Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/gEkZ6lHWGxM0q2FzQkj4RZ_U-dw.roa
File:                     gEkZ6lHWGxM0q2FzQkj4RZ_U-dw.roa (raw, json)
Hash identifier:          dx5jP7pUKv9Tc6jWHZOyN+ujfJgQOBU/zrz8AmJTv/0=
Subject key identifier:   80:49:19:EA:51:D6:1B:13:34:AB:61:73:42:48:F8:45:9F:D4:F9:DC
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       0188928AD4C72B76845DFC98E55A9A2281E6
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/gEkZ6lHWGxM0q2FzQkj4RZ_U-dw.roa
Signing time:             Tue 06 Jun 2023 21:09:11 +0000
ROA not before:           Tue 06 Jun 2023 21:09:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209372
IP address blocks:        185.112.56.0/23 maxlen: 24
                          185.95.102.0/23 maxlen: 24
                          185.95.100.0/23 maxlen: 24
                          193.221.215.0/24 maxlen: 24
                          185.81.174.0/23 maxlen: 24
                          185.81.174.0/24 maxlen: 24
                          185.81.173.0/24 maxlen: 24
                          185.81.186.0/23 maxlen: 24
                          185.81.184.0/23 maxlen: 24
                          185.97.1.0/24 maxlen: 24
                          185.97.3.0/24 maxlen: 24
                          185.110.130.0/24 maxlen: 24
                          185.110.128.0/24 maxlen: 24
                          185.110.129.0/24 maxlen: 24
                          185.110.131.0/24 maxlen: 24
                          185.68.245.0/24 maxlen: 24
                          185.111.27.0/24 maxlen: 24
                          185.96.83.0/24 maxlen: 24
                          185.96.80.0/24 maxlen: 24
                          185.185.147.0/24 maxlen: 24
                          185.79.51.0/24 maxlen: 24
                          185.96.36.0/24 maxlen: 24
                          185.104.151.0/24 maxlen: 24
                          185.79.79.0/24 maxlen: 24
                          185.89.108.0/22 maxlen: 24
                          89.19.57.0/24 maxlen: 24
                          89.19.58.0/24 maxlen: 24
                          185.175.225.0/24 maxlen: 24
                          185.175.224.0/24 maxlen: 24
                          89.19.59.0/24 maxlen: 24
                          213.170.223.0/24 maxlen: 24
                          185.81.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 07 Jun 2023 19:26:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:92:8a:d4:c7:2b:76:84:5d:fc:98:e5:5a:9a:22:81:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jun  6 21:09:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=804919ea51d61b1334ab61734248f8459fd4f9dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:6b:67:8a:45:37:62:4b:c4:f1:d0:3e:58:c4:
                    75:9f:9c:8d:9b:b8:4a:17:2d:b2:a6:e1:34:14:23:
                    6c:2c:80:2d:cc:a0:83:35:30:d2:20:c9:02:a3:b1:
                    91:c5:4e:c9:d4:a7:2f:48:f9:11:77:fd:73:c0:65:
                    ef:6e:51:c8:8a:f3:f0:95:9c:7f:9a:00:ef:83:e6:
                    fa:04:11:b1:05:60:73:50:fb:05:e9:6f:06:93:9b:
                    fd:6a:1f:35:13:33:b8:09:53:7c:ab:25:2f:25:65:
                    b1:08:3e:c6:a3:72:c1:d4:28:f1:97:c1:ae:cf:6d:
                    31:67:d5:ff:ff:7e:18:f5:6f:c9:4a:b8:1e:0c:1a:
                    8d:6d:e2:86:2b:4d:05:c7:9b:c9:e2:a2:de:87:16:
                    12:74:a9:29:be:93:12:3a:ec:e8:59:32:ed:88:a0:
                    dc:98:5c:c6:c5:b2:8b:6e:88:bc:7a:20:4b:ca:44:
                    ff:36:4c:02:4c:42:ee:03:fd:72:30:92:10:f0:a2:
                    e5:f2:3f:9c:4e:cf:17:7f:15:47:0b:bc:82:f5:df:
                    b6:67:5c:92:8a:27:08:48:94:3a:74:d8:8f:02:6d:
                    f4:b9:68:11:26:e7:98:e7:1b:f9:0f:7e:4d:a0:42:
                    a8:8a:aa:74:0e:d4:aa:49:f7:ae:09:8a:6a:2f:4d:
                    5a:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:49:19:EA:51:D6:1B:13:34:AB:61:73:42:48:F8:45:9F:D4:F9:DC
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/gEkZ6lHWGxM0q2FzQkj4RZ_U-dw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.19.57.0-89.19.59.255
                  185.68.245.0/24
                  185.79.51.0/24
                  185.79.79.0/24
                  185.81.172.0/22
                  185.81.184.0/22
                  185.89.108.0/22
                  185.95.100.0/22
                  185.96.36.0/24
                  185.96.80.0/24
                  185.96.83.0/24
                  185.97.1.0/24
                  185.97.3.0/24
                  185.104.151.0/24
                  185.110.128.0/22
                  185.111.27.0/24
                  185.112.56.0/23
                  185.175.224.0/23
                  185.185.147.0/24
                  193.221.215.0/24
                  213.170.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:79:d7:11:0d:7d:02:e7:59:68:37:7d:44:44:33:9d:ad:96:
         83:48:dd:35:3f:10:9c:76:c6:32:01:e0:7d:60:c8:85:5d:8d:
         95:1e:ff:17:b1:73:bb:a1:1d:ca:61:9c:ab:0a:8c:cb:92:24:
         53:61:74:4f:33:2b:f9:b4:03:1c:b2:07:55:fc:9d:80:13:22:
         01:33:e4:a3:1a:e7:a5:dc:c6:4d:4c:33:f7:16:73:76:22:56:
         cd:8f:32:2e:fc:fe:b3:76:cf:7f:55:11:30:f7:ae:9c:55:82:
         74:99:16:f6:68:e3:53:33:f8:7d:fb:a1:17:6e:2c:6f:2f:d8:
         84:47:ae:bc:9d:f0:69:0b:24:ab:05:1c:ab:4e:a2:d4:f0:a9:
         c0:ec:d0:b9:ae:85:2f:71:2f:89:22:f0:0d:dc:35:b1:5c:88:
         c6:c6:3c:c1:ec:e2:d3:5f:cf:16:af:42:83:dc:71:c0:ee:0f:
         a3:09:d7:63:02:34:a9:3d:5c:c9:84:a3:2e:f7:33:d3:52:66:
         64:f7:9e:3e:af:06:5b:36:11:65:ad:cf:6d:b7:f2:da:15:0f:
         24:d6:dc:61:74:89:9f:0f:d5:51:09:e0:22:0c:e4:fc:32:3c:
         dd:60:1f:da:91:51:e8:d7:14:33:12:bf:f3:8d:57:38:b3:47:
         db:06:30:05
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYiSitTHK3aEXfyY5VqaIoHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwNjA2MjEwOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDQ5MTllYTUxZDYxYjEzMzRhYjYxNzM0MjQ4Zjg0NTlmZDRmOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGtnikU3YkvE8dA+WMR1n5yNm7hK
Fy2ypuE0FCNsLIAtzKCDNTDSIMkCo7GRxU7J1KcvSPkRd/1zwGXvblHIivPwlZx/
mgDvg+b6BBGxBWBzUPsF6W8Gk5v9ah81EzO4CVN8qyUvJWWxCD7Go3LB1Cjxl8Gu
z20xZ9X//34Y9W/JSrgeDBqNbeKGK00Fx5vJ4qLehxYSdKkpvpMSOuzoWTLtiKDc
mFzGxbKLboi8eiBLykT/NkwCTELuA/1yMJIQ8KLl8j+cTs8XfxVHC7yC9d+2Z1yS
iicISJQ6dNiPAm30uWgRJueY5xv5D35NoEKoiqp0DtSqSfeuCYpqL01azQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFIBJGepR1hsTNKthc0JI+EWf1PncMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvZ0VrWjZsSFdHeE0wcTJGelFrajRSWl9VLWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYwDAME
AFkTOQMEAlkTOAMEALlE9QMEALlPMwMEALlPTwMEArlRrAMEArlRuAMEArlZbAME
ArlfZAMEALlgJAMEALlgUAMEALlgUwMEALlhAQMEALlhAwMEALlolwMEArlugAME
ALlvGwMEAblwOAMEAbmv4AMEALm5kwMEAMHd1wMEANWq3zANBgkqhkiG9w0BAQsF
AAOCAQEAJXnXEQ19AudZaDd9REQzna2Wg0jdNT8QnHbGMgHgfWDIhV2NlR7/F7Fz
u6EdymGcqwqMy5IkU2F0TzMr+bQDHLIHVfydgBMiATPkoxrnpdzGTUwz9xZzdiJW
zY8yLvz+s3bPf1URMPeunFWCdJkW9mjjUzP4ffuhF24sby/YhEeuvJ3waQskqwUc
q06i1PCpwOzQua6FL3EviSLwDdw1sVyIxsY8wezi01/PFq9Cg9xxwO4PownXYwI0
qT1cyYSjLvcz01JmZPeePq8GWzYRZa3Pbbfy2hUPJNbcYXSJnw/VUQngIgzk/DI8
3WAf2pFR6NcUMxK/841XOLNH2wYwBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org