Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pHOciADOn5CWn6wQ_x-mhfT8TGk.roa
File:                     pHOciADOn5CWn6wQ_x-mhfT8TGk.roa (raw, json)
Hash identifier:          CnEnOe7ejAGAoNBwYNnCDVEI+h85tC9gXNdJq+y9bjY=
Subject key identifier:   A4:73:9C:88:00:CE:9F:90:96:9F:AC:10:FF:1F:A6:85:F4:FC:4C:69
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       018CC801D1F44BCFB90386A451D1FC2C530D
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pHOciADOn5CWn6wQ_x-mhfT8TGk.roa
Signing time:             Tue 02 Jan 2024 02:30:11 +0000
ROA not before:           Tue 02 Jan 2024 02:30:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3214
IP address blocks:        80.66.196.0/22 maxlen: 24
                          92.60.40.0/23 maxlen: 23
                          92.60.41.0/24 maxlen: 24
                          92.60.42.0/24 maxlen: 24
                          92.60.40.0/24 maxlen: 24
                          185.255.55.0/24 maxlen: 24
                          185.255.53.0/24 maxlen: 24
                          185.255.52.0/22 maxlen: 24
                          45.80.188.0/22 maxlen: 24
                          62.133.35.0/24 maxlen: 24
                          62.133.33.0/24 maxlen: 24
                          62.133.32.0/24 maxlen: 24
                          62.133.32.0/22 maxlen: 24
                          88.214.20.0/22 maxlen: 24
                          45.147.48.0/24 maxlen: 32
                          45.147.49.0/24 maxlen: 32
                          45.153.244.0/22 maxlen: 24
                          95.214.164.0/22 maxlen: 24
                          185.248.84.0/22 maxlen: 24
                          185.194.52.0/22 maxlen: 24
                          91.200.241.0/24 maxlen: 24
                          45.11.45.0/24 maxlen: 24
                          141.98.196.0/22 maxlen: 24
                          147.78.179.0/24 maxlen: 24
                          147.78.177.0/24 maxlen: 24
                          147.78.178.0/24 maxlen: 24
                          147.78.176.0/24 maxlen: 24
                          147.78.176.0/22 maxlen: 24
                          147.78.241.0/24 maxlen: 24
                          185.200.64.0/22 maxlen: 24
                          45.139.192.0/22 maxlen: 24
                          185.254.75.0/24 maxlen: 24
                          185.254.73.0/24 maxlen: 24
                          45.92.157.0/24 maxlen: 24
                          185.254.74.0/24 maxlen: 24
                          185.213.151.0/24 maxlen: 24
                          185.213.149.0/24 maxlen: 24
                          185.213.148.0/22 maxlen: 24
                          185.213.148.0/24 maxlen: 24
                          147.78.240.0/24 maxlen: 24
                          194.124.216.0/24 maxlen: 24
                          45.131.152.0/22 maxlen: 24
                          194.124.228.0/24 maxlen: 24
                          194.124.227.0/24 maxlen: 24
                          185.64.79.0/24 maxlen: 24
                          213.232.112.0/22 maxlen: 24
                          195.245.241.0/24 maxlen: 24
                          195.245.242.0/24 maxlen: 24
                          194.104.152.0/22 maxlen: 24
                          194.124.213.0/24 maxlen: 24
                          193.111.90.0/23 maxlen: 24
                          193.177.220.0/22 maxlen: 24
                          194.36.222.0/23 maxlen: 24
                          94.124.116.0/22 maxlen: 24
