Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/beqHp6_-fn08KOU-cQuWGUCu3VM.roa
File:                     beqHp6_-fn08KOU-cQuWGUCu3VM.roa (raw, json)
Hash identifier:          FX6/7VP44RUgruLrNP+37iSO78SbzJP4VMThCAw2e10=
Subject key identifier:   6D:EA:87:A7:AF:FE:7E:7D:3C:28:E5:3E:71:0B:96:19:40:AE:DD:53
Certificate issuer:       /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial:       0185B96EDBFB6EF451A792FE7A68FA626A6F
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/beqHp6_-fn08KOU-cQuWGUCu3VM.roa
Signing time:             Mon 16 Jan 2023 07:15:28 +0000
ROA not before:           Mon 16 Jan 2023 07:15:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3225
IP address blocks:        91.140.221.0/24 maxlen: 24
                          91.140.220.0/24 maxlen: 24
                          91.140.224.0/24 maxlen: 24
                          91.140.222.0/24 maxlen: 24
                          91.140.223.0/24 maxlen: 24
                          91.140.224.0/22 maxlen: 22
                          91.140.226.0/24 maxlen: 24
                          91.140.233.0/24 maxlen: 24
                          91.140.228.0/22 maxlen: 22
                          91.140.232.0/24 maxlen: 24
                          91.140.240.0/24 maxlen: 24
                          91.140.235.0/24 maxlen: 24
                          91.140.234.0/24 maxlen: 24
                          91.140.238.0/24 maxlen: 24
                          91.140.239.0/24 maxlen: 24
                          91.140.236.0/24 maxlen: 24
                          91.140.237.0/24 maxlen: 24
                          91.140.242.0/24 maxlen: 24
                          91.140.241.0/24 maxlen: 24
                          91.140.244.0/22 maxlen: 22
                          91.140.246.0/24 maxlen: 24
                          91.140.248.0/24 maxlen: 24
                          91.140.249.0/24 maxlen: 24
                          91.140.248.0/22 maxlen: 22
                          91.140.252.0/24 maxlen: 24
                          91.140.253.0/24 maxlen: 24
                          91.140.250.0/24 maxlen: 24
                          91.140.252.0/22 maxlen: 22
                          91.140.251.0/24 maxlen: 24
                          91.140.255.0/24 maxlen: 24
                          91.140.254.0/24 maxlen: 24
                          91.140.164.0/22 maxlen: 22
                          185.16.4.0/22 maxlen: 22
                          91.140.160.0/22 maxlen: 22
                          91.140.172.0/22 maxlen: 22
                          94.187.224.0/19 maxlen: 24
                          91.140.180.0/22 maxlen: 22
                          94.187.232.0/22 maxlen: 22
                          91.140.192.0/22 maxlen: 24
                          91.140.188.0/22 maxlen: 22
                          94.187.228.0/22 maxlen: 22
                          94.187.236.0/22 maxlen: 22
                          91.140.196.0/22 maxlen: 24
                          94.187.240.0/22 maxlen: 22
                          91.140.201.0/24 maxlen: 24
                          91.140.200.0/22 maxlen: 22
                          91.140.203.0/24 maxlen: 24
                          94.187.244.0/22 maxlen: 22
                          91.140.204.0/22 maxlen: 22
                          91.140.202.0/24 maxlen: 24
