Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/K-7AEnw46DkSDlO_LwlvoPo0eN4.roa
File:                     K-7AEnw46DkSDlO_LwlvoPo0eN4.roa (raw, json)
Hash identifier:          x93+wqJXhoOg32YcruHJXxR51tB39rbH/YHI2O06ijQ=
Subject key identifier:   2B:EE:C0:12:7C:38:E8:39:12:0E:53:BF:2F:09:6F:A0:FA:34:78:DE
Certificate issuer:       /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial:       0186B06083375F15CC4A40869987DED3EF6C
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/K-7AEnw46DkSDlO_LwlvoPo0eN4.roa
Signing time:             Sun 05 Mar 2023 06:06:00 +0000
ROA not before:           Sun 05 Mar 2023 06:06:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3225
IP address blocks:        91.140.216.0/22 maxlen: 24
                          91.140.221.0/24 maxlen: 24
                          91.140.220.0/24 maxlen: 24
                          91.140.224.0/24 maxlen: 24
                          91.140.222.0/24 maxlen: 24
                          91.140.223.0/24 maxlen: 24
                          91.140.224.0/22 maxlen: 22
                          91.140.226.0/24 maxlen: 24
                          91.140.233.0/24 maxlen: 24
                          91.140.228.0/22 maxlen: 22
                          91.140.232.0/24 maxlen: 24
                          91.140.240.0/24 maxlen: 24
                          91.140.235.0/24 maxlen: 24
                          91.140.234.0/24 maxlen: 24
                          91.140.238.0/24 maxlen: 24
                          91.140.239.0/24 maxlen: 24
                          91.140.236.0/24 maxlen: 24
                          91.140.237.0/24 maxlen: 24
                          91.140.242.0/24 maxlen: 24
                          91.140.241.0/24 maxlen: 24
                          91.140.244.0/22 maxlen: 22
                          91.140.246.0/24 maxlen: 24
                          91.140.248.0/24 maxlen: 24
                          91.140.249.0/24 maxlen: 24
                          91.140.248.0/22 maxlen: 22
                          91.140.252.0/24 maxlen: 24
                          91.140.253.0/24 maxlen: 24
                          91.140.250.0/24 maxlen: 24
                          91.140.252.0/22 maxlen: 22
                          91.140.251.0/24 maxlen: 24
                          91.140.255.0/24 maxlen: 24
                          91.140.254.0/24 maxlen: 24
                          91.140.164.0/22 maxlen: 22
                          185.16.4.0/22 maxlen: 22
                          91.140.160.0/22 maxlen: 22
                          91.140.172.0/22 maxlen: 22
                          94.187.224.0/19 maxlen: 24
                          91.140.180.0/22 maxlen: 22
                          94.187.232.0/22 maxlen: 22
                          91.140.192.0/22 maxlen: 24
                          91.140.188.0/22 maxlen: 22
                          94.187.228.0/22 maxlen: 22
                          94.187.236.0/22 maxlen: 22
                          91.140.196.0/22 maxlen: 24
                          94.187.240.0/22 maxlen: 24
                          91.140.201.0/24 maxlen: 24
                          91.140.200.0/22 maxlen: 22
                          91.140.203.0/24 maxlen: 24
                          94.187.244.0/22 maxlen: 22
                          91.140.204.0/22 maxlen: 22
