Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/7WoBO5wCbUiGmF8Wy3C0Q3XQJTU.roa
File:                     7WoBO5wCbUiGmF8Wy3C0Q3XQJTU.roa (raw, json)
Hash identifier:          brcwmZ+XsRXOKqxAPe3snTsfESUQjCfgQYvWPtSTZeg=
Subject key identifier:   ED:6A:01:3B:9C:02:6D:48:86:98:5F:16:CB:70:B4:43:75:D0:25:35
Certificate issuer:       /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial:       0185D3E411B69B9C9C066A5EA089C857F331
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/7WoBO5wCbUiGmF8Wy3C0Q3XQJTU.roa
Signing time:             Sat 21 Jan 2023 10:33:37 +0000
ROA not before:           Sat 21 Jan 2023 10:33:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58061
IP address blocks:        37.252.3.0/24 maxlen: 24
                          37.252.14.0/23 maxlen: 23
                          37.252.13.0/24 maxlen: 24
                          213.142.146.0/23 maxlen: 23
                          185.238.170.0/23 maxlen: 23
                          185.238.168.0/23 maxlen: 23
                          37.1.200.0/21 maxlen: 21
                          62.197.48.0/23 maxlen: 23
                          37.1.216.0/21 maxlen: 21
                          5.45.72.0/22 maxlen: 22
                          5.45.76.0/22 maxlen: 22
                          5.45.84.0/22 maxlen: 22
                          5.45.88.0/22 maxlen: 22
                          5.45.92.0/22 maxlen: 22
                          176.97.79.0/24 maxlen: 24
                          46.102.106.0/24 maxlen: 24
                          5.61.48.0/22 maxlen: 22
                          5.61.56.0/22 maxlen: 22
                          5.61.52.0/22 maxlen: 22
                          5.45.64.0/21 maxlen: 21
                          45.136.48.0/22 maxlen: 22
                          2a02:c6c3::/32 maxlen: 32
                          2a02:c6c1:2::/48 maxlen: 48
                          2a02:c6c2::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 10 Mar 2023 12:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:d3:e4:11:b6:9b:9c:9c:06:6a:5e:a0:89:c8:57:f3:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
        Validity
            Not Before: Jan 21 10:33:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ed6a013b9c026d4886985f16cb70b44375d02535
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:c7:58:2b:2d:9e:c5:3a:af:18:d5:ae:96:ec:
                    53:eb:a0:72:06:95:94:9b:7e:49:3c:2f:9c:cc:11:
                    9d:ee:4c:d5:e4:5c:8e:49:12:9a:3f:1a:ea:44:ea:
                    04:f2:82:7a:86:2f:4b:30:4e:b3:85:2f:a7:d4:e6:
                    6e:fb:7d:a8:9b:f8:79:a9:f4:2f:fc:9d:ab:33:16:
                    7b:6b:71:9a:31:83:8c:59:ac:e2:79:d3:83:03:cf:
                    06:f5:85:89:72:25:8d:e2:78:21:eb:b9:8f:bf:d2:
                    8f:83:d2:38:14:69:d2:d8:62:9d:99:da:0f:0c:7e:
                    54:81:9f:c6:18:f8:e6:8c:4f:74:94:24:9c:7b:fd:
                    ff:bd:1a:dd:b0:78:0b:1f:c8:0e:41:b1:7a:fa:03:
                    03:d8:55:96:39:e6:47:71:59:0f:fa:0a:6c:36:6e:
                    d6:d2:94:fd:a4:39:e6:28:c9:0e:4c:c4:f7:18:23:
                    cb:47:63:8e:ac:59:a4:f3:ec:c4:0d:7a:f0:9a:1d:
                    20:52:b2:e5:82:75:5b:9b:28:22:ea:57:ef:59:8a:
                    ea:14:c9:34:68:9a:50:08:ce:67:22:73:03:90:22:
                    12:50:02:7d:dc:20:76:bf:52:6e:97:2b:fc:aa:34:
                    c5:c2:5d:01:5e:2b:51:62:04:98:16:3b:8f:39:f8:
                    29:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:6A:01:3B:9C:02:6D:48:86:98:5F:16:CB:70:B4:43:75:D0:25:35
            X509v3 Authority Key Identifier:
                keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/7WoBO5wCbUiGmF8Wy3C0Q3XQJTU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.45.64.0/20
                  5.45.84.0-5.45.95.255
                  5.61.48.0-5.61.59.255
                  37.1.200.0/21
                  37.1.216.0/21
                  37.252.3.0/24
                  37.252.13.0-37.252.15.255
                  45.136.48.0/22
                  46.102.106.0/24
                  62.197.48.0/23
                  176.97.79.0/24
                  185.238.168.0/22
                  213.142.146.0/23
                IPv6:
                  2a02:c6c1:2::/48
                  2a02:c6c2::/31

    Signature Algorithm: sha256WithRSAEncryption
         b7:ad:be:b5:98:c1:5d:b1:6f:bb:f7:9e:74:8e:fd:1c:81:55:
         f7:df:74:d1:77:74:f1:7b:b4:c3:41:63:93:d3:65:f2:fa:ad:
         30:c7:bf:97:a0:89:de:f0:48:0e:24:09:56:f5:d9:45:dc:00:
         76:e5:ba:e6:f6:38:dc:ce:d3:3e:8d:a2:e1:81:d8:ad:66:b9:
         43:e3:f5:26:c1:db:36:95:da:24:57:4a:d7:34:96:39:8a:1c:
         94:23:e1:e6:7a:a5:28:64:d1:25:59:4e:66:da:9c:d3:78:86:
         a3:ad:2d:23:02:93:e3:24:26:8d:53:96:d9:e9:23:6f:ea:eb:
         ee:77:80:56:98:19:ca:c4:71:50:74:de:6b:50:81:44:c6:63:
         32:8a:2f:da:71:dd:70:cd:ff:ad:d8:b9:ea:83:23:44:6e:a1:
         c4:ec:45:13:88:26:b9:b8:35:99:d9:1f:6b:78:f8:69:37:76:
         a7:2e:bd:db:80:b2:b5:fb:25:06:23:62:d2:27:ac:7d:ae:4c:
         d3:23:67:af:58:b2:d9:07:7d:94:1a:f8:d4:bc:c9:07:f5:c3:
         13:f2:fc:8b:f4:57:c5:8e:a6:62:d3:91:8d:bc:84:2f:47:a9:
         3b:7f:a5:87:c8:80:18:1c:0b:6a:af:a2:b9:fe:80:cb:4a:37:
         57:ad:08:b5
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYXT5BG2m5ycBmpeoInIV/MxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjMwMTIxMTAzMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDZhMDEzYjljMDI2ZDQ4ODY5ODVmMTZjYjcwYjQ0Mzc1ZDAyNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsdYKy2exTqvGNWuluxT66ByBpWU
m35JPC+czBGd7kzV5FyOSRKaPxrqROoE8oJ6hi9LME6zhS+n1OZu+32om/h5qfQv
/J2rMxZ7a3GaMYOMWaziedODA88G9YWJciWN4ngh67mPv9KPg9I4FGnS2GKdmdoP
DH5UgZ/GGPjmjE90lCSce/3/vRrdsHgLH8gOQbF6+gMD2FWWOeZHcVkP+gpsNm7W
0pT9pDnmKMkOTMT3GCPLR2OOrFmk8+zEDXrwmh0gUrLlgnVbmygi6lfvWYrqFMk0
aJpQCM5nInMDkCISUAJ93CB2v1Julyv8qjTFwl0BXitRYgSYFjuPOfgprQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFO1qATucAm1IhphfFstwtEN10CU1MB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvN1dvQk81d0NiVWlHbUY4V3kzQzBRM1hRSlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBsBAIAATBmAwQEBS1A
MAwDBAIFLVQDBAUFLUAwDAMEBAU9MAMEAgU9OAMEAyUByAMEAyUB2AMEACX8AzAM
AwQAJfwNAwQEJfwAAwQCLYgwAwQALmZqAwQBPsUwAwQAsGFPAwQCue6oAwQB1Y6S
MBYEAgACMBADBwAqAsbBAAIDBQEqAsbCMA0GCSqGSIb3DQEBCwUAA4IBAQC3rb61
mMFdsW+79550jv0cgVX333TRd3Txe7TDQWOT02Xy+q0wx7+XoIne8EgOJAlW9dlF
3AB25brm9jjcztM+jaLhgditZrlD4/Umwds2ldokV0rXNJY5ihyUI+HmeqUoZNEl
WU5m2pzTeIajrS0jApPjJCaNU5bZ6SNv6uvud4BWmBnKxHFQdN5rUIFExmMyii/a
cd1wzf+t2LnqgyNEbqHE7EUTiCa5uDWZ2R9rePhpN3anLr3bgLK1+yUGI2LSJ6x9
rkzTI2evWLLZB32UGvjUvMkH9cMT8vyL9FfFjqZi05GNvIQvR6k7f6WHyIAYHAtq
r6K5/oDLSjdXrQi1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:42 2024 by rpki-client on console-ams.rpki-client.org