Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/4q-KtRktPEdpFfUY9V50I-2lkTI.roa
File:                     4q-KtRktPEdpFfUY9V50I-2lkTI.roa (raw, json)
Hash identifier:          RMCH+M4c3phRAfd6ZlnDWZF7pXrEJ7IsJEZsYy6sPiM=
Subject key identifier:   E2:AF:8A:B5:19:2D:3C:47:69:15:F5:18:F5:5E:74:23:ED:A5:91:32
Certificate issuer:       /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial:       018B07744C15A5BFACBD565E123209F81246
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/4q-KtRktPEdpFfUY9V50I-2lkTI.roa
Signing time:             Sat 07 Oct 2023 00:05:43 +0000
ROA not before:           Sat 07 Oct 2023 00:05:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        185.100.58.0/24 maxlen: 24
                          168.199.200.0/24 maxlen: 24
                          168.199.201.0/24 maxlen: 24
                          168.199.202.0/24 maxlen: 24
                          168.199.203.0/24 maxlen: 24
                          168.199.240.0/24 maxlen: 24
                          168.199.241.0/24 maxlen: 24
                          168.199.242.0/24 maxlen: 24
                          168.199.243.0/24 maxlen: 24
                          168.199.244.0/24 maxlen: 24
                          168.199.245.0/24 maxlen: 24
                          168.199.246.0/24 maxlen: 24
                          168.199.247.0/24 maxlen: 24
                          168.199.248.0/24 maxlen: 24
                          168.199.249.0/24 maxlen: 24
                          168.199.250.0/24 maxlen: 24
                          168.199.251.0/24 maxlen: 24
                          168.199.252.0/24 maxlen: 24
                          168.199.253.0/24 maxlen: 24
                          168.199.146.0/24 maxlen: 24
                          168.199.147.0/24 maxlen: 24
                          168.199.148.0/24 maxlen: 24
                          168.199.149.0/24 maxlen: 24
                          168.199.150.0/24 maxlen: 24
                          168.199.151.0/24 maxlen: 24
                          168.199.152.0/24 maxlen: 24
                          168.199.153.0/24 maxlen: 24
                          168.199.154.0/24 maxlen: 24
                          168.199.155.0/24 maxlen: 24
                          168.199.156.0/24 maxlen: 24
                          168.199.157.0/24 maxlen: 24
                          168.199.158.0/24 maxlen: 24
                          168.199.159.0/24 maxlen: 24
                          168.199.164.0/24 maxlen: 24
                          168.199.165.0/24 maxlen: 24
                          168.199.166.0/24 maxlen: 24
                          168.199.167.0/24 maxlen: 24
                          168.199.168.0/24 maxlen: 24
                          168.199.169.0/24 maxlen: 24
                          168.199.170.0/24 maxlen: 24
                          168.199.171.0/24 maxlen: 24
                          168.199.172.0/24 maxlen: 24
                          168.199.173.0/24 maxlen: 24
                          168.199.174.0/24 maxlen: 24
                          168.199.175.0/24 maxlen: 24
                          168.199.176.0/24 maxlen: 24
                          168.199.177.0/24 maxlen: 24
                          168.199.178.0/24 maxlen: 24
                          168.199.179.0/24 maxlen: 24
                          168.199.180.0/24 maxlen: 24
                          168.199.181.0/24 maxlen: 24
