Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/sqfHFRKV3z2RnytP7tJHS1U7qXM.roa
File:                     sqfHFRKV3z2RnytP7tJHS1U7qXM.roa (raw, json)
Hash identifier:          unFSzNhrD39YHXD3eB3iAMNU4XoW1EMfuk144r/8AT4=
Subject key identifier:   B2:A7:C7:15:12:95:DF:3D:91:9F:2B:4F:EE:D2:47:4B:55:3B:A9:73
Certificate issuer:       /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial:       018CC2DB577FC447AFA61B75BEADCA668A0D
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/sqfHFRKV3z2RnytP7tJHS1U7qXM.roa
Signing time:             Mon 01 Jan 2024 02:30:03 +0000
ROA not before:           Mon 01 Jan 2024 02:30:03 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     32787
IP address blocks:        95.100.157.0/24 maxlen: 24
                          95.100.215.0/24 maxlen: 24
                          95.100.214.0/24 maxlen: 24
                          95.100.253.0/24 maxlen: 24
                          2.23.128.0/23 maxlen: 23
                          93.191.172.0/24 maxlen: 24
                          93.191.169.0/24 maxlen: 24
                          95.100.180.0/24 maxlen: 24
                          93.191.170.0/24 maxlen: 24
                          93.191.168.0/24 maxlen: 24
                          95.100.212.0/24 maxlen: 24
                          95.100.213.0/24 maxlen: 24
                          2.18.212.0/22 maxlen: 22
                          2.19.4.0/22 maxlen: 22
                          2.21.112.0/24 maxlen: 24
                          2.21.118.0/24 maxlen: 24
                          2.21.115.0/24 maxlen: 24
                          2.21.117.0/24 maxlen: 24
                          2.21.114.0/24 maxlen: 24
                          2.21.116.0/24 maxlen: 24
                          2.21.113.0/24 maxlen: 24
                          2.17.192.0/24 maxlen: 24
                          2.17.192.0/22 maxlen: 22
                          2.17.193.0/24 maxlen: 24
                          2.17.194.0/24 maxlen: 24
                          2.17.195.0/24 maxlen: 24
                          2.21.175.0/24 maxlen: 24
                          92.122.207.0/24 maxlen: 24
                          2.21.123.0/24 maxlen: 24
                          2.21.120.0/24 maxlen: 24
                          2.21.125.0/24 maxlen: 24
                          2.21.122.0/24 maxlen: 24
                          2.21.119.0/24 maxlen: 24
                          2.21.124.0/24 maxlen: 24
                          2.21.121.0/24 maxlen: 24
                          2.21.126.0/24 maxlen: 24
                          2.21.127.0/24 maxlen: 24
                          92.122.184.0/24 maxlen: 24
                          92.122.185.0/24 maxlen: 24
                          95.101.118.0/24 maxlen: 24
                          95.101.117.0/24 maxlen: 24
                          95.101.204.0/22 maxlen: 22
                          2.17.108.0/22 maxlen: 22
                          2a02:2370:209::/48 maxlen: 48
                          2a02:2370:20c::/48 maxlen: 48
                          2a02:2370:2::/48 maxlen: 48
                          2a02:2370:202::/48 maxlen: 48
