Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/kbQb-Kw9tEM2GnKFLVfRz3-kGPc.roa
File:                     kbQb-Kw9tEM2GnKFLVfRz3-kGPc.roa (raw, json)
Hash identifier:          zTm7Fh00w+/2lAXplYiKGyVpdrmnbitZfPyXHJaxN5I=
Subject key identifier:   91:B4:1B:F8:AC:3D:B4:43:36:1A:72:85:2D:57:D1:CF:7F:A4:18:F7
Certificate issuer:       /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial:       018C061EA7E4D3A874D7D721BC0D6581E6AD
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/kbQb-Kw9tEM2GnKFLVfRz3-kGPc.roa
Signing time:             Sat 25 Nov 2023 10:55:21 +0000
ROA not before:           Sat 25 Nov 2023 10:55:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49037
IP address blocks:        95.174.98.0/24 maxlen: 24
                          95.174.96.0/23 maxlen: 23
                          95.174.102.0/24 maxlen: 24
                          95.174.101.0/24 maxlen: 24
                          95.174.100.0/24 maxlen: 24
                          95.174.99.0/24 maxlen: 24
                          95.174.105.0/24 maxlen: 24
                          95.174.104.0/24 maxlen: 24
                          95.174.103.0/24 maxlen: 24
                          95.174.112.0/24 maxlen: 24
                          95.174.111.0/24 maxlen: 24
                          95.174.110.0/24 maxlen: 24
                          95.174.109.0/24 maxlen: 24
                          95.174.108.0/24 maxlen: 24
                          95.174.107.0/24 maxlen: 24
                          95.174.106.0/24 maxlen: 24
                          95.174.116.0/24 maxlen: 24
                          95.174.115.0/24 maxlen: 24
                          95.174.114.0/24 maxlen: 24
                          95.174.113.0/24 maxlen: 24
                          95.174.118.0/24 maxlen: 24
                          95.174.117.0/24 maxlen: 24
                          95.174.125.0/24 maxlen: 24
                          95.174.124.0/24 maxlen: 24
                          95.174.123.0/24 maxlen: 24
                          95.174.120.0/24 maxlen: 24
                          95.174.119.0/24 maxlen: 24
                          95.174.127.0/24 maxlen: 24
                          95.174.126.0/24 maxlen: 24
                          185.9.186.0/24 maxlen: 24
                          185.9.184.0/24 maxlen: 24
                          185.9.187.0/24 maxlen: 24
                          185.230.242.0/24 maxlen: 24
                          185.230.241.0/24 maxlen: 24
                          185.230.240.0/24 maxlen: 24
                          80.72.16.0/23 maxlen: 23
                          80.72.24.0/24 maxlen: 24
                          80.72.25.0/24 maxlen: 24
                          80.72.26.0/23 maxlen: 23
                          92.118.73.0/24 maxlen: 24
                          92.118.72.0/24 maxlen: 24
                          2a00:8740:25::/48 maxlen: 48
                          2a00:8740:ff00::/48 maxlen: 48
                          2a00:8740:100::/48 maxlen: 48
                          2a00:8740:1b::/48 maxlen: 48
                          2a00:8740:36::/48 maxlen: 48
                          2a00:8740:2f::/48 maxlen: 48
                          2a00:8740:18::/48 maxlen: 48
                          2a00:8740:33::/48 maxlen: 48
                          2a00:8740:111::/48 maxlen: 48
                          2a00:8740:11::/48 maxlen: 48
                          2a00:8740:2c::/48 maxlen: 48
                          2a00:8740:15::/48 maxlen: 48
