Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/kYTeFrYnFoXtj_hztrvhX2kBEeI.roa
File:                     kYTeFrYnFoXtj_hztrvhX2kBEeI.roa (raw, json)
Hash identifier:          OIdT60yyEegu9+CqkTF8FQ9gAJwAH5dM8Ms8pf0qO98=
Subject key identifier:   91:84:DE:16:B6:27:16:85:ED:8F:F8:73:B6:BB:E1:5F:69:01:11:E2
Certificate issuer:       /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial:       0186CCBEAB0681B36CC8F70A86A3015BBC8F
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/kYTeFrYnFoXtj_hztrvhX2kBEeI.roa
Signing time:             Fri 10 Mar 2023 18:18:13 +0000
ROA not before:           Fri 10 Mar 2023 18:18:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44444
IP address blocks:        157.167.200.0/24 maxlen: 24
                          157.167.157.0/24 maxlen: 24
                          157.167.10.0/24 maxlen: 24
                          157.167.11.0/24 maxlen: 24
                          157.167.13.0/24 maxlen: 24
                          157.167.14.0/24 maxlen: 24
                          157.167.12.0/24 maxlen: 24
                          157.167.17.0/24 maxlen: 24
                          157.167.15.0/24 maxlen: 24
                          157.167.16.0/24 maxlen: 24
                          157.167.20.0/24 maxlen: 24
                          157.167.21.0/24 maxlen: 24
                          157.167.18.0/24 maxlen: 24
                          157.167.19.0/24 maxlen: 24
                          157.167.24.0/24 maxlen: 24
                          157.167.22.0/24 maxlen: 24
                          157.167.23.0/24 maxlen: 24
                          157.167.27.0/24 maxlen: 24
                          157.167.28.0/24 maxlen: 24
                          157.167.25.0/24 maxlen: 24
                          157.167.26.0/24 maxlen: 24
                          157.167.31.0/24 maxlen: 24
                          157.167.29.0/24 maxlen: 24
                          157.167.30.0/24 maxlen: 24
                          157.167.34.0/24 maxlen: 24
                          157.167.35.0/24 maxlen: 24
                          157.167.32.0/24 maxlen: 24
                          157.167.33.0/24 maxlen: 24
                          157.167.38.0/24 maxlen: 24
                          157.167.36.0/24 maxlen: 24
                          157.167.37.0/24 maxlen: 24
                          157.167.93.0/24 maxlen: 24
                          157.167.94.0/24 maxlen: 24
                          157.167.92.0/24 maxlen: 24
                          157.167.97.0/24 maxlen: 24
                          157.167.95.0/24 maxlen: 24
                          157.167.96.0/24 maxlen: 24
                          157.167.98.0/24 maxlen: 24
                          157.167.104.0/24 maxlen: 24
                          157.167.102.0/24 maxlen: 24
                          157.167.103.0/24 maxlen: 24
                          157.167.105.0/24 maxlen: 24
                          157.167.100.0/24 maxlen: 24
                          157.167.101.0/24 maxlen: 24
                          157.167.99.0/24 maxlen: 24
                          157.167.111.0/24 maxlen: 24
                          157.167.109.0/24 maxlen: 24
                          157.167.110.0/24 maxlen: 24
                          157.167.112.0/24 maxlen: 24
                          157.167.107.0/24 maxlen: 24
                          157.167.108.0/24 maxlen: 24
                          157.167.106.0/24 maxlen: 24
                          157.167.118.0/24 maxlen: 24
                          157.167.116.0/24 maxlen: 24
                          157.167.117.0/24 maxlen: 24
                          157.167.114.0/24 maxlen: 24
                          157.167.115.0/24 maxlen: 24
                          157.167.113.0/24 maxlen: 24
                          157.167.121.0/24 maxlen: 24
                          157.167.122.0/24 maxlen: 24
                          157.167.119.0/24 maxlen: 24
                          157.167.120.0/24 maxlen: 24
                          157.167.125.0/24 maxlen: 24
                          157.167.123.0/24 maxlen: 24
                          157.167.124.0/24 maxlen: 24
                          157.167.128.0/24 maxlen: 24
                          157.167.126.0/24 maxlen: 24
                          157.167.127.0/24 maxlen: 24
                          157.167.41.0/24 maxlen: 24
                          157.167.42.0/24 maxlen: 24
                          157.167.39.0/24 maxlen: 24
