Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/As1zQiWhwGw__T70RZvO2OGp8QE.roa
File:                     As1zQiWhwGw__T70RZvO2OGp8QE.roa (raw, json)
Hash identifier:          l5EkBt52N04zZuJG9nTrxG9+MYHjmcdfSUOSEqtEy18=
Subject key identifier:   02:CD:73:42:25:A1:C0:6C:3F:FD:3E:F4:45:9B:CE:D8:E1:A9:F1:01
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       0189DB93B69D151FB6A0DCFAFB73C4E07DF3
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/As1zQiWhwGw__T70RZvO2OGp8QE.roa
Signing time:             Wed 09 Aug 2023 18:33:58 +0000
ROA not before:           Wed 09 Aug 2023 18:33:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        45.151.139.0/24 maxlen: 24
                          45.142.210.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          2a09:3d00::/29 maxlen: 36
                          2a0f:cc87::/36 maxlen: 36
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 29
                          2a11:200:8000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a11:af01::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a0d:5ec0::/29 maxlen: 36
                          2a11:e82::/32 maxlen: 32
                          2a06:d900::/29 maxlen: 29
                          2a11:780::/29 maxlen: 36
                          2a09:3b00::/29 maxlen: 29
                          2a09:4e01:3000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Fri 11 Aug 2023 08:41:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:db:93:b6:9d:15:1f:b6:a0:dc:fa:fb:73:c4:e0:7d:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Aug  9 18:33:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=02cd734225a1c06c3ffd3ef4459bced8e1a9f101
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:47:bc:78:a8:26:a3:7e:fc:73:f6:bd:cf:15:
                    a7:c6:78:52:94:8d:19:46:a0:b4:53:7b:49:25:81:
                    99:7a:26:7f:60:f5:34:f1:e3:b5:f3:62:55:06:ab:
                    0c:db:52:49:7b:53:d9:92:7e:b1:35:59:f7:94:19:
                    d2:32:dc:cf:ca:3c:28:f8:9a:d6:6f:9e:50:94:5a:
                    2c:32:4c:d1:4b:12:a5:8e:c1:2c:01:72:86:56:c5:
                    44:3c:19:6e:37:4a:a8:24:b3:42:5b:69:a3:27:5c:
                    aa:18:93:09:1f:1f:01:53:02:74:56:8d:97:bc:4d:
                    59:92:a6:cf:36:22:63:54:45:7b:21:90:95:e5:4c:
                    29:85:2c:f3:26:b9:e4:60:c6:c5:c5:df:48:f9:68:
                    88:d3:ac:ab:c1:42:aa:da:9c:a9:9d:1f:dd:20:5c:
                    bb:8f:18:e5:59:4e:d6:71:75:fa:05:76:f4:85:82:
                    e9:33:f6:21:4f:23:34:c4:a4:81:31:c7:6a:71:fa:
                    06:9e:a8:cd:e8:c2:4f:ae:b3:3d:36:9d:00:fd:64:
                    88:3e:91:6a:04:0f:aa:a6:e0:b7:8b:08:d6:02:36:
                    02:9b:d0:45:ea:14:ee:40:f7:ce:26:81:fb:ea:25:
                    b7:38:b3:ee:cb:52:15:30:89:1f:e4:6c:01:af:df:
                    57:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:CD:73:42:25:A1:C0:6C:3F:FD:3E:F4:45:9B:CE:D8:E1:A9:F1:01