                          2a02:2370:102::/48 maxlen: 48
                          2a02:2370:106::/48 maxlen: 48
                          2a02:2370:6::/48 maxlen: 48
                          2a02:2370:206::/48 maxlen: 48
                          2a02:2370:208::/48 maxlen: 48
                          2a02:2370:5::/48 maxlen: 48
                          2a02:2370:205::/48 maxlen: 48
                          2a02:2370:105::/48 maxlen: 48
                          2a02:2370:207::/48 maxlen: 48
                          2a02:2370:20b::/48 maxlen: 48
                          2a02:2370:101::/48 maxlen: 48
                          2a02:2370:1::/48 maxlen: 48
                          2a02:2370:201::/48 maxlen: 48
                          2a02:2370:204::/48 maxlen: 48
                          2a02:2370:104::/48 maxlen: 48
                          2a02:2370:4::/48 maxlen: 48
                          2a02:2370:103::/48 maxlen: 48
                          2a02:2370:3::/48 maxlen: 48
                          2a02:2370:203::/48 maxlen: 48
                          2a02:2370:200::/48 maxlen: 48
                          2a02:2370:20a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 22 Feb 2024 10:25:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:57:7f:c4:47:af:a6:1b:75:be:ad:ca:66:8a:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
        Validity
            Not Before: Jan  1 02:30:03 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b2a7c7151295df3d919f2b4feed2474b553ba973
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:04:3a:6a:d7:2b:6b:33:33:a0:c5:8f:d1:df:
                    2e:17:dd:32:55:2e:a1:29:33:ca:b1:6d:19:2b:e0:
                    49:80:9e:c9:50:e1:28:66:2f:92:54:fc:2d:27:48:
                    88:9e:be:3c:db:c8:93:01:91:0b:46:9c:93:ed:1f:
                    56:ba:e0:f8:af:ed:00:22:8b:35:55:b4:e8:34:35:
                    de:7d:20:32:8a:e5:7f:91:fd:d7:27:3a:35:a6:39:
                    71:72:c7:9f:d3:6f:72:af:f0:a8:a7:4f:c9:49:a4:
                    a5:fa:10:b5:c3:7b:33:81:b8:5a:2a:05:ac:9a:7b:
                    60:7a:b1:ac:d9:90:b6:73:01:c5:ff:1c:40:36:1d:
                    91:df:d4:a9:cd:5f:a2:9c:52:ee:e4:25:15:5c:c7:
                    2f:82:a3:08:68:a9:b8:17:d0:d4:0e:02:03:dd:99:
                    fe:65:99:76:64:56:85:25:a7:67:f0:1a:59:96:d6:
                    58:3e:8b:28:4c:9d:79:be:39:b1:17:85:2c:c4:d0:
                    f6:db:7d:b5:f7:30:f4:84:f8:70:71:90:d2:e2:e7:
                    fc:d8:e0:b2:a2:54:2d:be:63:99:72:12:f5:c6:3f:
                    5d:6b:2d:d1:9b:01:90:f2:ff:ce:3c:9c:c1:c2:6c:
                    fa:88:b4:b6:6d:a2:9d:5b:35:af:aa:dc:4f:6a:31:
                    e4:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:A7:C7:15:12:95:DF:3D:91:9F:2B:4F:EE:D2:47:4B:55:3B:A9:73
            X509v3 Authority Key Identifier:
                keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/sqfHFRKV3z2RnytP7tJHS1U7qXM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.17.108.0/22
                  2.17.192.0/22
                  2.18.212.0/22
                  2.19.4.0/22
                  2.21.112.0/20
