Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/DNJM_rKEPNb2l4isi2tMuqFFD0I.roa
File:                     DNJM_rKEPNb2l4isi2tMuqFFD0I.roa (raw, json)
Hash identifier:          7vphh4UyJTmk2QDv3wf0Tq560soeDxSao+N7JktPOrA=
Subject key identifier:   0C:D2:4C:FE:B2:84:3C:D6:F6:97:88:AC:8B:6B:4C:BA:A1:45:0F:42
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018BFAE5BAF51309049895F95E5AD9783137
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/DNJM_rKEPNb2l4isi2tMuqFFD0I.roa
Signing time:             Thu 23 Nov 2023 06:37:21 +0000
ROA not before:           Thu 23 Nov 2023 06:37:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        95.215.109.0/24 maxlen: 24
                          45.151.139.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          45.142.210.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          2a09:3d00::/29 maxlen: 36
                          2a11:207::/32 maxlen: 32
                          2a11:206::/32 maxlen: 32
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 32
                          2a11:e87:6000::/36 maxlen: 36
                          2a11:af01::/32 maxlen: 32
                          2a11:205::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a0d:5ec0::/29 maxlen: 36
                          2a06:d900::/29 maxlen: 29
                          2a09:4e03::/32 maxlen: 32
                          2a09:3b00::/29 maxlen: 29
                          2a10:c0c6::/32 maxlen: 32
                          2a0f:cc81::/32 maxlen: 32
                          2a0d:8b03::/32 maxlen: 32
                          2a0f:cc87::/36 maxlen: 36
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a09:3800::/32 maxlen: 32
                          2a11:200:8000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200:a000::/36 maxlen: 36
                          2a11:200:9000::/36 maxlen: 36
                          2a09:3505:9000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a0d:8b04::/32 maxlen: 32
                          2a09:3802::/32 maxlen: 32
                          2a0d:8b07::/32 maxlen: 32
                          2a11:e82::/32 maxlen: 32
                          2a11:780::/29 maxlen: 36
                          2a09:3506::/32 maxlen: 32
                          2a09:3801::/32 maxlen: 32
                          2a10:c0c5::/32 maxlen: 32
                          2a09:4e01:3000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a09:4e01:a000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a0c:2104::/32 maxlen: 32
                          2a11:980::/29 maxlen: 29
                          2a11:204::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Fri 24 Nov 2023 04:57:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:fa:e5:ba:f5:13:09:04:98:95:f9:5e:5a:d9:78:31:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Nov 23 06:37:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0cd24cfeb2843cd6f69788ac8b6b4cbaa1450f42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:c0:24:28:5e:a2:58:d8:94:66:3a:ba:47:5e:
                    ec:b8:80:11:84:92:ed:16:71:6e:47:f3:50:ea:a2:
                    7a:85:0d:d5:6f:d1:0f:54:a5:d6:87:71:5d:42:d7:
                    42:82:4b:23:4e:52:7a:69:37:78:aa:3c:89:e4:9f:
                    69:34:35:e5:83:33:e3:83:44:f7:23:d3:f9:00:88:
                    83:34:95:28:c7:fa:3d:13:50:a9:c0:bf:69:00:1d:
                    ee:08:28:26:ec:d5:6f:de:d2:7c:1d:81:3f:3e:fd:
                    10:35:46:83:b6:93:02:94:fb:cb:75:1f:18:19:52:
                    9d:4e:7b:6f:c4:e4:51:74:38:db:bd:db:02:d8:5d:
                    92:7f:5b:e4:22:76:b3:fa:33:30:0d:e0:e5:4b:9c:
                    72:17:85:82:e8:26:4a:f9:fc:fa:17:78:74:68:28:
                    70:2c:82:ea:10:94:5a:a1:74:57:e2:47:ef:54:14:
                    5f:4f:a9:42:e9:24:2d:24:8a:2c:54:ff:89:1f:6a:
                    0f:b8:37:59:8f:57:4b:2d:40:78:71:55:77:a2:1b:
                    09:01:98:09:c5:f6:3b:ef:57:ab:4d:a6:54:18:14:
                    94:80:67:d9:4b:00:38:f0:15:f3:4d:4f:1e:5a:71:
                    2e:8b:b5:c2:77:4e:39:3a:94:32:93:29:9a:e3:96:
                    2c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:D2:4C:FE:B2:84:3C:D6:F6:97:88:AC:8B:6B:4C:BA:A1:45:0F:42
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/DNJM_rKEPNb2l4isi2tMuqFFD0I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/24
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  95.215.109.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3505:9000::/36
                  2a09:3506::/32
                  2a09:3800::-2a09:3802:ffff:ffff:ffff:ffff:ffff:ffff
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e03::/32
                  2a09:b680::/29
                  2a0c:2104::/32
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0d:8b07::/32
                  2a0f:cc81::/32
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:afff:ffff:ffff:ffff:ffff:ffff
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:204::/30
                  2a11:780::/29
                  2a11:980::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:e87:6000::/36
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:84:6d:dd:dc:35:a6:ff:11:a2:91:b7:0e:3e:35:f6:89:ee:
         2c:85:ac:ad:06:10:ae:18:47:da:89:af:2a:99:bf:8a:b5:c1:
         68:04:cd:4e:d9:f4:a7:da:71:1c:86:ce:72:3b:1a:ed:58:69:
         4d:d0:fa:90:62:41:c2:aa:84:29:aa:be:2b:7b:2e:97:30:a5:
         29:fe:1b:38:1e:01:cf:49:49:49:a8:fc:11:22:05:31:51:09:
         7c:89:8f:bf:81:d8:7a:db:2c:6e:0c:17:ec:09:5a:23:b4:e9:
         42:b7:93:ba:64:8f:05:95:52:fb:ee:0b:17:c6:cb:26:e4:56:
         e6:d4:fa:df:a0:95:cd:21:4a:18:72:b7:ef:cb:5e:08:80:29:
         e8:59:9f:65:8f:53:00:53:3b:83:9f:d3:2e:29:a3:5f:3a:1c:
         79:8f:1f:cf:0d:3b:fe:95:73:11:1f:18:e6:a6:51:ce:20:32:
         9b:35:5e:33:4a:19:c8:7c:39:03:eb:d9:78:20:4a:c9:3a:bd:
         fa:46:7f:78:04:3f:36:a8:fc:76:9d:77:db:23:57:6e:e7:1f:
         73:10:23:c6:49:50:12:36:22:07:d1:2b:81:22:cf:f8:70:83:
         e1:0d:0b:48:a6:f4:57:4e:4c:6a:b3:e8:23:42:98:f9:6c:79:
         bd:a2:7f:57
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAYv65br1EwkEmJX5XlrZeDE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMxMTIzMDYzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2QyNGNmZWIyODQzY2Q2ZjY5Nzg4YWM4YjZiNGNiYWExNDUwZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsAkKF6iWNiUZjq6R17suIARhJLt
FnFuR/NQ6qJ6hQ3Vb9EPVKXWh3FdQtdCgksjTlJ6aTd4qjyJ5J9pNDXlgzPjg0T3
I9P5AIiDNJUox/o9E1CpwL9pAB3uCCgm7NVv3tJ8HYE/Pv0QNUaDtpMClPvLdR8Y
GVKdTntvxORRdDjbvdsC2F2Sf1vkInaz+jMwDeDlS5xyF4WC6CZK+fz6F3h0aChw
LILqEJRaoXRX4kfvVBRfT6lC6SQtJIosVP+JH2oPuDdZj1dLLUB4cVV3ohsJAZgJ
xfY771erTaZUGBSUgGfZSwA48BXzTU8eWnEui7XCd045OpQykyma45YsFQIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFAzSTP6yhDzW9peIrItrTLqhRQ9CMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvRE5KTV9yS0VQTmIybDRpc2kydE11cUZGRDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjAqBAIAATAkAwQA
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAX9dtAwQAwnFpMIIBGgQCAAIwggESAwUD
KgbZAAMGBCoJNQWQAwUAKgk1BjANAwQDKgk4AwUAKgk4AgMFAyoJOwADBQMqCT0A
MBADBgQqCU4BMAMGBSoJTgFAMBADBgQqCU4BkAMGBCoJTgGgAwUAKglOAwMFAyoJ
toADBQAqDCEEAwUDKgzowAMFAyoNXsAwDgMFACoNiwMDBQAqDYsEAwUAKg2LBwMF
ACoPzIEDBgQqD8yHAAMFAyoQwMADBQMqEMNAAwYEKhECAAADBgUqEQIAQDAQAwYE
KhECAHADBgQqEQIAoDAOAwUAKhECAQMFACoRAgIDBQIqEQIEAwUDKhEHgAMFAyoR
CYADBQMqEQuAAwUAKhEOggMGBCoRDodgAwUAKhGvATANBgkqhkiG9w0BAQsFAAOC
AQEAZYRt3dw1pv8RopG3Dj419onuLIWsrQYQrhhH2omvKpm/irXBaATNTtn0p9px
HIbOcjsa7VhpTdD6kGJBwqqEKaq+K3sulzClKf4bOB4Bz0lJSaj8ESIFMVEJfImP
v4HYetssbgwX7AlaI7TpQreTumSPBZVS++4LF8bLJuRW5tT636CVzSFKGHK378te
CIAp6FmfZY9TAFM7g5/TLimjXzoceY8fzw07/pVzER8Y5qZRziAymzVeM0oZyHw5
A+vZeCBKyTq9+kZ/eAQ/Nqj8dp132yNXbucfcxAjxklQEjYiB9ErgSLP+HCD4Q0L
SKb0V05MarPoI0KY+Wx5vaJ/Vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org