Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/lvJB8Yf6YmmlfMoi6m7bffVGQlk.roa
File:                     lvJB8Yf6YmmlfMoi6m7bffVGQlk.roa (raw, json)
Hash identifier:          J3Y9mhjCOC1HA+aiXd+pztU6ONxjiMAyZKbGoQX9OJY=
Subject key identifier:   96:F2:41:F1:87:FA:62:69:A5:7C:CA:22:EA:6E:DB:7D:F5:46:42:59
Certificate issuer:       /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial:       018D1D1DB884C25C7361C2000E590C06A06A
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/lvJB8Yf6YmmlfMoi6m7bffVGQlk.roa
Signing time:             Thu 18 Jan 2024 15:08:23 +0000
ROA not before:           Thu 18 Jan 2024 15:08:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44444
IP address blocks:        85.115.32.0/24 maxlen: 24
                          85.115.33.0/24 maxlen: 24
                          85.115.34.0/24 maxlen: 24
                          85.115.35.0/24 maxlen: 24
                          85.115.36.0/24 maxlen: 24
                          85.115.37.0/24 maxlen: 24
                          85.115.38.0/24 maxlen: 24
                          85.115.39.0/24 maxlen: 24
                          85.115.40.0/24 maxlen: 24
                          85.115.41.0/24 maxlen: 24
                          85.115.42.0/24 maxlen: 24
                          85.115.43.0/24 maxlen: 24
                          85.115.44.0/24 maxlen: 24
                          85.115.45.0/24 maxlen: 24
                          85.115.46.0/24 maxlen: 24
                          85.115.47.0/24 maxlen: 24
                          85.115.48.0/24 maxlen: 24
                          85.115.49.0/24 maxlen: 24
                          85.115.50.0/24 maxlen: 24
                          85.115.51.0/24 maxlen: 24
                          85.115.52.0/24 maxlen: 24
                          85.115.53.0/24 maxlen: 24
                          85.115.54.0/24 maxlen: 24
                          85.115.55.0/24 maxlen: 24
                          85.115.56.0/24 maxlen: 24
                          85.115.57.0/24 maxlen: 24
                          85.115.58.0/24 maxlen: 24
                          85.115.59.0/24 maxlen: 24
                          85.115.60.0/24 maxlen: 24
                          85.115.61.0/24 maxlen: 24
                          85.115.62.0/24 maxlen: 24
                          85.115.63.0/24 maxlen: 24
                          86.111.222.0/24 maxlen: 24
                          86.111.223.0/24 maxlen: 24
                          157.167.4.0/24 maxlen: 24
                          157.167.5.0/24 maxlen: 24
                          157.167.10.0/24 maxlen: 24
                          157.167.11.0/24 maxlen: 24
                          157.167.12.0/24 maxlen: 24
                          157.167.13.0/24 maxlen: 24
                          157.167.14.0/24 maxlen: 24
                          157.167.15.0/24 maxlen: 24
                          157.167.16.0/24 maxlen: 24
                          157.167.17.0/24 maxlen: 24
                          157.167.18.0/24 maxlen: 24
                          157.167.19.0/24 maxlen: 24
                          157.167.20.0/24 maxlen: 24
                          157.167.21.0/24 maxlen: 24
                          157.167.22.0/24 maxlen: 24
                          157.167.23.0/24 maxlen: 24
                          157.167.24.0/24 maxlen: 24
                          157.167.25.0/24 maxlen: 24
                          157.167.26.0/24 maxlen: 24
                          157.167.27.0/24 maxlen: 24
                          157.167.28.0/24 maxlen: 24
                          157.167.29.0/24 maxlen: 24