                          157.167.40.0/24 maxlen: 24
                          157.167.43.0/24 maxlen: 24
                          157.167.44.0/24 maxlen: 24
                          157.167.48.0/24 maxlen: 24
                          157.167.49.0/24 maxlen: 24
                          157.167.46.0/24 maxlen: 24
                          157.167.47.0/24 maxlen: 24
                          157.167.50.0/24 maxlen: 24
                          157.167.51.0/24 maxlen: 24
                          157.167.45.0/24 maxlen: 24
                          157.167.55.0/24 maxlen: 24
                          157.167.56.0/24 maxlen: 24
                          157.167.53.0/24 maxlen: 24
                          157.167.54.0/24 maxlen: 24
                          157.167.58.0/24 maxlen: 24
                          157.167.57.0/24 maxlen: 24
                          157.167.52.0/24 maxlen: 24
                          157.167.62.0/24 maxlen: 24
                          157.167.63.0/24 maxlen: 24
                          157.167.60.0/24 maxlen: 24
                          157.167.61.0/24 maxlen: 24
                          157.167.64.0/24 maxlen: 24
                          157.167.59.0/24 maxlen: 24
                          157.167.65.0/24 maxlen: 24
                          157.167.66.0/24 maxlen: 24
                          157.167.69.0/24 maxlen: 24
                          157.167.70.0/24 maxlen: 24
                          157.167.67.0/24 maxlen: 24
                          157.167.68.0/24 maxlen: 24
                          157.167.71.0/24 maxlen: 24
                          157.167.76.0/24 maxlen: 24
                          157.167.77.0/24 maxlen: 24
                          157.167.74.0/24 maxlen: 24
                          157.167.75.0/24 maxlen: 24
                          157.167.78.0/24 maxlen: 24
                          157.167.72.0/24 maxlen: 24
                          157.167.73.0/24 maxlen: 24
                          157.167.79.0/24 maxlen: 24
                          157.167.80.0/24 maxlen: 24
                          157.167.83.0/24 maxlen: 24
                          157.167.84.0/24 maxlen: 24
                          157.167.81.0/24 maxlen: 24
                          157.167.82.0/24 maxlen: 24
                          157.167.85.0/24 maxlen: 24
                          157.167.90.0/24 maxlen: 24
                          157.167.88.0/24 maxlen: 24
                          157.167.89.0/24 maxlen: 24
                          157.167.91.0/24 maxlen: 24
                          157.167.86.0/24 maxlen: 24
                          157.167.87.0/24 maxlen: 24
                          86.111.222.0/24 maxlen: 24
                          86.111.223.0/24 maxlen: 24
                          85.115.39.0/24 maxlen: 24
                          85.115.40.0/24 maxlen: 24
                          85.115.43.0/24 maxlen: 24
                          85.115.44.0/24 maxlen: 24
                          85.115.41.0/24 maxlen: 24
                          85.115.42.0/24 maxlen: 24
                          85.115.50.0/24 maxlen: 24
                          85.115.48.0/24 maxlen: 24
                          85.115.49.0/24 maxlen: 24
                          85.115.46.0/24 maxlen: 24
                          85.115.47.0/24 maxlen: 24
                          85.115.45.0/24 maxlen: 24
                          85.115.53.0/24 maxlen: 24
                          85.115.54.0/24 maxlen: 24
                          85.115.52.0/24 maxlen: 24
                          85.115.56.0/24 maxlen: 24
                          85.115.58.0/24 maxlen: 24
                          85.115.62.0/24 maxlen: 24
                          85.115.63.0/24 maxlen: 24
                          85.115.60.0/24 maxlen: 24
                          85.115.61.0/24 maxlen: 24
                          85.115.36.0/24 maxlen: 24
                          85.115.37.0/24 maxlen: 24
                          85.115.34.0/24 maxlen: 24
                          85.115.35.0/24 maxlen: 24
                          85.115.38.0/24 maxlen: 24
                          85.115.32.0/24 maxlen: 24
                          85.115.33.0/24 maxlen: 24
                          2001:4010::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 17 Mar 2023 09:33:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:cc:be:ab:06:81:b3:6c:c8:f7:0a:86:a3:01:5b:bc:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
