Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/FS_ZnY6Li3a-R-UJ_SJX7RgRlHw.roa
File:                     FS_ZnY6Li3a-R-UJ_SJX7RgRlHw.roa (raw, json)
Hash identifier:          EJ9zVoGnL1HmCKiUQQ/rzVZ5wbetGnSjCZa72bm46g4=
Subject key identifier:   15:2F:D9:9D:8E:8B:8B:76:BE:47:E5:09:FD:22:57:ED:18:11:94:7C
Certificate issuer:       /CN=c1098a1905bbd3381533828f6b7fd227170431ef
Certificate serial:       018F3091BC494E305F81C5FE3582CCCBE550
Authority key identifier: C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/FS_ZnY6Li3a-R-UJ_SJX7RgRlHw.roa
Signing time:             Tue 30 Apr 2024 19:53:28 +0000
ROA not before:           Tue 30 Apr 2024 19:53:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57324
IP address blocks:        79.132.195.0/24 maxlen: 24
                          79.132.196.0/24 maxlen: 24
                          79.132.197.0/24 maxlen: 24
                          79.132.198.0/24 maxlen: 24
                          79.132.199.0/24 maxlen: 24
                          86.111.144.0/24 maxlen: 24
                          86.111.145.0/24 maxlen: 24
                          86.111.146.0/24 maxlen: 24
                          86.111.147.0/24 maxlen: 24
                          109.230.112.0/24 maxlen: 24
                          109.230.114.0/24 maxlen: 24
                          109.230.115.0/24 maxlen: 24
                          109.230.116.0/24 maxlen: 24
                          109.230.117.0/24 maxlen: 24
                          109.230.118.0/24 maxlen: 24
                          109.230.119.0/24 maxlen: 24
                          109.230.120.0/24 maxlen: 24
                          109.230.122.0/24 maxlen: 24
                          109.230.123.0/24 maxlen: 24
                          109.230.124.0/24 maxlen: 24
                          109.230.126.0/24 maxlen: 24
                          109.230.127.0/24 maxlen: 24
                          122.102.116.0/24 maxlen: 24
                          122.102.117.0/24 maxlen: 24
                          122.102.118.0/24 maxlen: 24
                          185.113.105.0/24 maxlen: 24
                          185.113.107.0/24 maxlen: 24
                          202.164.192.0/24 maxlen: 24
                          202.164.193.0/24 maxlen: 24
                          202.164.194.0/24 maxlen: 24
                          202.164.195.0/24 maxlen: 24
                          202.164.197.0/24 maxlen: 24
                          202.164.198.0/24 maxlen: 24
                          202.164.199.0/24 maxlen: 24
                          202.164.200.0/24 maxlen: 24
                          202.164.201.0/24 maxlen: 24
                          202.164.202.0/24 maxlen: 24
                          202.164.203.0/24 maxlen: 24
                          202.164.204.0/24 maxlen: 24
                          202.164.205.0/24 maxlen: 24
                          2a03:c340::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sun 02 Jun 2024 12:25:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:30:91:bc:49:4e:30:5f:81:c5:fe:35:82:cc:cb:e5:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1098a1905bbd3381533828f6b7fd227170431ef
        Validity
            Not Before: Apr 30 19:53:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=152fd99d8e8b8b76be47e509fd2257ed1811947c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:4b:96:6e:34:b8:41:33:4d:4d:20:83:66:20:
                    92:b9:b3:c0:79:e9:c7:31:e7:71:d9:58:75:d1:51:
                    69:24:87:b8:7c:96:de:f1:e2:0d:33:5e:a8:7d:08:
                    6f:05:3d:0e:2c:9a:dc:56:f0:f1:4b:0f:dc:c7:cc:
                    57:55:87:63:ca:46:7c:f7:35:71:6e:9c:f1:aa:88:
                    7c:8f:9c:5f:cf:a4:a5:b0:d0:88:a0:e8:4c:18:b2:
                    68:4d:da:23:94:70:95:f5:dd:a4:d4:6b:45:57:4d:
                    0f:91:c2:bb:94:9c:08:11:96:03:75:2f:87:84:9f:
                    c1:24:4f:e7:48:b6:0a:52:00:d8:51:51:ed:cf:c5:
                    85:28:c4:82:7b:c7:0d:8f:c3:fd:71:d4:66:5f:a9:
                    ff:58:f8:d1:26:a5:60:fd:e0:41:f5:ef:31:f0:46:
                    17:f4:cf:02:80:8c:cc:32:1c:bc:e3:46:e4:84:91:
                    44:cb:c9:2b:bc:8c:99:39:9f:27:50:b1:23:82:ee:
                    e2:c3:ce:00:eb:fd:43:88:33:ea:d6:5d:e2:c0:45:
                    18:c8:59:73:c6:2b:6b:59:99:5c:97:b2:40:f2:70:
                    db:6d:15:8c:08:99:4c:b1:37:39:0d:24:a7:11:f1:
                    71:ba:12:85:46:28:b3:b2:61:b1:6d:ce:aa:45:ab:
                    c3:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:2F:D9:9D:8E:8B:8B:76:BE:47:E5:09:FD:22:57:ED:18:11:94:7C
            X509v3 Authority Key Identifier:
                keyid:C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/FS_ZnY6Li3a-R-UJ_SJX7RgRlHw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.132.195.0-79.132.199.255
                  86.111.144.0/22
                  109.230.112.0/24
                  109.230.114.0-109.230.120.255
                  109.230.122.0-109.230.124.255
                  109.230.126.0/23
                  122.102.116.0-122.102.118.255
                  185.113.105.0/24
                  185.113.107.0/24
                  202.164.192.0/22
                  202.164.197.0-202.164.205.255
                IPv6:
                  2a03:c340::/32

    Signature Algorithm: sha256WithRSAEncryption
         19:45:fe:19:e4:c5:4d:cf:97:18:ec:87:51:5e:0e:d0:09:33:
         c2:e9:a1:93:af:5b:74:ea:a1:3b:82:22:5d:57:cc:6a:a7:8f:
         f6:f9:5c:bf:d0:80:a0:14:2e:b5:7c:c3:47:66:90:bc:ef:90:
         73:13:45:52:94:ad:a0:60:19:68:4f:9c:82:28:04:94:59:b0:
         e3:bd:d9:fe:29:3e:9b:23:2c:5d:db:02:dc:22:c1:d2:34:ba:
         8b:94:26:78:f2:89:70:bb:3b:5e:8b:a0:80:0c:6f:33:10:ee:
         f4:5c:70:40:47:09:e5:3e:dd:d6:71:78:f4:21:86:b0:f6:f5:
         43:39:e1:4f:ab:77:2b:d3:1b:a8:c5:5d:a5:ff:14:0f:2a:d7:
         48:c1:45:fb:bf:5f:53:df:1f:59:ee:db:5d:00:44:a1:b0:95:
         54:99:51:5a:71:4b:00:d1:72:ac:90:90:88:4d:71:b2:bf:20:
         df:f4:41:35:c9:bd:ef:b0:a5:93:40:18:e5:85:70:5f:2a:d1:
         a7:a2:97:39:40:04:78:e8:74:da:cc:26:6e:8a:71:15:46:35:
         ab:a9:a6:bc:e1:c3:a4:80:f5:eb:92:87:bb:68:18:6e:51:01:
         f4:82:3a:ab:f8:0a:81:ff:ff:18:95:e1:ac:25:b6:fc:ab:e2:
         56:5c:00:14
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAY8wkbxJTjBfgcX+NYLMy+VQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDk4YTE5MDViYmQzMzgxNTMzODI4ZjZiN2ZkMjI3MTcw
NDMxZWYwHhcNMjQwNDMwMTk1MzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTJmZDk5ZDhlOGI4Yjc2YmU0N2U1MDlmZDIyNTdlZDE4MTE5NDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20uWbjS4QTNNTSCDZiCSubPAeenH
Medx2Vh10VFpJIe4fJbe8eINM16ofQhvBT0OLJrcVvDxSw/cx8xXVYdjykZ89zVx
bpzxqoh8j5xfz6SlsNCIoOhMGLJoTdojlHCV9d2k1GtFV00PkcK7lJwIEZYDdS+H
hJ/BJE/nSLYKUgDYUVHtz8WFKMSCe8cNj8P9cdRmX6n/WPjRJqVg/eBB9e8x8EYX
9M8CgIzMMhy840bkhJFEy8krvIyZOZ8nULEjgu7iw84A6/1DiDPq1l3iwEUYyFlz
xitrWZlcl7JA8nDbbRWMCJlMsTc5DSSnEfFxuhKFRiizsmGxbc6qRavD2wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFBUv2Z2Oi4t2vkflCf0iV+0YEZR8MB8GA1UdIwQY
MBaAFMEJihkFu9M4FTOCj2t/0icXBDHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUt
YjJhNzEzZDJlYWIyLzEvRlNfWm5ZNkxpM2EtUi1VSl9TSlg3UmdSbEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUtYjJhNzEzZDJlYWIy
LzEvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqMAwDBABP
hMMDBANPhMADBAJWb5ADBABt5nAwDAMEAW3mcgMEAG3meDAMAwQBbeZ6AwQAbeZ8
AwQBbeZ+MAwDBAJ6ZnQDBAB6ZnYDBAC5cWkDBAC5cWsDBALKpMAwDAMEAMqkxQME
AcqkzDANBAIAAjAHAwUAKgPDQDANBgkqhkiG9w0BAQsFAAOCAQEAGUX+GeTFTc+X
GOyHUV4O0Akzwumhk69bdOqhO4IiXVfMaqeP9vlcv9CAoBQutXzDR2aQvO+QcxNF
UpStoGAZaE+cgigElFmw473Z/ik+myMsXdsC3CLB0jS6i5QmePKJcLs7XouggAxv
MxDu9FxwQEcJ5T7d1nF49CGGsPb1QznhT6t3K9MbqMVdpf8UDyrXSMFF+79fU98f
We7bXQBEobCVVJlRWnFLANFyrJCQiE1xsr8g3/RBNcm977Clk0AY5YVwXyrRp6KX
OUAEeOh02swmbopxFUY1q6mmvOHDpID165KHu2gYblEB9II6q/gKgf//GJXhrCW2
/KviVlwAFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:08 2024 by rpki-client on console-fra.rpki-client.org