Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/9IBv7vi8_p4w4jxL0xgY3oVl308.roa
File:                     9IBv7vi8_p4w4jxL0xgY3oVl308.roa (raw, json)
Hash identifier:          qJKnD0NO+k8FvJ61HaURCcKjyqtMMg+alh2VUDK/+L8=
Subject key identifier:   F4:80:6F:EE:F8:BC:FE:9E:30:E2:3C:4B:D3:18:18:DE:85:65:DF:4F
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018AF01303567F1213F8F1C2EC55E029CB9D
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/9IBv7vi8_p4w4jxL0xgY3oVl308.roa
Signing time:             Mon 02 Oct 2023 11:08:12 +0000
ROA not before:           Mon 02 Oct 2023 11:08:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        95.215.109.0/24 maxlen: 24
                          45.151.139.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          45.142.210.0/24 maxlen: 24
                          45.142.211.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          2a09:3d00::/29 maxlen: 36
                          2a11:206::/32 maxlen: 32
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 29
                          2a11:e87:6000::/36 maxlen: 36
                          2a11:af01::/32 maxlen: 32
                          2a11:205::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a0d:5ec0::/29 maxlen: 36
                          2a06:d900::/29 maxlen: 29
                          2a09:3b00::/29 maxlen: 29
                          2a0d:8b03::/32 maxlen: 32
                          2a0f:cc87::/36 maxlen: 36
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a11:200:8000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200:a000::/36 maxlen: 36
                          2a09:3505:9000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a0d:8b04::/32 maxlen: 32
                          2a11:e82::/32 maxlen: 32
                          2a11:780::/29 maxlen: 36
                          2a10:c0c5::/32 maxlen: 32
                          2a09:4e01:3000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a09:4e01:a000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a11:980::/29 maxlen: 29
                          2a11:204::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Wed 04 Oct 2023 06:58:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f0:13:03:56:7f:12:13:f8:f1:c2:ec:55:e0:29:cb:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Oct  2 11:08:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f4806feef8bcfe9e30e23c4bd31818de8565df4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:15:00:b2:82:7a:9a:e3:65:70:27:0d:e8:8f:
                    87:57:6a:90:17:b3:1c:42:8f:d8:04:27:42:02:c0:
                    b0:5b:78:00:0f:c5:9f:e6:f7:b1:26:7b:19:c8:5e:
                    7f:3b:bb:01:a8:ab:40:b0:2f:4d:04:36:62:9e:cd:
                    f2:ad:f8:21:47:5d:c4:48:0a:a8:1b:76:9d:13:7f:
                    db:11:e9:04:3f:50:29:01:d5:b6:bb:fd:00:9f:aa:
                    08:51:7a:92:6e:7e:51:10:49:e2:e9:ff:26:a4:43:
                    4e:88:00:a4:f2:0d:b4:6c:3d:f5:d2:2b:ba:7a:68:
                    69:12:98:7d:5b:fc:e8:b1:b2:d5:87:39:e4:13:96:
                    e2:fb:f4:7e:14:9f:16:4e:a0:82:c4:43:0a:59:98:
                    96:5b:86:25:b0:88:13:39:c6:ff:74:97:38:91:3e:
                    05:5d:bc:ee:74:ee:69:e3:da:27:60:54:5e:c0:b5:
                    24:92:d2:ef:50:61:2a:37:cc:60:59:a9:e0:08:90:
                    91:7b:28:bb:e2:bc:b0:ef:78:3b:99:94:95:9f:5a:
                    ce:5e:98:67:92:03:2f:d3:a0:8b:4b:e7:fb:09:a4:
                    94:02:7e:bc:e3:ff:4a:8c:c8:8d:21:10:f5:81:c8:
                    4e:c1:7d:c7:7f:a9:b5:e0:dc:06:b5:b3:ca:c8:9d:
                    07:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:80:6F:EE:F8:BC:FE:9E:30:E2:3C:4B:D3:18:18:DE:85:65:DF:4F
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/9IBv7vi8_p4w4jxL0xgY3oVl308.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/23
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  95.215.109.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3505:9000::/36
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
                  2a09:b680::/29
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
                  2a11:200:a000::/36
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:204::-2a11:206:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:780::/29
                  2a11:980::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:e87:6000::/36
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         5d:21:62:33:0c:39:d8:e1:82:02:48:c6:34:b8:d3:5c:ff:ca:
         b5:12:6a:49:aa:fb:91:83:d6:33:70:44:9f:90:2d:8b:1b:57:
         00:77:76:54:36:29:12:0a:a6:db:b6:1a:4e:de:a4:9b:bd:be:
         52:25:a4:49:09:c9:8f:fc:7a:c4:36:47:93:2e:bd:c5:ba:90:
         bf:8a:eb:70:0f:e0:1c:eb:48:a3:1f:20:81:d8:79:77:dc:b9:
         c5:1e:bc:17:17:cd:4d:e8:60:c8:71:1f:1d:23:07:22:36:99:
         a1:95:1f:5f:eb:aa:c4:11:b5:df:e3:11:58:c6:db:b5:a5:6f:
         72:67:15:96:aa:49:37:99:07:30:91:1a:a5:51:59:c3:09:df:
         ff:aa:38:06:91:54:0e:7f:61:93:57:26:4f:57:f4:ad:6d:9f:
         fa:db:75:2a:63:49:b2:b2:6a:4f:71:02:55:f2:0c:01:8f:4d:
         cf:e7:4b:c3:37:32:75:5f:d4:fa:e5:79:aa:b1:a5:99:15:b1:
         c1:e8:43:2b:8b:9e:2e:f8:76:eb:6b:d2:a3:ab:b8:c6:7f:2f:
         bc:84:2c:48:f9:fc:8e:de:93:d6:00:c2:8b:fb:c8:53:3d:08:
         4c:59:e7:7d:84:0f:1e:3b:fb:3e:a0:08:e9:30:d7:9b:a7:6d:
         f6:dc:34:96
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgISAYrwEwNWfxIT+PHC7FXgKcudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMxMDAyMTEwODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDgwNmZlZWY4YmNmZTllMzBlMjNjNGJkMzE4MThkZTg1NjVkZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxUAsoJ6muNlcCcN6I+HV2qQF7Mc
Qo/YBCdCAsCwW3gAD8Wf5vexJnsZyF5/O7sBqKtAsC9NBDZins3yrfghR13ESAqo
G3adE3/bEekEP1ApAdW2u/0An6oIUXqSbn5REEni6f8mpENOiACk8g20bD310iu6
emhpEph9W/zosbLVhznkE5bi+/R+FJ8WTqCCxEMKWZiWW4YlsIgTOcb/dJc4kT4F
XbzudO5p49onYFRewLUkktLvUGEqN8xgWangCJCReyi74ryw73g7mZSVn1rOXphn
kgMv06CLS+f7CaSUAn684/9KjMiNIRD1gchOwX3Hf6m14NwGtbPKyJ0HeQIDAQAB
o4IDKDCCAyQwHQYDVR0OBBYEFPSAb+74vP6eMOI8S9MYGN6FZd9PMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvOUlCdjd2aThfcDR3NGp4TDB4Z1kzb1ZsMzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPAYIKwYBBQUHAQcBAf8EggErMIIBJzAqBAIAATAkAwQB
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAX9dtAwQAwnFpMIH4BAIAAjCB8QMFAyoG
2QADBgQqCTUFkAMFAyoJOwADBQMqCT0AMBADBgQqCU4BMAMGBSoJTgFAMBADBgQq
CU4BkAMGBCoJTgGgAwUDKgm2gAMFAyoM6MADBQMqDV7AMA4DBQAqDYsDAwUAKg2L
BAMGBCoPzIcAAwUDKhDAwAMFAyoQw0ADBgQqEQIAAAMGBSoRAgBAMBADBgQqEQIA
cAMGBCoRAgCAAwYEKhECAKAwDgMFACoRAgEDBQAqEQICMA4DBQIqEQIEAwUAKhEC
BgMFAyoRB4ADBQMqEQmAAwUDKhELgAMFACoRDoIDBgQqEQ6HYAMFACoRrwEwDQYJ
KoZIhvcNAQELBQADggEBAF0hYjMMOdjhggJIxjS401z/yrUSakmq+5GD1jNwRJ+Q
LYsbVwB3dlQ2KRIKptu2Gk7epJu9vlIlpEkJyY/8esQ2R5MuvcW6kL+K63AP4Bzr
SKMfIIHYeXfcucUevBcXzU3oYMhxHx0jByI2maGVH1/rqsQRtd/jEVjG27Wlb3Jn
FZaqSTeZBzCRGqVRWcMJ3/+qOAaRVA5/YZNXJk9X9K1tn/rbdSpjSbKyak9xAlXy
DAGPTc/nS8M3MnVf1PrleaqxpZkVscHoQyuLni74dutr0qOruMZ/L7yELEj5/I7e
k9YAwov7yFM9CExZ532EDx47+z6gCOkw15unbfbcNJY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org