                  2.21.175.0/24
                  2.23.128.0/23
                  92.122.184.0/23
                  92.122.207.0/24
                  93.191.168.0-93.191.170.255
                  93.191.172.0/24
                  95.100.157.0/24
                  95.100.180.0/24
                  95.100.212.0/22
                  95.100.253.0/24
                  95.101.117.0-95.101.118.255
                  95.101.204.0/22
                IPv6:
                  2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
                  2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
                  2a02:2370:200::-2a02:2370:20c:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         63:2e:fb:71:0f:2a:bf:ec:f5:1e:fd:98:99:ee:62:2c:04:e8:
         73:37:81:64:9e:ba:b7:21:42:a0:a0:82:4a:11:a5:67:ee:31:
         25:fb:d8:d9:db:3d:e9:5b:32:95:d5:8c:17:09:7c:a6:9f:04:
         16:16:2b:cc:30:96:f8:e9:7f:d1:f9:45:9d:d5:2e:09:d2:f3:
         42:0d:07:79:01:e9:65:43:88:46:23:29:07:32:38:c8:55:4a:
         84:33:48:0a:db:e4:f2:7b:8b:af:1f:63:55:56:b5:8b:e5:c1:
         f1:f2:f5:d8:a2:70:fc:b1:89:9d:13:90:f9:bd:7f:50:55:02:
         5c:88:01:1d:34:fa:eb:79:b8:87:cd:9a:25:d8:3c:53:9e:0f:
         1e:78:c1:11:b5:ee:f6:a8:df:94:53:5d:fa:03:aa:90:9b:6d:
         5f:5c:43:7c:51:19:7d:5a:cb:ae:d8:6f:14:48:15:e3:89:7b:
         77:da:c0:92:78:49:c6:f5:f2:d9:d9:ef:ef:9f:3b:e7:c0:95:
         ab:27:55:59:e8:9d:e3:6c:aa:40:2a:84:9c:a4:a5:77:cc:d2:
         f7:1f:64:37:6d:76:f8:b7:11:32:36:a4:df:88:04:a8:44:0d:
         90:1b:a4:a8:2f:e1:00:6c:7d:c7:d4:ff:91:49:b8:2d:16:c0:
         08:f8:11:1e
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYzC21d/xEevpht1vq3KZooNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmE3YzcxNTEyOTVkZjNkOTE5ZjJiNGZlZWQyNDc0YjU1M2JhOTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgQ6atcrazMzoMWP0d8uF90yVS6h
KTPKsW0ZK+BJgJ7JUOEoZi+SVPwtJ0iInr4828iTAZELRpyT7R9WuuD4r+0AIos1
VbToNDXefSAyiuV/kf3XJzo1pjlxcsef029yr/Cop0/JSaSl+hC1w3szgbhaKgWs
mntgerGs2ZC2cwHF/xxANh2R39SpzV+inFLu5CUVXMcvgqMIaKm4F9DUDgID3Zn+
ZZl2ZFaFJadn8BpZltZYPosoTJ15vjmxF4UsxND223219zD0hPhwcZDS4uf82OCy
olQtvmOZchL1xj9day3RmwGQ8v/OPJzBwmz6iLS2baKdWzWvqtxPajHk8wIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFLKnxxUSld89kZ8rT+7SR0tVO6lzMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvc3FmSEZSS1YzejJSbnl0UDd0SkhTMVU3cVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTB8BAIAATB2AwQCAhFs
AwQCAhHAAwQCAhLUAwQCAhMEAwQEAhVwAwQAAhWvAwQBAheAAwQBXHq4AwQAXHrP
MAwDBANdv6gDBABdv6oDBABdv6wDBABfZJ0DBABfZLQDBAJfZNQDBABfZP0wDAME
AF9ldQMEAF9ldgMEAl9lzDBBBAIAAjA7MBIDBwAqAiNwAAEDBwAqAiNwAAYwEgMH
ACoCI3ABAQMHACoCI3ABBjARAwYBKgIjcAIDBwAqAiNwAgwwDQYJKoZIhvcNAQEL
BQADggEBAGMu+3EPKr/s9R79mJnuYiwE6HM3gWSeurchQqCggkoRpWfuMSX72Nnb
PelbMpXVjBcJfKafBBYWK8wwlvjpf9H5RZ3VLgnS80INB3kB6WVDiEYjKQcyOMhV
SoQzSArb5PJ7i68fY1VWtYvlwfHy9diicPyxiZ0TkPm9f1BVAlyIAR00+ut5uIfN
miXYPFOeDx54wRG17vao35RTXfoDqpCbbV9cQ3xRGX1ay67YbxRIFeOJe3fawJJ4
Scb18tnZ7++fO+fAlasnVVnoneNsqkAqhJykpXfM0vcfZDdtdvi3ETI2pN+IBKhE
DZAbpKgv4QBsfcfU/5FJuC0WwAj4ER4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:13 2024 by rpki-client on console-ams.rpki-client.org