Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/CeYa5Cye3EgSN7JPRpb6fy44SBM.roa
File:                     CeYa5Cye3EgSN7JPRpb6fy44SBM.roa (raw, json)
Hash identifier:          30X9Ig1oHOUYOcA1Y8JcGVme2Qvur8hrrk83fJbpFUI=
Subject key identifier:   09:E6:1A:E4:2C:9E:DC:48:12:37:B2:4F:46:96:FA:7F:2E:38:48:13
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018A8DBBAA4462C8EE05A247232259D4E077
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/CeYa5Cye3EgSN7JPRpb6fy44SBM.roa
Signing time:             Wed 13 Sep 2023 08:50:00 +0000
ROA not before:           Wed 13 Sep 2023 08:50:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        45.151.139.0/24 maxlen: 24
                          45.142.210.0/24 maxlen: 24
                          45.142.211.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          2a09:3d00::/29 maxlen: 36
                          2a0f:cc87::/36 maxlen: 36
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 29
                          2a11:200:a000::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:8000::/36 maxlen: 36
                          2a09:3505:9000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a11:e87:6000::/36 maxlen: 36
                          2a11:af01::/32 maxlen: 32
                          2a11:205::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a0d:5ec0::/29 maxlen: 36
                          2a11:e82::/32 maxlen: 32
                          2a06:d900::/29 maxlen: 29
                          2a11:780::/29 maxlen: 36
                          2a09:3b00::/29 maxlen: 29
                          2a09:4e01:a000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:3000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a11:980::/29 maxlen: 29
                          2a11:204::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Thu 14 Sep 2023 10:33:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:8d:bb:aa:44:62:c8:ee:05:a2:47:23:22:59:d4:e0:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Sep 13 08:50:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=09e61ae42c9edc481237b24f4696fa7f2e384813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ab:5a:21:d8:d8:9e:87:b1:84:4f:89:65:d5:
                    03:81:d9:36:fd:87:38:8a:7c:77:e3:cb:8a:be:bd:
                    5a:2b:18:da:43:aa:7d:68:02:ce:8e:9f:4b:20:e0:
                    a8:73:1b:82:91:85:b7:78:33:4e:06:95:52:e1:8b:
                    cf:e3:43:4f:10:b1:a0:81:2d:3f:bc:31:07:10:a4:
                    ce:bd:a6:8a:dd:c8:8d:c2:ad:ab:32:2c:06:68:b7:
                    d8:63:22:b8:55:3e:7c:d8:1d:a3:8d:2b:3c:f0:71:
                    7d:98:9e:04:4c:85:c4:8d:1d:a7:f0:6a:5c:9b:fc:
                    4f:1a:cb:69:4c:80:8a:8c:6b:a1:bd:47:c7:42:77:
                    80:db:e7:85:dd:6e:1b:2e:97:19:57:de:d4:ce:46:
                    e3:10:cf:dc:b8:2a:97:2c:74:b9:01:e3:de:6d:40:
                    a8:b9:c1:ee:3a:bc:89:83:57:4d:0a:03:3f:b5:4f:
                    0c:31:0d:e4:7f:6d:e2:15:e0:88:6a:f4:00:bf:5b:
                    05:77:5a:24:98:6e:b0:61:ff:31:0e:04:e8:be:2b:
                    44:a1:c0:70:89:a3:74:0c:15:fd:05:6f:ec:a5:d7:
                    4c:c1:c0:7c:c4:45:2b:ff:b9:8a:67:55:0a:39:a8:
                    23:08:41:0c:79:ab:f0:0c:ef:5f:5e:18:5c:b6:65:
                    fa:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:E6:1A:E4:2C:9E:DC:48:12:37:B2:4F:46:96:FA:7F:2E:38:48:13
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/CeYa5Cye3EgSN7JPRpb6fy44SBM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/23
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3505:9000::/36
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
                  2a09:b680::/29
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
                  2a11:200:a000::/36
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:204::/31
                  2a11:780::/29
                  2a11:980::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:e87:6000::/36
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         52:77:da:5c:c4:57:3b:c3:0e:b4:73:ad:4b:15:f1:92:24:8b:
         2c:e3:df:58:af:cf:b3:7b:92:3c:ec:f3:c7:30:0c:b1:42:e3:
         ce:c3:56:d9:49:7c:5e:75:4a:3c:f5:ed:ff:eb:d8:ab:95:0b:
         19:65:01:0d:1b:64:bd:77:bc:c2:2a:54:ee:d1:03:43:3e:24:
         23:9b:c5:e7:41:07:82:b7:cf:db:d9:b7:b0:e2:42:59:5d:d1:
         48:86:e3:ae:48:0b:0e:75:89:31:d1:2e:3b:1b:d2:c3:8a:f4:
         2c:41:04:c0:a5:74:22:a4:bc:ce:26:af:e3:e3:b5:32:10:bb:
         1f:9b:f5:80:ad:47:37:48:63:30:44:65:51:03:9d:aa:bb:e5:
         cd:22:76:e6:26:39:b8:90:4c:d8:08:2c:6b:c5:bc:d7:af:76:
         53:07:79:97:73:e9:0d:04:c8:8c:cf:82:91:ce:fc:d4:77:f5:
         2c:1a:88:8c:a9:04:c5:27:13:77:93:3c:87:82:d8:f5:01:90:
         d6:a0:52:2f:3d:5c:74:79:0d:cd:1f:da:ff:a2:cb:1d:2f:81:
         02:cc:aa:eb:5f:7b:85:76:b3:a3:13:9b:ec:7b:14:66:4b:cb:
         b9:6d:a7:a2:72:20:d6:63:ae:57:dc:b2:e5:a3:4f:dc:02:1b:
         cb:18:0e:79
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgISAYqNu6pEYsjuBaJHIyJZ1OB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwOTEzMDg1MDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWU2MWFlNDJjOWVkYzQ4MTIzN2IyNGY0Njk2ZmE3ZjJlMzg0ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6taIdjYnoexhE+JZdUDgdk2/Yc4
inx348uKvr1aKxjaQ6p9aALOjp9LIOCocxuCkYW3eDNOBpVS4YvP40NPELGggS0/
vDEHEKTOvaaK3ciNwq2rMiwGaLfYYyK4VT582B2jjSs88HF9mJ4ETIXEjR2n8Gpc
m/xPGstpTICKjGuhvUfHQneA2+eF3W4bLpcZV97UzkbjEM/cuCqXLHS5AePebUCo
ucHuOryJg1dNCgM/tU8MMQ3kf23iFeCIavQAv1sFd1okmG6wYf8xDgTovitEocBw
iaN0DBX9BW/spddMwcB8xEUr/7mKZ1UKOagjCEEMeavwDO9fXhhctmX6yQIDAQAB
o4IDCTCCAwUwHQYDVR0OBBYEFAnmGuQsntxIEjeyT0aW+n8uOEgTMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvQ2VZYTVDeWUzRWdTTjdKUFJwYjZmeTQ0U0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHQYIKwYBBQUHAQcBAf8EggEMMIIBCDAkBAIAATAeAwQB
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAwnFpMIHfBAIAAjCB2AMFAyoG2QADBgQq
CTUFkAMFAyoJOwADBQMqCT0AMBADBgQqCU4BMAMGBSoJTgFAMBADBgQqCU4BkAMG
BCoJTgGgAwUDKgm2gAMFAyoM6MADBQMqDV7AAwYEKg/MhwADBQMqEMDAAwUDKhDD
QAMGBCoRAgAAAwYFKhECAEAwEAMGBCoRAgBwAwYEKhECAIADBgQqEQIAoDAOAwUA
KhECAQMFACoRAgIDBQEqEQIEAwUDKhEHgAMFAyoRCYADBQMqEQuAAwUAKhEOggMG
BCoRDodgAwUAKhGvATANBgkqhkiG9w0BAQsFAAOCAQEAUnfaXMRXO8MOtHOtSxXx
kiSLLOPfWK/Ps3uSPOzzxzAMsULjzsNW2Ul8XnVKPPXt/+vYq5ULGWUBDRtkvXe8
wipU7tEDQz4kI5vF50EHgrfP29m3sOJCWV3RSIbjrkgLDnWJMdEuOxvSw4r0LEEE
wKV0IqS8ziav4+O1MhC7H5v1gK1HN0hjMERlUQOdqrvlzSJ25iY5uJBM2Agsa8W8
1692Uwd5l3PpDQTIjM+Ckc781Hf1LBqIjKkExScTd5M8h4LY9QGQ1qBSLz1cdHkN
zR/a/6LLHS+BAsyq6197hXazoxOb7HsUZkvLuW2nonIg1mOuV9yy5aNP3AIbyxgO
eQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org