Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/lM6OL-Bw6NFrWcrrC4jVR9CKl5U.roa
File:                     lM6OL-Bw6NFrWcrrC4jVR9CKl5U.roa (raw, json)
Hash identifier:          qa+/Ie07U06R70Ms5y8oReKfMezF0D4WeVlqk+t+uVE=
Subject key identifier:   94:CE:8E:2F:E0:70:E8:D1:6B:59:CA:EB:0B:88:D5:47:D0:8A:97:95
Certificate issuer:       /CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Certificate serial:       018752ACE18F9DA5A3CA4EEA3C96A09F20AF
Authority key identifier: C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/lM6OL-Bw6NFrWcrrC4jVR9CKl5U.roa
Signing time:             Wed 05 Apr 2023 18:27:54 +0000
ROA not before:           Wed 05 Apr 2023 18:27:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50926
IP address blocks:        185.70.92.0/22 maxlen: 22
                          188.164.192.0/21 maxlen: 21
                          188.164.192.0/24 maxlen: 24
                          185.23.68.0/22 maxlen: 22
                          188.164.197.0/24 maxlen: 24
                          188.164.199.0/24 maxlen: 24
                          94.127.186.0/24 maxlen: 24
                          188.164.198.0/24 maxlen: 24
                          94.127.185.0/24 maxlen: 24
                          94.127.184.0/24 maxlen: 24
                          188.164.196.0/24 maxlen: 24
                          188.164.195.0/24 maxlen: 24
                          188.164.194.0/24 maxlen: 24
                          188.164.193.0/24 maxlen: 24
                          94.127.191.0/24 maxlen: 24
                          94.127.190.0/24 maxlen: 24
                          94.127.188.0/24 maxlen: 24
                          94.127.187.0/24 maxlen: 24
                          185.129.248.0/22 maxlen: 22
                          149.62.172.0/22 maxlen: 22
                          149.62.168.0/21 maxlen: 21
                          149.62.168.0/22 maxlen: 22
                          195.5.116.0/23 maxlen: 23
                          91.200.140.0/22 maxlen: 22
                          188.95.112.0/21 maxlen: 21
                          185.176.9.0/24 maxlen: 24
                          185.176.8.0/24 maxlen: 24
                          185.176.11.0/24 maxlen: 24
                          185.176.10.0/24 maxlen: 24
                          84.246.213.0/24 maxlen: 24
                          84.246.212.0/24 maxlen: 24
                          84.246.211.0/24 maxlen: 24
                          84.246.210.0/24 maxlen: 24
                          84.246.209.0/24 maxlen: 24
                          84.246.208.0/21 maxlen: 21
                          84.246.208.0/24 maxlen: 24
                          109.68.84.0/24 maxlen: 24
                          109.68.82.0/24 maxlen: 24
                          84.246.215.0/24 maxlen: 24
                          109.68.80.0/24 maxlen: 24
                          109.68.80.0/21 maxlen: 21
                          84.246.214.0/24 maxlen: 24
                          91.213.46.0/24 maxlen: 24
                          31.24.152.0/21 maxlen: 21
                          31.24.152.0/24 maxlen: 24
                          31.24.159.0/24 maxlen: 24
                          31.24.158.0/24 maxlen: 24
                          31.24.157.0/24 maxlen: 24
                          31.24.156.0/24 maxlen: 24
