Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/ZM9cmqD7tXs12lTLit8iSJWLLn8.roa
File:                     ZM9cmqD7tXs12lTLit8iSJWLLn8.roa (raw, json)
Hash identifier:          Ux34i37I+lkKFbXhc0HSJdRv6fKdXJF0B4QK7mdAF9E=
Subject key identifier:   64:CF:5C:9A:A0:FB:B5:7B:35:DA:54:CB:8A:DF:22:48:95:8B:2E:7F
Certificate issuer:       /CN=5336107179715609dca422bc07a098468c529452
Certificate serial:       01857042A8339FF8FBFD0D27126AC7A67870
Authority key identifier: 53:36:10:71:79:71:56:09:DC:A4:22:BC:07:A0:98:46:8C:52:94:52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UzYQcXlxVgncpCK8B6CYRoxSlFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/ZM9cmqD7tXs12lTLit8iSJWLLn8.roa
Signing time:             Mon 02 Jan 2023 02:14:54 +0000
ROA not before:           Mon 02 Jan 2023 02:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43927
IP address blocks:        77.81.240.0/21 maxlen: 24
                          185.250.105.0/24 maxlen: 24
                          185.250.104.0/24 maxlen: 24
                          185.250.107.0/24 maxlen: 24
                          185.250.106.0/24 maxlen: 24
                          93.113.174.0/24 maxlen: 24
                          185.199.172.0/24 maxlen: 24
                          185.199.174.0/24 maxlen: 24
                          185.199.173.0/24 maxlen: 24
                          185.199.175.0/24 maxlen: 24
                          188.240.47.0/24 maxlen: 24
                          92.114.98.0/24 maxlen: 24
                          46.102.240.0/21 maxlen: 24
                          91.188.224.0/24 maxlen: 24
                          91.188.226.0/24 maxlen: 24
                          91.188.225.0/24 maxlen: 24
                          91.188.227.0/24 maxlen: 24
                          89.33.197.0/24 maxlen: 24
                          185.105.32.0/22 maxlen: 22
                          185.125.109.0/24 maxlen: 24
                          185.125.108.0/24 maxlen: 24
                          185.125.110.0/23 maxlen: 24
                          89.45.248.0/21 maxlen: 24
                          89.32.144.0/21 maxlen: 21
                          188.241.112.0/21 maxlen: 24
                          2a06:cd40:cafe::/48 maxlen: 48
                          2a06:cd40:2::/48 maxlen: 48
                          2a06:cd40:300::/48 maxlen: 64
                          2a06:cd40:400::/48 maxlen: 48
                          2a06:cd40:100::/48 maxlen: 48
                          2a06:cd40:200::/48 maxlen: 48
                          2a06:cd40:caff::/48 maxlen: 48
                          2a06:cd40:1::/48 maxlen: 48
                          2a06:cd40:101::/48 maxlen: 64
                          2a06:cd40:301::/48 maxlen: 64

Validation:               Failed, certificate revoked on Fri 10 Mar 2023 18:14:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:42:a8:33:9f:f8:fb:fd:0d:27:12:6a:c7:a6:78:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5336107179715609dca422bc07a098468c529452
        Validity
            Not Before: Jan  2 02:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64cf5c9aa0fbb57b35da54cb8adf2248958b2e7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:7d:69:39:df:f3:41:c2:43:0e:50:2b:dc:3f:
                    45:6d:f3:b6:88:97:02:99:eb:dc:bf:97:35:e7:29:
                    78:d8:4c:c0:21:40:36:74:cd:df:bd:3f:28:0c:5c:
                    3b:11:6c:6f:b2:3e:ed:6b:99:25:30:d5:53:9e:da:
                    1e:42:29:a3:c4:64:d1:7e:a4:14:f8:36:42:72:7b:
                    ad:f4:09:89:e5:7f:64:8b:0d:27:52:39:ef:95:c6:
                    38:a9:92:49:b4:6e:79:b9:26:8a:35:cd:a1:7b:77:
                    52:75:21:79:6b:65:67:33:6a:2b:84:3e:87:d3:95:
                    3c:a4:7c:73:c3:77:19:98:9c:55:34:9a:65:cb:83:
                    00:d2:29:cf:e8:de:ca:0a:b2:c7:22:d1:dd:7f:40:
                    4b:10:ed:76:31:ee:a6:81:e5:68:3d:12:97:86:d6:
                    92:d0:d3:4e:68:a9:d2:bc:57:23:2b:03:db:83:51:
                    89:ec:19:db:c3:3a:9d:37:a5:31:33:49:40:98:62:
                    1a:9c:04:87:2f:a9:eb:2d:d6:1a:91:8f:01:e3:59:
                    9e:35:c8:58:d1:c0:cb:6c:06:34:09:30:d4:4a:67:
                    6d:83:f6:45:46:e6:97:9b:2b:7a:b2:42:62:2e:71:
                    1c:c1:92:76:53:ea:dd:39:6f:aa:02:a1:de:36:ce:
                    66:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:CF:5C:9A:A0:FB:B5:7B:35:DA:54:CB:8A:DF:22:48:95:8B:2E:7F
            X509v3 Authority Key Identifier:
                keyid:53:36:10:71:79:71:56:09:DC:A4:22:BC:07:A0:98:46:8C:52:94:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzYQcXlxVgncpCK8B6CYRoxSlFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/ZM9cmqD7tXs12lTLit8iSJWLLn8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/81df33-7538-40d8-b81e-d18610075efc/1/UzYQcXlxVgncpCK8B6CYRoxSlFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.102.240.0/21
                  77.81.240.0/21
                  89.32.144.0/21
                  89.33.197.0/24
                  89.45.248.0/21
                  91.188.224.0/22
                  92.114.98.0/24
                  93.113.174.0/24
                  185.105.32.0/22
                  185.125.108.0/22
                  185.199.172.0/22
                  185.250.104.0/22
                  188.240.47.0/24
                  188.241.112.0/21
                IPv6:
                  2a06:cd40:1::-2a06:cd40:2:ffff:ffff:ffff:ffff:ffff
                  2a06:cd40:100::/47
                  2a06:cd40:200::/48
                  2a06:cd40:300::/47
                  2a06:cd40:400::/48
                  2a06:cd40:cafe::/47

    Signature Algorithm: sha256WithRSAEncryption
         a5:7b:bd:3c:58:27:c3:e6:3a:d9:ec:53:22:96:1a:e1:49:39:
         23:cb:22:9c:b8:c8:6a:02:38:6f:f2:d1:b5:f5:7c:e6:5f:fa:
         96:7e:67:e2:cc:a5:bb:35:02:fc:d0:54:28:ca:15:7a:27:64:
         65:6e:d7:36:11:67:9b:63:9c:91:a1:de:7c:6c:c4:94:07:85:
         38:2e:d0:de:75:29:f6:6d:ef:5c:c1:56:ca:b1:0f:90:3d:95:
         61:fa:85:6a:d5:cb:76:ea:74:dd:2f:5a:90:14:b5:2e:1b:03:
         7c:b3:ef:bc:05:15:c1:30:60:f0:05:12:8d:99:69:f6:8d:72:
         73:f9:e8:08:ba:cb:a6:01:8c:65:dc:29:e5:73:c4:42:eb:1a:
         e4:ee:cc:10:73:25:96:31:fc:a4:c0:d7:98:b7:4f:7e:b0:8a:
         93:68:8b:37:cb:28:28:d7:79:a3:ce:58:87:28:fc:5d:25:6a:
         d9:da:31:26:66:15:f0:82:27:41:39:d0:e4:9b:ff:ee:07:58:
         92:94:59:b1:7c:a2:23:f9:22:02:73:dc:5f:40:50:2d:f3:c6:
         a6:87:80:dd:e3:b0:d7:65:73:49:db:3f:c4:6a:c8:e2:bd:39:
         38:f3:2d:bb:90:fd:01:6a:3f:7d:40:35:97:92:00:31:d2:f2:
         11:2f:ec:74
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYVwQqgzn/j7/Q0nEmrHpnhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzYxMDcxNzk3MTU2MDlkY2E0MjJiYzA3YTA5ODQ2OGM1
Mjk0NTIwHhcNMjMwMTAyMDIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGNmNWM5YWEwZmJiNTdiMzVkYTU0Y2I4YWRmMjI0ODk1OGIyZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgH1pOd/zQcJDDlAr3D9FbfO2iJcC
mevcv5c15yl42EzAIUA2dM3fvT8oDFw7EWxvsj7ta5klMNVTntoeQimjxGTRfqQU
+DZCcnut9AmJ5X9kiw0nUjnvlcY4qZJJtG55uSaKNc2he3dSdSF5a2VnM2orhD6H
05U8pHxzw3cZmJxVNJply4MA0inP6N7KCrLHItHdf0BLEO12Me6mgeVoPRKXhtaS
0NNOaKnSvFcjKwPbg1GJ7BnbwzqdN6UxM0lAmGIanASHL6nrLdYakY8B41meNchY
0cDLbAY0CTDUSmdtg/ZFRuaXmyt6skJiLnEcwZJ2U+rdOW+qAqHeNs5mLQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFGTPXJqg+7V7NdpUy4rfIkiViy5/MB8GA1UdIwQY
MBaAFFM2EHF5cVYJ3KQivAegmEaMUpRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXpZUWNYbHhWZ25jcENLOEI2Q1lSb3hTbEZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84MWRmMzMtNzUzOC00MGQ4LWI4MWUt
ZDE4NjEwMDc1ZWZjLzEvWk05Y21xRDd0WHMxMmxUTGl0OGlTSldMTG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84MWRmMzMtNzUzOC00MGQ4LWI4MWUtZDE4NjEwMDc1ZWZj
LzEvVXpZUWNYbHhWZ25jcENLOEI2Q1lSb3hTbEZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTBaBAIAATBUAwQDLmbw
AwQDTVHwAwQDWSCQAwQAWSHFAwQDWS34AwQCW7zgAwQAXHJiAwQAXXGuAwQCuWkg
AwQCuX1sAwQCucesAwQCufpoAwQAvPAvAwQDvPFwMEcEAgACMEEwEgMHACoGzUAA
AQMHACoGzUAAAgMHASoGzUABAAMHACoGzUACAAMHASoGzUADAAMHACoGzUAEAAMH
ASoGzUDK/jANBgkqhkiG9w0BAQsFAAOCAQEApXu9PFgnw+Y62exTIpYa4Uk5I8si
nLjIagI4b/LRtfV85l/6ln5n4syluzUC/NBUKMoVeidkZW7XNhFnm2OckaHefGzE
lAeFOC7Q3nUp9m3vXMFWyrEPkD2VYfqFatXLdup03S9akBS1LhsDfLPvvAUVwTBg
8AUSjZlp9o1yc/noCLrLpgGMZdwp5XPEQusa5O7MEHMlljH8pMDXmLdPfrCKk2iL
N8soKNd5o85Yhyj8XSVq2doxJmYV8IInQTnQ5Jv/7gdYkpRZsXyiI/kiAnPcX0BQ
LfPGpoeA3eOw12VzSds/xGrI4r05OPMtu5D9AWo/fUA1l5IAMdLyES/sdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:35 2024 by rpki-client on console-ams.rpki-client.org