                          45.90.210.0/24 maxlen: 24
                          193.111.30.0/23 maxlen: 24
                          195.245.219.0/24 maxlen: 24
                          185.49.32.0/22 maxlen: 24
                          45.130.23.0/24 maxlen: 24
                          45.130.21.0/24 maxlen: 24
                          79.143.140.0/22 maxlen: 24
                          45.130.22.0/24 maxlen: 24
                          45.130.20.0/24 maxlen: 24
                          45.130.20.0/22 maxlen: 24
                          194.36.24.0/24 maxlen: 24
                          45.143.233.0/24 maxlen: 24
                          194.36.25.0/24 maxlen: 24
                          194.36.27.0/24 maxlen: 32
                          45.143.232.0/22 maxlen: 24
                          45.143.235.0/24 maxlen: 24
                          45.143.234.0/24 maxlen: 24
                          149.62.44.0/22 maxlen: 24
                          78.142.192.0/22 maxlen: 24
                          194.169.180.0/23 maxlen: 24
                          78.142.195.0/24 maxlen: 32
                          78.142.193.0/24 maxlen: 32
                          78.142.228.0/22 maxlen: 24
                          45.13.199.0/24 maxlen: 24
                          45.13.198.0/24 maxlen: 24
                          109.94.168.0/22 maxlen: 24
                          109.94.168.0/24 maxlen: 32
                          194.169.54.0/24 maxlen: 24
                          194.169.54.0/23 maxlen: 24
                          185.222.216.0/21 maxlen: 24
                          185.222.216.0/22 maxlen: 24
                          185.222.220.0/24 maxlen: 24
                          2a0c:59c0:3000::/40 maxlen: 128
                          2a06:4fc0::/29 maxlen: 48
                          2a07:e900::/29 maxlen: 48
                          2a09:0:7::/48 maxlen: 48
                          2a06:57c0::/29 maxlen: 48
                          2a09:0:4::/48 maxlen: 48
                          2a09::/29 maxlen: 48
                          2a0b:4080::/32 maxlen: 48
                          2a0d:3640::/29 maxlen: 48
                          2a0c:ed40::/29 maxlen: 48
                          2a09:0:1::/48 maxlen: 48
                          2a09:0:1337::/48 maxlen: 64
                          2a0d:de80::/29 maxlen: 48
                          2a09:0:6::/48 maxlen: 48
                          2a09:0:9::/48 maxlen: 48
                          2a07:fa00::/29 maxlen: 48
                          2a0d:7540::/29 maxlen: 48
                          2a03:d9c0::/29 maxlen: 128
                          2a09:0:3::/48 maxlen: 48
                          2a10:2600::/29 maxlen: 48
                          2a0c:59c0::/29 maxlen: 48
                          2a09:0:11::/48 maxlen: 48
                          2a0b:89c0::/29 maxlen: 48
                          2a09:0:8::/48 maxlen: 48
                          2a0d:4340::/29 maxlen: 48
                          2a09:0:5::/48 maxlen: 48
                          2a09:0:9000::/40 maxlen: 128
                          2a0e:6200::/29 maxlen: 48
                          2a07:fe00::/29 maxlen: 48
                          2a0d:1fc0::/29 maxlen: 48
                          2a03:d9c0:8000::/48 maxlen: 48
                          2a03:d9c0:c0de::/48 maxlen: 64
                          2a0d:4bc0::/29 maxlen: 48
                          2a09:0:2::/48 maxlen: 48
                          2a10:480::/29 maxlen: 48

