Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/OD6RJIzYGJibleYIk7egzEZtyeI.roa
File:                     OD6RJIzYGJibleYIk7egzEZtyeI.roa (raw, json)
Hash identifier:          +gOGCQql7BMTJOjkIpxVjKdYh6ldRCJzD29xzQDjOVQ=
Subject key identifier:   38:3E:91:24:8C:D8:18:98:9B:95:E6:08:93:B7:A0:CC:46:6D:C9:E2
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       01861610907B2C1A49335370CCAECB6E6D18
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/OD6RJIzYGJibleYIk7egzEZtyeI.roa
Signing time:             Fri 03 Feb 2023 06:57:09 +0000
ROA not before:           Fri 03 Feb 2023 06:57:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209372
IP address blocks:        185.112.56.0/23 maxlen: 24
                          185.95.102.0/23 maxlen: 24
                          185.95.100.0/23 maxlen: 24
                          185.81.173.0/24 maxlen: 24
                          185.110.130.0/24 maxlen: 24
                          185.110.131.0/24 maxlen: 24
                          89.19.57.0/24 maxlen: 24
                          89.19.58.0/24 maxlen: 24
                          185.175.225.0/24 maxlen: 24
                          185.175.224.0/24 maxlen: 24
                          89.19.59.0/24 maxlen: 24
                          185.68.245.0/24 maxlen: 24
                          213.170.223.0/24 maxlen: 24
                          185.81.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 Feb 2023 11:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:16:10:90:7b:2c:1a:49:33:53:70:cc:ae:cb:6e:6d:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Feb  3 06:57:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=383e91248cd818989b95e60893b7a0cc466dc9e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:b3:81:04:2e:93:48:bf:3c:9d:27:c9:d6:1e:
                    5a:98:b2:63:b0:c4:b3:2d:81:cd:30:f6:db:a8:bf:
                    d6:fc:7f:42:c8:64:e9:bd:9f:4f:96:e2:31:8d:5f:
                    9a:12:39:38:e5:88:ee:8b:65:73:5a:3b:51:b2:7d:
                    83:62:71:80:1f:b4:cc:5e:df:50:4f:8b:97:07:51:
                    4d:34:3b:1a:99:d7:84:30:ca:d9:7e:55:76:55:40:
                    7a:af:6f:d0:82:72:28:52:bc:ad:e4:22:a0:72:16:
                    1b:cc:cc:16:b3:e3:a2:02:55:20:03:76:c8:be:1d:
                    c5:e6:fb:6b:6b:50:9b:0e:41:57:83:01:4f:4e:c3:
                    9d:4a:3b:52:41:38:01:cc:81:2b:0f:c4:bf:66:eb:
                    0b:9b:44:58:14:26:6f:68:b7:65:28:be:32:6a:09:
                    a9:41:90:92:8e:10:49:ee:e9:0b:aa:43:01:ff:f8:
                    3d:3d:60:05:c8:26:fe:21:1d:76:45:e7:e5:f8:9f:
                    df:47:e5:f2:98:86:59:72:fe:d3:ef:31:d9:2d:0e:
                    31:07:92:40:6b:30:25:e8:ac:7a:56:47:94:28:23:
                    eb:15:33:d8:a8:a8:2e:f3:02:e1:46:82:91:c3:92:
                    1f:48:ea:a3:67:60:4b:58:31:e1:e9:12:27:4a:10:
                    61:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:3E:91:24:8C:D8:18:98:9B:95:E6:08:93:B7:A0:CC:46:6D:C9:E2
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/OD6RJIzYGJibleYIk7egzEZtyeI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.19.57.0-89.19.59.255
                  185.68.245.0/24
                  185.81.172.0/23
                  185.95.100.0/22
                  185.110.130.0/23
                  185.112.56.0/23
                  185.175.224.0/23
                  213.170.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:7b:fe:89:90:b2:cc:21:4f:2e:8a:c4:ab:da:ae:1a:2d:e9:
         6c:3e:f8:b5:62:e3:fe:05:f5:a0:6a:eb:0b:70:23:43:b1:a4:
         3e:3e:fe:e7:c6:c6:4f:cf:1e:ea:1d:bf:9c:d5:de:a4:2b:0c:
         ea:a7:76:8b:97:b1:7c:59:e6:9f:77:bc:6c:65:4e:69:9c:cc:
         f6:44:91:6b:ab:1b:71:3e:93:7e:38:c8:48:de:c8:dc:dd:03:
         fd:f1:27:69:11:bc:0b:d6:e9:47:c7:b3:2b:8b:41:ed:cf:a7:
         a7:53:61:55:3b:44:7d:84:15:fb:8e:63:79:87:6d:c1:8e:d8:
         08:4d:a7:d3:10:fa:b4:73:26:4e:b5:1b:0f:d1:fa:e4:46:99:
         6c:d1:a1:97:05:32:c7:5f:26:e0:47:de:76:99:9b:ca:50:c7:
         a0:4e:27:a7:f6:19:5b:db:bc:e3:fe:5e:7c:4a:28:90:d0:29:
         5f:c2:c9:70:30:cf:32:64:41:71:f4:fd:84:48:28:b5:6f:b3:
         79:fd:ee:0f:f0:e4:67:2b:e9:fe:f9:b6:b2:c4:67:8b:a4:4f:
         a2:b8:25:a4:22:50:b0:bc:36:65:21:3b:e7:88:1f:42:ff:1b:
         56:27:a2:4a:e4:aa:a1:39:f3:6a:9c:d3:32:87:0b:61:ec:35:
         10:98:9c:f0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYYWEJB7LBpJM1NwzK7Lbm0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMjAzMDY1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODNlOTEyNDhjZDgxODk4OWI5NWU2MDg5M2I3YTBjYzQ2NmRjOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57OBBC6TSL88nSfJ1h5amLJjsMSz
LYHNMPbbqL/W/H9CyGTpvZ9PluIxjV+aEjk45Yjui2VzWjtRsn2DYnGAH7TMXt9Q
T4uXB1FNNDsamdeEMMrZflV2VUB6r2/QgnIoUryt5CKgchYbzMwWs+OiAlUgA3bI
vh3F5vtra1CbDkFXgwFPTsOdSjtSQTgBzIErD8S/ZusLm0RYFCZvaLdlKL4yagmp
QZCSjhBJ7ukLqkMB//g9PWAFyCb+IR12Refl+J/fR+XymIZZcv7T7zHZLQ4xB5JA
azAl6Kx6VkeUKCPrFTPYqKgu8wLhRoKRw5IfSOqjZ2BLWDHh6RInShBhMwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDg+kSSM2BiYm5XmCJO3oMxGbcniMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvT0Q2UkpJellHSmlibGVZSWs3ZWd6RVp0eWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBABZEzkD
BAJZEzgDBAC5RPUDBAG5UawDBAK5X2QDBAG5boIDBAG5cDgDBAG5r+ADBADVqt8w
DQYJKoZIhvcNAQELBQADggEBACJ7/omQsswhTy6KxKvarhot6Ww++LVi4/4F9aBq
6wtwI0OxpD4+/ufGxk/PHuodv5zV3qQrDOqndouXsXxZ5p93vGxlTmmczPZEkWur
G3E+k344yEjeyNzdA/3xJ2kRvAvW6UfHsyuLQe3Pp6dTYVU7RH2EFfuOY3mHbcGO
2AhNp9MQ+rRzJk61Gw/R+uRGmWzRoZcFMsdfJuBH3naZm8pQx6BOJ6f2GVvbvOP+
XnxKKJDQKV/CyXAwzzJkQXH0/YRIKLVvs3n97g/w5Gcr6f75trLEZ4ukT6K4JaQi
ULC8NmUhO+eIH0L/G1YnokrkqqE582qc0zKHC2HsNRCYnPA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org