                          91.140.202.0/24 maxlen: 24
                          91.140.212.0/22 maxlen: 22
                          94.187.252.0/22 maxlen: 24
                          91.140.207.0/24 maxlen: 24
                          94.187.248.0/22 maxlen: 22
                          91.140.208.0/22 maxlen: 22
                          91.140.128.0/22 maxlen: 22
                          91.140.128.0/17 maxlen: 17
                          91.140.132.0/22 maxlen: 22
                          91.140.140.0/22 maxlen: 22
                          91.140.152.0/22 maxlen: 22
                          91.140.148.0/22 maxlen: 22
                          194.54.241.0/24 maxlen: 24
                          194.54.244.0/22 maxlen: 22
                          194.54.243.0/24 maxlen: 24
                          194.54.248.0/22 maxlen: 22
                          194.54.252.0/22 maxlen: 22
                          194.54.192.0/19 maxlen: 24
                          194.54.192.0/18 maxlen: 18
                          194.54.194.0/23 maxlen: 23
                          194.54.196.0/22 maxlen: 22
                          194.54.204.0/22 maxlen: 22
                          194.54.200.0/22 maxlen: 22
                          194.54.202.0/24 maxlen: 24
                          194.54.209.0/24 maxlen: 24
                          194.54.208.0/22 maxlen: 22
                          194.54.208.0/24 maxlen: 24
                          194.54.212.0/22 maxlen: 22
                          194.54.216.0/22 maxlen: 22
                          194.54.224.0/19 maxlen: 19
                          194.54.220.0/24 maxlen: 24
                          194.54.220.0/22 maxlen: 22
                          194.54.224.0/22 maxlen: 22
                          194.54.232.0/22 maxlen: 22
                          194.54.228.0/22 maxlen: 22
                          194.54.234.0/24 maxlen: 24
                          194.54.236.0/22 maxlen: 22
                          194.54.240.0/22 maxlen: 24
                          2a01:7780::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 08 Jun 2023 10:58:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b0:60:83:37:5f:15:cc:4a:40:86:99:87:de:d3:ef:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
        Validity
            Not Before: Mar  5 06:06:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2beec0127c38e839120e53bf2f096fa0fa3478de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b8:cf:66:b9:f4:9e:d2:a6:88:88:7d:c6:e1:
                    0a:90:39:94:cf:c4:9f:7e:fa:90:ce:1a:a4:bc:01:
                    00:76:67:83:25:ff:5d:a2:e9:95:78:2a:50:be:7f:
                    8b:be:7f:d2:b7:91:61:0c:f3:58:cc:74:61:0d:9f:
                    f4:53:74:89:4a:81:51:c7:ce:9d:80:ea:85:91:57:
                    64:52:93:35:5c:3d:7e:fb:b4:47:65:e2:70:45:8d:
                    24:6f:d3:7c:58:64:ab:b8:c0:b0:83:30:7d:73:ae:
                    a5:21:79:32:14:bf:78:06:85:20:5a:91:7c:ca:af:
                    7c:58:d4:76:22:2b:ad:6b:2a:dc:df:79:7f:b7:70:
                    f1:c3:97:ee:b7:c4:c3:db:4f:e0:ed:10:28:34:26:
                    60:b2:40:53:35:10:40:79:96:ab:4f:e8:e8:a6:39:
                    35:73:a9:ba:1e:ae:a6:f0:33:53:c6:ac:35:14:20:
                    96:1e:46:4b:4e:1c:35:bf:8d:64:93:8e:72:5b:95:
                    8b:ed:dd:78:08:d0:eb:12:e1:5d:22:b2:ea:46:e2:
                    61:2d:85:ad:ba:e9:33:4b:59:06:0c:c3:6f:7f:a4:
                    f6:0e:fa:91:ec:e1:9e:c3:c4:2f:89:8d:9c:46:10:
                    8f:f5:7c:bf:e1:92:54:97:ba:96:f0:8e:df:de:46:
                    57:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:EE:C0:12:7C:38:E8:39:12:0E:53:BF:2F:09:6F:A0:FA:34:78:DE
            X509v3 Authority Key Identifier:
                keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/K-7AEnw46DkSDlO_LwlvoPo0eN4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.140.128.0/17
                  94.187.224.0/19
                  185.16.4.0/22
                  194.54.192.0/18
                IPv6:
                  2a01:7780::/32

    Signature Algorithm: sha256WithRSAEncryption
         7f:bd:5a:ff:3e:67:79:6f:3f:1f:1b:b0:06:8c:df:83:17:64:
         6e:3d:70:f3:a5:84:5b:8f:40:4a:9c:f4:5d:81:49:dc:39:7c:
         7d:c8:a5:af:e0:f2:35:30:4e:2e:40:8b:b1:af:34:d8:53:54:
         e5:63:a7:c1:94:8d:fa:74:75:00:a7:a4:5c:70:fa:7c:97:64:
         68:09:9f:72:60:1c:fe:f9:78:93:d9:ba:38:c0:43:d8:cf:30:
         bd:eb:38:de:9e:a7:b4:2a:b3:09:6d:9b:a9:2c:dc:d3:dc:5e:
         2c:36:07:2f:56:d4:54:28:0d:7d:c7:bf:04:8b:2e:bc:4b:49:
         21:5b:0e:f7:2c:e4:91:48:0e:83:7b:ab:a6:bd:7e:bd:ea:22:
         05:4b:d4:5d:b3:35:cf:f6:db:17:48:67:7a:45:ca:68:5a:41:
         8e:f0:61:bb:88:06:6a:40:c1:80:3e:84:f6:fa:7f:71:71:72:
         c0:a4:87:3c:fe:68:84:38:ea:0b:e0:da:41:17:ca:4a:b3:e6:
         a8:d2:6c:d8:62:da:dc:85:49:33:12:c0:19:99:21:a4:e1:79:
         83:8b:89:0c:d6:6e:17:c8:8f:31:b1:ee:bd:4c:da:4c:2f:03:
         ae:1e:79:54:85:1a:77:ee:3d:00:a9:5b:70:b6:4f:6a:fe:90:
         07:da:f2:05
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYawYIM3XxXMSkCGmYfe0+9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Y3ZGIwMzMzMTRjNDczY2RhMTk0ZTBkZjc5ZjFjMzc1
ZGEzZjQwHhcNMjMwMzA1MDYwNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmVlYzAxMjdjMzhlODM5MTIwZTUzYmYyZjA5NmZhMGZhMzQ3OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7jPZrn0ntKmiIh9xuEKkDmUz8Sf
fvqQzhqkvAEAdmeDJf9doumVeCpQvn+Lvn/St5FhDPNYzHRhDZ/0U3SJSoFRx86d
gOqFkVdkUpM1XD1++7RHZeJwRY0kb9N8WGSruMCwgzB9c66lIXkyFL94BoUgWpF8
yq98WNR2Iiutayrc33l/t3Dxw5fut8TD20/g7RAoNCZgskBTNRBAeZarT+jopjk1
c6m6Hq6m8DNTxqw1FCCWHkZLThw1v41kk45yW5WL7d14CNDrEuFdIrLqRuJhLYWt
uukzS1kGDMNvf6T2DvqR7OGew8QviY2cRhCP9Xy/4ZJUl7qW8I7f3kZX9QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCvuwBJ8OOg5Eg5Tvy8Jb6D6NHjeMB8GA1UdIwQY
MBaAFCN/fbAzMUxHPNoZTg33nxw3XaP0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYt
ZWUwNjAzOTQ5ZjkzLzEvSy03QUVudzQ2RGtTRGxPX0x3bHZvUG8wZU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYtZWUwNjAzOTQ5Zjkz
LzEvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHW4yAAwQF
XrvgAwQCuRAEAwQGwjbAMA0EAgACMAcDBQAqAXeAMA0GCSqGSIb3DQEBCwUAA4IB
AQB/vVr/Pmd5bz8fG7AGjN+DF2RuPXDzpYRbj0BKnPRdgUncOXx9yKWv4PI1ME4u
QIuxrzTYU1TlY6fBlI36dHUAp6RccPp8l2RoCZ9yYBz++XiT2bo4wEPYzzC96zje
nqe0KrMJbZupLNzT3F4sNgcvVtRUKA19x78Eiy68S0khWw73LOSRSA6De6umvX69
6iIFS9RdszXP9tsXSGd6RcpoWkGO8GG7iAZqQMGAPoT2+n9xcXLApIc8/miEOOoL
4NpBF8pKs+ao0mzYYtrchUkzEsAZmSGk4XmDi4kM1m4XyI8xse69TNpMLwOuHnlU
hRp37j0AqVtwtk9q/pAH2vIF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:58 2024 by rpki-client on console-ams.rpki-client.org