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 05:24:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:d1:f4:4b:cf:b9:03:86:a4:51:d1:fc:2c:53:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  2 02:30:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a4739c8800ce9f90969fac10ff1fa685f4fc4c69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4b:64:1a:18:c6:45:04:a6:15:7f:73:a8:c7:
                    20:4e:fa:9b:de:61:ba:19:26:ea:d6:d0:d1:30:c7:
                    d4:46:6e:7b:0c:bc:ec:08:77:27:2f:9e:7b:ce:d3:
                    7a:26:a4:f4:2d:64:db:78:a1:1b:74:eb:e6:d7:e5:
                    1e:1f:95:e1:26:f7:c8:3b:ce:ae:65:47:14:8f:8b:
                    89:ae:ab:c8:68:a0:bd:00:72:4c:50:cb:e2:68:96:
                    8d:9f:be:08:9a:b8:01:05:b5:f7:85:e8:4c:62:89:
                    a0:67:60:98:cc:58:2b:7d:bf:ea:de:ce:6e:bf:8d:
                    04:b5:1a:dc:53:07:c2:25:80:f0:62:a6:92:aa:d5:
                    62:81:ef:21:7d:ee:91:24:85:75:d3:7a:d0:c6:f5:
                    88:9a:e0:49:df:db:4b:64:43:4a:66:7d:ce:14:9e:
                    3f:59:5f:f8:75:60:af:49:ee:b5:2e:58:26:4f:d6:
                    66:74:fc:ad:ef:01:88:77:9d:84:3a:bc:9f:f9:d3:
                    14:06:a0:c2:f9:64:d9:8a:13:fb:d7:28:b4:ac:93:
                    f0:88:9f:b4:f5:e6:83:3d:3a:03:47:2b:8b:88:72:
                    0c:4c:fe:8d:6a:fb:8b:7b:a6:a8:33:c6:c8:ec:91:
                    f2:63:d8:8e:35:48:f4:85:3b:52:50:63:de:d6:b4:
                    ef:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:73:9C:88:00:CE:9F:90:96:9F:AC:10:FF:1F:A6:85:F4:FC:4C:69
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pHOciADOn5CWn6wQ_x-mhfT8TGk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.45.0/24
                  45.13.198.0/23
                  45.80.188.0/22
                  45.90.210.0/24
                  45.92.157.0/24
                  45.130.20.0/22
                  45.131.152.0/22
                  45.139.192.0/22
                  45.143.232.0/22
                  45.147.48.0/23
                  45.153.244.0/22
                  62.133.32.0/22
                  78.142.192.0/22
                  78.142.228.0/22
                  79.143.140.0/22
                  80.66.196.0/22
                  88.214.20.0/22
                  91.200.241.0/24
                  92.60.40.0-92.60.42.255
                  94.124.116.0/22
                  95.214.164.0/22
                  109.94.168.0/22
                  141.98.196.0/22
                  147.78.176.0/22
                  147.78.240.0/23
                  149.62.44.0/22
                  185.49.32.0/22
                  185.64.79.0/24
                  185.194.52.0/22
                  185.200.64.0/22
                  185.213.148.0/22
                  185.222.216.0/21
                  185.248.84.0/22
                  185.254.73.0-185.254.75.255
                  185.255.52.0/22
                  193.111.30.0/23
                  193.111.90.0/23
                  193.177.220.0/22
                  194.36.24.0/23
                  194.36.27.0/24
                  194.36.222.0/23
                  194.104.152.0/22
                  194.124.213.0/24
                  194.124.216.0/24
                  194.124.227.0-194.124.228.255
                  194.169.54.0/23
                  194.169.180.0/23
                  195.245.219.0/24
                  195.245.241.0-195.245.242.255
                  213.232.112.0/22
                IPv6:
                  2a03:d9c0::/29
