Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/1-FBAnjh0bC3Yg5d3dSQgnxgJlic.roa
File:                     1-FBAnjh0bC3Yg5d3dSQgnxgJlic.roa (raw, json)
Hash identifier:          AObwlkzTULrTKGMZiYR0oC4nB/0G1A6SRnTYpMInHok=
Subject key identifier:   F8:50:40:9E:38:74:6C:2D:D8:83:97:77:75:24:20:9F:18:09:96:27
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018B4D35D894EE12D1339DB32864E794D0D1
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/1-FBAnjh0bC3Yg5d3dSQgnxgJlic.roa
Signing time:             Fri 20 Oct 2023 13:10:56 +0000
ROA not before:           Fri 20 Oct 2023 13:10:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        95.215.109.0/24 maxlen: 24
                          45.151.139.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          45.142.210.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          2a09:3d00::/29 maxlen: 36
                          2a11:207::/32 maxlen: 32
                          2a11:206::/32 maxlen: 32
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 29
                          2a11:e87:6000::/36 maxlen: 36
                          2a11:af01::/32 maxlen: 32
                          2a11:205::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a0d:5ec0::/29 maxlen: 36
                          2a06:d900::/29 maxlen: 29
                          2a09:4e03::/32 maxlen: 32
                          2a09:3b00::/29 maxlen: 29
                          2a0f:cc81::/32 maxlen: 32
                          2a0d:8b03::/32 maxlen: 32
                          2a0f:cc87::/36 maxlen: 36
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a09:3800::/32 maxlen: 32
                          2a11:200:8000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200:a000::/36 maxlen: 36
                          2a09:3505:9000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a0d:8b04::/32 maxlen: 32
                          2a11:e82::/32 maxlen: 32
                          2a11:780::/29 maxlen: 36
                          2a10:c0c5::/32 maxlen: 32
                          2a09:4e01:3000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a09:4e01:a000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a0c:2104::/32 maxlen: 32
                          2a11:980::/29 maxlen: 29
                          2a11:204::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Sat 21 Oct 2023 17:14:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:4d:35:d8:94:ee:12:d1:33:9d:b3:28:64:e7:94:d0:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Oct 20 13:10:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f850409e38746c2dd88397777524209f18099627
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:b5:74:14:54:bb:1b:2b:ce:c7:c9:7a:9d:dd:
                    d0:7f:c8:7e:ec:1a:bc:2d:53:96:15:b9:70:17:a8:
                    11:d8:a6:a4:fa:2a:e3:26:5e:13:eb:09:3f:d1:80:
                    d0:1c:8d:b6:5f:72:9b:03:bb:e4:ce:f5:36:d7:76:
                    0e:4a:dd:e0:83:2c:2b:c9:ea:16:23:e1:65:ad:ab:
                    4a:a0:47:3f:f6:e5:1b:25:62:aa:a4:ee:d5:dd:08:
                    4b:fb:d4:98:e1:f1:f6:19:23:fb:d0:0c:e5:de:49:
                    8f:6d:21:48:e9:2e:31:de:6f:66:67:3e:fe:61:dd:
                    30:1d:d2:64:5a:d4:bf:4b:8f:7a:5e:d4:cd:19:b0:
                    5a:c8:ec:eb:98:4d:fa:ad:fe:32:ae:74:0d:1c:09:
                    00:83:23:d3:f4:24:a4:3b:ac:43:62:8d:e9:30:0c:
                    6e:ca:b0:50:ab:99:0a:b2:b5:78:3e:09:ae:b9:55:
                    2d:50:ff:04:a7:9c:49:3b:64:08:29:a2:4e:09:25:
                    0b:e8:70:af:c6:8b:44:fd:60:61:3e:cb:1f:45:6b:
                    1d:d9:c0:ab:c7:c4:e6:d8:36:70:d1:84:3b:ac:c7:
                    8c:01:ba:5d:3f:13:3e:32:79:1a:ec:4d:73:f6:4e:
                    61:fa:bc:53:9f:5d:ea:d7:7a:6f:72:33:a4:27:61:
                    1c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:50:40:9E:38:74:6C:2D:D8:83:97:77:75:24:20:9F:18:09:96:27
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/1-FBAnjh0bC3Yg5d3dSQgnxgJlic.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/24
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  95.215.109.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3505:9000::/36
                  2a09:3800::/32
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e03::/32
                  2a09:b680::/29
                  2a0c:2104::/32
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0f:cc81::/32
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
                  2a11:200:a000::/36
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:204::/30
                  2a11:780::/29
                  2a11:980::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:e87:6000::/36
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         25:58:b2:7e:80:91:db:05:37:3a:41:b1:39:4d:16:50:cf:6b:
         9b:65:b0:65:37:ee:a0:4e:a1:d3:8c:8d:cd:7f:9c:27:72:ee:
         e7:ca:8d:81:a5:51:d7:ad:25:ab:7f:f4:04:4b:da:fe:4d:0d:
         14:3d:ff:5d:08:b7:76:d3:e2:a7:2f:6a:16:1c:d5:35:6f:de:
         73:7e:13:6b:46:a2:18:da:c8:3a:64:85:66:4c:74:10:06:48:
         49:ed:6b:4a:1b:55:1c:e0:b5:43:f3:ba:31:9b:a6:cd:91:f7:
         94:b1:37:33:1c:11:af:01:c4:b0:99:ff:66:b2:b1:35:e7:b3:
         f5:0f:1c:44:a5:ba:5d:48:eb:fd:61:d3:e6:82:d5:e6:fd:a1:
         ea:d4:4e:b2:14:ab:00:38:80:c6:f9:2e:27:ae:de:c5:c9:0f:
         ea:8b:38:41:0c:d3:3a:bf:3e:cd:7d:2b:5c:d6:09:cd:5c:66:
         7a:ad:30:49:1f:b3:d6:56:e3:59:8b:9b:c3:42:db:ff:b5:ce:
         d5:72:ea:8a:12:cb:0a:18:d4:40:50:a0:74:9a:97:55:6d:e9:
         8e:e1:d1:2a:68:fe:7d:e3:f1:bf:19:1d:22:c0:ab:0c:6e:c9:
         2b:f6:e9:fd:36:27:18:ac:8f:78:f2:89:b8:09:a5:c9:f3:e6:
         bb:9d:83:04
-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgISAYtNNdiU7hLRM52zKGTnlNDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMxMDIwMTMxMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODUwNDA5ZTM4NzQ2YzJkZDg4Mzk3Nzc3NTI0MjA5ZjE4MDk5NjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbV0FFS7GyvOx8l6nd3Qf8h+7Bq8
LVOWFblwF6gR2Kak+irjJl4T6wk/0YDQHI22X3KbA7vkzvU213YOSt3ggywryeoW
I+FlratKoEc/9uUbJWKqpO7V3QhL+9SY4fH2GSP70Azl3kmPbSFI6S4x3m9mZz7+
Yd0wHdJkWtS/S496XtTNGbBayOzrmE36rf4yrnQNHAkAgyPT9CSkO6xDYo3pMAxu
yrBQq5kKsrV4PgmuuVUtUP8Ep5xJO2QIKaJOCSUL6HCvxotE/WBhPssfRWsd2cCr
x8Tm2DZw0YQ7rMeMAbpdPxM+Mnka7E1z9k5h+rxTn13q13pvcjOkJ2EcTQIDAQAB
o4IDPjCCAzowHQYDVR0OBBYEFPhQQJ44dGwt2IOXd3UkIJ8YCZYnMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvMS1GQkFuamgwYkMzWWc1ZDNkU1FnbnhnSmxpYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTcvZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5
Ni8xL1JGbnNLbF9WT1FuRkk1OU15TmJUS2FKM203RS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAVEGCCsGAQUFBwEHAQH/BIIBQDCCATwwKgQCAAEwJAME
AC2O0gMEAC2XiwMEAlOr8AMEAFQ2JAMEAF/XbQMEAMJxaTCCAQwEAgACMIIBBAMF
AyoG2QADBgQqCTUFkAMFACoJOAADBQMqCTsAAwUDKgk9ADAQAwYEKglOATADBgUq
CU4BQDAQAwYEKglOAZADBgQqCU4BoAMFACoJTgMDBQMqCbaAAwUAKgwhBAMFAyoM
6MADBQMqDV7AMA4DBQAqDYsDAwUAKg2LBAMFACoPzIEDBgQqD8yHAAMFAyoQwMAD
BQMqEMNAAwYEKhECAAADBgUqEQIAQDAQAwYEKhECAHADBgQqEQIAgAMGBCoRAgCg
MA4DBQAqEQIBAwUAKhECAgMFAioRAgQDBQMqEQeAAwUDKhEJgAMFAyoRC4ADBQAq
EQ6CAwYEKhEOh2ADBQAqEa8BMA0GCSqGSIb3DQEBCwUAA4IBAQAlWLJ+gJHbBTc6
QbE5TRZQz2ubZbBlN+6gTqHTjI3Nf5wncu7nyo2BpVHXrSWrf/QES9r+TQ0UPf9d
CLd20+KnL2oWHNU1b95zfhNrRqIY2sg6ZIVmTHQQBkhJ7WtKG1Uc4LVD87oxm6bN
kfeUsTczHBGvAcSwmf9msrE157P1DxxEpbpdSOv9YdPmgtXm/aHq1E6yFKsAOIDG
+S4nrt7FyQ/qizhBDNM6vz7NfStc1gnNXGZ6rTBJH7PWVuNZi5vDQtv/tc7VcuqK
EssKGNRAUKB0mpdVbemO4dEqaP594/G/GR0iwKsMbskr9un9NicYrI948om4CaXJ
8+a7nYME
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org