Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/A4tlEgjH4_0d5ts_QUCQET9HLmk.roa
File:                     A4tlEgjH4_0d5ts_QUCQET9HLmk.roa (raw, json)
Hash identifier:          jv8fJ/jFBxSg3APQXJIH0uzUHzvNkYTJKg6HoGhnFQw=
Subject key identifier:   03:8B:65:12:08:C7:E3:FD:1D:E6:DB:3F:41:40:90:11:3F:47:2E:69
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       018DAEB126A35714688F4EB3918ED3C09977
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/A4tlEgjH4_0d5ts_QUCQET9HLmk.roa
Signing time:             Thu 15 Feb 2024 21:34:21 +0000
ROA not before:           Thu 15 Feb 2024 21:34:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8888
IP address blocks:        45.87.92.0/22 maxlen: 32
                          45.87.92.0/24 maxlen: 32
                          45.87.93.0/24 maxlen: 32
                          45.87.95.0/24 maxlen: 32
                          45.90.210.0/24 maxlen: 24
                          45.92.157.0/24 maxlen: 24
                          45.130.20.0/22 maxlen: 24
                          45.131.152.0/22 maxlen: 24
                          45.139.192.0/22 maxlen: 24
                          45.139.192.0/24 maxlen: 32
                          45.139.195.0/24 maxlen: 32
                          45.143.232.0/22 maxlen: 24
                          45.143.233.0/24 maxlen: 24
                          45.143.234.0/24 maxlen: 24
                          45.143.235.0/24 maxlen: 24
                          80.66.196.0/22 maxlen: 24
                          94.124.116.0/22 maxlen: 24
                          95.214.164.0/22 maxlen: 24
                          141.98.196.0/22 maxlen: 24
                          149.62.44.0/22 maxlen: 24
                          185.194.52.0/22 maxlen: 24
                          185.194.54.0/24 maxlen: 32
                          185.200.64.0/22 maxlen: 24
                          185.222.216.0/21 maxlen: 24
                          185.248.87.0/24 maxlen: 32
                          193.111.30.0/23 maxlen: 24
                          194.36.24.0/24 maxlen: 24
                          194.104.152.0/22 maxlen: 24
                          194.169.54.0/23 maxlen: 24
                          194.169.54.0/24 maxlen: 24
                          195.245.219.0/24 maxlen: 32
                          195.245.241.0/24 maxlen: 24
                          195.245.242.0/24 maxlen: 24
                          2a06:4fc0::/29 maxlen: 48
                          2a06:57c0::/29 maxlen: 48
                          2a07:e900::/29 maxlen: 48
                          2a07:fa00::/29 maxlen: 48
                          2a09:0:15::/48 maxlen: 48
                          2a09:6::/48 maxlen: 48
                          2a09:6:1::/48 maxlen: 48
                          2a0c:ed40::/29 maxlen: 48
                          2a0d:1fc0::/29 maxlen: 48
                          2a0d:3640::/29 maxlen: 48
                          2a0d:4340::/29 maxlen: 48
                          2a0d:4bc0::/29 maxlen: 48
                          2a0d:7540::/29 maxlen: 48
                          2a0d:de80::/29 maxlen: 48
                          2a0e:6200::/29 maxlen: 48
                          2a10:2600::/29 maxlen: 48

Validation:               Failed, certificate revoked on Sat 13 Apr 2024 14:58:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:ae:b1:26:a3:57:14:68:8f:4e:b3:91:8e:d3:c0:99:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Feb 15 21:34:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=038b651208c7e3fd1de6db3f414090113f472e69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:e9:0a:20:3e:3e:a1:16:17:56:88:9d:0f:27:
                    de:ea:5c:c1:d8:24:ca:54:a4:2c:af:2b:3b:08:0c:
                    8c:1c:03:ac:b0:55:84:10:9e:82:9b:a6:f6:81:f2:
                    c8:83:b0:5d:62:86:d2:b4:d0:d0:e4:e3:5e:91:bd:
                    90:64:27:b0:11:ef:20:3e:9c:8e:26:83:cf:88:8a:
                    8d:87:10:09:ce:36:2c:bf:8c:be:ee:aa:b8:3a:a5:
                    5e:ad:78:47:53:b8:9f:25:0f:ad:cb:69:2d:74:4c:
                    62:4d:b9:06:35:be:6a:0f:64:85:d3:30:5e:5f:f6:
                    a4:80:38:27:02:8b:b7:fe:f0:92:8a:e8:0d:32:c0:
                    2d:b9:9c:37:dc:55:91:79:4b:7d:76:cb:ec:37:b2:
                    7f:ee:28:ca:ed:53:48:0c:a5:de:5a:3f:a5:78:0a:
                    82:9f:0a:56:a5:e8:b9:9f:0f:47:a1:17:bc:9a:c4:
                    ff:eb:0d:46:fa:90:7e:fa:93:fc:12:d5:6a:bb:61:
                    c9:d1:78:5e:a3:91:8f:92:4a:55:87:c0:7d:17:e2:
                    79:42:6e:df:e2:1e:67:ae:0f:7f:6d:6c:b4:db:a1:
                    bd:e5:2c:a8:eb:ec:eb:cd:41:e8:77:0a:73:ab:9d:
                    20:6b:7a:41:d5:ef:58:af:b1:ad:48:ae:8c:99:46:
                    86:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:8B:65:12:08:C7:E3:FD:1D:E6:DB:3F:41:40:90:11:3F:47:2E:69
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/A4tlEgjH4_0d5ts_QUCQET9HLmk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.87.92.0/22
                  45.90.210.0/24
                  45.92.157.0/24
                  45.130.20.0/22
                  45.131.152.0/22
                  45.139.192.0/22
                  45.143.232.0/22
                  80.66.196.0/22
                  94.124.116.0/22
                  95.214.164.0/22
                  141.98.196.0/22
                  149.62.44.0/22
                  185.194.52.0/22
                  185.200.64.0/22
                  185.222.216.0/21
                  185.248.87.0/24
                  193.111.30.0/23
                  194.36.24.0/24
                  194.104.152.0/22
                  194.169.54.0/23
                  195.245.219.0/24
                  195.245.241.0-195.245.242.255
                IPv6:
                  2a06:4fc0::/29
                  2a06:57c0::/29
                  2a07:e900::/29
                  2a07:fa00::/29
                  2a09:0:15::/48
                  2a09:6::/47
                  2a0c:ed40::/29
                  2a0d:1fc0::/29
                  2a0d:3640::/29
                  2a0d:4340::/29
                  2a0d:4bc0::/29
                  2a0d:7540::/29
                  2a0d:de80::/29
                  2a0e:6200::/29
                  2a10:2600::/29

    Signature Algorithm: sha256WithRSAEncryption
         34:98:0d:54:b0:04:98:e4:ab:8f:a9:62:4e:4c:84:96:f3:eb:
         33:e4:65:82:81:92:c2:2d:28:4a:f7:7c:78:11:15:02:61:ff:
         9a:b7:e2:ea:7d:4a:76:2f:ad:e8:bb:c8:0a:64:cd:53:c2:f7:
         51:44:01:5b:9f:9a:0f:cd:de:75:8c:de:94:8f:7e:19:98:06:
         ed:97:59:b1:a8:54:a9:66:38:3b:25:b0:f6:dd:30:04:71:27:
         9c:e2:e6:34:a3:84:6e:7f:30:a1:1b:dc:78:fc:e2:f5:95:ff:
         08:8a:1b:2c:8e:a1:3a:07:e5:f6:c8:fd:af:20:0b:d3:3c:43:
         a0:c8:e0:cc:63:61:a3:62:e0:ec:c5:dc:e4:0d:7f:df:6f:55:
         63:c7:c0:75:73:a5:ba:b1:d9:6f:cb:37:3f:ef:8b:f4:ad:e1:
         e5:ca:71:bc:66:b2:95:28:b4:eb:c3:61:b2:68:d1:04:b1:ac:
         f3:7d:56:cd:1d:24:78:7d:9f:87:8e:6a:9f:0d:0c:7d:97:a0:
         24:de:9b:bb:ee:a1:16:3c:f9:d2:c9:53:2d:68:d4:d6:ef:02:
         e7:f3:ff:37:e4:88:a9:d7:12:8c:78:a8:0f:94:f0:89:5a:f2:
         bc:6d:a2:1b:53:2e:be:64:f7:19:d1:95:4c:bc:63:98:eb:c3:
         24:17:c7:11
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAY2usSajVxRoj06zkY7TwJl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMjE1MjEzNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzhiNjUxMjA4YzdlM2ZkMWRlNmRiM2Y0MTQwOTAxMTNmNDcyZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjukKID4+oRYXVoidDyfe6lzB2CTK
VKQsrys7CAyMHAOssFWEEJ6Cm6b2gfLIg7BdYobStNDQ5ONekb2QZCewEe8gPpyO
JoPPiIqNhxAJzjYsv4y+7qq4OqVerXhHU7ifJQ+ty2ktdExiTbkGNb5qD2SF0zBe
X/akgDgnAou3/vCSiugNMsAtuZw33FWReUt9dsvsN7J/7ijK7VNIDKXeWj+leAqC
nwpWpei5nw9HoRe8msT/6w1G+pB++pP8EtVqu2HJ0Xheo5GPkkpVh8B9F+J5Qm7f
4h5nrg9/bWy026G95Syo6+zrzUHodwpzq50ga3pB1e9Yr7GtSK6MmUaG8QIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFAOLZRIIx+P9HebbP0FAkBE/Ry5pMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvQTR0bEVnakg0XzBkNXRzX1FVQ1FFVDlITG1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzCBkwQCAAEwgYwD
BAItV1wDBAAtWtIDBAAtXJ0DBAItghQDBAItg5gDBAIti8ADBAItj+gDBAJQQsQD
BAJefHQDBAJf1qQDBAKNYsQDBAKVPiwDBAK5wjQDBAK5yEADBAO53tgDBAC5+FcD
BAHBbx4DBADCJBgDBALCaJgDBAHCqTYDBADD9dswDAMEAMP18QMEAMP18jBzBAIA
AjBtAwUDKgZPwAMFAyoGV8ADBQMqB+kAAwUDKgf6AAMHACoJAAAAFQMHASoJAAYA
AAMFAyoM7UADBQMqDR/AAwUDKg02QAMFAyoNQ0ADBQMqDUvAAwUDKg11QAMFAyoN
3oADBQMqDmIAAwUDKhAmADANBgkqhkiG9w0BAQsFAAOCAQEANJgNVLAEmOSrj6li
TkyElvPrM+RlgoGSwi0oSvd8eBEVAmH/mrfi6n1Kdi+t6LvICmTNU8L3UUQBW5+a
D83edYzelI9+GZgG7ZdZsahUqWY4OyWw9t0wBHEnnOLmNKOEbn8woRvcePzi9ZX/
CIobLI6hOgfl9sj9ryAL0zxDoMjgzGNho2Lg7MXc5A1/329VY8fAdXOlurHZb8s3
P++L9K3h5cpxvGaylSi068NhsmjRBLGs831WzR0keH2fh45qnw0MfZegJN6bu+6h
Fjz50slTLWjU1u8C5/P/N+SIqdcSjHioD5TwiVryvG2iG1MuvmT3GdGVTLxjmOvD
JBfHEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:46 2024 by rpki-client on console-ams.rpki-client.org