Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/M4M_AgMNsEICd4rxebyCaua3xJI.roa
File:                     M4M_AgMNsEICd4rxebyCaua3xJI.roa (raw, json)
Hash identifier:          lr/HXz1lrOqICqIM3fxoXdofvAexiYlMYRVNgB/pH+A=
Subject key identifier:   33:83:3F:02:03:0D:B0:42:02:77:8A:F1:79:BC:82:6A:E6:B7:C4:92
Certificate issuer:       /CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Certificate serial:       018CC5007E4964A987FD810AF258D146B50B
Authority key identifier: 7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/M4M_AgMNsEICd4rxebyCaua3xJI.roa
Signing time:             Mon 01 Jan 2024 12:29:53 +0000
ROA not before:           Mon 01 Jan 2024 12:29:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42925
IP address blocks:        147.236.224.0/22 maxlen: 24
                          37.60.44.0/22 maxlen: 24
                          37.60.40.0/21 maxlen: 24
                          37.60.40.0/22 maxlen: 24
                          213.151.32.0/19 maxlen: 24
                          213.151.32.0/24 maxlen: 24
                          147.236.212.0/22 maxlen: 24
                          213.151.48.0/20 maxlen: 24
                          95.86.64.0/19 maxlen: 24
                          164.138.112.0/21 maxlen: 24
                          164.138.112.0/20 maxlen: 24
                          164.138.120.0/21 maxlen: 24
                          95.86.64.0/18 maxlen: 24
                          185.10.64.0/22 maxlen: 24
                          212.76.112.0/20 maxlen: 24
                          31.44.128.0/21 maxlen: 24
                          31.44.128.0/20 maxlen: 24
                          31.44.136.0/21 maxlen: 24
                          95.86.96.0/19 maxlen: 24
                          212.76.96.0/20 maxlen: 24
                          212.76.96.0/19 maxlen: 24
                          147.236.102.0/23 maxlen: 24
                          2a01:6507::/32 maxlen: 32
                          2a01:6502:a58::/46 maxlen: 46
                          2a01:6500::/32 maxlen: 32
                          2a01:6506::/32 maxlen: 32
                          2a01:6500:a040::/46 maxlen: 46
                          2a01:6505::/32 maxlen: 32
                          2a01:6500:a044::/46 maxlen: 46
                          2a01:6502::/32 maxlen: 32
                          2a01:6502:a54::/46 maxlen: 46
                          2a01:6500:a058::/46 maxlen: 46
                          2a01:6503::/32 maxlen: 32
                          2a01:6500::/29 maxlen: 29
                          2a01:6500:a050::/46 maxlen: 46
                          2a01:6501::/32 maxlen: 32
                          2a01:6500:a054::/46 maxlen: 46
                          2a01:6504::/32 maxlen: 32
                          2a01:6500:3::/48 maxlen: 48
                          2a01:6500:a048::/46 maxlen: 46

Validation:               Failed, certificate revoked on Sun 19 May 2024 08:04:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:7e:49:64:a9:87:fd:81:0a:f2:58:d1:46:b5:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
        Validity
            Not Before: Jan  1 12:29:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=33833f02030db04202778af179bc826ae6b7c492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:56:52:07:71:2c:76:f9:11:35:eb:9f:2f:0d:
                    ca:58:dd:4b:05:41:6c:63:c3:ed:55:a5:1d:65:4b:
                    32:b6:7a:d3:cb:f7:01:d6:e1:c5:c2:81:6f:49:38:
                    75:b6:d7:97:99:71:9e:02:f6:2f:a1:e1:27:12:98:
                    9f:73:d7:5f:5f:68:3b:2f:4d:1b:04:33:c8:04:77:
                    0f:69:39:a8:d2:3b:51:35:43:56:d3:b0:95:a3:0a:
                    dc:1e:90:73:69:01:f0:55:8a:b9:dc:38:fe:3c:0d:
                    3a:79:99:36:c5:4f:f7:bb:c0:17:03:70:f3:5c:a2:
                    3e:1b:99:3e:f4:9f:b2:93:3d:4d:f3:5a:c0:50:7c:
                    a3:d0:7b:90:13:14:12:7f:e7:fc:d7:a7:37:06:9e:
                    2f:81:c4:f4:95:df:e2:f6:fc:1c:6a:75:96:c1:8a:
                    f1:1a:8b:18:46:ec:59:bc:82:07:07:f3:55:9d:f5:
                    3a:83:3d:8b:8e:aa:cf:e4:c8:de:03:53:be:d4:95:
                    f4:42:0a:3c:04:b8:a5:2a:09:27:14:f1:b2:72:8f:
                    fe:9a:29:b3:fc:92:d1:e7:af:59:ad:6a:19:f6:18:
                    09:3a:c2:c0:78:4e:ef:ef:64:2e:2d:91:24:5b:07:
                    2e:27:57:48:c6:80:40:ce:4b:7a:6c:cb:a9:5f:1c:
                    9f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:83:3F:02:03:0D:B0:42:02:77:8A:F1:79:BC:82:6A:E6:B7:C4:92
            X509v3 Authority Key Identifier:
                keyid:7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/M4M_AgMNsEICd4rxebyCaua3xJI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.44.128.0/20
                  37.60.40.0/21
                  95.86.64.0/18
                  147.236.102.0/23
                  147.236.212.0/22
                  147.236.224.0/22
                  164.138.112.0/20
                  185.10.64.0/22
                  212.76.96.0/19
                  213.151.32.0/19
                IPv6:
                  2a01:6500::/29

    Signature Algorithm: sha256WithRSAEncryption
         50:6d:4d:10:f6:92:19:bd:4f:b9:93:85:69:ae:a5:1c:38:5d:
         2b:01:1b:cc:72:ab:c5:64:a7:da:86:7c:79:a6:6b:59:63:75:
         8b:8a:cc:07:4d:5c:90:b1:c6:72:c5:a0:4b:3a:91:be:20:7e:
         75:6c:c7:b0:84:8c:4d:c3:d1:db:61:68:61:71:a4:80:f6:92:
         3d:94:f7:08:d5:41:91:28:db:73:7a:46:e4:bc:82:04:14:49:
         88:0e:8f:57:d8:cc:e9:3b:4a:94:94:8d:47:20:f9:6b:bb:b4:
         0e:04:47:7b:7f:77:2a:35:76:fb:09:75:be:ce:00:69:87:3c:
         f2:3a:a3:4f:4b:91:23:cc:e8:be:c0:c3:73:23:da:8a:3e:70:
         6c:42:64:c6:4b:a9:87:c6:3f:64:62:19:1d:7f:73:0f:6d:84:
         34:34:eb:15:aa:05:f6:00:a8:4b:29:d5:51:c6:6d:75:a9:32:
         be:21:57:a4:c4:6d:ef:98:aa:28:01:0f:a3:01:bd:94:d5:cb:
         5c:dd:a8:bc:60:b7:69:7d:a6:87:d8:9d:85:14:a9:ea:d5:6d:
         f2:96:46:5c:8b:e3:8f:af:18:c3:57:31:e9:fb:bc:97:5c:e7:
         83:73:a5:06:27:d8:01:ef:d1:3c:a9:0b:93:1b:9a:40:89:4c:
         82:b8:a0:85
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzFAH5JZKmH/YEK8ljRRrULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjY2QwY2FjZmFmYTJlMGQzMTQ5NWRkOTUwZjc2YWY1Zjk4
YmE1ZDcwHhcNMjQwMTAxMTIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzgzM2YwMjAzMGRiMDQyMDI3NzhhZjE3OWJjODI2YWU2YjdjNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFZSB3EsdvkRNeufLw3KWN1LBUFs
Y8PtVaUdZUsytnrTy/cB1uHFwoFvSTh1tteXmXGeAvYvoeEnEpifc9dfX2g7L00b
BDPIBHcPaTmo0jtRNUNW07CVowrcHpBzaQHwVYq53Dj+PA06eZk2xU/3u8AXA3Dz
XKI+G5k+9J+ykz1N81rAUHyj0HuQExQSf+f816c3Bp4vgcT0ld/i9vwcanWWwYrx
GosYRuxZvIIHB/NVnfU6gz2LjqrP5MjeA1O+1JX0Qgo8BLilKgknFPGyco/+mimz
/JLR569ZrWoZ9hgJOsLAeE7v72QuLZEkWwcuJ1dIxoBAzkt6bMupXxyffQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFDODPwIDDbBCAneK8Xm8gmrmt8SSMB8GA1UdIwQY
MBaAFHzNDKz6+i4NMUld2VD3avX5i6XXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUt
NDM5ZmM4ZjliMzg2LzEvTTRNX0FnTU5zRUlDZDRyeGVieUNhdWEzeEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUtNDM5ZmM4ZjliMzg2
LzEvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQEHyyAAwQD
JTwoAwQGX1ZAAwQBk+xmAwQCk+zUAwQCk+zgAwQEpIpwAwQCuQpAAwQF1ExgAwQF
1ZcgMA0EAgACMAcDBQMqAWUAMA0GCSqGSIb3DQEBCwUAA4IBAQBQbU0Q9pIZvU+5
k4VprqUcOF0rARvMcqvFZKfahnx5pmtZY3WLiswHTVyQscZyxaBLOpG+IH51bMew
hIxNw9HbYWhhcaSA9pI9lPcI1UGRKNtzekbkvIIEFEmIDo9X2MzpO0qUlI1HIPlr
u7QOBEd7f3cqNXb7CXW+zgBphzzyOqNPS5EjzOi+wMNzI9qKPnBsQmTGS6mHxj9k
Yhkdf3MPbYQ0NOsVqgX2AKhLKdVRxm11qTK+IVekxG3vmKooAQ+jAb2U1ctc3ai8
YLdpfaaH2J2FFKnq1W3ylkZci+OPrxjDVzHp+7yXXOeDc6UGJ9gB79E8qQuTG5pA
iUyCuKCF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:57 2024 by rpki-client on console-ams.rpki-client.org