Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Xa-ci8TdUsRJdSWx4Tm-Uk2kLEI.roa
File:                     Xa-ci8TdUsRJdSWx4Tm-Uk2kLEI.roa (raw, json)
Hash identifier:          v0AluGsOGbXVbCW5AlXtW73B0T4lZqVP1dTSKKf+Y/U=
Subject key identifier:   5D:AF:9C:8B:C4:DD:52:C4:49:75:25:B1:E1:39:BE:52:4D:A4:2C:42
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       018751299E4469FEA6D54CD062DCC3490A15
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Xa-ci8TdUsRJdSWx4Tm-Uk2kLEI.roa
Signing time:             Wed 05 Apr 2023 11:24:54 +0000
ROA not before:           Wed 05 Apr 2023 11:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3214
IP address blocks:        80.66.196.0/22 maxlen: 24
                          92.60.40.0/23 maxlen: 23
                          92.60.41.0/24 maxlen: 24
                          92.60.42.0/24 maxlen: 24
                          92.60.40.0/24 maxlen: 24
                          185.255.55.0/24 maxlen: 24
                          185.255.53.0/24 maxlen: 24
                          185.255.52.0/22 maxlen: 24
                          45.80.188.0/22 maxlen: 24
                          62.133.35.0/24 maxlen: 24
                          62.133.33.0/24 maxlen: 24
                          62.133.32.0/24 maxlen: 24
                          62.133.32.0/22 maxlen: 24
                          88.214.20.0/22 maxlen: 24
                          45.147.48.0/24 maxlen: 32
                          45.147.49.0/24 maxlen: 32
                          45.153.244.0/22 maxlen: 24
                          95.214.164.0/22 maxlen: 24
                          185.248.84.0/22 maxlen: 24
                          185.194.52.0/22 maxlen: 24
                          91.200.241.0/24 maxlen: 24
                          45.11.45.0/24 maxlen: 24
                          141.98.196.0/22 maxlen: 24
                          147.78.179.0/24 maxlen: 24
                          147.78.177.0/24 maxlen: 24
                          147.78.178.0/24 maxlen: 24
                          147.78.176.0/24 maxlen: 24
                          147.78.176.0/22 maxlen: 24
                          147.78.241.0/24 maxlen: 24
                          185.200.64.0/22 maxlen: 24
                          45.139.192.0/22 maxlen: 24
                          185.254.75.0/24 maxlen: 24
                          185.254.73.0/24 maxlen: 24
                          45.92.157.0/24 maxlen: 24
                          185.254.74.0/24 maxlen: 24
                          185.213.151.0/24 maxlen: 24
                          185.213.149.0/24 maxlen: 24
                          185.213.148.0/22 maxlen: 24
                          185.213.148.0/24 maxlen: 24
                          147.78.240.0/24 maxlen: 24
                          194.124.216.0/24 maxlen: 24
                          45.131.152.0/22 maxlen: 24
                          194.124.228.0/24 maxlen: 24
                          194.124.227.0/24 maxlen: 24
                          213.232.112.0/22 maxlen: 24
                          195.245.241.0/24 maxlen: 24
                          195.245.242.0/24 maxlen: 24
                          194.104.152.0/22 maxlen: 24
                          194.124.213.0/24 maxlen: 24
                          193.111.90.0/23 maxlen: 24
                          193.177.220.0/22 maxlen: 24
                          194.36.222.0/23 maxlen: 24
