Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/21pWrGrMCFZLqazh3h2d0jBKlqA.roa
File:                     21pWrGrMCFZLqazh3h2d0jBKlqA.roa (raw, json)
Hash identifier:          192knzA4cLSQYA5qg8uDxXRSuG0dZaCMb5E2vNc8eUA=
Subject key identifier:   DB:5A:56:AC:6A:CC:08:56:4B:A9:AC:E1:DE:1D:9D:D2:30:4A:96:A0
Certificate issuer:       /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Certificate serial:       018F297100703D487CBCFF8DAA054ABD2913
Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/21pWrGrMCFZLqazh3h2d0jBKlqA.roa
Signing time:             Mon 29 Apr 2024 10:40:22 +0000
ROA not before:           Mon 29 Apr 2024 10:40:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9021
IP address blocks:        90.158.0.0/16 maxlen: 16
                          90.158.0.0/18 maxlen: 18
                          90.158.0.0/22 maxlen: 22
                          90.158.0.0/23 maxlen: 23
                          90.158.3.0/24 maxlen: 24
                          90.158.8.0/24 maxlen: 24
                          90.158.15.0/24 maxlen: 24
                          90.158.16.0/24 maxlen: 24
                          90.158.18.0/24 maxlen: 24
                          90.158.19.0/24 maxlen: 24
                          90.158.24.0/24 maxlen: 24
                          90.158.26.0/24 maxlen: 24
                          90.158.27.0/24 maxlen: 24
                          90.158.28.0/24 maxlen: 24
                          90.158.29.0/24 maxlen: 24
                          90.158.30.0/24 maxlen: 24
                          90.158.31.0/24 maxlen: 24
                          90.158.32.0/24 maxlen: 24
                          90.158.33.0/24 maxlen: 24
                          90.158.36.0/24 maxlen: 24
                          90.158.37.0/24 maxlen: 24
                          90.158.39.0/24 maxlen: 24
                          90.158.41.0/24 maxlen: 24
                          90.158.43.0/24 maxlen: 24
                          90.158.44.0/24 maxlen: 24
                          90.158.45.0/24 maxlen: 24
                          90.158.46.0/24 maxlen: 24
                          90.158.47.0/24 maxlen: 24
                          90.158.48.0/20 maxlen: 20
                          90.158.48.0/24 maxlen: 24
                          90.158.50.0/23 maxlen: 23
                          90.158.51.0/24 maxlen: 24
                          90.158.52.0/23 maxlen: 23
                          90.158.52.0/24 maxlen: 24
                          90.158.53.0/24 maxlen: 24
                          90.158.54.0/23 maxlen: 23
                          90.158.55.0/24 maxlen: 24
                          90.158.56.0/24 maxlen: 24
                          90.158.60.0/24 maxlen: 24
                          90.158.62.0/24 maxlen: 24
                          90.158.64.0/21 maxlen: 21
                          90.158.64.0/24 maxlen: 24
                          90.158.65.0/24 maxlen: 24
                          90.158.66.0/24 maxlen: 24
                          90.158.67.0/24 maxlen: 24
                          90.158.68.0/24 maxlen: 24
                          90.158.72.0/22 maxlen: 22
                          90.158.72.0/24 maxlen: 24
                          90.158.73.0/24 maxlen: 24
                          90.158.74.0/24 maxlen: 24
                          90.158.75.0/24 maxlen: 24
                          90.158.96.0/22 maxlen: 22
                          90.158.100.0/24 maxlen: 24
                          90.158.101.0/24 maxlen: 24