                          31.24.155.0/24 maxlen: 24
                          31.24.154.0/24 maxlen: 24
                          91.142.208.0/20 maxlen: 20
                          185.222.156.0/22 maxlen: 22
                          5.175.42.0/24 maxlen: 24
                          5.175.41.0/24 maxlen: 24
                          5.175.40.0/24 maxlen: 24
                          5.175.40.0/21 maxlen: 21
                          5.175.44.0/24 maxlen: 24
                          5.175.43.0/24 maxlen: 24
                          5.175.47.0/24 maxlen: 24
                          5.175.46.0/24 maxlen: 24
                          31.24.43.0/24 maxlen: 24
                          31.24.40.0/24 maxlen: 24
                          31.24.40.0/21 maxlen: 21
                          31.24.46.0/24 maxlen: 24
                          31.24.45.0/24 maxlen: 24
                          2a00:5ac0:100::/40 maxlen: 40
                          2a00:5ac0::/44 maxlen: 44
                          2a01:4b80::/32 maxlen: 32
                          2a0a:680::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 06 Apr 2023 05:15:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:52:ac:e1:8f:9d:a5:a3:ca:4e:ea:3c:96:a0:9f:20:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2d2a234e224bf87996f2f0df559ead882f9e651
        Validity
            Not Before: Apr  5 18:27:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=94ce8e2fe070e8d16b59caeb0b88d547d08a9795
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:f7:85:5a:a6:31:42:18:7e:43:08:23:7d:f3:
                    17:70:34:7a:fa:63:bd:5b:f2:e3:49:70:d8:79:10:
                    db:99:22:e6:fe:20:6e:7e:f9:b8:54:e7:01:c2:bc:
                    e6:f5:dd:77:c6:71:85:65:22:8b:ab:99:25:13:ae:
                    ad:07:bb:04:08:7c:3d:5e:76:4f:ae:79:0c:a1:6d:
                    ff:17:98:12:18:a7:85:38:f4:a2:f0:6c:b6:0d:e3:
                    d4:a2:73:ac:dc:54:fc:51:5f:7b:f3:5e:94:8f:f7:
                    a4:da:14:9d:6a:d2:28:00:f0:32:d3:d6:ad:3a:c4:
                    e1:68:43:09:b2:88:4b:83:9f:e9:90:89:31:ae:fe:
                    db:73:c6:2d:2f:98:d2:06:d2:f7:08:e8:a2:f8:1c:
                    31:ee:b2:1a:e1:78:66:0d:04:2e:25:1c:69:eb:6d:
                    68:57:5e:7b:2c:73:7c:f0:05:b2:68:11:e1:8e:b0:
                    83:58:0e:86:c9:dc:6f:07:9a:53:e1:5d:c9:48:56:
                    56:6a:bf:bf:d9:8f:10:d5:e9:b9:89:36:61:5b:5e:
                    36:9f:fb:72:bd:0d:2c:49:ed:e2:34:71:93:8a:27:
                    99:c5:22:d9:87:7e:f2:86:57:7b:a2:c8:0d:55:98:
                    9e:cc:06:55:1d:7c:d4:9f:a8:77:94:4b:2a:bf:e7:
                    43:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:CE:8E:2F:E0:70:E8:D1:6B:59:CA:EB:0B:88:D5:47:D0:8A:97:95
            X509v3 Authority Key Identifier:
                keyid:C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/lM6OL-Bw6NFrWcrrC4jVR9CKl5U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wtKiNOIkv4eZby8N9Vnq2IL55lE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.175.40.0/21
                  31.24.40.0/21
                  31.24.152.0/21
                  84.246.208.0/21
                  91.142.208.0/20
                  91.200.140.0/22
                  91.213.46.0/24