                          94.124.116.0/22 maxlen: 24
                          45.90.210.0/24 maxlen: 24
                          193.111.30.0/23 maxlen: 24
                          195.245.219.0/24 maxlen: 24
                          185.49.32.0/22 maxlen: 24
                          45.130.23.0/24 maxlen: 24
                          45.130.21.0/24 maxlen: 24
                          79.143.140.0/22 maxlen: 24
                          45.130.22.0/24 maxlen: 24
                          45.130.20.0/24 maxlen: 24
                          45.130.20.0/22 maxlen: 24
                          194.36.24.0/24 maxlen: 24
                          45.143.233.0/24 maxlen: 24
                          194.36.25.0/24 maxlen: 24
                          45.143.232.0/22 maxlen: 24
                          45.143.235.0/24 maxlen: 24
                          45.143.234.0/24 maxlen: 24
                          149.62.44.0/22 maxlen: 24
                          78.142.192.0/22 maxlen: 24
                          194.169.180.0/23 maxlen: 24
                          78.142.193.0/24 maxlen: 32
                          78.142.228.0/22 maxlen: 24
                          45.13.199.0/24 maxlen: 24
                          45.13.198.0/24 maxlen: 24
                          109.94.168.0/22 maxlen: 24
                          194.169.54.0/24 maxlen: 24
                          194.169.54.0/23 maxlen: 24
                          185.222.216.0/22 maxlen: 24
                          185.222.216.0/21 maxlen: 24
                          185.222.220.0/24 maxlen: 24
                          2a06:4fc0::/29 maxlen: 48
                          2a07:e900::/29 maxlen: 48
                          2a09:0:7::/48 maxlen: 48
                          2a06:57c0::/29 maxlen: 48
                          2a09:0:4::/48 maxlen: 48
                          2a09::/29 maxlen: 48
                          2a0b:4080::/32 maxlen: 48
                          2a0d:3640::/29 maxlen: 48
                          2a0c:ed40::/29 maxlen: 48
                          2a09:0:1::/48 maxlen: 48
                          2a09:0:1337::/48 maxlen: 64
                          2a0d:de80::/29 maxlen: 48
                          2a09:0:6::/48 maxlen: 48
                          2a09:0:9::/48 maxlen: 48
                          2a07:fa00::/29 maxlen: 48
                          2a0d:7540::/29 maxlen: 48
                          2a03:d9c0::/29 maxlen: 48
                          2a09:0:3::/48 maxlen: 48
                          2a10:2600::/29 maxlen: 48
                          2a0c:59c0::/29 maxlen: 48
                          2a09:0:11::/48 maxlen: 48
                          2a0b:89c0::/29 maxlen: 48
                          2a09:0:8::/48 maxlen: 48
                          2a0d:4340::/29 maxlen: 48
                          2a09:0:5::/48 maxlen: 48
                          2a0e:6200::/29 maxlen: 48
                          2a07:fe00::/29 maxlen: 48
                          2a0d:1fc0::/29 maxlen: 48
                          2a03:d9c0:8000::/48 maxlen: 48
                          2a03:d9c0:c0de::/48 maxlen: 64
                          2a0d:4bc0::/29 maxlen: 48
                          2a09:0:2::/48 maxlen: 48
