Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/wowRn3YX1fDITSBmxewG8MyaeOk.roa
File:                     wowRn3YX1fDITSBmxewG8MyaeOk.roa (raw, json)
Hash identifier:          vFTWAb/0jRbs61O1w/d1b5VxxbHU40Fsa5Z6rQJjiuA=
Subject key identifier:   C2:8C:11:9F:76:17:D5:F0:C8:4D:20:66:C5:EC:06:F0:CC:9A:78:E9
Certificate issuer:       /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial:       018E652F0949AB517371C75E7F739B65E1A2
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/wowRn3YX1fDITSBmxewG8MyaeOk.roa
Signing time:             Fri 22 Mar 2024 08:02:45 +0000
ROA not before:           Fri 22 Mar 2024 08:02:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42473
IP address blocks:        37.235.3.0/24 maxlen: 24
                          37.235.4.0/24 maxlen: 24
                          37.235.5.0/24 maxlen: 24
                          37.252.224.0/19 maxlen: 32
                          37.252.226.0/24 maxlen: 24
                          37.252.228.0/24 maxlen: 32
                          37.252.234.0/24 maxlen: 24
                          37.252.243.0/24 maxlen: 24
                          37.252.244.0/24 maxlen: 24
                          37.252.251.0/24 maxlen: 24
                          37.252.253.0/24 maxlen: 24
                          45.132.61.0/24 maxlen: 24
                          45.132.62.0/23 maxlen: 24
                          94.16.98.0/24 maxlen: 24
                          94.16.100.0/24 maxlen: 24
                          94.16.125.0/24 maxlen: 24
                          94.16.126.0/24 maxlen: 24
                          144.208.192.0/18 maxlen: 32
                          144.208.204.0/24 maxlen: 24
                          144.208.205.0/24 maxlen: 24
                          144.208.206.0/24 maxlen: 24
                          144.208.207.0/24 maxlen: 24
                          144.208.212.0/22 maxlen: 32
                          144.208.216.0/24 maxlen: 24
                          144.208.217.0/24 maxlen: 24
                          144.208.219.0/24 maxlen: 24
                          144.208.221.0/24 maxlen: 24
                          144.208.222.0/24 maxlen: 24
                          144.208.223.0/24 maxlen: 24
                          144.208.224.0/24 maxlen: 24
                          144.208.225.0/24 maxlen: 24
                          144.208.226.0/24 maxlen: 24
                          144.208.228.0/24 maxlen: 24
                          144.208.229.0/24 maxlen: 24
                          144.208.230.0/24 maxlen: 24
                          144.208.231.0/24 maxlen: 24
                          144.208.232.0/24 maxlen: 24
                          144.208.233.0/24 maxlen: 24
                          144.208.235.0/24 maxlen: 24
                          144.208.236.0/24 maxlen: 24
                          144.208.237.0/24 maxlen: 24
                          144.208.238.0/24 maxlen: 24
                          144.208.240.0/24 maxlen: 24
                          144.208.244.0/24 maxlen: 24
                          176.123.54.0/23 maxlen: 23
                          178.255.152.0/21 maxlen: 32
                          185.2.176.0/22 maxlen: 32
                          185.2.176.0/24 maxlen: 24
                          185.50.232.0/23 maxlen: 23
                          185.50.235.0/24 maxlen: 24
                          185.81.206.0/24 maxlen: 24
                          185.81.209.0/24 maxlen: 24
                          185.116.96.0/24 maxlen: 24
                          185.116.97.0/24 maxlen: 24
                          185.116.98.0/24 maxlen: 24
                          185.116.99.0/24 maxlen: 24
                          185.228.148.0/22 maxlen: 22
                          188.65.72.0/21 maxlen: 32
                          188.172.192.0/18 maxlen: 32
                          188.172.208.0/24 maxlen: 24
                          188.172.230.0/23 maxlen: 23
                          188.172.247.0/24 maxlen: 24
