Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/YZtqKFy2IV0Ms5U23b_QLUBgGZo.roa
File:                     YZtqKFy2IV0Ms5U23b_QLUBgGZo.roa (raw, json)
Hash identifier:          lFcbqshSTawoOqVUyQmTGFKx+TURvjdn1RtlMLawUCw=
Subject key identifier:   61:9B:6A:28:5C:B6:21:5D:0C:B3:95:36:DD:BF:D0:2D:40:60:19:9A
Certificate issuer:       /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial:       018D59A803C2CA515791C00E386EFECF53B3
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/YZtqKFy2IV0Ms5U23b_QLUBgGZo.roa
Signing time:             Tue 30 Jan 2024 09:16:39 +0000
ROA not before:           Tue 30 Jan 2024 09:16:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42473
IP address blocks:        37.235.3.0/24 maxlen: 24
                          37.235.4.0/24 maxlen: 24
                          37.235.5.0/24 maxlen: 24
                          37.252.224.0/19 maxlen: 32
                          37.252.226.0/24 maxlen: 24
                          37.252.228.0/24 maxlen: 32
                          37.252.234.0/24 maxlen: 24
                          37.252.243.0/24 maxlen: 24
                          37.252.244.0/24 maxlen: 24
                          37.252.251.0/24 maxlen: 24
                          37.252.253.0/24 maxlen: 24
                          45.132.61.0/24 maxlen: 24
                          45.132.62.0/23 maxlen: 24
                          94.16.98.0/24 maxlen: 24
                          94.16.125.0/24 maxlen: 24
                          94.16.126.0/24 maxlen: 24
                          144.208.192.0/18 maxlen: 32
                          144.208.204.0/24 maxlen: 24
                          144.208.205.0/24 maxlen: 24
                          144.208.206.0/24 maxlen: 24
                          144.208.207.0/24 maxlen: 24
                          144.208.212.0/22 maxlen: 32
                          144.208.216.0/24 maxlen: 24
                          144.208.217.0/24 maxlen: 24
                          144.208.219.0/24 maxlen: 24
                          144.208.221.0/24 maxlen: 24
                          144.208.222.0/24 maxlen: 24
                          144.208.223.0/24 maxlen: 24
                          144.208.224.0/24 maxlen: 24
                          144.208.225.0/24 maxlen: 24
                          144.208.226.0/24 maxlen: 24
                          144.208.228.0/24 maxlen: 24
                          144.208.229.0/24 maxlen: 24
                          144.208.230.0/24 maxlen: 24
                          144.208.231.0/24 maxlen: 24
                          144.208.232.0/24 maxlen: 24
                          144.208.233.0/24 maxlen: 24
                          144.208.235.0/24 maxlen: 24
                          144.208.236.0/24 maxlen: 24
                          144.208.237.0/24 maxlen: 24
                          144.208.238.0/24 maxlen: 24
                          144.208.244.0/24 maxlen: 24
                          176.123.54.0/23 maxlen: 23
                          178.255.152.0/21 maxlen: 32
                          185.2.176.0/22 maxlen: 32
                          185.2.176.0/24 maxlen: 24
                          185.50.232.0/23 maxlen: 23
                          185.50.235.0/24 maxlen: 24
                          185.81.206.0/24 maxlen: 24
                          185.81.209.0/24 maxlen: 24
                          185.116.96.0/24 maxlen: 24
                          185.116.97.0/24 maxlen: 24
                          185.116.98.0/24 maxlen: 24
                          185.116.99.0/24 maxlen: 24
                          185.228.148.0/22 maxlen: 22
                          188.65.72.0/21 maxlen: 32
                          188.172.192.0/18 maxlen: 32
                          188.172.208.0/24 maxlen: 24
                          188.172.230.0/23 maxlen: 23
                          188.172.247.0/24 maxlen: 24
                          188.172.249.0/24 maxlen: 24