        Validity
            Not Before: Mar 10 18:18:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9184de16b6271685ed8ff873b6bbe15f690111e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:28:6b:02:28:00:2d:bc:80:8f:1f:ad:1b:2a:
                    e6:21:9e:3b:0b:cf:ad:1c:ba:3e:9c:d8:77:7d:4e:
                    01:dd:6b:a2:b3:f0:ac:d6:51:b9:47:81:50:db:75:
                    aa:e7:74:cf:fd:26:b9:f9:12:55:a9:8f:02:7f:92:
                    39:db:0e:39:b1:1b:70:23:da:c6:5d:a4:2b:93:e5:
                    63:69:43:a4:ed:0e:0d:78:d9:1a:e6:f9:66:a1:f3:
                    6c:2e:f2:ef:b2:9c:bc:5b:df:a6:74:2b:f7:66:c9:
                    63:77:ed:8e:32:15:26:c2:31:47:ed:7d:32:63:11:
                    af:d2:1c:85:db:d5:44:cc:d5:f0:e2:a4:38:c9:24:
                    9e:d7:bf:26:f1:5b:b3:f4:e4:22:30:17:e1:e5:2b:
                    5e:2d:06:3f:38:ef:4d:2d:8b:84:65:8e:d6:99:31:
                    35:74:da:3b:bc:b4:94:05:37:e0:22:0f:20:77:bc:
                    0c:be:e5:77:64:28:d8:73:29:88:bc:c4:98:84:03:
                    da:fe:63:53:04:e4:e8:48:35:4a:ef:30:75:9f:88:
                    7e:ce:34:ae:f7:60:37:f2:fb:e5:06:02:c4:28:e1:
                    0d:9a:9b:2c:23:c7:da:91:06:cf:f1:b4:33:c9:85:
                    2f:c6:b4:a5:b2:5e:39:b1:8c:9b:c1:50:99:a7:d6:
                    67:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:84:DE:16:B6:27:16:85:ED:8F:F8:73:B6:BB:E1:5F:69:01:11:E2
            X509v3 Authority Key Identifier:
                keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/kYTeFrYnFoXtj_hztrvhX2kBEeI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.115.32.0-85.115.50.255
                  85.115.52.0-85.115.54.255
                  85.115.56.0/24
                  85.115.58.0/24
                  85.115.60.0/22
                  86.111.222.0/23
                  157.167.10.0-157.167.128.255
                  157.167.157.0/24
                  157.167.200.0/24
                IPv6:
                  2001:4010::/32

    Signature Algorithm: sha256WithRSAEncryption
         0c:43:bf:d5:83:5e:d3:00:cd:50:84:e3:25:e1:6c:fe:89:62:
         ec:8e:78:22:de:d3:51:5a:7f:17:40:da:24:c1:99:4b:ec:7b:
         f3:a5:81:13:87:73:c7:26:d3:8e:30:5d:98:7c:86:12:de:3d:
         c0:ff:cb:cd:d2:7e:a8:bf:88:75:8a:02:ef:02:f6:46:5f:03:
         4e:bf:04:5f:72:df:3d:8f:a6:3d:bf:54:aa:ed:7e:6b:e5:7a:
         86:e6:34:2a:33:96:c4:09:a3:a1:be:9a:7b:af:01:31:88:8b:
         00:7d:bd:d5:f2:55:9c:3a:f6:0f:c9:35:29:f3:25:cb:68:25:
         85:87:f4:4b:4a:73:93:38:f4:95:3e:d7:8a:94:48:a5:ec:eb:
         f7:44:a1:e1:b9:b9:7b:98:ae:6c:1d:93:1b:6d:11:79:e5:00:
         6f:2e:d2:27:a2:7f:31:16:0a:59:85:d8:10:ec:fd:94:41:78:
         a8:db:9f:73:eb:5d:e1:19:e2:77:6b:d9:ab:3d:3d:17:b7:64:
         64:36:2b:3f:25:53:50:b6:47:c2:2f:a9:02:d0:61:5b:15:59:
         1b:9c:b8:63:30:17:aa:ae:fb:0d:b6:07:fd:c9:9a:53:3c:1f:
         23:bb:f8:82:7b:d3:27:e2:5d:79:fc:65:cc:41:2a:33:41:72:
         b5:49:95:91
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYbMvqsGgbNsyPcKhqMBW7yPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjMwMzEwMTgxODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTg0ZGUxNmI2MjcxNjg1ZWQ4ZmY4NzNiNmJiZTE1ZjY5MDExMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiShrAigALbyAjx+tGyrmIZ47C8+t
HLo+nNh3fU4B3Wuis/Cs1lG5R4FQ23Wq53TP/Sa5+RJVqY8Cf5I52w45sRtwI9rG
XaQrk+VjaUOk7Q4NeNka5vlmofNsLvLvspy8W9+mdCv3Zsljd+2OMhUmwjFH7X0y
YxGv0hyF29VEzNXw4qQ4ySSe178m8Vuz9OQiMBfh5SteLQY/OO9NLYuEZY7WmTE1
dNo7vLSUBTfgIg8gd7wMvuV3ZCjYcymIvMSYhAPa/mNTBOToSDVK7zB1n4h+zjSu
92A38vvlBgLEKOENmpssI8fakQbP8bQzyYUvxrSlsl45sYybwVCZp9ZnxwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFJGE3ha2JxaF7Y/4c7a74V9pARHiMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEva1lUZUZyWW5Gb1h0al9oenRydmhYMmtCRWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOMAwDBAVVcyAD
BABVczIwDAMEAlVzNAMEAFVzNgMEAFVzOAMEAFVzOgMEAlVzPAMEAVZv3jAMAwQB
nacKAwQAnaeAAwQAnaedAwQAnafIMA0EAgACMAcDBQAgAUAQMA0GCSqGSIb3DQEB
CwUAA4IBAQAMQ7/Vg17TAM1QhOMl4Wz+iWLsjngi3tNRWn8XQNokwZlL7HvzpYET
h3PHJtOOMF2YfIYS3j3A/8vN0n6ov4h1igLvAvZGXwNOvwRfct89j6Y9v1Sq7X5r
5XqG5jQqM5bECaOhvpp7rwExiIsAfb3V8lWcOvYPyTUp8yXLaCWFh/RLSnOTOPSV
PteKlEil7Ov3RKHhubl7mK5sHZMbbRF55QBvLtInon8xFgpZhdgQ7P2UQXio259z
613hGeJ3a9mrPT0Xt2RkNis/JVNQtkfCL6kC0GFbFVkbnLhjMBeqrvsNtgf9yZpT
PB8ju/iCe9Mn4l15/GXMQSozQXK1SZWR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:21 2024 by rpki-client on console-fra.rpki-client.org