                          90.158.102.0/23 maxlen: 23
                          90.158.104.0/24 maxlen: 24
                          90.158.105.0/24 maxlen: 24
                          90.158.109.0/24 maxlen: 24
                          90.158.110.0/24 maxlen: 24
                          90.158.111.0/24 maxlen: 24
                          90.158.112.0/20 maxlen: 20
                          90.158.114.0/24 maxlen: 24
                          90.158.116.0/24 maxlen: 24
                          90.158.117.0/24 maxlen: 24
                          90.158.119.0/24 maxlen: 24
                          90.158.120.0/24 maxlen: 24
                          90.158.121.0/24 maxlen: 24
                          90.158.122.0/24 maxlen: 24
                          90.158.123.0/24 maxlen: 24
                          90.158.126.0/24 maxlen: 24
                          90.158.127.0/24 maxlen: 24
                          90.158.128.0/17 maxlen: 17
                          90.158.128.0/21 maxlen: 21
                          90.158.136.0/21 maxlen: 21
                          90.158.139.0/24 maxlen: 24
                          90.158.160.0/24 maxlen: 24
                          90.158.161.0/24 maxlen: 24
                          90.158.200.0/23 maxlen: 23
                          90.158.224.0/22 maxlen: 22
                          90.158.240.0/21 maxlen: 21
                          90.158.248.0/21 maxlen: 21
                          90.158.249.0/24 maxlen: 24
                          90.158.251.0/24 maxlen: 24
                          90.159.0.0/16 maxlen: 16
                          90.159.0.0/22 maxlen: 22
                          90.159.0.0/24 maxlen: 24
                          90.159.1.0/24 maxlen: 24
                          90.159.2.0/24 maxlen: 24
                          90.159.3.0/24 maxlen: 24
                          90.159.4.0/23 maxlen: 23
                          90.159.10.0/24 maxlen: 24
                          90.159.15.0/24 maxlen: 24
                          90.159.20.0/24 maxlen: 24
                          90.159.26.0/24 maxlen: 24
                          90.159.27.0/24 maxlen: 24
                          90.159.29.0/24 maxlen: 24
                          90.159.31.0/24 maxlen: 24
                          90.159.33.0/24 maxlen: 24
                          90.159.34.0/24 maxlen: 24
                          90.159.36.0/24 maxlen: 24
                          90.159.37.0/24 maxlen: 24
                          90.159.38.0/24 maxlen: 24
                          90.159.44.0/22 maxlen: 22
                          90.159.50.0/24 maxlen: 24
                          90.159.51.0/24 maxlen: 24
                          90.159.58.0/24 maxlen: 24
                          90.159.59.0/24 maxlen: 24
                          90.159.60.0/24 maxlen: 24
                          90.159.61.0/24 maxlen: 24
                          90.159.64.0/18 maxlen: 18
                          90.159.68.0/24 maxlen: 24
                          90.159.128.0/20 maxlen: 20
                          90.159.136.0/21 maxlen: 21
                          90.159.136.0/24 maxlen: 24
                          90.159.240.0/20 maxlen: 20
                          90.159.246.0/24 maxlen: 24
                          212.98.0.0/19 maxlen: 19
                          212.98.0.0/20 maxlen: 20
                          212.98.1.0/24 maxlen: 24
                          212.98.2.0/24 maxlen: 24
                          212.98.8.0/21 maxlen: 21