                          157.167.30.0/24 maxlen: 24
                          157.167.31.0/24 maxlen: 24
                          157.167.32.0/24 maxlen: 24
                          157.167.33.0/24 maxlen: 24
                          157.167.34.0/24 maxlen: 24
                          157.167.35.0/24 maxlen: 24
                          157.167.36.0/24 maxlen: 24
                          157.167.37.0/24 maxlen: 24
                          157.167.38.0/24 maxlen: 24
                          157.167.39.0/24 maxlen: 24
                          157.167.40.0/24 maxlen: 24
                          157.167.41.0/24 maxlen: 24
                          157.167.42.0/24 maxlen: 24
                          157.167.43.0/24 maxlen: 24
                          157.167.44.0/24 maxlen: 24
                          157.167.45.0/24 maxlen: 24
                          157.167.46.0/24 maxlen: 24
                          157.167.47.0/24 maxlen: 24
                          157.167.48.0/24 maxlen: 24
                          157.167.49.0/24 maxlen: 24
                          157.167.50.0/24 maxlen: 24
                          157.167.51.0/24 maxlen: 24
                          157.167.52.0/24 maxlen: 24
                          157.167.53.0/24 maxlen: 24
                          157.167.54.0/24 maxlen: 24
                          157.167.55.0/24 maxlen: 24
                          157.167.56.0/24 maxlen: 24
                          157.167.57.0/24 maxlen: 24
                          157.167.58.0/24 maxlen: 24
                          157.167.59.0/24 maxlen: 24
                          157.167.60.0/24 maxlen: 24
                          157.167.61.0/24 maxlen: 24
                          157.167.62.0/24 maxlen: 24
                          157.167.63.0/24 maxlen: 24
                          157.167.64.0/24 maxlen: 24
                          157.167.65.0/24 maxlen: 24
                          157.167.66.0/24 maxlen: 24
                          157.167.67.0/24 maxlen: 24
                          157.167.68.0/24 maxlen: 24
                          157.167.69.0/24 maxlen: 24
                          157.167.70.0/24 maxlen: 24
                          157.167.71.0/24 maxlen: 24
                          157.167.72.0/24 maxlen: 24
                          157.167.73.0/24 maxlen: 24
                          157.167.74.0/24 maxlen: 24
                          157.167.75.0/24 maxlen: 24
                          157.167.76.0/24 maxlen: 24
                          157.167.77.0/24 maxlen: 24
                          157.167.78.0/24 maxlen: 24
                          157.167.79.0/24 maxlen: 24
                          157.167.80.0/24 maxlen: 24
                          157.167.81.0/24 maxlen: 24
                          157.167.82.0/24 maxlen: 24
                          157.167.83.0/24 maxlen: 24
                          157.167.84.0/24 maxlen: 24
                          157.167.85.0/24 maxlen: 24
                          157.167.86.0/24 maxlen: 24
                          157.167.87.0/24 maxlen: 24
                          157.167.88.0/24 maxlen: 24
                          157.167.89.0/24 maxlen: 24
                          157.167.90.0/24 maxlen: 24
                          157.167.91.0/24 maxlen: 24
                          157.167.92.0/24 maxlen: 24
                          157.167.93.0/24 maxlen: 24
                          157.167.94.0/24 maxlen: 24
                          157.167.95.0/24 maxlen: 24
                          157.167.96.0/24 maxlen: 24
                          157.167.97.0/24 maxlen: 24
