Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/vXU_hKfcy7EdAO4R2TLeUoqu5BM.roa
File:                     vXU_hKfcy7EdAO4R2TLeUoqu5BM.roa (raw, json)
Hash identifier:          nD79BAQOVmehRDLNzvVPBtS3Tw9oPwXTia4dYg6fnGo=
Subject key identifier:   BD:75:3F:84:A7:DC:CB:B1:1D:00:EE:11:D9:32:DE:52:8A:AE:E4:13
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       0187552F96150019474E7A67C965200799C1
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/vXU_hKfcy7EdAO4R2TLeUoqu5BM.roa
Signing time:             Thu 06 Apr 2023 06:09:54 +0000
ROA not before:           Thu 06 Apr 2023 06:09:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209372
IP address blocks:        185.112.56.0/23 maxlen: 24
                          185.95.102.0/23 maxlen: 24
                          185.95.100.0/23 maxlen: 24
                          185.96.83.0/24 maxlen: 24
                          185.81.174.0/24 maxlen: 24
                          185.81.174.0/23 maxlen: 24
                          185.81.173.0/24 maxlen: 24
                          185.81.186.0/23 maxlen: 24
                          185.81.184.0/23 maxlen: 24
                          185.96.36.0/24 maxlen: 24
                          185.97.1.0/24 maxlen: 24
                          185.97.3.0/24 maxlen: 24
                          185.89.108.0/22 maxlen: 24
                          185.110.130.0/24 maxlen: 24
                          185.110.129.0/24 maxlen: 24
                          89.19.57.0/24 maxlen: 24
                          89.19.58.0/24 maxlen: 24
                          185.175.225.0/24 maxlen: 24
                          185.175.224.0/24 maxlen: 24
                          89.19.59.0/24 maxlen: 24
                          185.68.245.0/24 maxlen: 24
                          213.170.223.0/24 maxlen: 24
                          185.111.27.0/24 maxlen: 24
                          185.81.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 12 Apr 2023 13:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:55:2f:96:15:00:19:47:4e:7a:67:c9:65:20:07:99:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Apr  6 06:09:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bd753f84a7dccbb11d00ee11d932de528aaee413
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:d5:d7:76:81:37:0a:30:bd:29:c8:eb:3b:15:
                    11:14:a3:4d:0a:bd:d2:24:8d:35:c3:90:1b:2a:f2:
                    09:60:ea:dc:62:79:e8:1d:15:bc:e6:4b:0b:59:16:
                    f3:70:2e:12:27:68:bb:db:9f:48:ad:f1:95:41:96:
                    7c:ae:af:7b:78:72:1a:85:5e:69:52:16:0c:88:59:
                    28:2d:b4:4d:1f:29:2f:99:6f:85:38:b6:04:19:f5:
                    07:e3:84:cd:37:93:53:ec:ff:53:97:67:ad:7a:91:
                    3a:fb:1c:e4:bc:52:87:62:84:40:7b:d9:f6:3e:a6:
                    a8:24:12:25:96:32:11:93:76:05:d3:15:0c:80:75:
                    26:31:9f:61:3b:c8:82:04:18:cc:5c:05:ea:43:8a:
                    c5:a6:4d:b3:dd:61:95:86:44:02:5c:41:5c:10:64:
                    7a:4c:98:b1:5c:78:3e:bc:d1:8e:fb:d8:e2:9d:ce:
                    9a:3b:a9:8a:b7:8e:12:d8:56:c1:31:4c:14:06:61:
                    85:0b:4a:3c:74:7f:c1:e4:58:7c:fb:74:d6:57:28:
                    c9:c8:49:89:3a:62:56:61:4c:d8:16:fe:1b:be:33:
                    ee:1b:28:5c:73:97:6c:f9:bf:be:64:12:e9:d7:29:
                    2f:55:19:09:df:88:5e:af:e6:af:7d:2a:2a:9d:fa:
                    9e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:75:3F:84:A7:DC:CB:B1:1D:00:EE:11:D9:32:DE:52:8A:AE:E4:13
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/vXU_hKfcy7EdAO4R2TLeUoqu5BM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.19.57.0-89.19.59.255
                  185.68.245.0/24
                  185.81.172.0/22
                  185.81.184.0/22
                  185.89.108.0/22
                  185.95.100.0/22
                  185.96.36.0/24
                  185.96.83.0/24
                  185.97.1.0/24
                  185.97.3.0/24
                  185.110.129.0-185.110.130.255
                  185.111.27.0/24
                  185.112.56.0/23
                  185.175.224.0/23
                  213.170.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:ed:1e:cf:27:db:b7:cb:30:ce:76:40:a0:fd:c3:82:29:2c:
         e1:df:79:8d:1a:8c:19:5a:a6:d8:97:63:de:ac:5b:f3:c9:19:
         7a:ab:84:f7:b5:6e:56:b5:4c:2e:81:9b:4b:49:1c:0e:29:3c:
         fc:51:f7:c6:fe:55:d7:81:d5:5e:2a:59:67:0b:00:44:5a:25:
         8a:19:12:d2:67:a1:17:9b:e9:78:00:59:10:c5:ba:f2:e8:96:
         46:20:1a:61:98:b5:11:21:53:7a:4d:1c:3d:de:84:1f:68:cb:
         8f:07:af:40:75:00:35:92:04:ac:a3:40:c8:24:0a:0a:bf:16:
         9a:ff:9a:e5:b8:e2:4b:08:a5:a1:02:16:57:01:1c:1c:43:9c:
         82:ef:75:00:e3:40:1d:55:89:de:4c:83:f3:b5:ca:e0:ec:50:
         80:e8:08:1c:82:85:db:b0:d8:12:6c:7f:7f:1d:3f:57:25:0e:
         0c:95:41:42:69:9b:f2:ff:27:2e:a0:b5:5c:18:1e:11:c0:8f:
         0f:1a:68:7e:7d:8e:68:28:ff:08:01:2f:3e:3d:e5:62:6e:ea:
         67:a4:1a:43:58:00:f5:0a:7d:5c:0e:ef:5d:c4:60:53:73:52:
         3e:fe:4b:42:bd:15:97:cc:ce:a5:ef:15:82:99:86:8b:c3:d6:
         99:04:3a:ae
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYdVL5YVABlHTnpnyWUgB5nBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwNDA2MDYwOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDc1M2Y4NGE3ZGNjYmIxMWQwMGVlMTFkOTMyZGU1MjhhYWVlNDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtXXdoE3CjC9KcjrOxURFKNNCr3S
JI01w5AbKvIJYOrcYnnoHRW85ksLWRbzcC4SJ2i7259IrfGVQZZ8rq97eHIahV5p
UhYMiFkoLbRNHykvmW+FOLYEGfUH44TNN5NT7P9Tl2etepE6+xzkvFKHYoRAe9n2
PqaoJBIlljIRk3YF0xUMgHUmMZ9hO8iCBBjMXAXqQ4rFpk2z3WGVhkQCXEFcEGR6
TJixXHg+vNGO+9jinc6aO6mKt44S2FbBMUwUBmGFC0o8dH/B5Fh8+3TWVyjJyEmJ
OmJWYUzYFv4bvjPuGyhcc5ds+b++ZBLp1ykvVRkJ34her+avfSoqnfqeLwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFL11P4Sn3MuxHQDuEdky3lKKruQTMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvdlhVX2hLZmN5N0VkQU80UjJUTGVVb3F1NUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQAWRM5
AwQCWRM4AwQAuUT1AwQCuVGsAwQCuVG4AwQCuVlsAwQCuV9kAwQAuWAkAwQAuWBT
AwQAuWEBAwQAuWEDMAwDBAC5boEDBAC5boIDBAC5bxsDBAG5cDgDBAG5r+ADBADV
qt8wDQYJKoZIhvcNAQELBQADggEBADPtHs8n27fLMM52QKD9w4IpLOHfeY0ajBla
ptiXY96sW/PJGXqrhPe1bla1TC6Bm0tJHA4pPPxR98b+VdeB1V4qWWcLAERaJYoZ
EtJnoReb6XgAWRDFuvLolkYgGmGYtREhU3pNHD3ehB9oy48Hr0B1ADWSBKyjQMgk
Cgq/Fpr/muW44ksIpaECFlcBHBxDnILvdQDjQB1Vid5Mg/O1yuDsUIDoCByChduw
2BJsf38dP1clDgyVQUJpm/L/Jy6gtVwYHhHAjw8aaH59jmgo/wgBLz495WJu6mek
GkNYAPUKfVwO713EYFNzUj7+S0K9FZfMzqXvFYKZhovD1pkEOq4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:18 2024 by rpki-client on console-ams.rpki-client.org