Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/2CxFXk9PqbvSRcmRzNQa45EW1Wo.roa
File:                     2CxFXk9PqbvSRcmRzNQa45EW1Wo.roa (raw, json)
Hash identifier:          kwPucwvJxAlKKYczPiS3hf0Dmx6hS587Eekb0EnfDP8=
Subject key identifier:   D8:2C:45:5E:4F:4F:A9:BB:D2:45:C9:91:CC:D4:1A:E3:91:16:D5:6A
Certificate issuer:       /CN=c1098a1905bbd3381533828f6b7fd227170431ef
Certificate serial:       018EB840203D961258C4162795CD054B1154
Authority key identifier: C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/2CxFXk9PqbvSRcmRzNQa45EW1Wo.roa
Signing time:             Sun 07 Apr 2024 11:09:54 +0000
ROA not before:           Sun 07 Apr 2024 11:09:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57324
IP address blocks:        79.132.195.0/24 maxlen: 24
                          79.132.196.0/24 maxlen: 24
                          79.132.197.0/24 maxlen: 24
                          79.132.198.0/24 maxlen: 24
                          79.132.199.0/24 maxlen: 24
                          86.111.144.0/24 maxlen: 24
                          86.111.145.0/24 maxlen: 24
                          86.111.146.0/24 maxlen: 24
                          86.111.147.0/24 maxlen: 24
                          109.230.112.0/24 maxlen: 24
                          109.230.114.0/24 maxlen: 24
                          109.230.115.0/24 maxlen: 24
                          109.230.116.0/24 maxlen: 24
                          109.230.117.0/24 maxlen: 24
                          109.230.118.0/24 maxlen: 24
                          109.230.119.0/24 maxlen: 24
                          109.230.120.0/24 maxlen: 24
                          109.230.122.0/24 maxlen: 24
                          109.230.123.0/24 maxlen: 24
                          109.230.124.0/24 maxlen: 24
                          109.230.126.0/24 maxlen: 24
                          109.230.127.0/24 maxlen: 24
                          122.102.116.0/24 maxlen: 24
                          122.102.117.0/24 maxlen: 24
                          122.102.118.0/24 maxlen: 24
                          122.102.119.0/24 maxlen: 24
                          185.113.105.0/24 maxlen: 24
                          185.113.107.0/24 maxlen: 24
                          202.164.192.0/24 maxlen: 24
                          202.164.193.0/24 maxlen: 24
                          202.164.194.0/24 maxlen: 24
                          202.164.195.0/24 maxlen: 24
                          202.164.197.0/24 maxlen: 24
                          202.164.198.0/24 maxlen: 24
                          202.164.199.0/24 maxlen: 24
                          202.164.200.0/24 maxlen: 24
                          202.164.201.0/24 maxlen: 24
                          202.164.202.0/24 maxlen: 24
                          202.164.203.0/24 maxlen: 24
                          202.164.204.0/24 maxlen: 24
                          202.164.205.0/24 maxlen: 24
                          2a03:c340::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 19:53:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:b8:40:20:3d:96:12:58:c4:16:27:95:cd:05:4b:11:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1098a1905bbd3381533828f6b7fd227170431ef
        Validity
            Not Before: Apr  7 11:09:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d82c455e4f4fa9bbd245c991ccd41ae39116d56a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:62:97:1b:0e:1f:f4:98:25:ac:de:85:12:70:
                    a2:d1:85:47:dc:01:21:02:38:95:6e:5c:61:e1:f1:
                    65:73:98:7d:75:7b:e9:5f:b4:ed:40:8f:21:9d:e0:
                    ec:79:f4:dd:e3:c3:2a:c1:72:5d:ed:02:15:0f:ef:
                    07:3b:18:48:39:c8:56:ed:d0:c0:8d:67:e1:72:b8:
                    f4:3c:01:e9:9b:e6:35:c0:c3:d5:9c:34:c3:6f:6f:
                    ed:6c:d7:bc:78:d0:3e:27:82:eb:e4:ed:d6:92:6b:
                    90:23:ee:39:8d:18:41:17:55:83:d2:08:3f:aa:b9:
                    79:e8:2f:ee:1a:29:ff:4c:15:70:16:ad:3a:ee:4a:
                    82:bf:49:ea:9a:3e:8d:2f:91:96:72:cf:57:7e:dc:
                    25:e0:d9:33:a4:75:ee:45:88:55:bd:bb:92:bf:2f:
                    91:99:c3:e2:d8:a2:13:b3:23:2f:d5:c5:f9:0a:fb:
                    17:70:05:d3:47:ea:63:64:43:70:7f:c5:c0:d7:a8:
                    92:38:ff:ef:08:4c:19:13:ca:0e:60:0c:42:f8:12:
                    2d:05:73:d7:44:07:0b:6c:2f:4f:a5:a3:23:d0:fd:
                    16:0a:9e:54:9b:e9:ca:a7:7c:fb:8f:0f:e6:2d:81:
                    5c:48:9d:5c:a9:b9:f7:77:1f:99:0c:3a:c6:9e:bf:
                    87:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:2C:45:5E:4F:4F:A9:BB:D2:45:C9:91:CC:D4:1A:E3:91:16:D5:6A
            X509v3 Authority Key Identifier:
                keyid:C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/2CxFXk9PqbvSRcmRzNQa45EW1Wo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.132.195.0-79.132.199.255
                  86.111.144.0/22
                  109.230.112.0/24
                  109.230.114.0-109.230.120.255
                  109.230.122.0-109.230.124.255
                  109.230.126.0/23
                  122.102.116.0/22
                  185.113.105.0/24
                  185.113.107.0/24
                  202.164.192.0/22
                  202.164.197.0-202.164.205.255
                IPv6:
                  2a03:c340::/32

    Signature Algorithm: sha256WithRSAEncryption
         56:23:e0:73:23:57:18:f8:a5:fd:e4:e5:f3:f0:35:76:4d:94:
         cf:f9:dc:f3:06:8d:62:31:38:d2:92:30:66:c0:ab:bc:3b:3c:
         d6:a2:a3:70:02:6d:c9:25:ed:b3:b1:65:d7:b1:0f:1c:09:1e:
         31:4d:7a:7c:e8:53:ad:72:fc:72:33:9a:ff:c1:8a:84:de:b3:
         dc:75:ff:99:4c:dd:a7:05:63:04:4e:e3:d8:64:df:98:c9:13:
         34:fe:34:99:d7:30:de:c8:a8:46:56:8d:43:82:8c:a3:fb:68:
         81:26:0f:39:08:16:2f:f2:a6:b3:c8:f7:e2:46:5c:2f:58:d5:
         20:94:23:21:e8:81:14:3b:d8:86:a4:49:17:72:fb:15:30:ce:
         af:ba:ec:e3:c4:03:ba:bf:49:42:2c:72:14:41:2d:ab:58:18:
         05:de:79:6c:f5:56:13:3e:d4:c9:0d:4a:e9:51:1f:d6:e4:83:
         8f:96:fc:11:06:64:e2:13:ce:02:55:55:b7:f7:91:7a:98:51:
         f5:04:f8:c8:5a:bd:a7:28:bd:58:9b:ac:e0:8d:72:57:4a:57:
         e5:30:68:8d:9f:1c:dd:de:f9:81:9c:64:d0:65:dc:82:fa:26:
         1c:1f:77:ed:91:e1:54:aa:92:90:63:df:a8:2b:b0:c0:60:7b:
         5e:1f:94:bc
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAY64QCA9lhJYxBYnlc0FSxFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDk4YTE5MDViYmQzMzgxNTMzODI4ZjZiN2ZkMjI3MTcw
NDMxZWYwHhcNMjQwNDA3MTEwOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODJjNDU1ZTRmNGZhOWJiZDI0NWM5OTFjY2Q0MWFlMzkxMTZkNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWKXGw4f9JglrN6FEnCi0YVH3AEh
AjiVblxh4fFlc5h9dXvpX7TtQI8hneDsefTd48MqwXJd7QIVD+8HOxhIOchW7dDA
jWfhcrj0PAHpm+Y1wMPVnDTDb2/tbNe8eNA+J4Lr5O3WkmuQI+45jRhBF1WD0gg/
qrl56C/uGin/TBVwFq067kqCv0nqmj6NL5GWcs9Xftwl4NkzpHXuRYhVvbuSvy+R
mcPi2KITsyMv1cX5CvsXcAXTR+pjZENwf8XA16iSOP/vCEwZE8oOYAxC+BItBXPX
RAcLbC9PpaMj0P0WCp5Um+nKp3z7jw/mLYFcSJ1cqbn3dx+ZDDrGnr+HTwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFNgsRV5PT6m70kXJkczUGuORFtVqMB8GA1UdIwQY
MBaAFMEJihkFu9M4FTOCj2t/0icXBDHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUt
YjJhNzEzZDJlYWIyLzEvMkN4RlhrOVBxYnZTUmNtUnpOUWE0NUVXMVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUtYjJhNzEzZDJlYWIy
LzEvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYjAMAwQAT4TD
AwQDT4TAAwQCVm+QAwQAbeZwMAwDBAFt5nIDBABt5ngwDAMEAW3megMEAG3mfAME
AW3mfgMEAnpmdAMEALlxaQMEALlxawMEAsqkwDAMAwQAyqTFAwQByqTMMA0EAgAC
MAcDBQAqA8NAMA0GCSqGSIb3DQEBCwUAA4IBAQBWI+BzI1cY+KX95OXz8DV2TZTP
+dzzBo1iMTjSkjBmwKu8OzzWoqNwAm3JJe2zsWXXsQ8cCR4xTXp86FOtcvxyM5r/
wYqE3rPcdf+ZTN2nBWMETuPYZN+YyRM0/jSZ1zDeyKhGVo1Dgoyj+2iBJg85CBYv
8qazyPfiRlwvWNUglCMh6IEUO9iGpEkXcvsVMM6vuuzjxAO6v0lCLHIUQS2rWBgF
3nls9VYTPtTJDUrpUR/W5IOPlvwRBmTiE84CVVW395F6mFH1BPjIWr2nKL1Ym6zg
jXJXSlflMGiNnxzd3vmBnGTQZdyC+iYcH3ftkeFUqpKQY9+oK7DAYHteH5S8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:50 2024 by rpki-client on console-ams.rpki-client.org