Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/efUUPfYt4Y8f44-qVtLKuwUSmng.roa
File:                     efUUPfYt4Y8f44-qVtLKuwUSmng.roa (raw, json)
Hash identifier:          y8pqBAOdFTo/+ppZjvmWtPBEwuMgqi7RBcApIzj/dHY=
Subject key identifier:   79:F5:14:3D:F6:2D:E1:8F:1F:E3:8F:AA:56:D2:CA:BB:05:12:9A:78
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       018572D5C9155AA4F3ADCDCE1238EF2F3BD2
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/efUUPfYt4Y8f44-qVtLKuwUSmng.roa
Signing time:             Mon 02 Jan 2023 14:14:51 +0000
ROA not before:           Mon 02 Jan 2023 14:14:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        185.95.102.0/23 maxlen: 24
                          185.95.101.0/24 maxlen: 24
                          185.81.174.0/24 maxlen: 24
                          185.81.184.0/24 maxlen: 24
                          185.81.187.0/24 maxlen: 24
                          185.97.3.0/24 maxlen: 24
                          185.97.1.0/24 maxlen: 24
                          185.68.246.0/24 maxlen: 24
                          185.89.43.0/24 maxlen: 24
                          185.89.42.0/24 maxlen: 24
                          185.68.247.0/24 maxlen: 24
                          194.104.10.0/24 maxlen: 24
                          185.68.184.0/24 maxlen: 24
                          5.181.169.0/24 maxlen: 24
                          5.181.168.0/24 maxlen: 24
                          185.96.80.0/24 maxlen: 24
                          213.232.122.0/24 maxlen: 24
                          213.232.120.0/24 maxlen: 24
                          83.171.226.0/24 maxlen: 24
                          83.171.224.0/24 maxlen: 24
                          83.171.227.0/24 maxlen: 24
                          185.96.38.0/24 maxlen: 24
                          185.89.104.0/23 maxlen: 24
                          185.89.108.0/22 maxlen: 24
                          141.98.87.0/24 maxlen: 24
                          185.81.172.0/23 maxlen: 24
                          5.183.255.0/24 maxlen: 24
                          185.88.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 03 Feb 2023 06:57:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:d5:c9:15:5a:a4:f3:ad:cd:ce:12:38:ef:2f:3b:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jan  2 14:14:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=79f5143df62de18f1fe38faa56d2cabb05129a78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:40:3f:16:b9:e2:e8:05:00:84:78:6b:cc:60:
                    82:72:1d:b3:c9:29:ff:c8:12:ea:ad:64:fc:56:06:
                    e3:6f:03:b8:24:e0:41:7f:b3:03:3d:06:55:18:ce:
                    ee:3a:10:e2:89:a3:ec:4a:29:ec:91:f6:59:1f:5d:
                    e7:b0:ff:12:9f:f3:a9:00:74:3c:38:6e:21:47:de:
                    c4:f9:e5:00:36:aa:d1:06:6f:b4:fb:50:e3:21:26:
                    2a:40:60:1f:33:9c:fe:99:8c:5d:47:9b:82:40:ad:
                    58:56:0a:45:dd:6c:1e:b2:24:4b:3f:97:0d:97:aa:
                    43:95:9b:64:b8:92:e0:ff:43:c1:c4:e0:e1:28:57:
                    62:12:1e:0a:48:5c:67:76:87:58:33:74:28:06:5f:
                    c4:79:8c:48:8f:9d:81:13:c2:71:3e:e5:37:0a:e8:
                    5e:e6:03:ec:c0:97:67:70:6f:4e:39:2f:84:7b:a6:
                    5c:50:75:c6:af:2d:8e:ac:bc:a3:aa:b2:bd:74:b5:
                    55:32:cf:a5:a4:8f:f3:59:65:ee:b0:ca:9f:42:2d:
                    8c:c4:39:b7:ed:d1:9d:25:82:b2:6a:98:86:f1:4c:
                    11:0a:69:04:80:83:99:3a:9d:b3:6c:76:57:79:6e:
                    8f:26:8c:c4:3f:38:8c:ac:b4:78:5c:4c:9e:5a:fc:
                    8a:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:F5:14:3D:F6:2D:E1:8F:1F:E3:8F:AA:56:D2:CA:BB:05:12:9A:78
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/efUUPfYt4Y8f44-qVtLKuwUSmng.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.168.0/23
                  5.183.255.0/24
                  83.171.224.0/24
                  83.171.226.0/23
                  141.98.87.0/24
                  185.68.184.0/24
                  185.68.246.0/23
                  185.81.172.0-185.81.174.255
                  185.81.184.0/24
                  185.81.187.0/24
                  185.88.36.0/24
                  185.89.42.0/23
                  185.89.104.0/23
                  185.89.108.0/22
                  185.95.101.0-185.95.103.255
                  185.96.38.0/24
                  185.96.80.0/24
                  185.97.1.0/24
                  185.97.3.0/24
                  194.104.10.0/24
                  213.232.120.0/24
                  213.232.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:09:11:d8:c3:b2:4d:b7:1a:c9:55:a7:6c:74:0e:be:0c:c7:
         f6:b3:0e:ef:13:df:0c:6f:22:67:8a:b5:73:2f:35:26:06:39:
         ea:c3:f7:ce:15:65:9c:04:16:19:4f:dd:03:47:a3:88:b3:0e:
         71:fc:ba:64:a7:6c:71:6e:83:47:a4:93:c8:4e:44:a5:44:c9:
         39:60:14:1b:61:a6:cb:a0:3d:48:1b:bc:00:91:d2:56:9e:ac:
         28:08:6f:12:96:04:22:c7:d1:44:7e:67:d6:ad:c8:fc:ae:ab:
         a0:4a:b9:19:ec:fd:ef:a5:f1:4c:f7:b3:d3:8b:34:42:4d:58:
         1f:6c:2f:3e:f2:2e:cd:ce:91:01:a5:bf:24:63:47:6a:cd:14:
         ad:6f:80:9c:ea:a2:d0:1d:e5:cf:5c:d3:7c:38:64:9e:7f:4a:
         db:cc:40:27:ec:25:4b:ae:5b:38:b4:04:d3:3c:b5:53:dd:80:
         a8:55:81:8c:6e:d7:ec:c9:7e:2b:a9:17:24:b6:42:74:4c:6d:
         ea:cb:d6:32:cd:fd:22:19:bc:68:95:55:a9:9b:f8:eb:ab:41:
         bb:c1:df:92:26:23:c7:e5:b3:06:93:cd:4c:fa:b3:1f:4f:54:
         51:4f:c1:4a:a2:08:b4:91:2e:37:11:f1:64:c9:c7:6e:f0:7e:
         40:fa:10:9a
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYVy1ckVWqTzrc3OEjjvLzvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMTAyMTQxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWY1MTQzZGY2MmRlMThmMWZlMzhmYWE1NmQyY2FiYjA1MTI5YTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEA/Frni6AUAhHhrzGCCch2zySn/
yBLqrWT8VgbjbwO4JOBBf7MDPQZVGM7uOhDiiaPsSinskfZZH13nsP8Sn/OpAHQ8
OG4hR97E+eUANqrRBm+0+1DjISYqQGAfM5z+mYxdR5uCQK1YVgpF3WwesiRLP5cN
l6pDlZtkuJLg/0PBxODhKFdiEh4KSFxndodYM3QoBl/EeYxIj52BE8JxPuU3Cuhe
5gPswJdncG9OOS+Ee6ZcUHXGry2OrLyjqrK9dLVVMs+lpI/zWWXusMqfQi2MxDm3
7dGdJYKyapiG8UwRCmkEgIOZOp2zbHZXeW6PJozEPziMrLR4XEyeWvyKswIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFHn1FD32LeGPH+OPqlbSyrsFEpp4MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvZWZVVVBmWXQ0WThmNDQtcVZ0TEt1d1VTbW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAEF
tagDBAAFt/8DBABTq+ADBAFTq+IDBACNYlcDBAC5RLgDBAG5RPYwDAMEArlRrAME
ALlRrgMEALlRuAMEALlRuwMEALlYJAMEAblZKgMEAblZaAMEArlZbDAMAwQAuV9l
AwQDuV9gAwQAuWAmAwQAuWBQAwQAuWEBAwQAuWEDAwQAwmgKAwQA1eh4AwQA1eh6
MA0GCSqGSIb3DQEBCwUAA4IBAQATCRHYw7JNtxrJVadsdA6+DMf2sw7vE98MbyJn
irVzLzUmBjnqw/fOFWWcBBYZT90DR6OIsw5x/Lpkp2xxboNHpJPITkSlRMk5YBQb
YabLoD1IG7wAkdJWnqwoCG8SlgQix9FEfmfWrcj8rqugSrkZ7P3vpfFM97PTizRC
TVgfbC8+8i7NzpEBpb8kY0dqzRStb4Cc6qLQHeXPXNN8OGSef0rbzEAn7CVLrls4
tATTPLVT3YCoVYGMbtfsyX4rqRcktkJ0TG3qy9Yyzf0iGbxolVWpm/jrq0G7wd+S
JiPH5bMGk81M+rMfT1RRT8FKogi0kS43EfFkycdu8H5A+hCa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org