Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/ymw61MFqjFuFsJaLOaK2d12LTeo.roa
File:                     ymw61MFqjFuFsJaLOaK2d12LTeo.roa (raw, json)
Hash identifier:          VrRLOfZy5jQC1bsw2j/sPExsoqWqxHjIZdcxaVYMqzg=
Subject key identifier:   CA:6C:3A:D4:C1:6A:8C:5B:85:B0:96:8B:39:A2:B6:77:5D:8B:4D:EA
Certificate issuer:       /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial:       018EAF0AA5B8116476055869FD4151C160AE
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/ymw61MFqjFuFsJaLOaK2d12LTeo.roa
Signing time:             Fri 05 Apr 2024 16:14:54 +0000
ROA not before:           Fri 05 Apr 2024 16:14:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42910
IP address blocks:        31.210.32.0/24 maxlen: 24
                          31.210.33.0/24 maxlen: 24
                          31.210.46.0/24 maxlen: 24
                          31.210.56.0/24 maxlen: 24
                          31.210.57.0/24 maxlen: 24
                          31.210.58.0/24 maxlen: 24
                          31.210.59.0/24 maxlen: 24
                          31.210.60.0/24 maxlen: 24
                          31.210.61.0/24 maxlen: 32
                          77.92.128.0/24 maxlen: 24
                          77.92.129.0/24 maxlen: 24
                          77.92.131.0/24 maxlen: 24
                          77.92.132.0/24 maxlen: 24
                          77.92.133.0/24 maxlen: 32
                          77.92.134.0/24 maxlen: 24
                          77.92.135.0/24 maxlen: 24
                          77.92.136.0/24 maxlen: 24
                          77.92.137.0/24 maxlen: 24
                          77.92.138.0/24 maxlen: 24
                          77.92.139.0/24 maxlen: 24
                          77.92.140.0/24 maxlen: 32
                          77.92.141.0/24 maxlen: 24
                          77.92.148.0/24 maxlen: 24
                          77.92.149.0/24 maxlen: 24
                          77.92.155.0/24 maxlen: 32
                          77.92.156.0/24 maxlen: 24
                          77.92.157.0/24 maxlen: 32
                          77.92.159.0/24 maxlen: 24
                          78.135.79.0/24 maxlen: 24
                          78.135.108.0/24 maxlen: 32
                          78.135.113.0/24 maxlen: 32
                          78.135.114.0/24 maxlen: 32
                          78.135.116.0/24 maxlen: 24
                          188.132.134.0/24 maxlen: 24
                          188.132.135.0/24 maxlen: 32
                          188.132.142.0/24 maxlen: 24
                          188.132.147.0/24 maxlen: 32
                          188.132.148.0/24 maxlen: 24
                          188.132.157.0/24 maxlen: 24
                          188.132.158.0/24 maxlen: 32
                          188.132.172.0/24 maxlen: 24
                          188.132.175.0/24 maxlen: 24
                          188.132.176.0/24 maxlen: 32
                          188.132.180.0/24 maxlen: 24
                          188.132.194.0/24 maxlen: 24
                          188.132.204.0/24 maxlen: 32
                          188.132.205.0/24 maxlen: 32
                          188.132.244.0/24 maxlen: 32
                          188.132.245.0/24 maxlen: 24
                          188.132.246.0/24 maxlen: 24