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/As1zQiWhwGw__T70RZvO2OGp8QE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/24
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::/36
                  2a09:b680::/29
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:780::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         1b:7a:e3:e3:6b:9b:f6:db:d4:e0:12:67:9b:95:e2:52:29:3c:
         6b:71:e3:0d:6a:7b:fc:9f:80:a2:6b:12:a1:0d:5a:d9:00:d7:
         1f:dc:86:25:39:55:a8:80:2a:7e:76:1e:00:ef:89:b1:46:40:
         2a:92:8f:9c:e3:95:76:6f:0b:8e:77:85:eb:9b:8a:19:f5:94:
         e1:85:df:d8:ef:e9:87:d4:fe:8e:b6:25:b2:22:03:01:54:4e:
         f6:60:85:bd:1c:80:01:b5:84:1f:5a:e5:03:a7:cf:71:84:90:
         8a:84:71:2b:de:b0:0b:5a:13:4b:c9:34:d2:88:50:77:a9:d3:
         38:e0:e7:fb:7e:cc:ad:fc:eb:09:ce:cd:a6:69:5a:d1:24:22:
         4b:ab:61:5e:24:85:9e:07:7e:4e:c7:75:0e:87:e7:a6:ba:ad:
         6f:11:88:c0:88:0d:6c:d9:75:29:95:74:0e:3b:37:0f:d5:4d:
         af:c0:e3:75:ac:58:06:78:4f:10:46:31:0e:3d:0c:bb:72:05:
         48:52:a2:c8:0d:a7:86:3e:2b:15:e2:85:eb:8a:5f:b0:28:3a:
         4b:30:24:8a:7f:6f:85:bb:39:e0:7c:b6:36:88:83:fe:4f:7d:
         6e:50:f6:21:9c:31:f8:27:07:d0:3a:e2:a0:88:9d:5a:7c:37:
         4a:a1:43:3c
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYnbk7adFR+2oNz6+3PE4H3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwODA5MTgzMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmNkNzM0MjI1YTFjMDZjM2ZmZDNlZjQ0NTliY2VkOGUxYTlmMTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0e8eKgmo378c/a9zxWnxnhSlI0Z
RqC0U3tJJYGZeiZ/YPU08eO182JVBqsM21JJe1PZkn6xNVn3lBnSMtzPyjwo+JrW
b55QlFosMkzRSxKljsEsAXKGVsVEPBluN0qoJLNCW2mjJ1yqGJMJHx8BUwJ0Vo2X
vE1ZkqbPNiJjVEV7IZCV5UwphSzzJrnkYMbFxd9I+WiI06yrwUKq2pypnR/dIFy7
jxjlWU7WcXX6BXb0hYLpM/YhTyM0xKSBMcdqcfoGnqjN6MJPrrM9Np0A/WSIPpFq
BA+qpuC3iwjWAjYCm9BF6hTuQPfOJoH76iW3OLPuy1IVMIkf5GwBr99XvwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFALNc0IlocBsP/0+9EWbztjhqfEBMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvQXMxelFpV2h3R3dfX1Q3MFJadk8yT0dwOFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DAkBAIAATAeAwQALY7S
AwQALZeLAwQCU6vwAwQAVDYkAwQAwnFpMIGvBAIAAjCBqAMFAyoG2QADBQMqCTsA
AwUDKgk9ADAQAwYEKglOATADBgUqCU4BQAMGBCoJTgGQAwUDKgm2gAMFAyoM6MAD
BQMqDV7AAwYEKg/MhwADBQMqEMDAAwUDKhDDQAMGBCoRAgAAAwYFKhECAEAwEAMG
BCoRAgBwAwYEKhECAIAwDgMFACoRAgEDBQAqEQICAwUDKhEHgAMFAyoRC4ADBQAq
EQ6CAwUAKhGvATANBgkqhkiG9w0BAQsFAAOCAQEAG3rj42ub9tvU4BJnm5XiUik8
a3HjDWp7/J+AomsSoQ1a2QDXH9yGJTlVqIAqfnYeAO+JsUZAKpKPnOOVdm8LjneF
65uKGfWU4YXf2O/ph9T+jrYlsiIDAVRO9mCFvRyAAbWEH1rlA6fPcYSQioRxK96w
C1oTS8k00ohQd6nTOODn+37MrfzrCc7Npmla0SQiS6thXiSFngd+Tsd1Dofnprqt
bxGIwIgNbNl1KZV0Djs3D9VNr8DjdaxYBnhPEEYxDj0Mu3IFSFKiyA2nhj4rFeKF
64pfsCg6SzAkin9vhbs54Hy2NoiD/k99blD2IZwx+CcH0DrioIidWnw3SqFDPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org