Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/9dwQIl-hmamSEdA1msCaWf-Gu5Y.roa
File:                     9dwQIl-hmamSEdA1msCaWf-Gu5Y.roa (raw, json)
Hash identifier:          kzlbg2TYwViEA31QjRl3WIGhtCUDdc2HlincoLF1BG0=
Subject key identifier:   F5:DC:10:22:5F:A1:99:A9:92:11:D0:35:9A:C0:9A:59:FF:86:BB:96
Certificate issuer:       /CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Certificate serial:       018754FE25CB97AC761AFEB16EDFF632F5BC
Authority key identifier: C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/9dwQIl-hmamSEdA1msCaWf-Gu5Y.roa
Signing time:             Thu 06 Apr 2023 05:15:54 +0000
ROA not before:           Thu 06 Apr 2023 05:15:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50926
IP address blocks:        185.70.92.0/22 maxlen: 22
                          188.164.192.0/21 maxlen: 21
                          188.164.192.0/24 maxlen: 24
                          185.23.68.0/22 maxlen: 22
                          188.164.197.0/24 maxlen: 24
                          188.164.199.0/24 maxlen: 24
                          94.127.186.0/24 maxlen: 24
                          188.164.198.0/24 maxlen: 24
                          94.127.185.0/24 maxlen: 24
                          94.127.184.0/24 maxlen: 24
                          188.164.196.0/24 maxlen: 24
                          188.164.195.0/24 maxlen: 24
                          188.164.194.0/24 maxlen: 24
                          188.164.193.0/24 maxlen: 24
                          94.127.191.0/24 maxlen: 24
                          94.127.190.0/24 maxlen: 24
                          94.127.188.0/24 maxlen: 24
                          94.127.187.0/24 maxlen: 24
                          185.129.248.0/22 maxlen: 22
                          149.62.172.0/22 maxlen: 22
                          149.62.168.0/21 maxlen: 21
                          149.62.168.0/22 maxlen: 22
                          195.5.116.0/23 maxlen: 23
                          91.200.140.0/22 maxlen: 22
                          188.95.112.0/21 maxlen: 21
                          185.176.9.0/24 maxlen: 24
                          185.176.8.0/24 maxlen: 24
                          185.176.11.0/24 maxlen: 24
                          185.176.10.0/24 maxlen: 24
                          84.246.213.0/24 maxlen: 24
                          84.246.212.0/24 maxlen: 24
                          84.246.211.0/24 maxlen: 24
                          84.246.210.0/24 maxlen: 24
                          84.246.209.0/24 maxlen: 24
                          84.246.208.0/21 maxlen: 21
                          84.246.208.0/24 maxlen: 24
                          109.68.84.0/24 maxlen: 24
                          109.68.82.0/24 maxlen: 24
                          84.246.215.0/24 maxlen: 24
                          109.68.80.0/24 maxlen: 24
                          109.68.80.0/21 maxlen: 21
                          84.246.214.0/24 maxlen: 24
                          91.213.46.0/24 maxlen: 24
                          31.24.152.0/21 maxlen: 21
                          31.24.152.0/24 maxlen: 24
                          31.24.159.0/24 maxlen: 24
                          31.24.158.0/24 maxlen: 24
                          31.24.157.0/24 maxlen: 24
                          31.24.156.0/24 maxlen: 24