                          188.132.252.0/24 maxlen: 24
                          188.132.253.0/24 maxlen: 24
                          188.132.254.0/24 maxlen: 24
                          188.132.255.0/24 maxlen: 24
                          212.68.32.0/24 maxlen: 24
                          212.68.33.0/24 maxlen: 32
                          212.68.40.0/24 maxlen: 32
                          212.68.41.0/24 maxlen: 32
                          212.68.42.0/24 maxlen: 32
                          212.68.43.0/24 maxlen: 32
                          212.68.44.0/24 maxlen: 24
                          212.68.45.0/24 maxlen: 32
                          212.68.46.0/24 maxlen: 32
                          212.68.50.0/24 maxlen: 32
                          212.68.51.0/24 maxlen: 24
                          212.68.56.0/24 maxlen: 32
                          212.68.57.0/24 maxlen: 32
                          212.68.61.0/24 maxlen: 32
                          2a02:26b0::/32 maxlen: 32
                          2a02:26b0:8000::/48 maxlen: 48
                          2a02:26b0:8001::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 02 May 2024 13:52:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:af:0a:a5:b8:11:64:76:05:58:69:fd:41:51:c1:60:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
        Validity
            Not Before: Apr  5 16:14:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ca6c3ad4c16a8c5b85b0968b39a2b6775d8b4dea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:87:a3:3a:c9:2f:49:83:85:e3:75:75:c4:ba:
                    2c:19:99:3d:0e:a8:74:e7:76:db:d0:b5:cc:23:b5:
                    b4:17:56:8c:30:34:b0:49:8d:e8:9f:85:07:ad:03:
                    fd:5f:61:ab:e3:a9:c9:0a:a0:4c:0f:ac:72:18:5a:
                    6b:39:cb:e6:32:0c:23:7b:0e:8a:db:44:c7:67:44:
                    32:c9:9d:8d:57:6b:83:d3:30:c9:23:8b:54:8f:3d:
                    d6:d0:a0:5b:68:bb:91:fe:07:f9:83:42:83:87:b9:
                    a6:75:fd:e3:a7:41:3d:d6:8e:7a:0a:cc:de:dc:3b:
                    aa:88:4f:b8:f9:ef:80:87:80:ae:73:72:67:26:6c:
                    d8:00:97:72:eb:ff:c6:bf:78:4b:c9:4f:93:34:db:
                    b8:77:18:89:9d:c6:ac:bd:05:55:31:16:41:25:e4:
                    ab:e9:5a:20:77:f9:cc:7a:37:22:7c:a6:b6:72:f6:
                    a8:05:2b:24:25:dd:d1:e0:4c:1d:b4:cd:e8:be:d6:
                    81:70:f3:dd:a9:f3:87:1e:14:17:91:a0:67:c4:84:
                    fc:d7:2f:b2:dd:b3:2c:0e:f1:9c:6c:d8:53:17:bb:
                    25:a9:a2:8d:48:91:67:1b:df:b0:83:f9:f7:dc:ab:
                    18:2c:f4:b7:77:6a:80:c7:b2:99:03:ab:81:e1:39:
                    a6:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:6C:3A:D4:C1:6A:8C:5B:85:B0:96:8B:39:A2:B6:77:5D:8B:4D:EA
            X509v3 Authority Key Identifier:
                keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/ymw61MFqjFuFsJaLOaK2d12LTeo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.210.32.0/23
                  31.210.46.0/24
                  31.210.56.0-31.210.61.255
                  77.92.128.0/23
                  77.92.131.0-77.92.141.255
                  77.92.148.0/23
                  77.92.155.0-77.92.157.255
                  77.92.159.0/24
                  78.135.79.0/24
                  78.135.108.0/24
                  78.135.113.0-78.135.114.255