                          2a10:480::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 29 May 2023 13:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:51:29:9e:44:69:fe:a6:d5:4c:d0:62:dc:c3:49:0a:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Apr  5 11:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5daf9c8bc4dd52c4497525b1e139be524da42c42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:cc:f8:4f:a2:8e:05:a3:39:45:e2:d2:03:44:
                    d0:c7:e1:56:dd:87:02:c6:84:28:9d:77:bc:00:e3:
                    e8:b3:9c:b2:af:68:54:20:84:28:e9:bc:85:78:bc:
                    c6:aa:ab:2e:45:6f:70:54:d8:ed:cf:7d:d2:ca:20:
                    06:4a:e2:0b:f2:dd:bf:3a:a9:b3:2f:97:63:30:dd:
                    f5:67:57:ae:9c:56:96:3d:98:df:d9:93:3b:49:37:
                    bd:45:1d:a1:b1:c8:b0:7e:a4:7f:fd:26:9b:3d:b1:
                    d3:78:03:fc:73:a4:05:a9:be:66:2a:c4:b1:07:bb:
                    1e:0e:0a:f8:e1:b1:0c:96:1e:01:39:31:0e:df:4e:
                    18:16:36:c8:d9:c6:3f:75:82:0f:14:6a:63:d0:8c:
                    70:cd:76:10:c8:b5:19:bb:fd:09:f7:fe:fa:3a:d5:
                    05:5a:20:33:a7:22:15:1a:d3:bf:3b:55:9f:13:07:
                    f3:74:ce:f3:cc:c0:c8:be:24:45:20:a3:f0:3a:71:
                    ce:b1:49:3f:26:d3:26:d9:2f:b9:13:6d:86:4d:32:
                    f0:58:c3:c5:f4:e0:7a:66:e2:ad:b2:f2:41:fb:a3:
                    38:29:3c:07:61:84:41:be:02:4e:f0:c6:8f:6e:d8:
                    a5:ee:27:c0:7c:87:62:f8:60:23:8b:8b:af:d9:8c:
                    cb:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:AF:9C:8B:C4:DD:52:C4:49:75:25:B1:E1:39:BE:52:4D:A4:2C:42
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Xa-ci8TdUsRJdSWx4Tm-Uk2kLEI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.45.0/24
                  45.13.198.0/23
                  45.80.188.0/22
                  45.90.210.0/24
                  45.92.157.0/24
                  45.130.20.0/22
                  45.131.152.0/22
                  45.139.192.0/22
                  45.143.232.0/22
                  45.147.48.0/23
                  45.153.244.0/22
                  62.133.32.0/22
                  78.142.192.0/22
                  78.142.228.0/22
                  79.143.140.0/22
                  80.66.196.0/22
                  88.214.20.0/22
                  91.200.241.0/24
                  92.60.40.0-92.60.42.255
                  94.124.116.0/22
                  95.214.164.0/22
                  109.94.168.0/22
                  141.98.196.0/22
                  147.78.176.0/22
                  147.78.240.0/23
                  149.62.44.0/22
                  185.49.32.0/22
                  185.194.52.0/22
                  185.200.64.0/22
                  185.213.148.0/22
                  185.222.216.0/21
                  185.248.84.0/22
                  185.254.73.0-185.254.75.255
                  185.255.52.0/22
                  193.111.30.0/23
                  193.111.90.0/23
                  193.177.220.0/22
                  194.36.24.0/23
                  194.36.222.0/23
                  194.104.152.0/22
                  194.124.213.0/24
                  194.124.216.0/24
                  194.124.227.0-194.124.228.255
                  194.169.54.0/23
                  194.169.180.0/23
                  195.245.219.0/24
                  195.245.241.0-195.245.242.255
                  213.232.112.0/22
                IPv6:
                  2a03:d9c0::/29
                  2a06:4fc0::/29
                  2a06:57c0::/29
                  2a07:e900::/29
                  2a07:fa00::/29
