Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/50kugsXH7j0v0wCkuFFvC36YpzI.roa
File:                     50kugsXH7j0v0wCkuFFvC36YpzI.roa (raw, json)
Hash identifier:          z4wdSPihTluHAITSQLu5BJxWmiaCYKauCk2cphKGuZI=
Subject key identifier:   E7:49:2E:82:C5:C7:EE:3D:2F:D3:00:A4:B8:51:6F:0B:7E:98:A7:32
Certificate issuer:       /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial:       018CC87046F3AA09088C93C22B835513DCA4
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/50kugsXH7j0v0wCkuFFvC36YpzI.roa
Signing time:             Tue 02 Jan 2024 04:30:50 +0000
ROA not before:           Tue 02 Jan 2024 04:30:50 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44444
IP address blocks:        157.167.200.0/24 maxlen: 24
                          157.167.159.0/24 maxlen: 24
                          157.167.158.0/24 maxlen: 24
                          157.167.157.0/24 maxlen: 24
                          157.167.160.0/24 maxlen: 24
                          157.167.163.0/24 maxlen: 24
                          157.167.161.0/24 maxlen: 24
                          157.167.162.0/24 maxlen: 24
                          157.167.192.0/24 maxlen: 24
                          157.167.4.0/24 maxlen: 24
                          157.167.10.0/24 maxlen: 24
                          157.167.11.0/24 maxlen: 24
                          157.167.13.0/24 maxlen: 24
                          157.167.14.0/24 maxlen: 24
                          157.167.12.0/24 maxlen: 24
                          157.167.17.0/24 maxlen: 24
                          157.167.15.0/24 maxlen: 24
                          157.167.16.0/24 maxlen: 24
                          157.167.20.0/24 maxlen: 24
                          157.167.21.0/24 maxlen: 24
                          157.167.18.0/24 maxlen: 24
                          157.167.19.0/24 maxlen: 24
                          157.167.24.0/24 maxlen: 24
                          157.167.22.0/24 maxlen: 24
                          157.167.23.0/24 maxlen: 24
                          157.167.27.0/24 maxlen: 24
                          157.167.28.0/24 maxlen: 24
                          157.167.25.0/24 maxlen: 24
                          157.167.26.0/24 maxlen: 24
                          157.167.31.0/24 maxlen: 24
                          157.167.29.0/24 maxlen: 24
                          157.167.30.0/24 maxlen: 24
                          157.167.34.0/24 maxlen: 24
                          157.167.35.0/24 maxlen: 24
                          157.167.32.0/24 maxlen: 24
                          157.167.33.0/24 maxlen: 24
                          157.167.38.0/24 maxlen: 24
                          157.167.36.0/24 maxlen: 24
                          157.167.37.0/24 maxlen: 24
                          157.167.93.0/24 maxlen: 24
                          157.167.94.0/24 maxlen: 24
                          157.167.92.0/24 maxlen: 24
                          157.167.97.0/24 maxlen: 24
                          157.167.95.0/24 maxlen: 24
                          157.167.96.0/24 maxlen: 24
                          157.167.98.0/24 maxlen: 24
                          157.167.104.0/24 maxlen: 24
                          157.167.102.0/24 maxlen: 24
                          157.167.103.0/24 maxlen: 24
                          157.167.105.0/24 maxlen: 24
                          157.167.100.0/24 maxlen: 24
                          157.167.101.0/24 maxlen: 24
                          157.167.99.0/24 maxlen: 24
                          157.167.107.0/24 maxlen: 24
                          157.167.108.0/24 maxlen: 24