                          2a00:8740:30::/48 maxlen: 48
                          2a00:8740:26::/48 maxlen: 48
                          2a00:8740:29::/48 maxlen: 48
                          2a00:8740:1f::/48 maxlen: 48
                          2a00:8740:2d::/48 maxlen: 48
                          2a00:8740:23::/48 maxlen: 48
                          2a00:8740:1c::/48 maxlen: 48
                          2a00:8740:112::/48 maxlen: 48
                          2a00:8740:500::/40 maxlen: 40
                          2a00:8740:20::/48 maxlen: 48
                          2a00:8740::/47 maxlen: 47
                          2a00:8740:16::/48 maxlen: 48
                          2a00:8740:34::/48 maxlen: 48
                          2a00:8740:1d::/48 maxlen: 48
                          2a00:8740:2e::/48 maxlen: 48
                          2a00:8740:27::/48 maxlen: 48
                          2a00:8740:2::/48 maxlen: 48
                          2a00:8740:35::/48 maxlen: 48
                          2a00:8740:110::/48 maxlen: 48
                          2a00:8740:10::/48 maxlen: 48
                          2a00:8740:2b::/48 maxlen: 48
                          2a00:8740:24::/48 maxlen: 48
                          2a00:8740:1a::/48 maxlen: 48
                          2a00:8740:28::/48 maxlen: 48
                          2a00:8740:1e::/48 maxlen: 48
                          2a00:8740:21::/48 maxlen: 48
                          2a00:8740:17::/48 maxlen: 48
                          2a00:8740:32::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 04 Dec 2023 11:34:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:06:1e:a7:e4:d3:a8:74:d7:d7:21:bc:0d:65:81:e6:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
        Validity
            Not Before: Nov 25 10:55:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=91b41bf8ac3db443361a72852d57d1cf7fa418f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:85:2e:47:8d:fc:ea:0c:dc:1b:7a:47:3c:70:
                    d6:d8:1a:f7:0d:81:b1:f3:a0:15:cb:e4:ba:7f:67:
                    1d:b9:39:7e:09:c2:9b:0d:56:5d:70:6e:71:e1:cc:
                    4b:3a:16:f7:02:28:d1:13:64:e5:8c:7e:d6:90:ae:
                    2b:f0:c0:64:aa:e1:cf:b0:82:52:71:f6:fd:b3:29:
                    eb:14:b3:b5:f1:88:e7:d5:29:fe:c2:b0:3f:8b:8b:
                    cf:8a:56:e4:4a:b2:8a:65:9f:29:d6:a0:bc:22:48:
                    0b:3c:75:f5:c7:95:15:c3:33:c3:3f:4d:53:d4:47:
                    c7:55:4d:f5:d6:82:fb:4b:37:ae:ec:5a:b0:18:ff:
                    9e:e1:d7:d5:fa:13:80:72:17:dc:84:2e:6a:6f:30:
                    fc:61:52:38:ef:87:c7:d4:c7:96:e5:51:18:1a:cf:
                    39:9f:10:43:c5:06:45:2e:d9:64:37:33:d6:b4:db:
                    04:05:6a:9f:79:1e:04:25:9c:94:21:df:32:0f:bc:
                    c2:9c:c3:cb:7c:5d:8d:e5:d3:d2:a6:5b:93:9a:dd:
                    88:9c:8b:dc:f0:a4:c4:1f:0c:d2:38:f7:73:3d:1b:
                    5e:03:63:dc:15:21:e4:37:09:62:51:d2:c5:fd:a5:
                    d8:e2:71:44:c5:09:ba:83:09:02:f4:ba:17:fd:25:
                    4b:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:B4:1B:F8:AC:3D:B4:43:36:1A:72:85:2D:57:D1:CF:7F:A4:18:F7
            X509v3 Authority Key Identifier:
                keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/kbQb-Kw9tEM2GnKFLVfRz3-kGPc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.72.16.0/23
                  80.72.24.0/22
                  92.118.72.0/23
                  95.174.96.0-95.174.120.255