                  94.127.184.0-94.127.188.255
                  94.127.190.0/23
                  109.68.80.0/21
                  149.62.168.0/21
                  185.23.68.0/22
                  185.70.92.0/22
                  185.129.248.0/22
                  185.176.8.0/22
                  185.222.156.0/22
                  188.95.112.0/21
                  188.164.192.0/21
                  195.5.116.0/23
                IPv6:
                  2a00:5ac0::/44
                  2a00:5ac0:100::/40
                  2a01:4b80::/32
                  2a0a:680::/29

    Signature Algorithm: sha256WithRSAEncryption
         5d:96:7a:ab:9f:61:a9:9a:5a:32:57:47:88:0d:de:c0:cc:13:
         b0:a6:74:c4:85:12:fc:22:d6:82:57:19:c3:fa:f3:cc:15:0b:
         06:27:7d:80:f0:56:ec:87:59:f8:e0:78:e9:f1:d0:31:2f:e6:
         c0:7f:be:04:fa:eb:3a:31:cd:77:bc:b5:79:52:25:05:72:77:
         4f:ca:dc:0b:61:5f:bc:92:10:07:8d:3c:44:75:1c:0f:bb:f3:
         69:34:cb:12:0f:21:2a:a3:e2:db:d4:67:5f:f4:f2:33:57:f6:
         0c:0a:81:7b:10:51:0a:73:fc:e9:10:ca:20:7a:81:8d:08:a5:
         6c:25:18:ea:4d:39:b9:c3:c1:7b:ab:e4:17:fd:16:12:88:bd:
         a8:d5:5c:b7:cf:36:5b:e4:93:91:da:0e:79:d8:4b:ff:40:96:
         7d:a6:c8:63:ea:79:4a:d7:30:0d:df:62:f7:3c:a2:07:11:dd:
         c0:5b:ee:3c:b4:b8:83:00:f3:81:aa:bd:9d:3d:28:e4:64:34:
         0c:4a:2c:18:d8:6f:6a:c5:fd:7e:d8:7f:b4:b3:39:33:53:29:
         5c:17:2e:de:dc:b7:b1:8b:02:40:40:47:27:17:2f:89:11:34:
         3b:a7:02:73:de:1f:d5:aa:f5:02:74:24:55:b6:61:38:de:08:
         0a:44:a6:8b
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYdSrOGPnaWjyk7qPJagnyCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhMjM0ZTIyNGJmODc5OTZmMmYwZGY1NTllYWQ4ODJm
OWU2NTEwHhcNMjMwNDA1MTgyNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGNlOGUyZmUwNzBlOGQxNmI1OWNhZWIwYjg4ZDU0N2QwOGE5Nzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPeFWqYxQhh+QwgjffMXcDR6+mO9
W/LjSXDYeRDbmSLm/iBufvm4VOcBwrzm9d13xnGFZSKLq5klE66tB7sECHw9XnZP
rnkMoW3/F5gSGKeFOPSi8Gy2DePUonOs3FT8UV97816Uj/ek2hSdatIoAPAy09at
OsThaEMJsohLg5/pkIkxrv7bc8YtL5jSBtL3COii+Bwx7rIa4XhmDQQuJRxp621o
V157LHN88AWyaBHhjrCDWA6GydxvB5pT4V3JSFZWar+/2Y8Q1em5iTZhW142n/ty
vQ0sSe3iNHGTiieZxSLZh37yhld7osgNVZiezAZVHXzUn6h3lEsqv+dDdwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFJTOji/gcOjRa1nK6wuI1UfQipeVMB8GA1UdIwQY
MBaAFMLSojTiJL+HmW8vDfVZ6tiC+eZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYt
NGIyNDhkYTZjOTZjLzEvbE02T0wtQnc2TkZyV2NyckM0alZSOUNLbDVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYtNGIyNDhkYTZjOTZj
LzEvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBgAQCAAEwegMEAwWv
KAMEAx8YKAMEAx8YmAMEA1T20AMEBFuO0AMEAlvIjAMEAFvVLjAMAwQDXn+4AwQA
Xn+8AwQBXn++AwQDbURQAwQDlT6oAwQCuRdEAwQCuUZcAwQCuYH4AwQCubAIAwQC
ud6cAwQDvF9wAwQDvKTAAwQBwwV0MCUEAgACMB8DBwQqAFrAAAADBgAqAFrAAQMF
ACoBS4ADBQMqCgaAMA0GCSqGSIb3DQEBCwUAA4IBAQBdlnqrn2GpmloyV0eIDd7A
zBOwpnTEhRL8ItaCVxnD+vPMFQsGJ32A8Fbsh1n44Hjp8dAxL+bAf74E+us6Mc13
vLV5UiUFcndPytwLYV+8khAHjTxEdRwPu/NpNMsSDyEqo+Lb1Gdf9PIzV/YMCoF7
EFEKc/zpEMogeoGNCKVsJRjqTTm5w8F7q+QX/RYSiL2o1Vy3zzZb5JOR2g552Ev/
QJZ9pshj6nlK1zAN32L3PKIHEd3AW+48tLiDAPOBqr2dPSjkZDQMSiwY2G9qxf1+
2H+0szkzUylcFy7e3LexiwJAQEcnFy+JETQ7pwJz3h/VqvUCdCRVtmE43ggKRKaL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:45 2024 by rpki-client on console-ams.rpki-client.org