Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/CWqVR-nHL2Sq3_dACpLJls6YtdY.roa
File:                     CWqVR-nHL2Sq3_dACpLJls6YtdY.roa (raw, json)
Hash identifier:          Ba0H+dAmTkAQXfhfFgEAXAK9GQaJgaKuqp5SnBziqUI=
Subject key identifier:   09:6A:95:47:E9:C7:2F:64:AA:DF:F7:40:0A:92:C9:96:CE:98:B5:D6
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018AFF90A55793D3AA09A88F068D1B1EAF4E
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/CWqVR-nHL2Sq3_dACpLJls6YtdY.roa
Signing time:             Thu 05 Oct 2023 11:19:44 +0000
ROA not before:           Thu 05 Oct 2023 11:19:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        95.215.109.0/24 maxlen: 24
                          45.151.139.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          45.142.210.0/24 maxlen: 24
                          45.142.211.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          2a09:3d00::/29 maxlen: 36
                          2a11:207::/32 maxlen: 32
                          2a11:206::/32 maxlen: 32
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 29
                          2a11:e87:6000::/36 maxlen: 36
                          2a11:af01::/32 maxlen: 32
                          2a11:205::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a0d:5ec0::/29 maxlen: 36
                          2a06:d900::/29 maxlen: 29
                          2a09:4e03::/32 maxlen: 32
                          2a09:3b00::/29 maxlen: 29
                          2a0d:8b03::/32 maxlen: 32
                          2a0f:cc87::/36 maxlen: 36
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a11:200:a000::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:8000::/36 maxlen: 36
                          2a09:3505:9000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a0d:8b04::/32 maxlen: 32
                          2a11:e82::/32 maxlen: 32
                          2a11:780::/29 maxlen: 36
                          2a10:c0c5::/32 maxlen: 32
                          2a09:4e01:a000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:3000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a0c:2104::/32 maxlen: 32
                          2a11:980::/29 maxlen: 29
                          2a11:204::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Sun 15 Oct 2023 19:02:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ff:90:a5:57:93:d3:aa:09:a8:8f:06:8d:1b:1e:af:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Oct  5 11:19:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=096a9547e9c72f64aadff7400a92c996ce98b5d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d1:77:82:b2:43:5f:d0:e0:4a:b4:69:cd:b1:
                    58:05:16:e5:c9:cb:5b:20:ae:55:64:9e:15:a9:8a:
                    26:9e:d2:15:15:fa:5d:52:a8:c6:49:40:13:e9:6c:
                    45:45:93:67:f9:7a:c5:35:3b:e4:93:6e:bb:36:fc:
                    09:e1:78:d0:8b:28:df:bc:0a:e8:29:66:25:5c:ff:
                    f0:2e:75:fd:e6:0b:75:7d:fc:0b:65:53:19:cc:d7:
                    0e:3a:70:a2:ba:71:3a:ea:7c:ab:76:76:2e:65:9f:
                    a5:38:f0:d0:a8:9e:9d:39:74:94:6e:df:89:4a:63:
                    99:d7:da:07:d2:4f:08:49:7a:94:2c:7a:fc:18:38:
                    21:31:ec:2a:c7:9b:86:a7:fb:3d:cb:40:1a:a0:7b:
                    1b:46:58:27:0e:c5:cf:21:c7:c4:bb:2d:ec:71:3a:
                    cf:8a:52:6c:da:50:2d:89:e9:d7:4f:6b:af:e1:eb:
                    50:86:fd:68:2f:e8:33:2c:7d:92:a3:b4:37:30:30:
                    4f:80:c3:04:46:d9:43:7b:96:90:51:59:65:69:37:
                    e7:a2:8b:a0:c8:b9:af:ab:aa:f7:bc:ac:ab:fb:cc:
                    92:34:14:b9:31:cd:b3:d6:de:32:e7:a8:1d:bf:ec:
                    d1:c3:07:a4:60:6e:0c:b9:97:d8:e1:85:65:56:29:
                    9c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:6A:95:47:E9:C7:2F:64:AA:DF:F7:40:0A:92:C9:96:CE:98:B5:D6
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/CWqVR-nHL2Sq3_dACpLJls6YtdY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/23
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  95.215.109.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3505:9000::/36
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e03::/32
                  2a09:b680::/29
                  2a0c:2104::/32
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
                  2a11:200:a000::/36
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:204::/30
                  2a11:780::/29
                  2a11:980::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:e87:6000::/36
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         37:30:c2:7c:e0:09:ab:51:22:d8:62:b8:d7:b7:af:97:3c:af:
         33:3e:be:87:82:cc:14:21:49:d7:69:52:9a:76:b9:98:f3:4b:
         65:55:c2:f1:c8:59:e1:ac:8b:07:19:ca:a9:5a:70:ba:78:7e:
         86:45:84:05:72:a2:63:f4:08:40:8d:8f:55:8e:e7:fe:30:3f:
         e6:44:7a:52:85:d9:e7:18:ad:04:bf:f9:c4:8f:3e:68:7d:b4:
         04:12:08:95:07:33:fe:cb:54:55:a0:7b:7a:c2:0f:e9:ad:e6:
         91:aa:9c:68:18:ed:1d:2d:34:99:9a:c4:20:5a:d1:67:6b:06:
         9f:66:db:77:f8:d6:78:85:c9:74:88:97:7a:f9:c1:b6:a4:05:
         86:f2:45:ab:6a:f3:ec:a0:0a:ed:3c:2b:cf:c2:99:83:e2:0e:
         f7:ff:16:3b:3b:4c:54:6a:a8:cc:61:b4:06:3a:8a:2b:d5:8c:
         e1:b0:82:a0:ef:f5:ec:e1:0b:a3:90:c0:ee:a7:17:e1:0d:8c:
         9d:57:89:e7:fb:63:44:de:e8:0b:8d:02:28:9f:38:98:74:bd:
         a4:2e:41:07:b3:7a:c9:2f:c1:22:a9:3d:7a:b1:ed:a9:0c:22:
         87:5c:2b:9e:d1:b4:f8:e4:c5:8d:20:e9:72:15:9d:c4:4b:a9:
         8c:6f:c8:73
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAYr/kKVXk9OqCaiPBo0bHq9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMxMDA1MTExOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTZhOTU0N2U5YzcyZjY0YWFkZmY3NDAwYTkyYzk5NmNlOThiNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9F3grJDX9DgSrRpzbFYBRblyctb
IK5VZJ4VqYomntIVFfpdUqjGSUAT6WxFRZNn+XrFNTvkk267NvwJ4XjQiyjfvAro
KWYlXP/wLnX95gt1ffwLZVMZzNcOOnCiunE66nyrdnYuZZ+lOPDQqJ6dOXSUbt+J
SmOZ19oH0k8ISXqULHr8GDghMewqx5uGp/s9y0AaoHsbRlgnDsXPIcfEuy3scTrP
ilJs2lAtienXT2uv4etQhv1oL+gzLH2So7Q3MDBPgMMERtlDe5aQUVllaTfnooug
yLmvq6r3vKyr+8ySNBS5Mc2z1t4y56gdv+zRwwekYG4MuZfY4YVlVimc6QIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFAlqlUfpxy9kqt/3QAqSyZbOmLXWMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvQ1dxVlItbkhMMlNxM19kQUNwTEpsczZZdGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDAqBAIAATAkAwQB
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAX9dtAwQAwnFpMIH9BAIAAjCB9gMFAyoG
2QADBgQqCTUFkAMFAyoJOwADBQMqCT0AMBADBgQqCU4BMAMGBSoJTgFAMBADBgQq
CU4BkAMGBCoJTgGgAwUAKglOAwMFAyoJtoADBQAqDCEEAwUDKgzowAMFAyoNXsAw
DgMFACoNiwMDBQAqDYsEAwYEKg/MhwADBQMqEMDAAwUDKhDDQAMGBCoRAgAAAwYF
KhECAEAwEAMGBCoRAgBwAwYEKhECAIADBgQqEQIAoDAOAwUAKhECAQMFACoRAgID
BQIqEQIEAwUDKhEHgAMFAyoRCYADBQMqEQuAAwUAKhEOggMGBCoRDodgAwUAKhGv
ATANBgkqhkiG9w0BAQsFAAOCAQEANzDCfOAJq1Ei2GK417evlzyvMz6+h4LMFCFJ
12lSmna5mPNLZVXC8chZ4ayLBxnKqVpwunh+hkWEBXKiY/QIQI2PVY7n/jA/5kR6
UoXZ5xitBL/5xI8+aH20BBIIlQcz/stUVaB7esIP6a3mkaqcaBjtHS00mZrEIFrR
Z2sGn2bbd/jWeIXJdIiXevnBtqQFhvJFq2rz7KAK7Twrz8KZg+IO9/8WOztMVGqo
zGG0BjqKK9WM4bCCoO/17OELo5DA7qcX4Q2MnVeJ5/tjRN7oC40CKJ84mHS9pC5B
B7N6yS/BIqk9erHtqQwih1wrntG0+OTFjSDpchWdxEupjG/Icw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org