                  95.174.123.0-95.174.127.255
                  185.9.184.0/24
                  185.9.186.0/23
                  185.230.240.0-185.230.242.255
                IPv6:
                  2a00:8740::-2a00:8740:2:ffff:ffff:ffff:ffff:ffff
                  2a00:8740:10::/47
                  2a00:8740:15::-2a00:8740:18:ffff:ffff:ffff:ffff:ffff
                  2a00:8740:1a::-2a00:8740:21:ffff:ffff:ffff:ffff:ffff
                  2a00:8740:23::-2a00:8740:29:ffff:ffff:ffff:ffff:ffff
                  2a00:8740:2b::-2a00:8740:30:ffff:ffff:ffff:ffff:ffff
                  2a00:8740:32::-2a00:8740:36:ffff:ffff:ffff:ffff:ffff
                  2a00:8740:100::/48
                  2a00:8740:110::-2a00:8740:112:ffff:ffff:ffff:ffff:ffff
                  2a00:8740:500::/40
                  2a00:8740:ff00::/48

    Signature Algorithm: sha256WithRSAEncryption
         76:f9:f9:92:f8:fa:1c:e8:44:7a:8c:81:87:c6:64:4d:c2:8c:
         0c:91:74:6e:5a:0a:29:6f:41:80:00:9c:40:52:f5:5c:04:0f:
         54:37:17:ef:9a:81:dd:6b:3c:2f:9e:c7:56:1f:c5:28:c7:bb:
         b9:c9:d8:df:a6:09:d0:f8:0e:13:e3:4f:6d:a4:48:bb:54:e8:
         3c:a0:fa:80:7c:e1:b9:fe:bc:23:af:97:27:0f:d9:4b:1f:21:
         04:dd:89:17:95:52:f4:92:56:fd:56:8f:3d:44:f6:5e:cb:3b:
         18:f2:2e:8c:e7:80:57:63:83:8d:e9:20:98:7e:1a:97:89:b5:
         62:2c:08:5d:ec:bc:c9:41:e7:be:e2:d0:b1:d2:9f:d7:3e:95:
         ca:22:41:56:ed:98:07:8b:26:a1:da:be:43:e6:35:53:6e:b7:
         2d:5a:cf:d8:7f:12:5a:63:17:9b:d7:72:94:0f:d7:26:4f:20:
         8e:b8:4b:e9:d1:e5:33:9d:78:58:8a:05:e8:d3:75:b5:6a:e2:
         9e:c9:b9:1d:be:86:8f:4a:7e:d4:d2:9d:ec:e7:67:c0:92:69:
         0d:63:79:ee:ae:85:ac:5a:f7:1c:03:7b:38:7d:82:03:b8:a4:
         5c:6f:c5:89:64:a4:64:17:36:7a:7b:96:17:19:f7:5e:81:57:
         38:71:42:1b
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAYwGHqfk06h019chvA1lgeatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjMxMTI1MTA1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWI0MWJmOGFjM2RiNDQzMzYxYTcyODUyZDU3ZDFjZjdmYTQxOGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoUuR4386gzcG3pHPHDW2Br3DYGx
86AVy+S6f2cduTl+CcKbDVZdcG5x4cxLOhb3AijRE2TljH7WkK4r8MBkquHPsIJS
cfb9synrFLO18Yjn1Sn+wrA/i4vPilbkSrKKZZ8p1qC8IkgLPHX1x5UVwzPDP01T
1EfHVU311oL7Szeu7FqwGP+e4dfV+hOAchfchC5qbzD8YVI474fH1MeW5VEYGs85
nxBDxQZFLtlkNzPWtNsEBWqfeR4EJZyUId8yD7zCnMPLfF2N5dPSpluTmt2InIvc
8KTEHwzSOPdzPRteA2PcFSHkNwliUdLF/aXY4nFExQm6gwkC9LoX/SVL7wIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFJG0G/isPbRDNhpyhS1X0c9/pBj3MB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEva2JRYi1Ldzl0RU0yR25LRkxWZlJ6My1rR1BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzBOBAIAATBIAwQB
UEgQAwQCUEgYAwQBXHZIMAwDBAVfrmADBABfrngwDAMEAF+uewMEB1+uAAMEALkJ
uAMEAbkJujAMAwQEuebwAwQAuebyMIG0BAIAAjCBrTAQAwUGKgCHQAMHACoAh0AA
AgMHASoAh0AAEDASAwcAKgCHQAAVAwcAKgCHQAAYMBIDBwEqAIdAABoDBwEqAIdA
ACAwEgMHACoAh0AAIwMHASoAh0AAKDASAwcAKgCHQAArAwcAKgCHQAAwMBIDBwEq
AIdAADIDBwAqAIdAADYDBwAqAIdAAQAwEgMHBCoAh0ABEAMHACoAh0ABEgMGACoA
h0AFAwcAKgCHQP8AMA0GCSqGSIb3DQEBCwUAA4IBAQB2+fmS+Poc6ER6jIGHxmRN
wowMkXRuWgopb0GAAJxAUvVcBA9UNxfvmoHdazwvnsdWH8Uox7u5ydjfpgnQ+A4T
409tpEi7VOg8oPqAfOG5/rwjr5cnD9lLHyEE3YkXlVL0klb9Vo89RPZeyzsY8i6M
54BXY4ON6SCYfhqXibViLAhd7LzJQee+4tCx0p/XPpXKIkFW7ZgHiyah2r5D5jVT
brctWs/YfxJaYxeb13KUD9cmTyCOuEvp0eUznXhYigXo03W1auKeybkdvoaPSn7U
0p3s52fAkmkNY3nuroWsWvccA3s4fYIDuKRcb8WJZKRkFzZ6e5YXGfdegVc4cUIb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:44 2024 by rpki-client on console-fra.rpki-client.org