                          188.172.249.0/24 maxlen: 24
                          188.172.254.0/24 maxlen: 24
                          193.33.114.0/23 maxlen: 32
                          194.1.206.0/24 maxlen: 32
                          213.227.160.0/19 maxlen: 32
                          213.227.184.0/24 maxlen: 24
                          217.146.0.0/19 maxlen: 24
                          217.146.6.0/24 maxlen: 24
                          217.146.7.0/24 maxlen: 24
                          2a00:11c0::/32 maxlen: 128
                          2a00:11c0:13::/48 maxlen: 48
                          2a00:11c0:19::/48 maxlen: 48
                          2a00:11c0:22::/48 maxlen: 48
                          2a00:11c0:24::/48 maxlen: 48
                          2a00:11c0:29::/48 maxlen: 48
                          2a00:11c0:40::/48 maxlen: 48
                          2a00:11c0:41::/48 maxlen: 48
                          2a00:11c0:42::/48 maxlen: 48
                          2a00:11c0:43::/48 maxlen: 48
                          2a00:11c0:46::/48 maxlen: 48
                          2a00:11c0:4a::/48 maxlen: 48
                          2a00:11c0:66::/48 maxlen: 48
                          2a00:11c0:79::/48 maxlen: 48
                          2a00:11c0:80::/48 maxlen: 48
                          2a00:11c0:83::/48 maxlen: 48
                          2a00:11c0:84::/48 maxlen: 48
                          2a00:11c0:86::/48 maxlen: 48
                          2a00:11c0:87::/48 maxlen: 48
                          2a00:11c0:88::/48 maxlen: 48
                          2a00:11c0:96::/48 maxlen: 48
                          2a00:11c0:97::/48 maxlen: 48
                          2a00:11c0:98::/48 maxlen: 48
                          2a00:11c0:99::/48 maxlen: 48
                          2a00:11c0:9a::/48 maxlen: 48
                          2a00:11c0:dc::/48 maxlen: 48
                          2a00:11c0:dd::/48 maxlen: 48
                          2a00:11c0:de::/48 maxlen: 48
                          2a00:11c0:1334::/48 maxlen: 48
                          2a00:11c0:1335::/48 maxlen: 48
                          2a00:11c0:1798::/48 maxlen: 48
                          2a00:11c0:179a::/48 maxlen: 48
                          2a00:11c0:179b::/48 maxlen: 48
                          2a00:11c0:9021::/48 maxlen: 48
                          2a01:aea0::/32 maxlen: 32
                          2a01:aea0::/40 maxlen: 40
                          2a01:aea0:dd1::/48 maxlen: 48
                          2a01:aea0:df1::/48 maxlen: 48
                          2a05:8900:28::/48 maxlen: 48
                          2a05:8900:36::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 13 May 2024 13:13:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:65:2f:09:49:ab:51:73:71:c7:5e:7f:73:9b:65:e1:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
        Validity
            Not Before: Mar 22 08:02:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c28c119f7617d5f0c84d2066c5ec06f0cc9a78e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:10:db:7c:fd:3c:53:df:99:b0:1f:bc:7b:8f:
                    26:a8:4f:4e:0f:42:88:ee:25:17:c9:c4:8c:8f:bb:
                    68:bf:41:23:95:ef:25:b8:fb:67:70:91:32:fd:92:
                    72:b2:ac:d4:3c:85:8f:b2:46:1c:84:44:b9:80:6f:
                    69:e7:76:12:8f:1e:5e:59:89:62:cd:1e:be:2b:58:
                    2d:6e:91:74:46:dd:84:a2:2e:fd:d5:a6:fd:a3:01:
                    63:fc:32:52:91:55:43:37:21:92:c7:8f:f0:55:84:
                    44:12:e7:b9:95:2f:dd:9a:ef:ad:2f:dc:c2:36:5a:
                    1f:6e:1d:8c:89:ee:16:e8:30:d6:82:7c:32:b8:79:
                    21:fc:91:a5:6e:55:2a:55:f4:e7:c1:61:a1:09:a7:
                    6f:f7:66:4f:fe:4d:72:07:fd:f5:6d:22:64:ac:8f:
                    4d:0e:a3:ef:35:2a:22:28:89:45:d3:a6:b3:f9:57:
                    66:43:0e:ec:0f:b1:92:73:8c:99:56:1a:c3:5c:80:
                    cc:5f:34:c4:8c:b5:2f:0c:0b:e0:c4:c0:d8:e7:a3:
                    e0:98:b2:cc:ab:44:fa:00:bf:4d:87:9e:d8:9d:62:
                    92:58:db:8a:95:b7:01:dc:8e:c1:ca:16:74:e3:10:
                    dd:7e:ab:93:f0:6f:e9:34:a1:68:69:45:ce:33:22:
                    af:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:8C:11:9F:76:17:D5:F0:C8:4D:20:66:C5:EC:06:F0:CC:9A:78:E9
            X509v3 Authority Key Identifier:
                keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/wowRn3YX1fDITSBmxewG8MyaeOk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.235.3.0-37.235.5.255
                  37.252.224.0/19
                  45.132.61.0-45.132.63.255
                  94.16.98.0/24
                  94.16.100.0/24
                  94.16.125.0-94.16.126.255
                  144.208.192.0/18
                  176.123.54.0/23
                  178.255.152.0/21
                  185.2.176.0/22
                  185.50.232.0/23
                  185.50.235.0/24
                  185.81.206.0/24
                  185.81.209.0/24
                  185.116.96.0/22
                  185.228.148.0/22
                  188.65.72.0/21
                  188.172.192.0/18
                  193.33.114.0/23
                  194.1.206.0/24
                  213.227.160.0/19
                  217.146.0.0/19
                IPv6:
                  2a00:11c0::/32
                  2a01:aea0::/32
                  2a05:8900:28::/48
                  2a05:8900:36::/48

    Signature Algorithm: sha256WithRSAEncryption
         16:07:cd:b7:70:de:be:fe:03:72:14:3b:31:06:10:ec:c3:89:
         f2:42:ab:ec:58:c3:7b:21:78:8d:71:22:1e:da:17:ed:46:f9:
         22:bf:59:5d:29:1b:ca:88:93:d5:02:c4:62:bd:41:77:1c:bb:
         ce:46:87:ed:2b:21:db:9b:bc:2e:2d:b3:92:86:a0:d6:d6:22:
         d1:57:c0:06:5a:dc:8d:4c:ba:77:a6:8c:dc:58:ad:63:cc:43:
         61:20:e7:d6:58:cc:1f:a6:39:ef:cb:ac:03:14:42:02:33:29:
         43:34:3d:e3:1b:ca:35:7d:08:cb:58:a1:26:53:80:10:67:39:
         d6:f7:bb:78:6e:9c:84:a6:57:2f:89:01:48:48:d9:da:8a:7e:
         9b:94:67:87:0f:f4:5f:77:41:9c:20:7f:0c:fd:42:df:a4:da:
         19:a4:8e:b4:46:dc:72:15:3e:5e:82:7e:00:1e:df:30:ad:36:
         5b:2e:ba:3c:69:f9:b5:02:76:a9:0a:1c:cf:51:3e:0c:cf:23:
         59:1c:58:90:03:d9:06:15:42:c0:d4:63:bf:77:cb:7e:f8:4a:
         67:4d:e3:7f:e6:d0:c3:a4:66:d7:44:48:20:64:84:c8:f0:c5:
         31:bf:65:18:1a:24:84:9e:a0:13:87:3c:38:a8:f1:ba:c7:e1:
         fc:7c:96:86
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAY5lLwlJq1Fzccdef3ObZeGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwMzIyMDgwMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjhjMTE5Zjc2MTdkNWYwYzg0ZDIwNjZjNWVjMDZmMGNjOWE3OGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixDbfP08U9+ZsB+8e48mqE9OD0KI
7iUXycSMj7tov0Ejle8luPtncJEy/ZJysqzUPIWPskYchES5gG9p53YSjx5eWYli
zR6+K1gtbpF0Rt2Eoi791ab9owFj/DJSkVVDNyGSx4/wVYREEue5lS/dmu+tL9zC
Nlofbh2Mie4W6DDWgnwyuHkh/JGlblUqVfTnwWGhCadv92ZP/k1yB/31bSJkrI9N
DqPvNSoiKIlF06az+VdmQw7sD7GSc4yZVhrDXIDMXzTEjLUvDAvgxMDY56PgmLLM
q0T6AL9Nh57YnWKSWNuKlbcB3I7ByhZ04xDdfquT8G/pNKFoaUXOMyKvUQIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFMKMEZ92F9XwyE0gZsXsBvDMmnjpMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvd293Um4zWVgxZkRJVFNCbXhld0c4TXlhZU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBowQCAAEwgZwwDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAAwQAXhBiAwQAXhBkMAwDBABe
EH0DBABeEH4DBAaQ0MADBAGwezYDBAOy/5gDBAK5ArADBAG5MugDBAC5MusDBAC5
Uc4DBAC5UdEDBAK5dGADBAK55JQDBAO8QUgDBAa8rMADBAHBIXIDBADCAc4DBAXV
46ADBAXZkgAwJgQCAAIwIAMFACoAEcADBQAqAa6gAwcAKgWJAAAoAwcAKgWJAAA2
MA0GCSqGSIb3DQEBCwUAA4IBAQAWB823cN6+/gNyFDsxBhDsw4nyQqvsWMN7IXiN
cSIe2hftRvkiv1ldKRvKiJPVAsRivUF3HLvORoftKyHbm7wuLbOShqDW1iLRV8AG
WtyNTLp3pozcWK1jzENhIOfWWMwfpjnvy6wDFEICMylDND3jG8o1fQjLWKEmU4AQ
ZznW97t4bpyEplcviQFISNnain6blGeHD/Rfd0GcIH8M/ULfpNoZpI60RtxyFT5e
gn4AHt8wrTZbLro8afm1AnapChzPUT4MzyNZHFiQA9kGFULA1GO/d8t++EpnTeN/
5tDDpGbXREggZITI8MUxv2UYGiSEnqAThzw4qPG6x+H8fJaG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org