Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/TvgYr0ignSZzvM04LDoyKcQRbSg.roa
File:                     TvgYr0ignSZzvM04LDoyKcQRbSg.roa (raw, json)
Hash identifier:          bUsrjNFQX8XHbHSAGfAx3Qmz31HM8AMT8NQin7Sipx8=
Subject key identifier:   4E:F8:18:AF:48:A0:9D:26:73:BC:CD:38:2C:3A:32:29:C4:11:6D:28
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018A03508A7A6EAAB94C2164A151DCA9B518
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/TvgYr0ignSZzvM04LDoyKcQRbSg.roa
Signing time:             Thu 17 Aug 2023 11:45:24 +0000
ROA not before:           Thu 17 Aug 2023 11:45:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        45.151.139.0/24 maxlen: 24
                          45.142.210.0/24 maxlen: 24
                          45.142.211.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          2a09:3d00::/29 maxlen: 36
                          2a0f:cc87::/36 maxlen: 36
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 29
                          2a11:200:8000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a09:3505:9000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a11:af01::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a0d:5ec0::/29 maxlen: 36
                          2a11:e82::/32 maxlen: 32
                          2a06:d900::/29 maxlen: 29
                          2a11:780::/29 maxlen: 36
                          2a09:3b00::/29 maxlen: 29
                          2a09:4e01:3000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Mon 28 Aug 2023 11:08:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:03:50:8a:7a:6e:aa:b9:4c:21:64:a1:51:dc:a9:b5:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Aug 17 11:45:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4ef818af48a09d2673bccd382c3a3229c4116d28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:05:21:e3:e8:87:1a:ea:c4:d4:5d:08:0d:7e:
                    d2:18:a8:d7:fc:5f:14:04:c6:10:e6:2b:7b:bd:da:
                    2f:7d:98:25:ea:20:b9:9d:6d:da:ff:24:a4:9f:7d:
                    1b:ae:51:9f:66:0f:be:5c:eb:3e:7a:10:88:cf:1d:
                    2a:22:4b:4f:41:5a:5e:d9:87:d0:66:9e:ba:6f:3a:
                    89:25:37:8f:01:63:eb:11:ad:1b:c3:63:13:7f:22:
                    43:94:7a:12:07:fd:43:62:c5:1a:45:15:81:21:bc:
                    15:a9:d8:90:a5:0c:95:2c:4c:45:07:c9:6e:7d:d2:
                    5e:f0:95:96:09:99:ba:40:f1:74:7c:51:92:0f:15:
                    72:60:9b:61:8d:94:6a:10:05:ae:50:9b:7e:fb:9d:
                    ed:e5:1b:0c:49:db:6f:68:09:38:65:05:e8:c4:6c:
                    31:53:67:f0:f3:68:11:dd:a8:27:ad:f4:13:20:7c:
                    89:4a:15:4d:56:5e:6b:1f:6e:4c:15:84:84:40:9f:
                    bf:51:05:53:5c:62:ff:c3:d2:82:1f:b4:b2:1c:b6:
                    19:6f:48:f1:f5:dd:7b:de:05:67:29:f3:34:f6:02:
                    03:ea:8a:17:e2:4b:e8:ef:69:53:19:02:eb:01:83:
                    cd:09:14:10:3b:e9:6e:97:90:ed:e5:6b:d7:e2:91:
                    65:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:F8:18:AF:48:A0:9D:26:73:BC:CD:38:2C:3A:32:29:C4:11:6D:28
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/TvgYr0ignSZzvM04LDoyKcQRbSg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/23
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3505:9000::/36
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::/36
                  2a09:b680::/29
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:780::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         9b:c9:0b:84:f8:bf:2b:3b:7d:a6:89:3f:6a:d7:4a:5d:9c:be:
         98:f0:ec:99:00:b8:fb:f8:3a:9a:72:91:13:16:25:d6:e0:10:
         15:22:75:24:06:d6:8c:bd:14:cd:c8:a8:a4:ba:5f:14:97:64:
         23:4a:af:64:ef:95:fa:1e:ca:47:c8:86:2f:49:03:90:42:89:
         b0:8b:66:07:3f:46:c8:72:6f:f3:7d:13:c5:d1:75:d5:f3:ed:
         fe:c9:f1:d7:48:25:2e:50:0f:e3:39:9d:73:d0:83:c7:e8:58:
         af:90:9e:8c:c8:64:31:af:63:5a:ea:ae:14:28:44:b5:69:f2:
         d7:f2:1e:52:e1:44:ab:e1:e0:9a:8f:28:ef:f9:2f:5e:fc:9f:
         84:a1:9b:71:da:4a:21:af:41:ff:af:b4:fb:6b:6a:24:03:34:
         22:2e:c9:ee:a8:ff:08:0e:ea:83:7b:f4:6d:8c:68:1b:7c:c5:
         0f:8d:52:1c:fe:8f:f3:2f:80:bb:0b:21:55:06:83:20:30:71:
         db:99:08:be:ea:0b:13:f7:b4:0a:a0:c5:79:7e:67:ba:55:fb:
         18:1f:76:8a:9d:3f:ed:7a:9f:7b:8b:66:1c:5e:03:bc:55:ec:
         a9:59:c6:eb:7c:37:42:68:a8:13:4e:05:2d:8a:db:d2:5e:69:
         e7:41:6e:46
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYoDUIp6bqq5TCFkoVHcqbUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwODE3MTE0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWY4MThhZjQ4YTA5ZDI2NzNiY2NkMzgyYzNhMzIyOWM0MTE2ZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQUh4+iHGurE1F0IDX7SGKjX/F8U
BMYQ5it7vdovfZgl6iC5nW3a/ySkn30brlGfZg++XOs+ehCIzx0qIktPQVpe2YfQ
Zp66bzqJJTePAWPrEa0bw2MTfyJDlHoSB/1DYsUaRRWBIbwVqdiQpQyVLExFB8lu
fdJe8JWWCZm6QPF0fFGSDxVyYJthjZRqEAWuUJt++53t5RsMSdtvaAk4ZQXoxGwx
U2fw82gR3agnrfQTIHyJShVNVl5rH25MFYSEQJ+/UQVTXGL/w9KCH7SyHLYZb0jx
9d173gVnKfM09gID6ooX4kvo72lTGQLrAYPNCRQQO+lul5Dt5WvX4pFlDQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFE74GK9IoJ0mc7zNOCw6MinEEW0oMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvVHZnWXIwaWduU1p6dk0wNExEb3lLY1FSYlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DAkBAIAATAeAwQBLY7S
AwQALZeLAwQCU6vwAwQAVDYkAwQAwnFpMIG3BAIAAjCBsAMFAyoG2QADBgQqCTUF
kAMFAyoJOwADBQMqCT0AMBADBgQqCU4BMAMGBSoJTgFAAwYEKglOAZADBQMqCbaA
AwUDKgzowAMFAyoNXsADBgQqD8yHAAMFAyoQwMADBQMqEMNAAwYEKhECAAADBgUq
EQIAQDAQAwYEKhECAHADBgQqEQIAgDAOAwUAKhECAQMFACoRAgIDBQMqEQeAAwUD
KhELgAMFACoRDoIDBQAqEa8BMA0GCSqGSIb3DQEBCwUAA4IBAQCbyQuE+L8rO32m
iT9q10pdnL6Y8OyZALj7+DqacpETFiXW4BAVInUkBtaMvRTNyKikul8Ul2QjSq9k
75X6HspHyIYvSQOQQomwi2YHP0bIcm/zfRPF0XXV8+3+yfHXSCUuUA/jOZ1z0IPH
6FivkJ6MyGQxr2Na6q4UKES1afLX8h5S4USr4eCajyjv+S9e/J+EoZtx2kohr0H/
r7T7a2okAzQiLsnuqP8IDuqDe/RtjGgbfMUPjVIc/o/zL4C7CyFVBoMgMHHbmQi+
6gsT97QKoMV5fme6VfsYH3aKnT/tep97i2YcXgO8VeypWcbrfDdCaKgTTgUtitvS
XmnnQW5G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org