                          31.24.155.0/24 maxlen: 24
                          31.24.154.0/24 maxlen: 24
                          91.142.208.0/20 maxlen: 20
                          185.222.156.0/22 maxlen: 22
                          5.175.42.0/24 maxlen: 24
                          5.175.41.0/24 maxlen: 24
                          5.175.40.0/24 maxlen: 24
                          5.175.40.0/21 maxlen: 21
                          5.175.44.0/24 maxlen: 24
                          5.175.43.0/24 maxlen: 24
                          5.175.47.0/24 maxlen: 24
                          5.175.46.0/24 maxlen: 24
                          185.101.225.0/24 maxlen: 24
                          31.24.43.0/24 maxlen: 24
                          31.24.40.0/24 maxlen: 24
                          31.24.40.0/21 maxlen: 21
                          31.24.46.0/24 maxlen: 24
                          31.24.45.0/24 maxlen: 24
                          2a00:5ac0:100::/40 maxlen: 40
                          2a00:5ac0::/44 maxlen: 44
                          2a01:4b80::/32 maxlen: 32
                          2a0a:680::/29 maxlen: 29

Validation:               Failed, certificate revoked on Fri 21 Apr 2023 05:21:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:54:fe:25:cb:97:ac:76:1a:fe:b1:6e:df:f6:32:f5:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2d2a234e224bf87996f2f0df559ead882f9e651
        Validity
            Not Before: Apr  6 05:15:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f5dc10225fa199a99211d0359ac09a59ff86bb96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b6:5c:ec:91:10:89:21:8f:f0:21:af:a6:fe:
                    d1:bc:db:be:9b:2f:87:ef:af:ab:20:64:48:cd:69:
                    5a:5e:60:78:61:a8:d6:4b:c1:73:3c:5e:ca:87:54:
                    5a:12:8e:10:2d:d3:1c:a1:15:20:b3:90:94:29:67:
                    32:6a:02:c1:88:c8:e6:5d:eb:dc:93:89:5b:10:40:
                    a7:a9:d2:22:48:17:3e:8e:30:04:44:82:1b:72:68:
                    fb:d6:00:be:52:69:c4:b4:6b:3a:2d:aa:e1:aa:2f:
                    57:f2:51:48:a1:b7:82:96:3f:ce:93:d2:8c:dd:79:
                    39:d5:a1:98:f2:51:c4:2a:2d:fa:f4:48:11:92:40:
                    ca:20:bc:86:af:aa:75:d3:a2:f0:46:5b:b3:7d:79:
                    a4:d2:40:19:a5:a9:0c:80:6d:c1:cf:bb:0c:c0:96:
                    a6:a1:20:e7:2e:01:4b:24:ad:fc:17:58:98:5b:77:
                    30:ae:1e:96:24:63:3e:97:37:c5:05:14:6f:7e:bf:
                    2f:95:34:2c:57:d5:ae:65:13:c0:2d:b6:5e:9f:bf:
                    86:80:b4:ce:ef:61:fb:f8:b2:9c:30:d5:c5:06:18:
                    13:10:7e:62:0c:e7:ca:eb:84:7b:65:53:71:a4:02:
                    48:51:69:bc:fa:b2:5e:1e:78:7f:06:8d:20:e7:9f:
                    96:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:DC:10:22:5F:A1:99:A9:92:11:D0:35:9A:C0:9A:59:FF:86:BB:96
            X509v3 Authority Key Identifier:
                keyid:C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/9dwQIl-hmamSEdA1msCaWf-Gu5Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wtKiNOIkv4eZby8N9Vnq2IL55lE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.175.40.0/21
                  31.24.40.0/21
                  31.24.152.0/21
                  84.246.208.0/21
                  91.142.208.0/20
                  91.200.140.0/22
                  91.213.46.0/24