                  2a07:fe00::/29
                  2a09::/29
                  2a0b:4080::/32
                  2a0b:89c0::/29
                  2a0c:59c0::/29
                  2a0c:ed40::/29
                  2a0d:1fc0::/29
                  2a0d:3640::/29
                  2a0d:4340::/29
                  2a0d:4bc0::/29
                  2a0d:7540::/29
                  2a0d:de80::/29
                  2a0e:6200::/29
                  2a10:480::/29
                  2a10:2600::/29

    Signature Algorithm: sha256WithRSAEncryption
         9a:b4:be:81:a8:2f:7d:da:92:d3:7d:9b:3e:f6:dd:48:4c:7b:
         e0:a2:a5:d2:9f:1b:c4:4c:5b:77:b0:7c:01:76:c4:38:e7:97:
         c1:bd:7e:88:3d:d3:eb:a5:ca:03:99:0a:02:fa:71:44:54:9d:
         ec:9c:2f:b3:86:15:d2:59:44:44:b8:df:0d:b9:16:8d:a0:11:
         a3:f9:35:96:ee:f8:97:e6:e8:46:01:81:4e:9a:0b:d5:21:26:
         0d:51:11:53:b0:f7:9d:8d:00:5d:9b:42:cf:8b:70:aa:ae:44:
         36:aa:12:9e:1e:f1:5b:b4:ab:c4:18:3d:c7:58:8c:68:74:d4:
         3a:ee:1a:c8:5b:ba:0b:e3:24:3b:08:cf:3c:c7:d0:cb:54:ef:
         5f:0a:9a:20:23:5c:33:7a:1f:c2:9b:5e:a7:7d:1f:80:7e:27:
         45:57:50:a6:84:75:65:32:de:6c:cd:77:50:ac:76:41:ba:75:
         d1:66:46:d3:5c:68:c8:7b:4e:60:e6:30:74:63:ab:ff:cc:b8:
         2c:14:8c:12:5f:6a:f7:17:77:2e:16:4e:20:54:43:d0:a8:b1:
         30:c8:e7:a0:f3:6c:01:86:34:54:93:56:87:f8:4c:4e:2a:57:
         e0:a0:bc:a8:86:de:9b:71:02:6a:0b:d0:15:90:ea:01:c7:98:
         27:4e:e0:e9
-----BEGIN CERTIFICATE-----
MIIG1zCCBb+gAwIBAgISAYdRKZ5Eaf6m1UzQYtzDSQoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwNDA1MTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGFmOWM4YmM0ZGQ1MmM0NDk3NTI1YjFlMTM5YmU1MjRkYTQyYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMz4T6KOBaM5ReLSA0TQx+FW3YcC
xoQonXe8AOPos5yyr2hUIIQo6byFeLzGqqsuRW9wVNjtz33SyiAGSuIL8t2/Oqmz
L5djMN31Z1eunFaWPZjf2ZM7STe9RR2hsciwfqR//SabPbHTeAP8c6QFqb5mKsSx
B7seDgr44bEMlh4BOTEO304YFjbI2cY/dYIPFGpj0IxwzXYQyLUZu/0J9/76OtUF
WiAzpyIVGtO/O1WfEwfzdM7zzMDIviRFIKPwOnHOsUk/JtMm2S+5E22GTTLwWMPF
9OB6ZuKtsvJB+6M4KTwHYYRBvgJO8MaPbtil7ifAfIdi+GAji4uv2YzL2QIDAQAB
o4ID4zCCA98wHQYDVR0OBBYEFF2vnIvE3VLESXUlseE5vlJNpCxCMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvWGEtY2k4VGRVc1JKZFNXeDRUbS1VazJrTEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB9wYIKwYBBQUHAQcBAf8EggHmMIIB4jCCAUgEAgABMIIB
QAMEAC0LLQMEAS0NxgMEAi1QvAMEAC1a0gMEAC1cnQMEAi2CFAMEAi2DmAMEAi2L
wAMEAi2P6AMEAS2TMAMEAi2Z9AMEAj6FIAMEAk6OwAMEAk6O5AMEAk+PjAMEAlBC
xAMEAljWFAMEAFvI8TAMAwQDXDwoAwQAXDwqAwQCXnx0AwQCX9akAwQCbV6oAwQC
jWLEAwQCk06wAwQBk07wAwQClT4sAwQCuTEgAwQCucI0AwQCuchAAwQCudWUAwQD
ud7YAwQCufhUMAwDBAC5/kkDBAK5/kgDBAK5/zQDBAHBbx4DBAHBb1oDBALBsdwD
BAHCJBgDBAHCJN4DBALCaJgDBADCfNUDBADCfNgwDAMEAMJ84wMEAMJ85AMEAcKp
NgMEAcKptAMEAMP12zAMAwQAw/XxAwQAw/XyAwQC1ehwMIGTBAIAAjCBjAMFAyoD
2cADBQMqBk/AAwUDKgZXwAMFAyoH6QADBQMqB/oAAwUDKgf+AAMFAyoJAAADBQAq
C0CAAwUDKguJwAMFAyoMWcADBQMqDO1AAwUDKg0fwAMFAyoNNkADBQMqDUNAAwUD
Kg1LwAMFAyoNdUADBQMqDd6AAwUDKg5iAAMFAyoQBIADBQMqECYAMA0GCSqGSIb3
DQEBCwUAA4IBAQCatL6BqC992pLTfZs+9t1ITHvgoqXSnxvETFt3sHwBdsQ455fB
vX6IPdPrpcoDmQoC+nFEVJ3snC+zhhXSWUREuN8NuRaNoBGj+TWW7viX5uhGAYFO
mgvVISYNURFTsPedjQBdm0LPi3CqrkQ2qhKeHvFbtKvEGD3HWIxodNQ67hrIW7oL
4yQ7CM88x9DLVO9fCpogI1wzeh/Cm16nfR+AfidFV1CmhHVlMt5szXdQrHZBunXR
ZkbTXGjIe05g5jB0Y6v/zLgsFIwSX2r3F3cuFk4gVEPQqLEwyOeg82wBhjRUk1aH
+ExOKlfgoLyoht6bcQJqC9AVkOoBx5gnTuDp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org