Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PrhAy049JkDoiDgqHjh_BBb_DeU.roa
File:                     PrhAy049JkDoiDgqHjh_BBb_DeU.roa (raw, json)
Hash identifier:          3JXfyQ6kCdQDZQjPQQZ4EXVi7khBMSgnc05Zy5FF6H4=
Subject key identifier:   3E:B8:40:CB:4E:3D:26:40:E8:88:38:2A:1E:38:7F:04:16:FF:0D:E5
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       018A1B402C859834EFA4C08FEFAB22395E20
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PrhAy049JkDoiDgqHjh_BBb_DeU.roa
Signing time:             Tue 22 Aug 2023 03:18:25 +0000
ROA not before:           Tue 22 Aug 2023 03:18:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3258
IP address blocks:        45.66.216.0/22 maxlen: 24
                          92.60.40.0/22 maxlen: 24
                          45.159.48.0/22 maxlen: 24
                          45.14.105.0/24 maxlen: 24
                          45.14.107.0/24 maxlen: 24
                          45.142.124.0/22 maxlen: 24
                          147.78.240.0/21 maxlen: 24
                          185.200.64.0/22 maxlen: 24
                          149.62.44.0/22 maxlen: 24
                          193.111.30.0/23 maxlen: 24
                          185.184.220.0/22 maxlen: 24
                          45.149.156.0/22 maxlen: 24
                          176.119.148.0/22 maxlen: 24
                          195.245.241.0/24 maxlen: 24
                          195.245.242.0/24 maxlen: 24
                          88.214.20.0/22 maxlen: 24
                          45.143.232.0/22 maxlen: 24
                          45.14.64.0/22 maxlen: 24
                          45.14.70.0/24 maxlen: 24
                          45.66.128.0/22 maxlen: 24
                          91.200.240.0/22 maxlen: 24
                          193.32.148.0/22 maxlen: 24
                          2a09:4::/48 maxlen: 48
                          2a09:3::/48 maxlen: 48
                          2a09:5::/48 maxlen: 48
                          2a09:7::/48 maxlen: 48
                          2a09:7::/36 maxlen: 48
                          2a09:1::/48 maxlen: 48
                          2a09:7:2008::/48 maxlen: 48
                          2a09:2::/48 maxlen: 48
                          2a0d:c7c1::/32 maxlen: 48
                          2a09:7:1::/48 maxlen: 48
                          2a10:480::/29 maxlen: 48

Validation:               Failed, certificate revoked on Thu 26 Oct 2023 08:12:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:1b:40:2c:85:98:34:ef:a4:c0:8f:ef:ab:22:39:5e:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Aug 22 03:18:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3eb840cb4e3d2640e888382a1e387f0416ff0de5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:2d:65:5b:84:00:72:d5:db:0d:2d:b1:f3:3b:
                    07:2d:9f:3f:19:f4:42:22:d7:96:db:54:25:19:fd:
                    b1:37:c4:23:4d:2f:2d:a9:1b:5b:13:5d:1e:e7:18:
                    bf:f9:62:89:fd:bc:26:28:09:b5:c3:bb:45:45:06:
                    c3:32:33:65:3a:64:7b:5f:32:7f:13:1f:41:0b:5c:
                    70:17:89:9b:3b:65:f6:15:50:37:1b:24:df:6c:d8:
                    fc:e0:a2:69:2a:82:82:6b:b4:2a:49:91:20:a1:7c:
                    10:f3:de:51:ef:04:b1:64:bc:4d:d2:84:01:0e:b6:
                    e9:d0:91:06:5b:16:0a:0f:fd:22:f8:25:6d:97:63:
                    8f:2c:8f:72:2a:61:05:57:b7:80:b4:e0:b7:2f:ef:
                    86:09:cd:0b:ed:18:36:21:f1:7d:7b:42:23:a5:a3:
                    5d:67:c0:ff:83:8f:aa:00:0e:23:ea:9c:29:d0:7b:
                    81:4f:44:a8:fb:0b:27:fe:40:bf:78:b6:12:03:ac:
                    9f:1a:a4:87:54:73:47:bc:e2:ba:41:b3:0f:92:aa:
                    b6:c4:86:ac:1b:d2:72:7f:07:b9:3b:2b:e2:7a:56:
                    85:1a:79:5e:5c:d7:00:f9:f8:23:cc:40:79:f7:93:
                    17:e3:da:d9:f9:5a:0f:f6:19:cd:2a:bf:40:e6:99:
                    de:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:B8:40:CB:4E:3D:26:40:E8:88:38:2A:1E:38:7F:04:16:FF:0D:E5
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/PrhAy049JkDoiDgqHjh_BBb_DeU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.14.64.0/22
                  45.14.70.0/24
                  45.14.105.0/24
                  45.14.107.0/24
                  45.66.128.0/22
                  45.66.216.0/22
                  45.142.124.0/22
                  45.143.232.0/22
                  45.149.156.0/22
                  45.159.48.0/22
                  88.214.20.0/22
                  91.200.240.0/22
                  92.60.40.0/22
                  147.78.240.0/21
                  149.62.44.0/22
                  176.119.148.0/22
                  185.184.220.0/22
                  185.200.64.0/22
                  193.32.148.0/22
                  193.111.30.0/23
                  195.245.241.0-195.245.242.255
                IPv6:
                  2a09:1::/48
                  2a09:2::/48
                  2a09:3::/48
                  2a09:4::/48
                  2a09:5::/48
                  2a09:7::/36
                  2a09:7:2008::/48
                  2a0d:c7c1::/32
                  2a10:480::/29

    Signature Algorithm: sha256WithRSAEncryption
         66:eb:c6:d7:57:f0:29:a7:83:7e:a7:ae:51:39:a5:cb:08:58:
         61:1b:60:3b:6c:2a:eb:1a:ce:1a:4c:c1:01:7f:25:51:ef:fe:
         7b:87:c9:90:cd:70:5d:98:87:08:49:ad:bf:70:72:e1:0e:8e:
         f7:29:ac:8b:51:1c:31:73:3d:8c:aa:05:ba:71:e6:19:b6:f0:
         68:49:f4:b9:ee:31:7b:0f:7d:c9:dd:f8:d1:19:e3:5e:68:c0:
         9e:ff:f6:c5:b2:04:d5:bb:96:0b:ae:8c:dc:78:74:e0:b2:d0:
         2d:18:fc:2c:88:bc:63:68:4b:ca:b0:31:f1:ea:67:6c:2c:c3:
         34:28:37:76:54:6f:5e:2e:e9:11:8c:34:4d:a2:ef:97:ba:55:
         14:e9:f0:3c:7a:73:9c:7a:3d:a8:bd:fa:72:28:7d:f0:c0:40:
         8d:9f:9f:6e:e9:0d:db:1b:2c:2b:c9:ab:0c:8b:53:da:c3:95:
         61:cf:57:c6:1f:9a:db:2d:55:19:bf:a5:0b:be:2f:13:dd:0a:
         b6:c1:cc:74:78:ee:65:80:e9:9d:76:68:65:0b:ac:67:4d:59:
         71:94:bb:b4:a0:8c:ab:6c:60:86:ce:2b:bd:b8:d6:32:be:7a:
         bc:4e:15:9a:57:af:46:ec:4e:51:ba:dc:f1:48:1c:50:b2:3d:
         55:bb:d4:af
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAYobQCyFmDTvpMCP76siOV4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwODIyMDMxODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI4NDBjYjRlM2QyNjQwZTg4ODM4MmExZTM4N2YwNDE2ZmYwZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC1lW4QActXbDS2x8zsHLZ8/GfRC
IteW21QlGf2xN8QjTS8tqRtbE10e5xi/+WKJ/bwmKAm1w7tFRQbDMjNlOmR7XzJ/
Ex9BC1xwF4mbO2X2FVA3GyTfbNj84KJpKoKCa7QqSZEgoXwQ895R7wSxZLxN0oQB
Drbp0JEGWxYKD/0i+CVtl2OPLI9yKmEFV7eAtOC3L++GCc0L7Rg2IfF9e0IjpaNd
Z8D/g4+qAA4j6pwp0HuBT0So+wsn/kC/eLYSA6yfGqSHVHNHvOK6QbMPkqq2xIas
G9Jyfwe5OyvielaFGnleXNcA+fgjzEB595MX49rZ+VoP9hnNKr9A5pne2wIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFD64QMtOPSZA6Ig4Kh44fwQW/w3lMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvUHJoQXkwNDlKa0RvaURncUhqaF9CQmJfRGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCBjQQCAAEwgYYDBAIt
DkADBAAtDkYDBAAtDmkDBAAtDmsDBAItQoADBAItQtgDBAItjnwDBAItj+gDBAIt
lZwDBAItnzADBAJY1hQDBAJbyPADBAJcPCgDBAOTTvADBAKVPiwDBAKwd5QDBAK5
uNwDBAK5yEADBALBIJQDBAHBbx4wDAMEAMP18QMEAMP18jBSBAIAAjBMAwcAKgkA
AQAAAwcAKgkAAgAAAwcAKgkAAwAAAwcAKgkABAAAAwcAKgkABQAAAwYEKgkABwAD
BwAqCQAHIAgDBQAqDcfBAwUDKhAEgDANBgkqhkiG9w0BAQsFAAOCAQEAZuvG11fw
KaeDfqeuUTmlywhYYRtgO2wq6xrOGkzBAX8lUe/+e4fJkM1wXZiHCEmtv3By4Q6O
9ymsi1EcMXM9jKoFunHmGbbwaEn0ue4xew99yd340RnjXmjAnv/2xbIE1buWC66M
3Hh04LLQLRj8LIi8Y2hLyrAx8epnbCzDNCg3dlRvXi7pEYw0TaLvl7pVFOnwPHpz
nHo9qL36cih98MBAjZ+fbukN2xssK8mrDItT2sOVYc9Xxh+a2y1VGb+lC74vE90K
tsHMdHjuZYDpnXZoZQusZ01ZcZS7tKCMq2xghs4rvbjWMr56vE4VmlevRuxOUbrc
8UgcULI9VbvUrw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org