                          157.167.106.0/24 maxlen: 24
                          157.167.111.0/24 maxlen: 24
                          157.167.109.0/24 maxlen: 24
                          157.167.110.0/24 maxlen: 24
                          157.167.112.0/24 maxlen: 24
                          157.167.118.0/24 maxlen: 24
                          157.167.116.0/24 maxlen: 24
                          157.167.117.0/24 maxlen: 24
                          157.167.114.0/24 maxlen: 24
                          157.167.115.0/24 maxlen: 24
                          157.167.113.0/24 maxlen: 24
                          157.167.121.0/24 maxlen: 24
                          157.167.122.0/24 maxlen: 24
                          157.167.119.0/24 maxlen: 24
                          157.167.120.0/24 maxlen: 24
                          157.167.125.0/24 maxlen: 24
                          157.167.123.0/24 maxlen: 24
                          157.167.124.0/24 maxlen: 24
                          157.167.131.0/24 maxlen: 24
                          157.167.132.0/24 maxlen: 24
                          157.167.130.0/24 maxlen: 24
                          157.167.128.0/24 maxlen: 24
                          157.167.126.0/24 maxlen: 24
                          157.167.127.0/24 maxlen: 24
                          157.167.41.0/24 maxlen: 24
                          157.167.42.0/24 maxlen: 24
                          157.167.39.0/24 maxlen: 24
                          157.167.40.0/24 maxlen: 24
                          157.167.43.0/24 maxlen: 24
                          157.167.44.0/24 maxlen: 24
                          157.167.48.0/24 maxlen: 24
                          157.167.49.0/24 maxlen: 24
                          157.167.46.0/24 maxlen: 24
                          157.167.47.0/24 maxlen: 24
                          157.167.50.0/24 maxlen: 24
                          157.167.51.0/24 maxlen: 24
                          157.167.45.0/24 maxlen: 24
                          157.167.55.0/24 maxlen: 24
                          157.167.56.0/24 maxlen: 24
                          157.167.53.0/24 maxlen: 24
                          157.167.54.0/24 maxlen: 24
                          157.167.58.0/24 maxlen: 24
                          157.167.57.0/24 maxlen: 24
                          157.167.52.0/24 maxlen: 24
                          157.167.62.0/24 maxlen: 24
                          157.167.63.0/24 maxlen: 24
                          157.167.60.0/24 maxlen: 24
                          157.167.61.0/24 maxlen: 24
                          157.167.64.0/24 maxlen: 24
                          157.167.59.0/24 maxlen: 24
                          157.167.65.0/24 maxlen: 24
                          157.167.66.0/24 maxlen: 24
                          157.167.69.0/24 maxlen: 24
                          157.167.70.0/24 maxlen: 24
                          157.167.67.0/24 maxlen: 24
                          157.167.68.0/24 maxlen: 24
                          157.167.71.0/24 maxlen: 24
                          157.167.76.0/24 maxlen: 24
                          157.167.77.0/24 maxlen: 24
                          157.167.74.0/24 maxlen: 24
                          157.167.75.0/24 maxlen: 24
                          157.167.78.0/24 maxlen: 24
                          157.167.72.0/24 maxlen: 24
                          157.167.73.0/24 maxlen: 24
                          157.167.79.0/24 maxlen: 24
                          157.167.80.0/24 maxlen: 24
                          157.167.83.0/24 maxlen: 24