                  2a06:4fc0::/29
                  2a06:57c0::/29
                  2a07:e900::/29
                  2a07:fa00::/29
                  2a07:fe00::/29
                  2a09::/29
                  2a0b:4080::/32
                  2a0b:89c0::/29
                  2a0c:59c0::/29
                  2a0c:ed40::/29
                  2a0d:1fc0::/29
                  2a0d:3640::/29
                  2a0d:4340::/29
                  2a0d:4bc0::/29
                  2a0d:7540::/29
                  2a0d:de80::/29
                  2a0e:6200::/29
                  2a10:480::/29
                  2a10:2600::/29

    Signature Algorithm: sha256WithRSAEncryption
         21:98:16:4b:61:52:f7:3e:58:79:86:9f:9d:54:da:49:ba:a2:
         fa:36:2d:e8:5e:ff:e2:d6:48:c3:fb:a5:15:0b:f7:b4:94:d8:
         a9:a5:e9:13:f7:6e:45:2e:40:0c:54:b6:07:c5:6c:47:3d:dd:
         6a:1a:26:10:47:ec:22:a4:cc:3d:7c:6b:d1:34:b4:b8:41:9d:
         60:06:99:12:33:53:98:bd:13:1f:d0:38:50:6b:cd:b3:4d:ce:
         f6:43:cc:00:0d:97:57:d7:ca:a0:5f:29:e8:b3:8a:72:41:73:
         0b:7a:96:6a:f3:5e:a1:32:e3:80:ee:6f:bd:a6:f4:e3:22:cd:
         5e:3a:5c:9d:14:30:3e:a5:82:ea:b4:08:e5:0b:1a:63:a7:8f:
         6d:7c:20:03:28:57:57:ac:ba:5f:39:5e:d9:c2:2f:95:3e:74:
         63:1c:1b:90:b4:7d:fd:47:73:c9:ba:4b:53:7e:3e:c7:f9:10:
         d5:87:23:ae:20:a3:b3:6d:f6:aa:aa:90:2f:20:e5:20:ac:a9:
         5c:cd:f9:6f:f3:ff:a1:d5:a8:76:59:27:4d:fa:40:ee:5a:dd:
         bd:78:a2:8e:51:ae:cf:c9:c6:b2:d2:99:44:cc:df:05:6c:15:
         38:78:aa:08:b1:41:06:55:4b:a2:9f:84:26:db:9c:1b:ee:52:
         7e:43:02:b7
-----BEGIN CERTIFICATE-----
MIIG4zCCBcugAwIBAgISAYzIAdH0S8+5A4akUdH8LFMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDczOWM4ODAwY2U5ZjkwOTY5ZmFjMTBmZjFmYTY4NWY0ZmM0YzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUtkGhjGRQSmFX9zqMcgTvqb3mG6
GSbq1tDRMMfURm57DLzsCHcnL557ztN6JqT0LWTbeKEbdOvm1+UeH5XhJvfIO86u
ZUcUj4uJrqvIaKC9AHJMUMviaJaNn74ImrgBBbX3hehMYomgZ2CYzFgrfb/q3s5u
v40EtRrcUwfCJYDwYqaSqtVige8hfe6RJIV103rQxvWImuBJ39tLZENKZn3OFJ4/
WV/4dWCvSe61LlgmT9ZmdPyt7wGId52EOryf+dMUBqDC+WTZihP71yi0rJPwiJ+0
9eaDPToDRyuLiHIMTP6NavuLe6aoM8bI7JHyY9iONUj0hTtSUGPe1rTvBQIDAQAB
o4ID7zCCA+swHQYDVR0OBBYEFKRznIgAzp+Qlp+sEP8fpoX0/ExpMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvcEhPY2lBRE9uNUNXbjZ3UV94LW1oZlQ4VEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICAwYIKwYBBQUHAQcBAf8EggHyMIIB7jCCAVQEAgABMIIB
TAMEAC0LLQMEAS0NxgMEAi1QvAMEAC1a0gMEAC1cnQMEAi2CFAMEAi2DmAMEAi2L
wAMEAi2P6AMEAS2TMAMEAi2Z9AMEAj6FIAMEAk6OwAMEAk6O5AMEAk+PjAMEAlBC
xAMEAljWFAMEAFvI8TAMAwQDXDwoAwQAXDwqAwQCXnx0AwQCX9akAwQCbV6oAwQC
jWLEAwQCk06wAwQBk07wAwQClT4sAwQCuTEgAwQAuUBPAwQCucI0AwQCuchAAwQC
udWUAwQDud7YAwQCufhUMAwDBAC5/kkDBAK5/kgDBAK5/zQDBAHBbx4DBAHBb1oD
BALBsdwDBAHCJBgDBADCJBsDBAHCJN4DBALCaJgDBADCfNUDBADCfNgwDAMEAMJ8
4wMEAMJ85AMEAcKpNgMEAcKptAMEAMP12zAMAwQAw/XxAwQAw/XyAwQC1ehwMIGT
BAIAAjCBjAMFAyoD2cADBQMqBk/AAwUDKgZXwAMFAyoH6QADBQMqB/oAAwUDKgf+
AAMFAyoJAAADBQAqC0CAAwUDKguJwAMFAyoMWcADBQMqDO1AAwUDKg0fwAMFAyoN
NkADBQMqDUNAAwUDKg1LwAMFAyoNdUADBQMqDd6AAwUDKg5iAAMFAyoQBIADBQMq
ECYAMA0GCSqGSIb3DQEBCwUAA4IBAQAhmBZLYVL3Plh5hp+dVNpJuqL6Ni3oXv/i
1kjD+6UVC/e0lNippekT925FLkAMVLYHxWxHPd1qGiYQR+wipMw9fGvRNLS4QZ1g
BpkSM1OYvRMf0DhQa82zTc72Q8wADZdX18qgXynos4pyQXMLepZq816hMuOA7m+9
pvTjIs1eOlydFDA+pYLqtAjlCxpjp49tfCADKFdXrLpfOV7Zwi+VPnRjHBuQtH39
R3PJuktTfj7H+RDVhyOuIKOzbfaqqpAvIOUgrKlczflv8/+h1ah2WSdN+kDuWt29
eKKOUa7Pycay0plEzN8FbBU4eKoIsUEGVUuin4Qm25wb7lJ+QwK3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org