Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/G9Cd4RmuQtdrKNzWNo5XD7oNmM0.roa
File:                     G9Cd4RmuQtdrKNzWNo5XD7oNmM0.roa (raw, json)
Hash identifier:          EAh6UMVg8U745Hrg7BYLgam8R4OQe4ako9G0svwcB7Q=
Subject key identifier:   1B:D0:9D:E1:19:AE:42:D7:6B:28:DC:D6:36:8E:57:0F:BA:0D:98:CD
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       018572D5CA7F8FF6143A251C5959C4913E93
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/G9Cd4RmuQtdrKNzWNo5XD7oNmM0.roa
Signing time:             Mon 02 Jan 2023 14:14:51 +0000
ROA not before:           Mon 02 Jan 2023 14:14:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14576
IP address blocks:        213.108.3.0/24 maxlen: 24
                          213.108.1.0/24 maxlen: 24
                          213.108.0.0/24 maxlen: 24
                          5.183.252.0/24 maxlen: 24
                          185.77.220.0/22 maxlen: 24
                          83.171.225.0/24 maxlen: 24
                          77.220.192.0/24 maxlen: 24
                          77.220.195.0/24 maxlen: 24
                          141.98.84.0/24 maxlen: 24
                          194.104.9.0/24 maxlen: 24
                          194.104.8.0/24 maxlen: 24
                          45.10.165.0/24 maxlen: 24
                          45.10.164.0/24 maxlen: 24
                          45.10.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 10 Jun 2023 10:54:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:d5:ca:7f:8f:f6:14:3a:25:1c:59:59:c4:91:3e:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jan  2 14:14:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1bd09de119ae42d76b28dcd6368e570fba0d98cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c1:3e:e3:73:9c:29:63:12:6b:73:48:8f:93:
                    87:4c:29:fd:0d:6d:aa:2c:00:6a:8e:7b:5a:90:45:
                    0e:ea:31:42:64:dc:55:14:b9:fc:34:51:d1:03:45:
                    a9:40:ac:b7:aa:93:38:c5:3b:5d:a3:ea:7d:e2:4b:
                    55:9a:7f:fc:7e:9f:2f:a4:62:ab:a5:4e:3e:d7:c6:
                    8b:09:e3:2d:f0:13:6a:7c:0e:98:c1:56:4a:4f:83:
                    61:8a:f3:10:9b:ab:65:69:05:53:82:42:b3:64:34:
                    a0:3c:78:92:30:bc:2d:44:65:4d:48:13:c6:89:53:
                    44:53:86:f7:c4:f4:f8:16:72:db:7a:f0:cb:79:fe:
                    ec:bf:c1:59:4e:b5:cc:ab:da:78:a3:3c:6c:7f:ee:
                    5d:06:2c:b1:04:64:e1:57:7c:31:83:9d:37:bd:fc:
                    f9:6f:a5:e3:5f:c8:22:9d:23:32:f4:11:d2:9e:42:
                    32:df:9d:16:89:1c:08:76:b9:3c:0e:25:98:80:db:
                    f0:c9:95:70:fd:96:c5:c9:80:b3:47:d0:5c:81:37:
                    6e:19:27:c3:0c:1c:d6:94:8a:51:55:87:42:ab:b7:
                    17:ab:e8:ca:6e:f9:ca:94:8e:af:71:d2:6f:9c:dc:
                    69:bf:d2:5a:07:e5:18:b9:79:e9:b8:63:64:b1:28:
                    ba:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:D0:9D:E1:19:AE:42:D7:6B:28:DC:D6:36:8E:57:0F:BA:0D:98:CD
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/G9Cd4RmuQtdrKNzWNo5XD7oNmM0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.252.0/24
                  45.10.164.0/23
                  45.10.167.0/24
                  77.220.192.0/24
                  77.220.195.0/24
                  83.171.225.0/24
                  141.98.84.0/24
                  185.77.220.0/22
                  194.104.8.0/23
                  213.108.0.0/23
                  213.108.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:47:14:da:62:d5:9a:09:92:fb:f9:88:b2:97:93:5e:04:a8:
         23:9e:7f:bf:c4:ac:8e:64:8a:2c:46:3c:79:97:c6:ad:c3:b2:
         c9:7e:16:6a:1a:7b:29:54:24:9c:23:7e:0f:a6:32:42:75:9c:
         29:3a:14:81:2f:eb:0a:61:4b:fc:ab:40:97:b3:3f:d0:15:3d:
         65:b4:a4:1e:57:83:3a:75:e8:63:a1:38:52:8a:2e:78:63:13:
         7c:f4:08:9b:d4:b6:ce:3f:4a:ca:f1:3c:9d:0a:3f:08:40:3c:
         fe:3d:68:09:d2:28:cd:96:9a:4e:22:cf:cf:b7:57:d5:6e:82:
         37:58:34:28:a2:e4:1b:37:06:97:83:1e:4c:9c:07:6e:74:df:
         26:5e:bd:a2:39:d9:c7:63:97:cc:1c:50:ec:87:cc:af:53:03:
         05:c7:68:18:44:3e:63:6c:28:2d:fb:ac:30:4f:f7:27:07:3c:
         32:6a:e9:dd:53:6b:23:bf:c4:f2:da:de:e3:76:4b:9d:91:9b:
         14:63:78:bc:c5:65:a6:46:9c:a9:72:c0:8c:d4:e2:fd:91:b0:
         8d:9b:41:86:0c:e0:06:80:f8:ef:58:0a:ab:b9:dc:10:7b:cb:
         3a:7b:ac:35:5b:24:05:c2:a5:67:cc:ed:87:a0:dd:8d:66:56:
         95:de:32:6a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVy1cp/j/YUOiUcWVnEkT6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMTAyMTQxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQwOWRlMTE5YWU0MmQ3NmIyOGRjZDYzNjhlNTcwZmJhMGQ5OGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscE+43OcKWMSa3NIj5OHTCn9DW2q
LABqjntakEUO6jFCZNxVFLn8NFHRA0WpQKy3qpM4xTtdo+p94ktVmn/8fp8vpGKr
pU4+18aLCeMt8BNqfA6YwVZKT4NhivMQm6tlaQVTgkKzZDSgPHiSMLwtRGVNSBPG
iVNEU4b3xPT4FnLbevDLef7sv8FZTrXMq9p4ozxsf+5dBiyxBGThV3wxg503vfz5
b6XjX8ginSMy9BHSnkIy350WiRwIdrk8DiWYgNvwyZVw/ZbFyYCzR9BcgTduGSfD
DBzWlIpRVYdCq7cXq+jKbvnKlI6vcdJvnNxpv9JaB+UYuXnpuGNksSi6hwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFBvQneEZrkLXayjc1jaOVw+6DZjNMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvRzlDZDRSbXVRdGRyS056V05vNVhEN29ObU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABbf8AwQB
LQqkAwQALQqnAwQATdzAAwQATdzDAwQAU6vhAwQAjWJUAwQCuU3cAwQBwmgIAwQB
1WwAAwQA1WwDMA0GCSqGSIb3DQEBCwUAA4IBAQCGRxTaYtWaCZL7+Yiyl5NeBKgj
nn+/xKyOZIosRjx5l8atw7LJfhZqGnspVCScI34PpjJCdZwpOhSBL+sKYUv8q0CX
sz/QFT1ltKQeV4M6dehjoThSii54YxN89Aib1LbOP0rK8TydCj8IQDz+PWgJ0ijN
lppOIs/Pt1fVboI3WDQoouQbNwaXgx5MnAdudN8mXr2iOdnHY5fMHFDsh8yvUwMF
x2gYRD5jbCgt+6wwT/cnBzwyaundU2sjv8Ty2t7jdkudkZsUY3i8xWWmRpypcsCM
1OL9kbCNm0GGDOAGgPjvWAqrudwQe8s6e6w1WyQFwqVnzO2HoN2NZlaV3jJq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org