                  78.135.116.0/24
                  188.132.134.0/23
                  188.132.142.0/24
                  188.132.147.0-188.132.148.255
                  188.132.157.0-188.132.158.255
                  188.132.172.0/24
                  188.132.175.0-188.132.176.255
                  188.132.180.0/24
                  188.132.194.0/24
                  188.132.204.0/23
                  188.132.244.0-188.132.246.255
                  188.132.252.0/22
                  212.68.32.0/23
                  212.68.40.0-212.68.46.255
                  212.68.50.0/23
                  212.68.56.0/23
                  212.68.61.0/24
                IPv6:
                  2a02:26b0::/32

    Signature Algorithm: sha256WithRSAEncryption
         c0:0b:b1:0c:cf:31:fd:b9:ed:42:16:8a:05:78:f6:93:49:84:
         c5:a4:69:79:34:a1:0c:03:0f:04:08:d6:66:aa:97:4a:b0:8f:
         1a:b2:8d:8c:0e:ed:e8:72:52:63:fa:61:74:04:32:4b:8e:de:
         50:b2:08:2f:9b:31:a5:c0:d5:b2:be:82:ff:14:16:07:e0:95:
         e2:94:c7:f6:8f:a7:07:be:38:a8:50:7c:5d:6a:fb:8e:6b:56:
         5c:df:ba:e9:08:59:32:8b:01:7b:83:2f:ba:48:71:44:a6:81:
         e0:f7:50:76:54:8e:a4:d0:36:22:b6:34:6b:15:eb:98:f7:fa:
         e3:1f:88:ba:75:ce:08:0f:bc:bb:1a:94:8d:6a:15:69:bd:c1:
         ad:62:95:b6:32:d7:b0:42:d2:8d:ec:b8:15:07:97:98:a9:3d:
         2e:70:65:cc:95:d7:13:51:30:05:ab:e5:0b:3b:59:80:37:cc:
         a5:12:e1:04:0c:61:80:b7:5e:e4:a0:14:23:81:bf:94:13:08:
         84:2f:99:47:29:48:77:b3:95:a5:a8:10:21:2b:d2:33:a4:2c:
         11:20:51:37:94:dd:46:be:d8:ba:fb:52:54:31:f8:a9:42:4c:
         43:03:33:f7:01:8f:1c:f6:d0:bd:c0:92:cd:1f:c0:2f:ae:5a:
         ab:9b:99:6f
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAY6vCqW4EWR2BVhp/UFRwWCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjQwNDA1MTYxNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTZjM2FkNGMxNmE4YzViODViMDk2OGIzOWEyYjY3NzVkOGI0ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIejOskvSYOF43V1xLosGZk9Dqh0
53bb0LXMI7W0F1aMMDSwSY3on4UHrQP9X2Gr46nJCqBMD6xyGFprOcvmMgwjew6K
20THZ0QyyZ2NV2uD0zDJI4tUjz3W0KBbaLuR/gf5g0KDh7mmdf3jp0E91o56Csze
3DuqiE+4+e+Ah4Cuc3JnJmzYAJdy6//Gv3hLyU+TNNu4dxiJncasvQVVMRZBJeSr
6Vogd/nMejcifKa2cvaoBSskJd3R4EwdtM3ovtaBcPPdqfOHHhQXkaBnxIT81y+y
3bMsDvGcbNhTF7slqaKNSJFnG9+wg/n33KsYLPS3d2qAx7KZA6uB4TmmuwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFMpsOtTBaoxbhbCWizmitnddi03qMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEveW13NjFNRnFqRnVGc0phTE9hSzJkMTJMVGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCB9wQCAAEwgfAD
BAEf0iADBAAf0i4wDAMEAx/SOAMEAR/SPAMEAU1cgDAMAwQATVyDAwQBTVyMAwQB
TVyUMAwDBABNXJsDBAFNXJwDBABNXJ8DBABOh08DBABOh2wwDAMEAE6HcQMEAE6H
cgMEAE6HdAMEAbyEhgMEALyEjjAMAwQAvISTAwQAvISUMAwDBAC8hJ0DBAC8hJ4D
BAC8hKwwDAMEALyErwMEALyEsAMEALyEtAMEALyEwgMEAbyEzDAMAwQCvIT0AwQA
vIT2AwQCvIT8AwQB1EQgMAwDBAPURCgDBADURC4DBAHURDIDBAHURDgDBADURD0w
DQQCAAIwBwMFACoCJrAwDQYJKoZIhvcNAQELBQADggEBAMALsQzPMf257UIWigV4
9pNJhMWkaXk0oQwDDwQI1maql0qwjxqyjYwO7ehyUmP6YXQEMkuO3lCyCC+bMaXA
1bK+gv8UFgfgleKUx/aPpwe+OKhQfF1q+45rVlzfuukIWTKLAXuDL7pIcUSmgeD3
UHZUjqTQNiK2NGsV65j3+uMfiLp1zggPvLsalI1qFWm9wa1ilbYy17BC0o3suBUH
l5ipPS5wZcyV1xNRMAWr5Qs7WYA3zKUS4QQMYYC3XuSgFCOBv5QTCIQvmUcpSHez
laWoECEr0jOkLBEgUTeU3Ua+2Lr7UlQx+KlCTEMDM/cBjxz20L3Aks0fwC+uWqub
mW8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org