                  94.127.184.0-94.127.188.255
                  94.127.190.0/23
                  109.68.80.0/21
                  149.62.168.0/21
                  185.23.68.0/22
                  185.70.92.0/22
                  185.101.225.0/24
                  185.129.248.0/22
                  185.176.8.0/22
                  185.222.156.0/22
                  188.95.112.0/21
                  188.164.192.0/21
                  195.5.116.0/23
                IPv6:
                  2a00:5ac0::/44
                  2a00:5ac0:100::/40
                  2a01:4b80::/32
                  2a0a:680::/29

    Signature Algorithm: sha256WithRSAEncryption
         0f:9c:66:02:9c:84:99:f4:2a:11:6e:b6:4d:dc:31:8b:5e:46:
         d7:d5:5d:31:76:d1:07:a1:c5:71:33:a9:ae:f2:64:1f:9f:48:
         6a:a9:30:37:c4:14:c6:f1:85:78:59:15:d7:1a:4e:a8:3f:a5:
         7d:f5:37:df:30:1c:7a:1f:4f:9f:54:74:fd:0a:1c:0e:0a:0d:
         9c:27:bc:f7:a2:f5:c7:36:ba:c6:25:95:3d:0a:de:4e:78:be:
         d1:9e:12:30:22:0a:f0:76:1e:0e:29:47:d1:50:f0:a9:4c:f0:
         0d:e3:81:2b:4f:ec:df:e8:2b:95:7f:62:c1:fb:d1:0e:bd:d4:
         c3:f6:b8:88:40:62:54:e1:2a:b1:e7:65:28:cd:6d:d8:ad:1e:
         21:ed:bc:cc:9a:d7:d6:17:0d:9c:35:f1:a7:a4:4c:c6:c2:da:
         81:c9:12:63:eb:b0:e6:37:27:62:60:8c:bf:90:a1:22:21:bd:
         88:b3:45:cb:2d:bb:45:36:48:15:45:27:2e:30:6f:9f:71:60:
         2b:df:6f:e7:9f:42:f7:a7:31:b6:fe:79:1f:43:00:31:9a:97:
         9c:9f:5a:83:dc:47:f8:33:e1:c2:5f:92:d7:e7:06:18:1f:14:
         19:e3:20:0d:ee:a3:05:7e:a5:c5:4e:2b:c4:db:49:14:e4:e7:
         4a:0f:9b:13
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYdU/iXLl6x2Gv6xbt/2MvW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhMjM0ZTIyNGJmODc5OTZmMmYwZGY1NTllYWQ4ODJm
OWU2NTEwHhcNMjMwNDA2MDUxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWRjMTAyMjVmYTE5OWE5OTIxMWQwMzU5YWMwOWE1OWZmODZiYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbZc7JEQiSGP8CGvpv7RvNu+my+H
76+rIGRIzWlaXmB4YajWS8FzPF7Kh1RaEo4QLdMcoRUgs5CUKWcyagLBiMjmXevc
k4lbEECnqdIiSBc+jjAERIIbcmj71gC+UmnEtGs6Larhqi9X8lFIobeClj/Ok9KM
3Xk51aGY8lHEKi369EgRkkDKILyGr6p106LwRluzfXmk0kAZpakMgG3Bz7sMwJam
oSDnLgFLJK38F1iYW3cwrh6WJGM+lzfFBRRvfr8vlTQsV9WuZRPALbZen7+GgLTO
72H7+LKcMNXFBhgTEH5iDOfK64R7ZVNxpAJIUWm8+rJeHnh/Bo0g55+WxQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPXcECJfoZmpkhHQNZrAmln/hruWMB8GA1UdIwQY
MBaAFMLSojTiJL+HmW8vDfVZ6tiC+eZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYt
NGIyNDhkYTZjOTZjLzEvOWR3UUlsLWhtYW1TRWRBMW1zQ2FXZi1HdTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYtNGIyNDhkYTZjOTZj
LzEvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBhwQCAAEwgYADBAMF
rygDBAMfGCgDBAMfGJgDBANU9tADBARbjtADBAJbyIwDBABb1S4wDAMEA15/uAME
AF5/vAMEAV5/vgMEA21EUAMEA5U+qAMEArkXRAMEArlGXAMEALll4QMEArmB+AME
ArmwCAMEArnenAMEA7xfcAMEA7ykwAMEAcMFdDAlBAIAAjAfAwcEKgBawAAAAwYA
KgBawAEDBQAqAUuAAwUDKgoGgDANBgkqhkiG9w0BAQsFAAOCAQEAD5xmApyEmfQq
EW62Tdwxi15G19VdMXbRB6HFcTOprvJkH59IaqkwN8QUxvGFeFkV1xpOqD+lffU3
3zAceh9Pn1R0/QocDgoNnCe896L1xza6xiWVPQreTni+0Z4SMCIK8HYeDilH0VDw
qUzwDeOBK0/s3+grlX9iwfvRDr3Uw/a4iEBiVOEqsedlKM1t2K0eIe28zJrX1hcN
nDXxp6RMxsLagckSY+uw5jcnYmCMv5ChIiG9iLNFyy27RTZIFUUnLjBvn3FgK99v
559C96cxtv55H0MAMZqXnJ9ag9xH+DPhwl+S1+cGGB8UGeMgDe6jBX6lxU4rxNtJ
FOTnSg+bEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:04 2024 by rpki-client on console-fra.rpki-client.org