                          157.167.84.0/24 maxlen: 24
                          157.167.81.0/24 maxlen: 24
                          157.167.82.0/24 maxlen: 24
                          157.167.85.0/24 maxlen: 24
                          157.167.90.0/24 maxlen: 24
                          157.167.89.0/24 maxlen: 24
                          157.167.88.0/24 maxlen: 24
                          157.167.91.0/24 maxlen: 24
                          157.167.86.0/24 maxlen: 24
                          157.167.87.0/24 maxlen: 24
                          185.4.96.0/24 maxlen: 24
                          185.4.97.0/24 maxlen: 24
                          185.4.98.0/24 maxlen: 24
                          185.4.99.0/24 maxlen: 24
                          86.111.222.0/24 maxlen: 24
                          86.111.223.0/24 maxlen: 24
                          85.115.39.0/24 maxlen: 24
                          85.115.40.0/24 maxlen: 24
                          85.115.43.0/24 maxlen: 24
                          85.115.44.0/24 maxlen: 24
                          85.115.41.0/24 maxlen: 24
                          85.115.42.0/24 maxlen: 24
                          85.115.50.0/24 maxlen: 24
                          85.115.51.0/24 maxlen: 24
                          85.115.48.0/24 maxlen: 24
                          85.115.49.0/24 maxlen: 24
                          85.115.46.0/24 maxlen: 24
                          85.115.47.0/24 maxlen: 24
                          85.115.45.0/24 maxlen: 24
                          85.115.53.0/24 maxlen: 24
                          85.115.54.0/24 maxlen: 24
                          85.115.52.0/24 maxlen: 24
                          85.115.57.0/24 maxlen: 24
                          85.115.55.0/24 maxlen: 24
                          85.115.56.0/24 maxlen: 24
                          85.115.58.0/24 maxlen: 24
                          85.115.62.0/24 maxlen: 24
                          85.115.63.0/24 maxlen: 24
                          85.115.60.0/24 maxlen: 24
                          85.115.61.0/24 maxlen: 24
                          85.115.59.0/24 maxlen: 24
                          85.115.37.0/24 maxlen: 24
                          85.115.34.0/24 maxlen: 24
                          85.115.36.0/24 maxlen: 24
                          85.115.35.0/24 maxlen: 24
                          85.115.38.0/24 maxlen: 24
                          85.115.32.0/24 maxlen: 24
                          85.115.33.0/24 maxlen: 24
                          2001:4010::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 18 Jan 2024 15:08:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:46:f3:aa:09:08:8c:93:c2:2b:83:55:13:dc:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
        Validity
            Not Before: Jan  2 04:30:50 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e7492e82c5c7ee3d2fd300a4b8516f0b7e98a732
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:41:83:00:a6:6a:9c:fa:7c:3c:58:57:c3:83:
                    f7:16:9b:b5:ce:89:5d:f7:7b:56:73:d6:7a:66:74:
                    e6:eb:13:9d:45:48:ee:7e:d4:7b:c2:a6:b3:be:e3:
                    11:90:de:9e:ea:ce:30:51:cf:8a:d3:da:c5:c0:25:
                    d0:bd:66:42:69:ea:ea:96:32:e4:d8:62:5e:db:96:
                    51:13:3b:f9:45:e8:3a:59:c6:5b:b1:07:1b:92:98:
                    24:2d:80:4b:c3:30:32:f6:1b:cd:4d:ba:75:32:bf:
                    4b:d6:9d:f8:a3:dd:97:b1:d4:1a:c1:b0:73:a7:f3:
                    06:40:3c:85:00:da:c3:cd:6a:df:f4:27:1f:41:8d:
                    d1:90:53:77:e9:6f:3e:bc:77:a4:9c:79:07:ff:98:
                    78:eb:62:19:ce:38:07:5a:f8:d2:27:d2:65:e2:86:
                    a2:e9:cc:61:ae:da:2e:0a:61:e4:ee:fa:5f:cd:eb:
                    4c:94:bf:97:aa:d0:82:0a:f7:69:96:9b:90:85:d0:
                    5e:39:a4:fb:e1:9e:dc:92:93:74:a3:7b:fe:2e:4b:
                    a8:93:b9:8e:2a:47:cf:a9:66:84:5a:69:a0:bd:d1:
                    f9:9b:6d:71:56:95:29:e4:e2:a3:50:4f:29:2f:18:
                    18:85:5b:40:71:de:32:e5:a2:e8:f5:30:57:46:30:
                    a2:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:49:2E:82:C5:C7:EE:3D:2F:D3:00:A4:B8:51:6F:0B:7E:98:A7:32
            X509v3 Authority Key Identifier:
                keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/50kugsXH7j0v0wCkuFFvC36YpzI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.115.32.0/19
                  86.111.222.0/23
                  157.167.4.0/24
                  157.167.10.0-157.167.128.255
                  157.167.130.0-157.167.132.255
                  157.167.157.0-157.167.163.255
                  157.167.192.0/24
                  157.167.200.0/24
                  185.4.96.0/22
                IPv6:
                  2001:4010::/32

    Signature Algorithm: sha256WithRSAEncryption
         16:1e:cf:59:f2:62:39:57:ce:20:79:49:b4:0e:93:45:6d:d9:
         63:62:59:15:c9:5b:be:03:b8:90:af:0d:59:96:39:10:6a:9c:
         16:b7:f4:9a:2a:eb:ea:05:76:61:f4:fc:39:84:44:c4:e7:4f:
         8a:13:3f:25:a1:c8:78:41:e0:89:ea:01:2b:4c:67:7d:17:93:
         c5:7b:ec:e0:f4:22:da:67:e4:76:c7:a2:d3:a8:5e:d9:e5:f5:
         cd:5b:2a:59:1f:e9:c6:3c:01:f3:cc:e9:81:22:e0:06:dc:65:
         2a:9e:c8:dd:0f:75:b1:45:cc:d6:5b:0f:a0:1c:7a:15:40:b5:
         d0:98:8f:db:63:85:43:d5:0e:dd:9a:bc:c2:86:3e:98:13:8e:
         a9:df:39:64:c5:94:bf:32:28:bb:0c:56:a3:ae:86:f7:71:d6:
         4b:92:ef:ce:32:72:d5:65:f5:e9:a5:19:40:06:57:e9:5b:a1:
         02:4e:1e:11:8d:38:c1:2c:a3:4f:1a:eb:34:b3:08:58:bc:e4:
         6a:fe:27:9f:d4:26:c3:db:b2:7a:58:b9:db:9b:13:84:09:5b:
         fc:c5:4b:2c:a5:80:f2:b1:31:52:4c:0e:e9:3b:1c:3f:66:2a:
         c6:86:82:e0:96:1c:84:a6:01:6a:18:e1:4b:2b:8d:1c:7f:45:
         4e:e1:7e:9b
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYzIcEbzqgkIjJPCK4NVE9ykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjQwMTAyMDQzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzQ5MmU4MmM1YzdlZTNkMmZkMzAwYTRiODUxNmYwYjdlOThhNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0GDAKZqnPp8PFhXw4P3Fpu1zold
93tWc9Z6ZnTm6xOdRUjuftR7wqazvuMRkN6e6s4wUc+K09rFwCXQvWZCaerqljLk
2GJe25ZREzv5Reg6WcZbsQcbkpgkLYBLwzAy9hvNTbp1Mr9L1p34o92XsdQawbBz
p/MGQDyFANrDzWrf9CcfQY3RkFN36W8+vHeknHkH/5h462IZzjgHWvjSJ9Jl4oai
6cxhrtouCmHk7vpfzetMlL+XqtCCCvdplpuQhdBeOaT74Z7ckpN0o3v+Lkuok7mO
KkfPqWaEWmmgvdH5m21xVpUp5OKjUE8pLxgYhVtAcd4y5aLo9TBXRjCi9wIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFOdJLoLFx+49L9MApLhRbwt+mKcyMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvNTBrdWdzWEg3ajB2MHdDa3VGRnZDMzZZcHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQFVXMgAwQB
Vm/eAwQAnacEMAwDBAGdpwoDBACdp4AwDAMEAZ2nggMEAJ2nhDAMAwQAnaedAwQC
naegAwQAnafAAwQAnafIAwQCuQRgMA0EAgACMAcDBQAgAUAQMA0GCSqGSIb3DQEB
CwUAA4IBAQAWHs9Z8mI5V84geUm0DpNFbdljYlkVyVu+A7iQrw1ZljkQapwWt/Sa
KuvqBXZh9Pw5hETE50+KEz8loch4QeCJ6gErTGd9F5PFe+zg9CLaZ+R2x6LTqF7Z
5fXNWypZH+nGPAHzzOmBIuAG3GUqnsjdD3WxRczWWw+gHHoVQLXQmI/bY4VD1Q7d
mrzChj6YE46p3zlkxZS/Mii7DFajrob3cdZLku/OMnLVZfXppRlABlfpW6ECTh4R
jTjBLKNPGus0swhYvORq/ief1CbD27J6WLnbmxOECVv8xUsspYDysTFSTA7pOxw/
ZirGhoLglhyEpgFqGOFLK40cf0VO4X6b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:27 2024 by rpki-client on console-ams.rpki-client.org