                          212.98.9.0/24 maxlen: 24
                          212.98.16.0/21 maxlen: 21
                          212.98.16.0/24 maxlen: 24
                          212.98.28.0/22 maxlen: 22
                          213.143.224.0/20 maxlen: 20
                          213.143.226.0/23 maxlen: 23
                          213.143.226.0/24 maxlen: 24
                          213.143.227.0/24 maxlen: 24
                          213.143.228.0/24 maxlen: 24
                          213.143.229.0/24 maxlen: 24
                          213.143.230.0/24 maxlen: 24
                          213.143.233.0/24 maxlen: 24
                          213.143.234.0/24 maxlen: 24
                          213.143.235.0/24 maxlen: 24
                          213.143.236.0/22 maxlen: 22
                          213.143.238.0/24 maxlen: 24
                          213.143.239.0/24 maxlen: 24
                          213.143.240.0/20 maxlen: 20
                          213.143.240.0/22 maxlen: 22
                          213.143.240.0/24 maxlen: 24
                          213.143.241.0/24 maxlen: 24
                          213.143.243.0/24 maxlen: 24
                          213.143.244.0/22 maxlen: 22
                          213.143.250.0/24 maxlen: 24
                          213.143.251.0/24 maxlen: 24
                          213.143.252.0/24 maxlen: 24
                          213.143.253.0/24 maxlen: 24
                          213.143.254.0/24 maxlen: 24
                          213.143.255.0/24 maxlen: 24
                          213.161.128.0/19 maxlen: 19
                          213.161.128.0/21 maxlen: 21
                          213.161.135.0/24 maxlen: 24
                          213.161.136.0/21 maxlen: 21
                          213.161.144.0/23 maxlen: 23
                          213.161.144.0/24 maxlen: 24
                          213.161.145.0/24 maxlen: 24
                          213.161.146.0/24 maxlen: 24
                          213.161.148.0/23 maxlen: 23
                          213.161.148.0/24 maxlen: 24
                          213.161.149.0/24 maxlen: 24
                          213.161.150.0/24 maxlen: 24
                          213.161.151.0/24 maxlen: 24
                          213.161.152.0/21 maxlen: 21
                          213.161.152.0/24 maxlen: 24
                          2a00:1f90::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 07 May 2024 08:43:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:29:71:00:70:3d:48:7c:bc:ff:8d:aa:05:4a:bd:29:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
        Validity
            Not Before: Apr 29 10:40:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=db5a56ac6acc08564ba9ace1de1d9dd2304a96a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a8:17:58:0f:5c:1e:89:91:e8:0c:c1:e0:23:
                    bf:3b:71:41:47:c2:cc:7f:50:c6:10:1e:92:59:97:
                    f6:e3:b3:68:ec:8e:69:db:69:d3:6e:23:b8:1b:e6:
                    f0:06:96:e7:bf:17:f9:3e:3f:62:50:cd:2b:47:db:
                    52:f0:0c:cb:e8:1e:29:5a:77:48:65:02:04:4f:78:
                    c0:75:ad:f4:03:2e:3b:7b:76:9d:61:6a:56:6c:5a:
                    b9:24:d5:0a:e6:28:58:78:c1:66:d1:bc:8b:dc:67:
                    a5:91:4f:f2:4b:54:6a:75:06:08:16:17:6b:96:e7:
                    78:1c:8d:11:c1:83:cf:1b:52:84:48:4f:b6:e3:ba:
                    ec:93:c6:dd:75:be:b1:be:2d:08:59:ea:0e:27:13:
                    ee:af:11:9e:0e:c9:d4:e0:e4:78:55:a6:4d:fd:ee:
                    3e:71:71:b2:9f:39:94:aa:80:e6:08:80:5c:d9:82:
                    cf:9f:8a:3f:85:43:e1:66:3a:36:34:8e:1e:b5:79:
                    33:5f:22:9f:8c:79:08:a5:78:59:61:1c:be:64:f0:
                    19:d4:06:c7:d0:3d:f4:17:20:05:ab:55:c6:4d:f9:
                    02:b0:2f:0f:bf:70:a4:04:65:de:00:5b:cd:6c:7a:
                    7b:c3:0e:a8:08:22:27:c1:dd:cf:1a:51:b3:2e:01:
                    66:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:5A:56:AC:6A:CC:08:56:4B:A9:AC:E1:DE:1D:9D:D2:30:4A:96:A0
            X509v3 Authority Key Identifier:
                keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/21pWrGrMCFZLqazh3h2d0jBKlqA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  90.158.0.0/15
                  212.98.0.0/19
                  213.143.224.0/19
                  213.161.128.0/19
                IPv6:
                  2a00:1f90::/32

    Signature Algorithm: sha256WithRSAEncryption
         6e:70:e5:09:50:eb:6d:8d:79:1b:6f:df:66:3a:2c:2e:a8:b7:
         67:0f:20:92:56:5f:2a:0b:26:66:b8:63:f5:28:c2:7d:1d:47:
         26:8e:5d:0a:c9:d3:f1:47:88:f1:cf:c7:dc:f7:28:0a:80:85:
         2a:fd:5f:9e:4e:23:e7:a4:a0:50:68:1e:f0:1e:3f:24:44:87:
         82:f4:76:d6:64:cb:08:61:61:b8:ef:8c:4d:35:93:8c:02:fb:
         56:23:c8:91:e8:9e:d3:95:d5:4d:1a:d9:a9:61:50:d8:1d:33:
         53:da:d0:bc:bc:84:13:45:ea:1b:e0:2d:3d:5e:01:b0:b8:e6:
         09:07:83:61:ef:b9:fd:3c:25:e3:0a:73:16:f3:01:22:f2:e3:
         41:88:d9:80:1b:34:76:e4:ed:57:33:ac:39:06:25:a4:c4:f1:
         60:c1:b1:52:69:cb:65:3b:d6:2b:47:86:fe:9d:82:00:97:b2:
         df:bd:07:80:42:26:6d:80:44:a3:ac:d7:28:d2:25:e0:ab:0a:
         6c:30:43:b1:50:e8:ee:a5:ac:60:dd:fd:49:a9:94:4a:f5:da:
         b8:9a:fd:c2:93:fb:ba:ec:b0:50:b1:4d:72:09:73:ce:b0:d0:
         e3:95:9b:03:cf:75:f9:53:0d:ee:60:a3:db:52:a7:cd:bf:ec:
         16:87:e7:21
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY8pcQBwPUh8vP+NqgVKvSkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MTlmMmFkOTE1ODRiYWZmMDQ2NzQ0N2JhYzhmYjk3OGQx
ZjlkZDMwHhcNMjQwNDI5MTA0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjVhNTZhYzZhY2MwODU2NGJhOWFjZTFkZTFkOWRkMjMwNGE5NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKgXWA9cHomR6AzB4CO/O3FBR8LM
f1DGEB6SWZf247No7I5p22nTbiO4G+bwBpbnvxf5Pj9iUM0rR9tS8AzL6B4pWndI
ZQIET3jAda30Ay47e3adYWpWbFq5JNUK5ihYeMFm0byL3GelkU/yS1RqdQYIFhdr
lud4HI0RwYPPG1KESE+247rsk8bddb6xvi0IWeoOJxPurxGeDsnU4OR4VaZN/e4+
cXGynzmUqoDmCIBc2YLPn4o/hUPhZjo2NI4etXkzXyKfjHkIpXhZYRy+ZPAZ1AbH
0D30FyAFq1XGTfkCsC8Pv3CkBGXeAFvNbHp7ww6oCCInwd3PGlGzLgFmSQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNtaVqxqzAhWS6ms4d4dndIwSpagMB8GA1UdIwQY
MBaAFDkZ8q2RWEuv8EZ0R7rI+5eNH53TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUt
MzJhYTY3MzFjMjkxLzEvMjFwV3JHck1DRlpMcWF6aDNoMmQwakJLbHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUtMzJhYTY3MzFjMjkx
LzEvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMBWp4DBAXU
YgADBAXVj+ADBAXVoYAwDQQCAAIwBwMFACoAH5AwDQYJKoZIhvcNAQELBQADggEB
AG5w5QlQ622NeRtv32Y6LC6ot2cPIJJWXyoLJma4Y/Uown0dRyaOXQrJ0/FHiPHP
x9z3KAqAhSr9X55OI+ekoFBoHvAePyREh4L0dtZkywhhYbjvjE01k4wC+1YjyJHo
ntOV1U0a2alhUNgdM1Pa0Ly8hBNF6hvgLT1eAbC45gkHg2Hvuf08JeMKcxbzASLy
40GI2YAbNHbk7VczrDkGJaTE8WDBsVJpy2U71itHhv6dggCXst+9B4BCJm2ARKOs
1yjSJeCrCmwwQ7FQ6O6lrGDd/UmplEr12ria/cKT+7rssFCxTXIJc86w0OOVmwPP
dflTDe5go9tSp82/7BaH5yE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:16 2024 by rpki-client on console-ams.rpki-client.org