Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/eLyMCiWy9S8K3Px5j21dHwofSJw.roa
File:                     eLyMCiWy9S8K3Px5j21dHwofSJw.roa (raw, json)
Hash identifier:          AA5v03wgwS8/uXsdzvE53pDSvwG0rLNnONQLDsnrYEk=
Subject key identifier:   78:BC:8C:0A:25:B2:F5:2F:0A:DC:FC:79:8F:6D:5D:1F:0A:1F:48:9C
Certificate issuer:       /CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Certificate serial:       0186DFF6ECCFBEB564D54AF330256DA06DD3
Authority key identifier: 02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/eLyMCiWy9S8K3Px5j21dHwofSJw.roa
Signing time:             Tue 14 Mar 2023 11:52:27 +0000
ROA not before:           Tue 14 Mar 2023 11:52:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198589
IP address blocks:        37.77.48.0/21 maxlen: 21
                          37.77.49.0/24 maxlen: 24
                          37.77.48.0/24 maxlen: 24
                          37.77.51.0/24 maxlen: 24
                          37.77.50.0/24 maxlen: 24
                          37.77.52.0/24 maxlen: 24
                          37.77.55.0/24 maxlen: 24
                          37.77.54.0/24 maxlen: 24
                          37.77.53.0/24 maxlen: 24
                          5.62.133.0/24 maxlen: 24
                          5.62.137.0/24 maxlen: 24
                          5.62.136.0/24 maxlen: 24
                          5.62.135.0/24 maxlen: 24
                          5.62.134.0/24 maxlen: 24
                          5.62.139.0/24 maxlen: 24
                          5.62.138.0/24 maxlen: 24
                          5.62.140.0/24 maxlen: 24
                          5.62.144.0/24 maxlen: 24
                          5.62.143.0/24 maxlen: 24
                          5.62.144.0/21 maxlen: 21
                          5.62.142.0/24 maxlen: 24
                          5.62.141.0/24 maxlen: 24
                          5.62.145.0/24 maxlen: 24
                          5.62.147.0/24 maxlen: 24
                          5.62.146.0/24 maxlen: 24
                          5.62.151.0/24 maxlen: 24
                          5.62.150.0/24 maxlen: 24
                          5.62.149.0/24 maxlen: 24
                          5.62.148.0/24 maxlen: 24
                          5.62.130.0/24 maxlen: 24
                          5.62.129.0/24 maxlen: 24
                          5.62.128.0/24 maxlen: 24
                          5.62.128.0/20 maxlen: 20
                          5.62.132.0/24 maxlen: 24
                          5.62.131.0/24 maxlen: 24
                          185.69.4.0/22 maxlen: 22
                          185.69.4.0/24 maxlen: 24
                          185.69.7.0/24 maxlen: 24
                          185.69.6.0/24 maxlen: 24
                          185.69.5.0/24 maxlen: 24
                          31.7.83.0/24 maxlen: 24
                          31.7.82.0/24 maxlen: 24
                          31.7.81.0/24 maxlen: 24
                          31.7.80.0/24 maxlen: 24
                          31.7.85.0/24 maxlen: 24
                          31.7.84.0/24 maxlen: 24
                          31.7.86.0/24 maxlen: 24
                          31.7.87.0/24 maxlen: 24
                          2a00:c9e0:8000::/48 maxlen: 48
                          2a00:c9e0:1::/48 maxlen: 48
                          2a00:c9e0:8::/48 maxlen: 48
                          2a00:c9e0::/32 maxlen: 32
                          2a00:c9e0:5::/48 maxlen: 48
                          2a00:c9e7:1::/48 maxlen: 48
                          2a00:c9e0:c::/48 maxlen: 48
                          2a00:c9e0:8002::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 14 Mar 2023 12:11:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:df:f6:ec:cf:be:b5:64:d5:4a:f3:30:25:6d:a0:6d:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02bbd4f865a12d79a09a034486ce61ba023882c7
        Validity
            Not Before: Mar 14 11:52:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=78bc8c0a25b2f52f0adcfc798f6d5d1f0a1f489c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:9d:73:ab:43:12:66:9f:e2:c1:6b:7a:72:c1:
                    2e:b1:bd:c7:2e:ea:7d:31:85:4d:21:3d:d8:f1:00:
                    38:3c:f4:3e:22:1f:2a:bd:e5:fd:0a:55:f5:c2:7b:
                    5b:76:00:26:31:f0:19:85:c5:62:0f:9c:06:6c:e9:
                    dc:3b:40:60:63:bf:7b:c8:73:e0:5a:c6:bc:56:24:
                    e6:40:e2:58:26:34:71:9c:e6:15:84:96:30:bf:f6:
                    d0:03:0e:b0:07:eb:e4:ef:e7:cf:1e:fe:86:7e:2c:
                    9a:0a:08:66:cc:5c:29:b8:b3:a4:9e:b0:65:2c:bf:
                    ad:49:d8:57:70:e3:48:ca:3d:7e:41:3a:32:9b:7d:
                    8a:66:c5:73:9c:8f:d7:6e:8a:49:4d:70:9d:d5:0a:
                    56:23:85:b8:0c:5e:4c:12:12:ce:c5:50:4b:18:28:
                    62:59:36:6a:29:ff:d7:72:d4:33:5e:0a:c4:43:77:
                    51:b7:8e:7b:04:e1:83:01:a5:c2:7c:5b:aa:f9:29:
                    6b:80:dc:59:45:66:04:81:98:e7:ac:0a:46:e2:25:
                    fa:1b:b1:41:02:07:a0:78:06:ed:9e:24:1c:b9:0d:
                    8b:2c:b1:5b:80:9b:c1:fc:e8:87:48:10:fb:a7:23:
                    7d:66:25:1f:f4:b8:b3:36:b6:38:25:74:63:1d:ba:
                    fa:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:BC:8C:0A:25:B2:F5:2F:0A:DC:FC:79:8F:6D:5D:1F:0A:1F:48:9C
            X509v3 Authority Key Identifier:
                keyid:02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/eLyMCiWy9S8K3Px5j21dHwofSJw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.62.128.0-5.62.151.255
                  31.7.80.0/21
                  37.77.48.0/21
                  185.69.4.0/22
                IPv6:
                  2a00:c9e0::/32
                  2a00:c9e7:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:15:a7:eb:88:64:1d:1d:f9:c2:3d:ab:cf:34:fe:e7:cf:b5:
         05:27:d3:7b:71:96:bd:d3:d3:eb:2d:15:30:8f:04:b3:d0:7c:
         d7:4f:24:80:09:8e:f6:e7:73:49:33:78:eb:9c:da:6e:3c:d3:
         a1:6f:14:a2:b1:03:c9:54:73:58:32:28:42:d4:49:aa:0a:84:
         a2:d9:52:c7:12:3c:ed:b1:e0:2b:2e:09:b0:80:75:53:60:01:
         cc:ec:4a:88:4c:06:ca:c5:e1:63:f9:a8:1b:22:24:f4:70:bc:
         62:5c:1b:34:50:28:de:13:9e:8e:1f:5c:be:c1:80:aa:a2:e6:
         a1:19:76:4e:31:b3:0a:ef:7b:b9:20:ff:05:40:6f:ed:52:80:
         63:37:c7:f3:02:dc:d8:64:98:97:68:21:29:66:d5:d4:d3:c5:
         62:95:40:9d:25:d5:e1:ba:82:ea:c8:49:2d:f3:d0:1a:2e:6b:
         2b:95:26:9d:89:e7:3d:52:ba:71:46:45:34:59:65:20:da:10:
         5a:9b:35:e0:da:e3:da:e4:bc:bd:07:e8:33:d4:31:35:31:d0:
         82:35:4b:5a:ce:ec:23:3a:49:dc:6b:0e:fa:94:47:ea:94:71:
         bd:43:a3:e4:6e:d3:15:2b:8b:e0:71:e2:3f:4e:a8:38:c8:28:
         22:c5:60:95
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYbf9uzPvrVk1UrzMCVtoG3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYmJkNGY4NjVhMTJkNzlhMDlhMDM0NDg2Y2U2MWJhMDIz
ODgyYzcwHhcNMjMwMzE0MTE1MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGJjOGMwYTI1YjJmNTJmMGFkY2ZjNzk4ZjZkNWQxZjBhMWY0ODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJ1zq0MSZp/iwWt6csEusb3HLup9
MYVNIT3Y8QA4PPQ+Ih8qveX9ClX1wntbdgAmMfAZhcViD5wGbOncO0BgY797yHPg
Wsa8ViTmQOJYJjRxnOYVhJYwv/bQAw6wB+vk7+fPHv6GfiyaCghmzFwpuLOknrBl
LL+tSdhXcONIyj1+QToym32KZsVznI/XbopJTXCd1QpWI4W4DF5MEhLOxVBLGChi
WTZqKf/XctQzXgrEQ3dRt457BOGDAaXCfFuq+SlrgNxZRWYEgZjnrApG4iX6G7FB
AgegeAbtniQcuQ2LLLFbgJvB/OiHSBD7pyN9ZiUf9LizNrY4JXRjHbr6tQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHi8jAolsvUvCtz8eY9tXR8KH0icMB8GA1UdIwQY
MBaAFAK71PhloS15oJoDRIbOYboCOILHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUt
MGE5ODA0OGNkZjcyLzEvZUx5TUNpV3k5UzhLM1B4NWoyMWRId29mU0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUtMGE5ODA0OGNkZjcy
LzEvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAmBAIAATAgMAwDBAcFPoAD
BAMFPpADBAMfB1ADBAMlTTADBAK5RQQwFgQCAAIwEAMFACoAyeADBwAqAMnnAAEw
DQYJKoZIhvcNAQELBQADggEBAAwVp+uIZB0d+cI9q880/ufPtQUn03txlr3T0+st
FTCPBLPQfNdPJIAJjvbnc0kzeOuc2m4806FvFKKxA8lUc1gyKELUSaoKhKLZUscS
PO2x4CsuCbCAdVNgAczsSohMBsrF4WP5qBsiJPRwvGJcGzRQKN4Tno4fXL7BgKqi
5qEZdk4xswrve7kg/wVAb+1SgGM3x/MC3NhkmJdoISlm1dTTxWKVQJ0l1eG6gurI
SS3z0BouayuVJp2J5z1SunFGRTRZZSDaEFqbNeDa49rkvL0H6DPUMTUx0II1S1rO
7CM6SdxrDvqUR+qUcb1Do+Ru0xUri+Bx4j9OqDjIKCLFYJU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:58 2024 by rpki-client on console-fra.rpki-client.org