Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pV3xSLbMs7KTHA4JIUveeJMEXdQ.roa
File:                     pV3xSLbMs7KTHA4JIUveeJMEXdQ.roa (raw, json)
Hash identifier:          Smzrc6c7P0FBlHcBfOf0IPiqaO/JSgWdIKsvOx3G8d8=
Subject key identifier:   A5:5D:F1:48:B6:CC:B3:B2:93:1C:0E:09:21:4B:DE:78:93:04:5D:D4
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       018C7877A6FCEF4BBCB2731E597A7FD27399
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pV3xSLbMs7KTHA4JIUveeJMEXdQ.roa
Signing time:             Sun 17 Dec 2023 15:49:16 +0000
ROA not before:           Sun 17 Dec 2023 15:49:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6233
IP address blocks:        80.66.196.0/24 maxlen: 24
                          141.98.196.0/22 maxlen: 24
                          45.11.45.0/24 maxlen: 24
                          146.19.116.0/24 maxlen: 24
                          94.124.116.0/22 maxlen: 24
                          185.200.64.0/22 maxlen: 24
                          94.124.119.0/24 maxlen: 24
                          194.36.242.0/24 maxlen: 24
                          195.245.219.0/24 maxlen: 24
                          45.139.193.0/24 maxlen: 24
                          185.184.222.0/24 maxlen: 24
                          62.3.15.0/24 maxlen: 24
                          193.163.19.0/24 maxlen: 24
                          45.13.197.0/24 maxlen: 24
                          45.13.196.0/22 maxlen: 24
                          45.13.196.0/24 maxlen: 24
                          45.130.20.0/22 maxlen: 24
                          79.143.140.0/22 maxlen: 24
                          45.87.164.0/22 maxlen: 24
                          195.245.242.0/24 maxlen: 24
                          45.87.164.0/24 maxlen: 24
                          195.245.241.0/24 maxlen: 24
                          194.104.152.0/22 maxlen: 24
                          45.153.244.0/22 maxlen: 24
                          194.36.24.0/24 maxlen: 24
                          45.143.232.0/22 maxlen: 24
                          45.143.233.0/24 maxlen: 24
                          185.248.87.0/24 maxlen: 24
                          45.143.235.0/24 maxlen: 24
                          45.143.234.0/24 maxlen: 24
                          194.169.54.0/24 maxlen: 24
                          194.169.54.0/23 maxlen: 24
                          185.194.52.0/22 maxlen: 24
                          185.222.216.0/21 maxlen: 24
                          2a09::/29 maxlen: 48
                          2a0d:c7c0::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:78:77:a6:fc:ef:4b:bc:b2:73:1e:59:7a:7f:d2:73:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Dec 17 15:49:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a55df148b6ccb3b2931c0e09214bde7893045dd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:82:71:f6:ed:cc:8c:ef:3d:0e:1d:01:0d:d7:
                    c5:c8:8b:e1:26:d2:bc:90:f6:d2:1a:c3:1a:dc:63:
                    53:d7:e9:c3:44:86:22:fb:1e:1d:83:22:f8:ce:df:
                    ef:52:9a:27:91:e6:34:79:87:f8:be:e3:34:dd:c0:
                    9b:fb:fa:51:a1:0a:cc:df:a5:e9:40:28:1e:29:3a:
                    43:96:bd:70:ae:cc:71:0b:88:bb:d7:81:41:d4:5c:
                    b2:e9:a0:d7:32:ea:cf:24:ea:9a:13:ff:60:20:ba:
                    0e:f1:05:2f:de:8b:cc:3e:ac:cb:48:95:31:33:70:
                    42:75:92:b7:2d:41:05:51:0a:ff:f7:ef:e3:55:cb:
                    fe:3b:c1:ad:ee:b2:e5:88:af:18:ce:2c:57:7c:3b:
                    dd:b3:89:d6:da:da:05:11:59:74:62:b2:c3:0a:a2:
                    f8:56:8d:e4:a9:e8:bb:0c:86:b9:0a:ab:08:a1:4a:
                    fc:e4:bf:eb:9e:5e:fd:2d:9e:f2:e9:d9:f5:bc:8f:
                    5d:db:33:a9:2a:48:e5:d0:c8:9d:3b:f5:8d:db:9a:
                    cc:37:1c:b1:0c:27:5d:f5:66:73:86:65:5a:28:2e:
                    18:96:b2:a6:15:b1:3d:46:69:4f:4e:05:bc:07:76:
                    d0:de:3e:17:8e:f9:11:d4:28:50:97:d7:a1:ea:7c:
                    15:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:5D:F1:48:B6:CC:B3:B2:93:1C:0E:09:21:4B:DE:78:93:04:5D:D4
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pV3xSLbMs7KTHA4JIUveeJMEXdQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.45.0/24
                  45.13.196.0/22
                  45.87.164.0/22
                  45.130.20.0/22
                  45.139.193.0/24
                  45.143.232.0/22
                  45.153.244.0/22
                  62.3.15.0/24
                  79.143.140.0/22
                  80.66.196.0/24
                  94.124.116.0/22
                  141.98.196.0/22
                  146.19.116.0/24
                  185.184.222.0/24
                  185.194.52.0/22
                  185.200.64.0/22
                  185.222.216.0/21
                  185.248.87.0/24
                  193.163.19.0/24
                  194.36.24.0/24
                  194.36.242.0/24
                  194.104.152.0/22
                  194.169.54.0/23
                  195.245.219.0/24
                  195.245.241.0-195.245.242.255
                IPv6:
                  2a09::/29
                  2a0d:c7c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         72:9e:cf:ec:b5:47:9c:d6:4f:a0:a6:18:bf:6f:15:93:cd:0d:
         36:7f:b9:f4:a2:78:56:75:53:a8:36:47:5e:1b:bf:72:ab:28:
         9a:eb:a3:95:b1:79:e2:73:b6:f9:6a:00:33:f9:2d:bf:67:61:
         2f:b1:ae:22:a3:bb:f6:3d:e1:58:75:f6:e1:a8:fc:b6:93:ac:
         69:67:9e:92:a4:69:fa:01:54:2b:b6:d3:54:38:a4:27:ab:b5:
         9b:05:96:21:6f:94:ae:f9:b8:6a:ad:db:3b:77:e3:4f:17:a2:
         75:f3:3c:66:7b:3f:e4:bb:37:3f:0d:58:57:0b:47:19:03:ac:
         d7:ef:7a:8f:15:f2:d4:7a:25:32:27:8b:79:34:37:48:4f:52:
         fe:94:e6:e6:25:e3:ee:c4:74:26:6a:58:6b:dd:59:2a:4d:ec:
         b4:4f:12:c1:4c:a1:4f:29:6b:e5:75:13:e5:e0:6d:81:29:eb:
         44:a0:5f:91:11:2e:86:d1:82:49:32:9e:ba:65:a1:f2:7c:21:
         9c:b9:5f:c5:36:d0:0f:49:ff:77:d4:69:a2:34:57:94:ed:d3:
         fd:3b:5a:61:19:42:54:5e:31:db:86:92:39:f0:4f:c1:10:de:
         c7:10:d5:05:a2:d8:d4:06:54:8a:63:7d:1c:ce:fc:9e:62:b8:
         a1:4e:9a:f1
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYx4d6b870u8snMeWXp/0nOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMxMjE3MTU0OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTVkZjE0OGI2Y2NiM2IyOTMxYzBlMDkyMTRiZGU3ODkzMDQ1ZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoJx9u3MjO89Dh0BDdfFyIvhJtK8
kPbSGsMa3GNT1+nDRIYi+x4dgyL4zt/vUponkeY0eYf4vuM03cCb+/pRoQrM36Xp
QCgeKTpDlr1wrsxxC4i714FB1Fyy6aDXMurPJOqaE/9gILoO8QUv3ovMPqzLSJUx
M3BCdZK3LUEFUQr/9+/jVcv+O8Gt7rLliK8YzixXfDvds4nW2toFEVl0YrLDCqL4
Vo3kqei7DIa5CqsIoUr85L/rnl79LZ7y6dn1vI9d2zOpKkjl0MidO/WN25rMNxyx
DCdd9WZzhmVaKC4YlrKmFbE9RmlPTgW8B3bQ3j4XjvkR1ChQl9eh6nwViQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFKVd8Ui2zLOykxwOCSFL3niTBF3UMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvcFYzeFNMYk1zN0tUSEE0SklVdmVlSk1FWGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBpQQCAAEwgZ4DBAAt
Cy0DBAItDcQDBAItV6QDBAItghQDBAAti8EDBAItj+gDBAItmfQDBAA+Aw8DBAJP
j4wDBABQQsQDBAJefHQDBAKNYsQDBACSE3QDBAC5uN4DBAK5wjQDBAK5yEADBAO5
3tgDBAC5+FcDBADBoxMDBADCJBgDBADCJPIDBALCaJgDBAHCqTYDBADD9dswDAME
AMP18QMEAMP18jAUBAIAAjAOAwUDKgkAAAMFACoNx8AwDQYJKoZIhvcNAQELBQAD
ggEBAHKez+y1R5zWT6CmGL9vFZPNDTZ/ufSieFZ1U6g2R14bv3KrKJrro5WxeeJz
tvlqADP5Lb9nYS+xriKju/Y94Vh19uGo/LaTrGlnnpKkafoBVCu201Q4pCertZsF
liFvlK75uGqt2zt3408XonXzPGZ7P+S7Nz8NWFcLRxkDrNfveo8V8tR6JTIni3k0
N0hPUv6U5uYl4+7EdCZqWGvdWSpN7LRPEsFMoU8pa+V1E+XgbYEp60SgX5ERLobR
gkkynrplofJ8IZy5X8U20A9J/3fUaaI0V5Tt0/07WmEZQlReMduGkjnwT8EQ3scQ
1QWi2NQGVIpjfRzO/J5iuKFOmvE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org