                          157.167.98.0/24 maxlen: 24
                          157.167.99.0/24 maxlen: 24
                          157.167.100.0/24 maxlen: 24
                          157.167.101.0/24 maxlen: 24
                          157.167.102.0/24 maxlen: 24
                          157.167.103.0/24 maxlen: 24
                          157.167.104.0/24 maxlen: 24
                          157.167.105.0/24 maxlen: 24
                          157.167.106.0/24 maxlen: 24
                          157.167.107.0/24 maxlen: 24
                          157.167.108.0/24 maxlen: 24
                          157.167.109.0/24 maxlen: 24
                          157.167.110.0/24 maxlen: 24
                          157.167.111.0/24 maxlen: 24
                          157.167.112.0/24 maxlen: 24
                          157.167.113.0/24 maxlen: 24
                          157.167.114.0/24 maxlen: 24
                          157.167.115.0/24 maxlen: 24
                          157.167.116.0/24 maxlen: 24
                          157.167.117.0/24 maxlen: 24
                          157.167.118.0/24 maxlen: 24
                          157.167.119.0/24 maxlen: 24
                          157.167.120.0/24 maxlen: 24
                          157.167.121.0/24 maxlen: 24
                          157.167.122.0/24 maxlen: 24
                          157.167.123.0/24 maxlen: 24
                          157.167.124.0/24 maxlen: 24
                          157.167.125.0/24 maxlen: 24
                          157.167.126.0/24 maxlen: 24
                          157.167.127.0/24 maxlen: 24
                          157.167.128.0/24 maxlen: 24
                          157.167.130.0/24 maxlen: 24
                          157.167.131.0/24 maxlen: 24
                          157.167.132.0/24 maxlen: 24
                          157.167.157.0/24 maxlen: 24
                          157.167.158.0/24 maxlen: 24
                          157.167.159.0/24 maxlen: 24
                          157.167.160.0/24 maxlen: 24
                          157.167.161.0/24 maxlen: 24
                          157.167.162.0/24 maxlen: 24
                          157.167.163.0/24 maxlen: 24
                          157.167.192.0/24 maxlen: 24
                          157.167.200.0/24 maxlen: 24
                          185.4.96.0/24 maxlen: 24
                          185.4.97.0/24 maxlen: 24
                          185.4.98.0/24 maxlen: 24
                          185.4.99.0/24 maxlen: 24
                          2001:4010::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 31 May 2024 14:09:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:1d:1d:b8:84:c2:5c:73:61:c2:00:0e:59:0c:06:a0:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
        Validity
            Not Before: Jan 18 15:08:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=96f241f187fa6269a57cca22ea6edb7df5464259
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ab:bb:70:bb:35:52:ee:df:4e:e1:e0:a1:af:
                    62:f0:bc:00:b5:61:67:7d:55:a3:97:95:5b:3e:eb:
                    a8:03:9f:54:39:f9:4e:86:10:35:49:50:85:71:5d:
                    48:c1:d7:ec:19:dc:07:36:fb:7d:dc:8f:41:47:c1:
                    3d:ac:32:39:da:12:1d:af:fc:b5:6e:28:d8:67:01:
                    36:84:fb:d6:87:b4:0e:7a:27:88:4d:df:5b:14:53:
                    27:61:3a:9e:9a:2e:f6:87:c7:d4:a4:ad:0b:82:05:
                    d3:0c:ac:52:66:fa:71:e1:60:81:ca:99:f3:c3:d5:
                    81:51:22:02:e2:f0:1a:70:6c:8e:9a:75:8a:68:0b:
                    0c:c6:87:fd:08:06:86:0a:34:44:74:e7:71:30:b0:
                    60:22:d2:fb:eb:a3:bb:9e:f8:6a:8e:8a:d0:2e:c2:
                    44:d7:8c:b6:3d:23:05:e6:b7:25:b9:e0:8c:18:06:
                    da:f9:6a:61:38:16:fb:c4:01:ed:ff:3f:22:36:37:
                    71:92:d8:11:47:a2:08:9b:d0:d5:bf:cb:21:14:c9:
                    1c:b5:a0:53:74:16:90:d9:66:94:d8:9e:c7:2c:fc:
                    2c:76:44:b0:cd:6b:c9:59:d5:aa:05:09:0f:a5:12:
                    08:6d:d6:56:6c:45:3f:b5:59:fc:03:cc:ae:96:25:
                    31:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:F2:41:F1:87:FA:62:69:A5:7C:CA:22:EA:6E:DB:7D:F5:46:42:59
            X509v3 Authority Key Identifier:
                keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/lvJB8Yf6YmmlfMoi6m7bffVGQlk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.115.32.0/19
                  86.111.222.0/23
                  157.167.4.0/23
                  157.167.10.0-157.167.128.255
                  157.167.130.0-157.167.132.255
                  157.167.157.0-157.167.163.255
                  157.167.192.0/24
                  157.167.200.0/24
                  185.4.96.0/22
                IPv6:
                  2001:4010::/32

    Signature Algorithm: sha256WithRSAEncryption
         36:02:f2:00:08:d4:f1:02:6e:b6:fc:6c:90:8c:af:7f:e3:dc:
         42:7f:bd:d1:53:b1:cb:6f:61:34:39:a5:c5:b2:9d:0a:6d:d6:
         ad:53:9d:9d:c0:b9:04:e1:7f:95:4c:a6:8e:2f:6e:2f:20:57:
         4e:a7:86:dd:ac:00:57:a3:3a:26:8d:eb:09:fc:42:f5:3e:8b:
         ad:42:ab:f3:58:ef:b7:78:a8:3e:0b:21:a5:08:4e:dc:4f:d9:
         ba:e8:b4:db:0b:9e:9f:5c:3e:4a:6a:d5:3d:8b:52:e4:01:e1:
         99:da:d4:8f:16:e7:76:35:68:79:4e:69:24:e7:5a:24:da:b5:
         56:45:b3:a3:cd:85:f9:5e:4e:cc:8e:e0:3d:53:01:c6:fe:e8:
         68:2d:3a:3d:b9:98:4c:e2:96:0e:11:b8:55:a2:08:95:5b:70:
         e8:0f:13:cf:1a:ae:97:03:44:ae:92:18:cc:fd:ff:6e:ec:ac:
         26:7f:8d:aa:cc:62:3a:ed:2f:76:95:22:e5:87:05:11:fa:06:
         23:a1:35:85:1b:19:82:41:7a:85:6e:c9:8a:91:e6:de:34:69:
         93:3d:c1:8d:84:a7:1b:7b:a5:d5:3e:62:4c:e8:50:75:76:50:
         2f:53:d3:78:a0:2c:32:db:84:45:6e:0d:7b:a0:2f:56:b9:50:
         44:69:74:da
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAY0dHbiEwlxzYcIADlkMBqBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjQwMTE4MTUwODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmYyNDFmMTg3ZmE2MjY5YTU3Y2NhMjJlYTZlZGI3ZGY1NDY0MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKu7cLs1Uu7fTuHgoa9i8LwAtWFn
fVWjl5VbPuuoA59UOflOhhA1SVCFcV1IwdfsGdwHNvt93I9BR8E9rDI52hIdr/y1
bijYZwE2hPvWh7QOeieITd9bFFMnYTqemi72h8fUpK0LggXTDKxSZvpx4WCBypnz
w9WBUSIC4vAacGyOmnWKaAsMxof9CAaGCjREdOdxMLBgItL766O7nvhqjorQLsJE
14y2PSMF5rclueCMGAba+WphOBb7xAHt/z8iNjdxktgRR6IIm9DVv8shFMkctaBT
dBaQ2WaU2J7HLPwsdkSwzWvJWdWqBQkPpRIIbdZWbEU/tVn8A8yuliUxfwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFJbyQfGH+mJppXzKIupu2331RkJZMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvbHZKQjhZZjZZbW1sZk1vaTZtN2JmZlZHUWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQFVXMgAwQB
Vm/eAwQBnacEMAwDBAGdpwoDBACdp4AwDAMEAZ2nggMEAJ2nhDAMAwQAnaedAwQC
naegAwQAnafAAwQAnafIAwQCuQRgMA0EAgACMAcDBQAgAUAQMA0GCSqGSIb3DQEB
CwUAA4IBAQA2AvIACNTxAm62/GyQjK9/49xCf73RU7HLb2E0OaXFsp0KbdatU52d
wLkE4X+VTKaOL24vIFdOp4bdrABXozomjesJ/EL1PoutQqvzWO+3eKg+CyGlCE7c
T9m66LTbC56fXD5KatU9i1LkAeGZ2tSPFud2NWh5Tmkk51ok2rVWRbOjzYX5Xk7M
juA9UwHG/uhoLTo9uZhM4pYOEbhVogiVW3DoDxPPGq6XA0SukhjM/f9u7Kwmf42q
zGI67S92lSLlhwUR+gYjoTWFGxmCQXqFbsmKkebeNGmTPcGNhKcbe6XVPmJM6FB1
dlAvU9N4oCwy24RFbg17oC9WuVBEaXTa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:27 2024 by rpki-client on console-ams.rpki-client.org