                          188.172.254.0/24 maxlen: 24
                          193.33.114.0/23 maxlen: 32
                          194.1.206.0/24 maxlen: 32
                          213.227.160.0/19 maxlen: 32
                          213.227.184.0/24 maxlen: 24
                          217.146.0.0/19 maxlen: 24
                          217.146.6.0/24 maxlen: 24
                          217.146.7.0/24 maxlen: 24
                          2a00:11c0::/32 maxlen: 128
                          2a00:11c0:13::/48 maxlen: 48
                          2a00:11c0:19::/48 maxlen: 48
                          2a00:11c0:22::/48 maxlen: 48
                          2a00:11c0:24::/48 maxlen: 48
                          2a00:11c0:29::/48 maxlen: 48
                          2a00:11c0:40::/48 maxlen: 48
                          2a00:11c0:41::/48 maxlen: 48
                          2a00:11c0:42::/48 maxlen: 48
                          2a00:11c0:43::/48 maxlen: 48
                          2a00:11c0:4a::/48 maxlen: 48
                          2a00:11c0:66::/48 maxlen: 48
                          2a00:11c0:79::/48 maxlen: 48
                          2a00:11c0:80::/48 maxlen: 48
                          2a00:11c0:83::/48 maxlen: 48
                          2a00:11c0:84::/48 maxlen: 48
                          2a00:11c0:86::/48 maxlen: 48
                          2a00:11c0:87::/48 maxlen: 48
                          2a00:11c0:88::/48 maxlen: 48
                          2a00:11c0:96::/48 maxlen: 48
                          2a00:11c0:97::/48 maxlen: 48
                          2a00:11c0:98::/48 maxlen: 48
                          2a00:11c0:99::/48 maxlen: 48
                          2a00:11c0:9a::/48 maxlen: 48
                          2a00:11c0:dc::/48 maxlen: 48
                          2a00:11c0:dd::/48 maxlen: 48
                          2a00:11c0:de::/48 maxlen: 48
                          2a00:11c0:1334::/48 maxlen: 48
                          2a00:11c0:1335::/48 maxlen: 48
                          2a00:11c0:1798::/48 maxlen: 48
                          2a00:11c0:179a::/48 maxlen: 48
                          2a00:11c0:179b::/48 maxlen: 48
                          2a00:11c0:9021::/48 maxlen: 48
                          2a01:aea0::/32 maxlen: 32
                          2a01:aea0::/40 maxlen: 40
                          2a01:aea0:dd1::/48 maxlen: 48
                          2a01:aea0:df1::/48 maxlen: 48
                          2a05:8900:28::/48 maxlen: 48
                          2a05:8900:36::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 08:04:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:59:a8:03:c2:ca:51:57:91:c0:0e:38:6e:fe:cf:53:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
        Validity
            Not Before: Jan 30 09:16:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=619b6a285cb6215d0cb39536ddbfd02d4060199a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:8d:de:d8:cb:0b:4f:6f:64:f3:bb:c9:42:de:
                    60:7b:4d:e2:25:7a:40:82:34:f5:eb:5c:3d:b9:d4:
                    f5:90:19:1d:2f:4b:30:58:15:d7:2f:25:87:01:45:
                    2b:d3:eb:a2:36:50:e3:55:e9:6a:9d:97:e4:ce:68:
                    73:6e:a1:2e:b8:bc:bd:22:3c:54:d0:ea:d5:fc:51:
                    9a:10:35:2a:2a:9f:b8:50:2b:8d:67:99:c1:31:ab:
                    67:af:40:6e:ac:89:68:45:6a:f2:9e:e3:e2:41:97:
                    95:72:14:ce:81:14:9d:94:e5:19:b5:e6:4f:84:65:
                    ce:f0:ee:90:36:47:74:f8:7c:ed:99:db:3f:47:08:
                    9e:4d:65:4e:f6:44:cc:0f:cb:6f:87:61:c1:13:13:
                    08:14:4a:aa:7c:9a:61:e1:3a:e3:65:16:58:be:85:
                    aa:64:78:39:54:ee:5f:39:0e:76:47:c6:67:50:6f:
                    8d:ce:1f:24:e4:12:0b:ef:39:e9:11:58:36:9b:13:
                    0a:d8:a1:15:6a:21:44:8d:c6:c1:34:56:e8:5b:b5:
                    b4:a2:7d:72:56:47:66:7b:eb:08:2b:ed:99:99:de:
                    a2:67:31:e6:e2:9d:01:34:ed:88:5d:de:ec:1f:ef:
                    31:3e:47:cb:e6:cb:e5:55:11:13:75:72:b0:6c:70:
                    1e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:9B:6A:28:5C:B6:21:5D:0C:B3:95:36:DD:BF:D0:2D:40:60:19:9A
            X509v3 Authority Key Identifier:
                keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/YZtqKFy2IV0Ms5U23b_QLUBgGZo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.235.3.0-37.235.5.255
                  37.252.224.0/19
                  45.132.61.0-45.132.63.255
                  94.16.98.0/24
                  94.16.125.0-94.16.126.255
                  144.208.192.0/18
                  176.123.54.0/23
                  178.255.152.0/21
                  185.2.176.0/22
                  185.50.232.0/23
                  185.50.235.0/24
                  185.81.206.0/24
                  185.81.209.0/24
                  185.116.96.0/22
                  185.228.148.0/22
                  188.65.72.0/21
                  188.172.192.0/18
                  193.33.114.0/23
                  194.1.206.0/24
                  213.227.160.0/19
                  217.146.0.0/19
                IPv6:
                  2a00:11c0::/32
                  2a01:aea0::/32
                  2a05:8900:28::/48
                  2a05:8900:36::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:18:cf:93:8d:bc:a6:21:72:34:74:e6:01:15:f6:53:2b:a5:
         c0:f9:ce:95:b3:ee:65:07:be:82:bb:3e:6b:77:de:90:11:59:
         1f:43:5f:6d:83:4e:60:87:3a:ff:04:69:f1:a9:a9:ea:a2:53:
         4d:d3:9a:2f:4c:4d:3e:9f:47:c6:bc:79:5e:fc:c6:f0:c8:26:
         b9:23:28:9c:ff:ca:51:b9:ba:f2:20:78:b4:95:1e:5f:eb:af:
         cd:b1:f0:97:1b:95:13:2a:a8:1c:94:f5:48:f1:cf:1a:7b:ef:
         11:3d:38:ad:09:63:1a:21:4a:38:d7:b7:a7:74:63:8d:68:21:
         cc:42:93:37:21:b6:05:9f:e8:e6:2b:57:7c:cc:15:dc:41:5c:
         c5:1d:ff:44:e7:55:91:29:00:a3:26:5b:fa:93:76:29:77:9f:
         4a:0c:58:49:09:22:5a:2f:70:1a:b2:45:7d:d5:90:78:49:4e:
         9b:60:e7:79:ab:49:e8:9c:15:39:c5:8e:cf:16:3a:5e:7c:73:
         0e:da:10:f0:52:78:d7:d8:ca:7f:dc:71:42:13:f5:41:a6:3d:
         6c:b7:e0:53:0e:06:4a:b5:23:15:16:32:4c:de:17:f6:96:a8:
         b0:3a:be:c8:ed:e6:7c:b2:e7:b1:e9:2d:73:c3:47:cc:3e:8f:
         d1:7d:84:d5
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAY1ZqAPCylFXkcAOOG7+z1OzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwMTMwMDkxNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTliNmEyODVjYjYyMTVkMGNiMzk1MzZkZGJmZDAyZDQwNjAxOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA343e2MsLT29k87vJQt5ge03iJXpA
gjT161w9udT1kBkdL0swWBXXLyWHAUUr0+uiNlDjVelqnZfkzmhzbqEuuLy9IjxU
0OrV/FGaEDUqKp+4UCuNZ5nBMatnr0BurIloRWrynuPiQZeVchTOgRSdlOUZteZP
hGXO8O6QNkd0+Hztmds/RwieTWVO9kTMD8tvh2HBExMIFEqqfJph4TrjZRZYvoWq
ZHg5VO5fOQ52R8ZnUG+Nzh8k5BIL7znpEVg2mxMK2KEVaiFEjcbBNFboW7W0on1y
Vkdme+sIK+2Zmd6iZzHm4p0BNO2IXd7sH+8xPkfL5svlVRETdXKwbHAelQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFGGbaihctiFdDLOVNt2/0C1AYBmaMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvWVp0cUtGeTJJVjBNczVVMjNiX1FMVUJnR1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBnQQCAAEwgZYwDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAAwQAXhBiMAwDBABeEH0DBABe
EH4DBAaQ0MADBAGwezYDBAOy/5gDBAK5ArADBAG5MugDBAC5MusDBAC5Uc4DBAC5
UdEDBAK5dGADBAK55JQDBAO8QUgDBAa8rMADBAHBIXIDBADCAc4DBAXV46ADBAXZ
kgAwJgQCAAIwIAMFACoAEcADBQAqAa6gAwcAKgWJAAAoAwcAKgWJAAA2MA0GCSqG
SIb3DQEBCwUAA4IBAQCXGM+TjbymIXI0dOYBFfZTK6XA+c6Vs+5lB76Cuz5rd96Q
EVkfQ19tg05ghzr/BGnxqanqolNN05ovTE0+n0fGvHle/MbwyCa5Iyic/8pRubry
IHi0lR5f66/NsfCXG5UTKqgclPVI8c8ae+8RPTitCWMaIUo417endGONaCHMQpM3
IbYFn+jmK1d8zBXcQVzFHf9E51WRKQCjJlv6k3Ypd59KDFhJCSJaL3AaskV91ZB4
SU6bYOd5q0nonBU5xY7PFjpefHMO2hDwUnjX2Mp/3HFCE/VBpj1st+BTDgZKtSMV
FjJM3hf2lqiwOr7I7eZ8suex6S1zw0fMPo/RfYTV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org