                          168.199.182.0/24 maxlen: 24
                          168.199.183.0/24 maxlen: 24
                          168.199.184.0/24 maxlen: 24
                          168.199.185.0/24 maxlen: 24
                          168.199.186.0/24 maxlen: 24
                          192.95.81.0/24 maxlen: 24
                          168.199.188.0/24 maxlen: 24
                          168.199.187.0/24 maxlen: 24
                          168.199.189.0/24 maxlen: 24
                          168.199.190.0/24 maxlen: 24
                          168.199.191.0/24 maxlen: 24
                          192.95.80.0/24 maxlen: 24
                          192.95.84.0/24 maxlen: 24
                          192.95.85.0/24 maxlen: 24
                          192.95.82.0/24 maxlen: 24
                          192.95.83.0/24 maxlen: 24
                          192.95.87.0/24 maxlen: 24
                          168.199.197.0/24 maxlen: 24
                          168.199.196.0/24 maxlen: 24
                          168.199.198.0/24 maxlen: 24
                          168.199.199.0/24 maxlen: 24
                          192.95.86.0/24 maxlen: 24
                          192.95.91.0/24 maxlen: 24
                          192.95.88.0/24 maxlen: 24
                          192.95.89.0/24 maxlen: 24
                          192.95.90.0/24 maxlen: 24
                          168.199.254.0/24 maxlen: 24
                          168.199.255.0/24 maxlen: 24
                          168.199.132.0/24 maxlen: 24
                          168.199.133.0/24 maxlen: 24
                          168.199.134.0/24 maxlen: 24
                          168.199.135.0/24 maxlen: 24
                          168.199.136.0/24 maxlen: 24
                          168.199.137.0/24 maxlen: 24
                          168.199.138.0/24 maxlen: 24
                          168.199.139.0/24 maxlen: 24
                          168.199.140.0/24 maxlen: 24
                          168.199.141.0/24 maxlen: 24
                          168.199.142.0/24 maxlen: 24
                          168.199.143.0/24 maxlen: 24
                          168.199.144.0/24 maxlen: 24
                          168.199.145.0/24 maxlen: 24
                          2001:678:8b4::/48 maxlen: 64

Validation:               Failed, certificate revoked on Sat 28 Oct 2023 23:10:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:07:74:4c:15:a5:bf:ac:bd:56:5e:12:32:09:f8:12:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
        Validity
            Not Before: Oct  7 00:05:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e2af8ab5192d3c476915f518f55e7423eda59132
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:cd:74:e3:a1:a4:87:0a:90:a8:f2:21:ce:7d:
                    3f:e1:45:f2:16:88:c2:3e:f4:96:a0:5e:e7:d2:87:
                    03:d1:87:87:9a:de:af:12:f7:3e:95:e8:57:c9:2d:
                    06:70:99:56:f3:47:b9:74:a1:5e:77:00:71:e5:5a:
                    67:22:f2:01:5d:e5:f3:79:01:8b:ca:a8:5b:38:88:
                    6b:04:47:b9:d2:4a:b8:77:50:05:a6:5d:02:71:b4:
                    3c:30:23:68:cc:e1:d7:27:d5:1f:9b:e7:62:7c:47:
                    46:33:57:d9:8f:0c:dc:0c:a8:c8:93:29:3e:52:50:
                    d6:ae:92:65:a1:db:c1:69:3f:1c:79:fa:2b:db:a7:
                    ba:9f:41:e4:3b:58:84:4f:37:36:cd:d6:ef:69:87:
                    bf:d7:61:2f:8b:ea:11:14:21:d4:2a:4d:3d:18:00:
                    2e:78:8f:63:29:5d:6d:a7:c2:57:5c:e2:8a:ba:42:
                    3d:3b:55:1f:18:e3:0b:bc:69:94:4e:da:5b:81:43:
                    a8:6e:18:19:6c:79:e5:55:87:90:66:57:5f:4d:36:
                    53:ab:79:ff:04:2e:44:d5:7e:a0:9a:7a:cd:e5:da:
                    4a:73:0c:5c:01:95:72:b5:fc:c5:fd:40:4b:d3:f8:
                    4a:69:29:af:ca:0d:19:76:2b:7e:f9:9a:bb:26:f3:
                    f9:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:AF:8A:B5:19:2D:3C:47:69:15:F5:18:F5:5E:74:23:ED:A5:91:32
            X509v3 Authority Key Identifier:
                keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/4q-KtRktPEdpFfUY9V50I-2lkTI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.199.132.0-168.199.159.255
                  168.199.164.0-168.199.191.255
                  168.199.196.0-168.199.203.255
                  168.199.240.0/20
                  185.100.58.0/24
                  192.95.80.0-192.95.91.255
                IPv6:
                  2001:678:8b4::/48

    Signature Algorithm: sha256WithRSAEncryption
         6d:30:6a:43:fc:fe:a7:d6:56:5d:66:2e:74:08:ed:e1:83:fd:
         6e:5a:ae:39:cd:6d:a4:a1:80:b3:da:5c:8e:73:73:d8:68:45:
         00:84:a4:1a:3b:34:c2:c2:63:6c:3f:4a:8b:a9:d3:84:2c:50:
         96:06:a3:9f:6a:9a:18:95:f8:74:96:f5:eb:4a:b0:7f:10:77:
         d9:97:29:3e:7c:d0:bc:9c:c1:2b:19:51:a4:78:24:86:fe:07:
         89:8a:33:52:ec:aa:40:85:55:8c:a1:f5:41:e1:ea:b6:76:df:
         25:36:91:f1:20:a8:75:ea:e3:3a:ab:05:99:de:e1:2f:9f:84:
         18:c8:21:22:08:81:28:40:5c:14:e8:09:eb:ae:74:45:cf:ef:
         02:4c:d9:67:d8:49:9a:e1:53:a0:a6:72:e0:d5:67:22:fb:bf:
         d7:74:0c:e6:36:ac:95:71:0a:57:f8:4b:bd:7b:42:fd:b9:20:
         4a:c9:22:06:1a:30:2e:94:bf:5c:f3:ce:cb:d3:e9:66:45:ce:
         a1:fa:f0:1a:cb:a2:a2:d5:b4:a4:5c:78:ae:3d:1a:d8:2c:ee:
         39:c2:a6:ad:de:12:c6:6d:a6:69:1c:5c:3a:84:ab:68:7c:08:
         f2:1e:67:64:48:06:22:bf:36:55:45:1b:00:d3:88:cd:62:46:
         37:8e:3d:ae
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYsHdEwVpb+svVZeEjIJ+BJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjMxMDA3MDAwNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmFmOGFiNTE5MmQzYzQ3NjkxNWY1MThmNTVlNzQyM2VkYTU5MTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc1046GkhwqQqPIhzn0/4UXyFojC
PvSWoF7n0ocD0YeHmt6vEvc+lehXyS0GcJlW80e5dKFedwBx5VpnIvIBXeXzeQGL
yqhbOIhrBEe50kq4d1AFpl0CcbQ8MCNozOHXJ9Ufm+difEdGM1fZjwzcDKjIkyk+
UlDWrpJlodvBaT8cefor26e6n0HkO1iETzc2zdbvaYe/12Evi+oRFCHUKk09GAAu
eI9jKV1tp8JXXOKKukI9O1UfGOMLvGmUTtpbgUOobhgZbHnlVYeQZldfTTZTq3n/
BC5E1X6gmnrN5dpKcwxcAZVytfzF/UBL0/hKaSmvyg0Zdit++Zq7JvP58wIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFOKvirUZLTxHaRX1GPVedCPtpZEyMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvNHEtS3RSa3RQRWRwRmZVWTlWNTBJLTJsa1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBKBAIAATBEMAwDBAKox4QD
BAWox4AwDAMEAqjHpAMEBqjHgDAMAwQCqMfEAwQCqMfIAwQEqMfwAwQAuWQ6MAwD
BATAX1ADBALAX1gwDwQCAAIwCQMHACABBngItDANBgkqhkiG9w0BAQsFAAOCAQEA
bTBqQ/z+p9ZWXWYudAjt4YP9blquOc1tpKGAs9pcjnNz2GhFAISkGjs0wsJjbD9K
i6nThCxQlgajn2qaGJX4dJb160qwfxB32ZcpPnzQvJzBKxlRpHgkhv4HiYozUuyq
QIVVjKH1QeHqtnbfJTaR8SCoderjOqsFmd7hL5+EGMghIgiBKEBcFOgJ6650Rc/v
AkzZZ9hJmuFToKZy4NVnIvu/13QM5jaslXEKV/hLvXtC/bkgSskiBhowLpS/XPPO
y9PpZkXOofrwGsuiotW0pFx4rj0a2CzuOcKmrd4Sxm2maRxcOoSraHwI8h5nZEgG
Ir82VUUbANOIzWJGN449rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:50 2024 by rpki-client on console-fra.rpki-client.org