                          91.140.212.0/22 maxlen: 22
                          94.187.252.0/22 maxlen: 22
                          91.140.207.0/24 maxlen: 24
                          94.187.248.0/22 maxlen: 22
                          91.140.208.0/22 maxlen: 22
                          91.140.128.0/22 maxlen: 22
                          91.140.128.0/17 maxlen: 17
                          91.140.132.0/22 maxlen: 22
                          91.140.140.0/22 maxlen: 22
                          91.140.152.0/22 maxlen: 22
                          91.140.148.0/22 maxlen: 22
                          194.54.241.0/24 maxlen: 24
                          194.54.244.0/22 maxlen: 22
                          194.54.243.0/24 maxlen: 24
                          194.54.248.0/22 maxlen: 22
                          194.54.252.0/22 maxlen: 22
                          194.54.192.0/19 maxlen: 24
                          194.54.192.0/18 maxlen: 18
                          194.54.194.0/23 maxlen: 23
                          194.54.196.0/22 maxlen: 22
                          194.54.204.0/22 maxlen: 22
                          194.54.200.0/22 maxlen: 22
                          194.54.202.0/24 maxlen: 24
                          194.54.209.0/24 maxlen: 24
                          194.54.208.0/22 maxlen: 22
                          194.54.208.0/24 maxlen: 24
                          194.54.212.0/22 maxlen: 22
                          194.54.216.0/22 maxlen: 22
                          194.54.224.0/19 maxlen: 19
                          194.54.220.0/24 maxlen: 24
                          194.54.220.0/22 maxlen: 22
                          194.54.224.0/22 maxlen: 22
                          194.54.232.0/22 maxlen: 22
                          194.54.228.0/22 maxlen: 22
                          194.54.234.0/24 maxlen: 24
                          194.54.236.0/22 maxlen: 22
                          194.54.240.0/22 maxlen: 24
                          2a01:7780::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 21 Feb 2023 06:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:b9:6e:db:fb:6e:f4:51:a7:92:fe:7a:68:fa:62:6a:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
        Validity
            Not Before: Jan 16 07:15:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6dea87a7affe7e7d3c28e53e710b961940aedd53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2e:ad:cc:6e:98:ea:0d:68:82:c5:26:13:8d:
                    c7:15:6d:99:a5:06:90:5f:85:83:3d:87:77:fe:f6:
                    96:b8:d9:a2:4a:21:16:37:42:26:00:b8:47:7f:72:
                    44:fd:84:62:7c:ec:4f:54:af:3b:89:df:7d:d3:a6:
                    ce:7e:b0:20:c8:ee:c6:7e:ae:6f:41:60:b3:a6:6c:
                    ca:6d:9f:a6:6f:d2:51:e5:0b:43:4c:83:c7:2b:34:
                    9b:b3:24:9f:ec:54:51:ea:a8:bb:fd:63:19:f2:f2:
                    01:0d:b6:5a:03:a9:a9:e2:5d:e9:02:51:0d:89:94:
                    0a:7e:aa:5e:70:25:28:30:63:2c:2b:7a:0d:e6:40:
                    0c:bb:41:e1:ce:f2:98:79:c6:04:b3:76:ae:1b:f0:
                    c2:e1:4e:4d:68:18:14:41:a7:ed:56:4e:36:3a:9f:
                    ad:ff:37:c8:d4:75:46:87:ae:1e:a8:4d:2c:a0:0f:
                    67:7a:0e:85:dd:27:1a:8a:4b:ec:75:75:6f:6c:8c:
                    7b:72:78:72:96:91:34:8e:52:91:c7:ac:23:87:67:
                    6a:93:78:e0:66:31:e8:df:03:d4:41:5f:93:04:cb:
                    cd:bf:a0:51:7f:72:93:25:62:10:c0:a3:38:be:6a:
                    b0:33:3f:0e:c4:c3:04:c1:51:a9:ad:03:6b:7b:bf:
                    d7:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:EA:87:A7:AF:FE:7E:7D:3C:28:E5:3E:71:0B:96:19:40:AE:DD:53
            X509v3 Authority Key Identifier:
                keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/beqHp6_-fn08KOU-cQuWGUCu3VM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.140.128.0/17
                  94.187.224.0/19
                  185.16.4.0/22
                  194.54.192.0/18
                IPv6:
                  2a01:7780::/32

    Signature Algorithm: sha256WithRSAEncryption
         3d:07:bc:57:45:a8:d7:c8:b7:e6:22:84:41:c7:ff:78:de:59:
         e5:2c:e2:ce:18:2a:08:56:21:85:0f:3d:ad:3e:77:a4:b4:19:
         1d:cc:a2:3b:f1:f2:c8:c0:4f:68:c5:e3:7a:a8:2f:71:b7:1f:
         c5:29:ca:bd:97:69:cb:c4:bf:b1:e2:18:e7:ba:c6:93:22:27:
         bf:4a:12:81:1f:9a:9a:64:db:42:50:4f:d3:36:87:30:a3:e9:
         41:33:66:7d:44:ea:08:1d:0a:23:fc:99:bf:34:f1:36:82:d8:
         c9:d0:a0:fa:d9:bf:06:0a:eb:2d:f2:0b:a8:81:f3:89:b8:31:
         46:e6:5a:6d:f8:9c:57:b6:73:ff:03:59:71:b4:e7:e0:4f:28:
         1d:4c:f5:8e:31:61:90:dc:0f:06:ab:ba:fe:f5:31:73:67:73:
         a3:c3:75:d0:bb:f7:b6:c4:f3:16:c8:7f:02:af:80:ec:6a:93:
         bb:9e:75:7d:b8:18:cc:18:b9:4d:4e:31:27:b3:8a:d8:4a:37:
         a6:57:c2:26:34:79:e0:e7:00:b8:ad:3e:f6:24:aa:f4:31:4e:
         fe:14:52:26:43:3c:c4:80:dc:62:14:4f:20:b2:1f:32:1a:bc:
         b6:da:39:8e:fd:aa:18:b6:d4:65:21:0d:cd:06:f5:d1:9b:48:
         bf:86:c1:c9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYW5btv7bvRRp5L+emj6YmpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2Y3ZGIwMzMzMTRjNDczY2RhMTk0ZTBkZjc5ZjFjMzc1
ZGEzZjQwHhcNMjMwMTE2MDcxNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGVhODdhN2FmZmU3ZTdkM2MyOGU1M2U3MTBiOTYxOTQwYWVkZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi6tzG6Y6g1ogsUmE43HFW2ZpQaQ
X4WDPYd3/vaWuNmiSiEWN0ImALhHf3JE/YRifOxPVK87id9906bOfrAgyO7Gfq5v
QWCzpmzKbZ+mb9JR5QtDTIPHKzSbsySf7FRR6qi7/WMZ8vIBDbZaA6mp4l3pAlEN
iZQKfqpecCUoMGMsK3oN5kAMu0HhzvKYecYEs3auG/DC4U5NaBgUQaftVk42Op+t
/zfI1HVGh64eqE0soA9neg6F3ScaikvsdXVvbIx7cnhylpE0jlKRx6wjh2dqk3jg
ZjHo3wPUQV+TBMvNv6BRf3KTJWIQwKM4vmqwMz8OxMMEwVGprQNre7/XOwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG3qh6ev/n59PCjlPnELlhlArt1TMB8GA1UdIwQY
MBaAFCN/fbAzMUxHPNoZTg33nxw3XaP0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYt
ZWUwNjAzOTQ5ZjkzLzEvYmVxSHA2Xy1mbjA4S09VLWNRdVdHVUN1M1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lZWY1NTctMGUxMC00MGNlLWE0OGYtZWUwNjAzOTQ5Zjkz
LzEvSTM5OXNETXhURWM4MmhsT0RmZWZIRGRkb19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHW4yAAwQF
XrvgAwQCuRAEAwQGwjbAMA0EAgACMAcDBQAqAXeAMA0GCSqGSIb3DQEBCwUAA4IB
AQA9B7xXRajXyLfmIoRBx/943lnlLOLOGCoIViGFDz2tPnektBkdzKI78fLIwE9o
xeN6qC9xtx/FKcq9l2nLxL+x4hjnusaTIie/ShKBH5qaZNtCUE/TNocwo+lBM2Z9
ROoIHQoj/Jm/NPE2gtjJ0KD62b8GCust8guogfOJuDFG5lpt+JxXtnP/A1lxtOfg
TygdTPWOMWGQ3A8Gq7r+9TFzZ3Ojw3XQu/e2xPMWyH8Cr4DsapO7nnV9uBjMGLlN
TjEns4rYSjemV8ImNHng5wC4rT72JKr0MU7+FFImQzzEgNxiFE8gsh8yGry22jmO
/aoYttRlIQ3NBvXRm0i/hsHJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:58 2024 by rpki-client on console-fra.rpki-client.org