Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/49R4bgoCmU0KaPoen6qrMjFrUjc.roa
File:                     49R4bgoCmU0KaPoen6qrMjFrUjc.roa (raw, json)
Hash identifier:          K8zPsH5zP8fAT3HufE4S9Y452+1pOVep7DPQva3zoAI=
Subject key identifier:   E3:D4:78:6E:0A:02:99:4D:0A:68:FA:1E:9F:AA:AB:32:31:6B:52:37
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       0189E3C27289646245135CE2A1A65753CA53
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/49R4bgoCmU0KaPoen6qrMjFrUjc.roa
Signing time:             Fri 11 Aug 2023 08:41:58 +0000
ROA not before:           Fri 11 Aug 2023 08:41:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        45.151.139.0/24 maxlen: 24
                          45.142.210.0/24 maxlen: 24
                          45.142.211.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          2a09:3d00::/29 maxlen: 36
                          2a0f:cc87::/36 maxlen: 36
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 29
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:8000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a11:af01::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a0d:5ec0::/29 maxlen: 36
                          2a11:e82::/32 maxlen: 32
                          2a06:d900::/29 maxlen: 29
                          2a11:780::/29 maxlen: 36
                          2a09:3b00::/29 maxlen: 29
                          2a09:4e01:9000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:3000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Thu 17 Aug 2023 11:45:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e3:c2:72:89:64:62:45:13:5c:e2:a1:a6:57:53:ca:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Aug 11 08:41:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e3d4786e0a02994d0a68fa1e9faaab32316b5237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:40:75:de:7e:69:73:7f:26:06:6a:c0:4e:0d:
                    e1:e8:75:55:25:61:c6:1e:6e:9a:18:50:54:1e:a0:
                    7a:42:4a:7a:8f:75:bd:83:2a:86:4b:d7:f4:06:67:
                    70:29:9d:d6:89:19:c8:6c:6c:eb:05:5c:fb:83:ac:
                    e4:3b:6e:14:aa:aa:03:de:d1:e6:fd:8e:59:36:41:
                    65:d5:56:f7:6e:a0:ff:bd:3b:b7:06:7f:73:cc:c3:
                    8d:02:d1:e4:7f:0b:7d:15:2d:95:72:00:2e:12:84:
                    e9:8a:b7:05:fe:5c:de:17:4a:c5:3c:13:4d:7d:80:
                    23:9e:07:67:56:15:d7:52:45:46:59:db:48:05:48:
                    fd:c3:17:ee:62:29:28:10:33:d1:38:8d:f1:15:1d:
                    ad:2a:43:4a:3c:5c:ce:1d:d9:a6:9f:27:18:ff:ce:
                    e8:eb:cf:e1:37:6f:a0:c5:d7:b9:bc:81:34:c5:17:
                    93:a7:54:76:1f:b3:8d:14:8b:37:e5:07:36:a1:3f:
                    50:67:6b:9b:0f:b4:bf:83:cf:16:ad:df:95:f1:5a:
                    ec:f6:b7:7e:59:40:0a:ca:09:3b:65:83:02:38:65:
                    71:14:67:82:95:88:09:af:0d:05:d0:92:2b:a0:04:
                    8c:51:d2:58:dc:df:0a:df:5a:1f:51:a0:53:2a:20:
                    5d:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:D4:78:6E:0A:02:99:4D:0A:68:FA:1E:9F:AA:AB:32:31:6B:52:37
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/49R4bgoCmU0KaPoen6qrMjFrUjc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/23
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::/36
                  2a09:b680::/29
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:780::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         ab:4a:0d:b1:be:ec:4f:23:af:f7:f6:dc:2e:3e:23:2d:da:ad:
         35:e6:8e:82:21:b1:9b:4b:e9:2c:a6:0a:20:68:29:2c:2d:06:
         a9:e0:2a:be:74:3a:63:a9:38:88:36:fd:40:49:3c:04:b9:d4:
         68:e9:93:a1:92:3c:ee:82:6b:52:ac:50:60:c5:46:b4:10:cb:
         85:cb:ba:83:ad:e7:23:1b:65:c6:c9:8e:31:35:04:87:c5:a1:
         f4:d2:81:77:01:ad:93:a6:14:27:d0:25:5f:0b:6f:3a:5e:67:
         33:48:42:7a:ad:c1:16:4d:80:bf:d4:cd:bf:b0:86:3f:5e:75:
         52:8c:70:06:83:bb:32:9f:17:88:6e:38:af:e7:d7:57:a7:56:
         c7:4c:97:9c:9d:55:db:79:d6:3f:a9:cb:bb:3c:82:be:39:f7:
         5b:39:ae:b6:a6:67:c4:22:93:56:a1:dc:fa:e0:07:34:05:c4:
         99:ff:ea:a6:05:e8:f7:a4:4a:82:76:49:34:ca:20:be:af:d3:
         d9:0f:e3:32:6e:5d:63:20:ae:b2:8f:82:98:d7:17:18:a6:d2:
         5e:d4:d1:9d:71:98:18:72:33:d2:f3:66:e6:96:ae:9c:60:06:
         0b:41:81:83:fe:02:68:9f:8c:4d:ee:7e:d5:27:26:9a:c8:3e:
         d9:d3:06:de
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYnjwnKJZGJFE1zioaZXU8pTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwODExMDg0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2Q0Nzg2ZTBhMDI5OTRkMGE2OGZhMWU5ZmFhYWIzMjMxNmI1MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0B13n5pc38mBmrATg3h6HVVJWHG
Hm6aGFBUHqB6Qkp6j3W9gyqGS9f0BmdwKZ3WiRnIbGzrBVz7g6zkO24UqqoD3tHm
/Y5ZNkFl1Vb3bqD/vTu3Bn9zzMONAtHkfwt9FS2VcgAuEoTpircF/lzeF0rFPBNN
fYAjngdnVhXXUkVGWdtIBUj9wxfuYikoEDPROI3xFR2tKkNKPFzOHdmmnycY/87o
68/hN2+gxde5vIE0xReTp1R2H7ONFIs35Qc2oT9QZ2ubD7S/g88Wrd+V8Vrs9rd+
WUAKygk7ZYMCOGVxFGeClYgJrw0F0JIroASMUdJY3N8K31ofUaBTKiBdoQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFOPUeG4KAplNCmj6Hp+qqzIxa1I3MB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvNDlSNGJnb0NtVTBLYVBvZW42cXJNakZyVWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DAkBAIAATAeAwQBLY7S
AwQALZeLAwQCU6vwAwQAVDYkAwQAwnFpMIGvBAIAAjCBqAMFAyoG2QADBQMqCTsA
AwUDKgk9ADAQAwYEKglOATADBgUqCU4BQAMGBCoJTgGQAwUDKgm2gAMFAyoM6MAD
BQMqDV7AAwYEKg/MhwADBQMqEMDAAwUDKhDDQAMGBCoRAgAAAwYFKhECAEAwEAMG
BCoRAgBwAwYEKhECAIAwDgMFACoRAgEDBQAqEQICAwUDKhEHgAMFAyoRC4ADBQAq
EQ6CAwUAKhGvATANBgkqhkiG9w0BAQsFAAOCAQEAq0oNsb7sTyOv9/bcLj4jLdqt
NeaOgiGxm0vpLKYKIGgpLC0GqeAqvnQ6Y6k4iDb9QEk8BLnUaOmToZI87oJrUqxQ
YMVGtBDLhcu6g63nIxtlxsmOMTUEh8Wh9NKBdwGtk6YUJ9AlXwtvOl5nM0hCeq3B
Fk2Av9TNv7CGP151UoxwBoO7Mp8XiG44r+fXV6dWx0yXnJ1V23nWP6nLuzyCvjn3
WzmutqZnxCKTVqHc+uAHNAXEmf/qpgXo96RKgnZJNMogvq/T2Q/jMm5dYyCuso+C
mNcXGKbSXtTRnXGYGHIz0vNm5paunGAGC0GBg/4CaJ+MTe5+1Scmmsg+2dMG3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org