Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/tL2MGMEIyxRKsVnl7K9zNdR4oNM.roa
File:                     tL2MGMEIyxRKsVnl7K9zNdR4oNM.roa (raw, json)
Hash identifier:          F5vljZ8wBOffopbhk/4ExBY6DYuprc78auGIbe2g+H0=
Subject key identifier:   B4:BD:8C:18:C1:08:CB:14:4A:B1:59:E5:EC:AF:73:35:D4:78:A0:D3
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       018F641482351D90D303A33A5AA250AC1842
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/tL2MGMEIyxRKsVnl7K9zNdR4oNM.roa
Signing time:             Fri 10 May 2024 19:56:56 +0000
ROA not before:           Fri 10 May 2024 19:56:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209372
IP address blocks:        89.19.57.0/24 maxlen: 24
                          89.19.58.0/24 maxlen: 24
                          89.19.59.0/24 maxlen: 24
                          185.68.245.0/24 maxlen: 24
                          185.79.51.0/24 maxlen: 24
                          185.79.79.0/24 maxlen: 24
                          185.81.172.0/24 maxlen: 24
                          185.81.173.0/24 maxlen: 24
                          185.81.174.0/23 maxlen: 24
                          185.81.174.0/24 maxlen: 24
                          185.81.184.0/23 maxlen: 24
                          185.81.186.0/23 maxlen: 24
                          185.89.40.0/24 maxlen: 24
                          185.89.108.0/22 maxlen: 24
                          185.95.100.0/23 maxlen: 24
                          185.95.102.0/23 maxlen: 24
                          185.96.80.0/24 maxlen: 24
                          185.96.83.0/24 maxlen: 24
                          185.97.1.0/24 maxlen: 24
                          185.97.3.0/24 maxlen: 24
                          185.104.151.0/24 maxlen: 24
                          185.112.56.0/23 maxlen: 24
                          185.175.224.0/24 maxlen: 24
                          185.175.225.0/24 maxlen: 24
                          185.185.147.0/24 maxlen: 24
                          193.221.215.0/24 maxlen: 24
                          213.170.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 23 Aug 2024 12:50:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:64:14:82:35:1d:90:d3:03:a3:3a:5a:a2:50:ac:18:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: May 10 19:56:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b4bd8c18c108cb144ab159e5ecaf7335d478a0d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b7:d0:e8:dc:cf:19:6e:f2:0e:8f:e1:51:f3:
                    f3:c0:b5:00:4b:d1:47:de:b9:92:dc:44:ed:39:b4:
                    1a:d3:6d:90:9e:8d:87:4a:dd:ba:e4:fb:a8:20:0c:
                    e2:36:a8:50:69:5f:12:a7:11:c1:57:91:fd:03:fd:
                    c6:fa:04:a1:91:2f:a7:b1:bb:69:be:95:7e:4b:56:
                    7c:a3:99:1a:31:99:58:ae:4f:36:c0:58:68:7d:7e:
                    0e:f8:5f:4f:59:48:57:c0:d4:f9:55:ce:70:89:8a:
                    1b:2a:ba:14:23:cf:76:e7:ca:36:60:f5:b0:fa:62:
                    c2:c8:ac:9f:cc:39:4c:b6:01:d0:7d:9b:9f:0d:77:
                    0c:0c:46:76:07:80:b3:4c:a8:b2:f8:bc:80:13:2f:
                    d4:be:ce:5b:30:d6:90:0e:e1:23:71:23:e7:91:5c:
                    38:4b:c5:85:62:1a:c0:08:d6:c5:33:f5:85:c8:6c:
                    25:b8:be:64:f6:3b:71:8f:02:08:7a:31:ff:a1:7d:
                    f3:0b:b6:07:50:15:19:08:7c:f1:16:f0:24:ba:79:
                    6e:d6:db:80:b4:ad:30:90:80:39:0d:46:24:a6:fe:
                    06:61:f3:dd:ad:11:97:08:a4:20:e0:4b:18:7a:ee:
                    4f:4b:35:d3:20:0e:b8:3a:68:c2:ec:b1:78:9c:dd:
                    df:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:BD:8C:18:C1:08:CB:14:4A:B1:59:E5:EC:AF:73:35:D4:78:A0:D3
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/tL2MGMEIyxRKsVnl7K9zNdR4oNM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.19.57.0-89.19.59.255
                  185.68.245.0/24
                  185.79.51.0/24
                  185.79.79.0/24
                  185.81.172.0/22
                  185.81.184.0/22
                  185.89.40.0/24
                  185.89.108.0/22
                  185.95.100.0/22
                  185.96.80.0/24
                  185.96.83.0/24
                  185.97.1.0/24
                  185.97.3.0/24
                  185.104.151.0/24
                  185.112.56.0/23
                  185.175.224.0/23
                  185.185.147.0/24
                  193.221.215.0/24
                  213.170.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:6f:17:61:d4:19:99:a5:45:d7:b9:ba:ac:73:34:a1:70:c2:
         04:aa:82:d4:f4:aa:68:ba:3d:8a:2d:3a:96:c4:ad:19:97:cc:
         c7:7f:4f:c1:69:e2:59:af:8a:0a:d1:45:4b:df:09:d6:a6:2a:
         44:b1:20:ec:9c:da:3c:85:03:1e:f5:0f:03:c7:de:2f:42:30:
         31:ee:68:bb:69:61:d9:e3:ee:96:50:29:0b:aa:16:24:ca:e6:
         00:f0:a5:74:32:14:db:d8:ed:8c:1f:ef:cf:5c:9e:67:58:c7:
         d3:e1:b9:1f:2d:ad:e4:d8:34:c2:ce:b6:4a:c1:c7:30:06:27:
         7b:22:1a:6b:d8:58:28:65:31:bd:92:31:af:c8:bd:ba:a0:01:
         41:6c:8c:fd:96:a7:c2:12:7c:0b:88:04:c7:06:b9:cf:ab:f1:
         82:68:d1:91:8a:0a:d6:93:2b:e2:66:1f:1c:28:1f:9a:fc:cf:
         67:e0:d1:98:5a:07:c1:b6:c0:95:d0:90:bd:93:b6:a1:d1:37:
         69:52:4f:65:b9:bf:c6:c2:ea:c5:7f:c1:a9:2d:ec:3b:9c:16:
         97:12:71:62:a9:86:e5:bb:3b:b1:49:89:3e:8b:32:ad:41:73:
         6f:d0:64:04:0d:82:07:0a:23:b9:51:cb:03:4f:a3:82:9f:07:
         e0:71:3a:49
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAY9kFII1HZDTA6M6WqJQrBhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwNTEwMTk1NjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJkOGMxOGMxMDhjYjE0NGFiMTU5ZTVlY2FmNzMzNWQ0NzhhMGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLfQ6NzPGW7yDo/hUfPzwLUAS9FH
3rmS3ETtObQa022Qno2HSt265PuoIAziNqhQaV8SpxHBV5H9A/3G+gShkS+nsbtp
vpV+S1Z8o5kaMZlYrk82wFhofX4O+F9PWUhXwNT5Vc5wiYobKroUI89258o2YPWw
+mLCyKyfzDlMtgHQfZufDXcMDEZ2B4CzTKiy+LyAEy/Uvs5bMNaQDuEjcSPnkVw4
S8WFYhrACNbFM/WFyGwluL5k9jtxjwIIejH/oX3zC7YHUBUZCHzxFvAkunlu1tuA
tK0wkIA5DUYkpv4GYfPdrRGXCKQg4EsYeu5PSzXTIA64OmjC7LF4nN3f3wIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFLS9jBjBCMsUSrFZ5eyvczXUeKDTMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvdEwyTUdNRUl5eFJLc1ZubDdLOXpOZFI0b05NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwejAMAwQA
WRM5AwQCWRM4AwQAuUT1AwQAuU8zAwQAuU9PAwQCuVGsAwQCuVG4AwQAuVkoAwQC
uVlsAwQCuV9kAwQAuWBQAwQAuWBTAwQAuWEBAwQAuWEDAwQAuWiXAwQBuXA4AwQB
ua/gAwQAubmTAwQAwd3XAwQA1arfMA0GCSqGSIb3DQEBCwUAA4IBAQB9bxdh1BmZ
pUXXubqsczShcMIEqoLU9Kpouj2KLTqWxK0Zl8zHf0/BaeJZr4oK0UVL3wnWpipE
sSDsnNo8hQMe9Q8Dx94vQjAx7mi7aWHZ4+6WUCkLqhYkyuYA8KV0MhTb2O2MH+/P
XJ5nWMfT4bkfLa3k2DTCzrZKwccwBid7Ihpr2FgoZTG9kjGvyL26oAFBbIz9lqfC
EnwLiATHBrnPq/GCaNGRigrWkyviZh8cKB+a/M9n4NGYWgfBtsCV0JC9k7ah0Tdp
Uk9lub/GwurFf8GpLew7nBaXEnFiqYbluzuxSYk+izKtQXNv0GQEDYIHCiO5UcsD
T6OCnwfgcTpJ
-----END CERTIFICATE-----
Generated at Fri Aug 23 17:38:59 2024 by rpki-client on console-fra.rpki-client.org