Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/XUlKU9893zVMDCNOm0MfFpIckYk.roa
File:                     XUlKU9893zVMDCNOm0MfFpIckYk.roa (raw, json)
Hash identifier:          LMUAXOuIZFuFZ/dZRAbcx5sIYtXidINyZxAwjDOloXo=
Subject key identifier:   5D:49:4A:53:DF:3D:DF:35:4C:0C:23:4E:9B:43:1F:16:92:1C:91:89
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018BEC12DEFC6DCF93E1609696791B248022
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/XUlKU9893zVMDCNOm0MfFpIckYk.roa
Signing time:             Mon 20 Nov 2023 09:32:21 +0000
ROA not before:           Mon 20 Nov 2023 09:32:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        95.215.109.0/24 maxlen: 24
                          45.151.139.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          45.142.210.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          2a09:3d00::/29 maxlen: 36
                          2a11:207::/32 maxlen: 32
                          2a11:206::/32 maxlen: 32
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 32
                          2a11:e87:6000::/36 maxlen: 36
                          2a11:af01::/32 maxlen: 32
                          2a11:205::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a0d:5ec0::/29 maxlen: 36
                          2a06:d900::/29 maxlen: 29
                          2a09:4e03::/32 maxlen: 32
                          2a09:3b00::/29 maxlen: 29
                          2a10:c0c6::/32 maxlen: 32
                          2a0f:cc81::/32 maxlen: 32
                          2a0d:8b03::/32 maxlen: 32
                          2a0f:cc87::/36 maxlen: 36
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a09:3800::/32 maxlen: 32
                          2a11:200:8000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200:a000::/36 maxlen: 36
                          2a09:3505:9000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a0d:8b04::/32 maxlen: 32
                          2a0d:8b07::/32 maxlen: 32
                          2a11:e82::/32 maxlen: 32
                          2a11:780::/29 maxlen: 36
                          2a09:3506::/32 maxlen: 32
                          2a09:3801::/32 maxlen: 32
                          2a10:c0c5::/32 maxlen: 32
                          2a09:4e01:3000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a09:4e01:a000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a0c:2104::/32 maxlen: 32
                          2a11:980::/29 maxlen: 29
                          2a11:204::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Mon 20 Nov 2023 11:20:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ec:12:de:fc:6d:cf:93:e1:60:96:96:79:1b:24:80:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Nov 20 09:32:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d494a53df3ddf354c0c234e9b431f16921c9189
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:5a:e0:56:8d:d8:f8:51:90:c3:e7:a5:91:7f:
                    78:d6:5a:c5:a2:23:aa:e3:0a:7f:c3:89:5c:b8:7b:
                    08:f6:01:67:0d:13:ee:b0:49:11:84:8d:f0:26:10:
                    28:35:cf:63:2f:b7:09:a2:63:2b:55:4e:78:2b:ac:
                    7f:a9:c8:dc:17:41:50:23:a1:40:23:8f:f3:a9:01:
                    c3:aa:3f:50:79:f1:10:44:91:67:14:46:98:79:1e:
                    92:d0:12:e9:ad:ba:96:79:02:51:04:8c:2a:a5:29:
                    d9:5f:2e:db:93:ba:37:fc:ee:1b:03:07:ed:ed:b9:
                    26:4d:67:ce:47:c8:18:f7:bc:97:bf:12:0e:8b:f1:
                    c3:db:66:d8:87:e3:ea:58:ec:49:4e:1d:01:7f:46:
                    f0:42:b3:70:9f:57:6c:0b:a6:58:a8:20:b9:1f:78:
                    bd:48:2a:50:25:a0:dd:92:8c:82:25:f6:32:a6:29:
                    e0:e1:4c:fb:fb:d8:6b:47:3a:33:d9:bf:26:d0:a1:
                    14:92:b5:e2:76:2e:92:c9:65:69:2b:b8:23:c1:41:
                    5a:d4:c3:20:d4:57:11:ff:ae:7c:14:f4:99:52:24:
                    42:59:b1:e3:f2:b6:f9:f5:21:c8:6d:12:b1:13:36:
                    3d:e5:ea:35:eb:d9:ba:3c:b7:c8:94:fd:41:8d:16:
                    eb:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:49:4A:53:DF:3D:DF:35:4C:0C:23:4E:9B:43:1F:16:92:1C:91:89
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/XUlKU9893zVMDCNOm0MfFpIckYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/24
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  95.215.109.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3505:9000::/36
                  2a09:3506::/32
                  2a09:3800::/31
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e03::/32
                  2a09:b680::/29
                  2a0c:2104::/32
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0d:8b07::/32
                  2a0f:cc81::/32
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
                  2a11:200:a000::/36
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:204::/30
                  2a11:780::/29
                  2a11:980::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:e87:6000::/36
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         2b:ee:0f:71:c0:4f:15:6d:33:51:6a:d3:b0:08:47:44:6c:22:
         7e:c1:4b:ba:ab:9f:a6:4e:81:d5:31:4b:33:5e:82:02:a7:7b:
         1e:1e:fb:12:c8:f5:8e:e0:7d:0f:4b:a7:fb:1f:33:34:72:35:
         b2:f6:6e:f9:67:56:40:26:58:2a:9d:f5:02:8d:44:3e:17:e1:
         ea:04:bd:3f:db:2e:7f:0f:24:8c:eb:c2:3a:fe:d0:ea:03:27:
         f5:0a:b7:62:28:69:8a:b9:31:73:bb:ef:6e:6d:5f:fa:c6:3d:
         d1:12:29:8d:47:38:cc:df:01:7d:1a:5d:51:16:da:70:94:1e:
         fe:4f:cf:b9:78:71:44:a6:bd:e1:04:3f:86:78:d0:43:44:74:
         f4:60:49:f9:fb:8e:48:28:0e:1c:83:0b:08:96:5e:1e:ff:4c:
         2e:fe:57:2f:2a:fb:8e:03:ac:cc:39:ad:b7:03:1a:f3:07:5f:
         b0:97:7f:c0:28:f7:a5:60:f9:77:fd:a3:30:63:ef:cf:00:1f:
         08:df:95:c6:4f:5b:d3:52:99:e0:9b:98:ad:2e:53:51:64:ea:
         1f:39:3e:d0:6d:07:91:3b:09:88:d6:67:3c:6c:6b:5e:bd:22:
         9d:f8:a6:ce:d0:d8:15:0e:8d:a5:75:ec:fb:2a:16:63:9f:1f:
         df:23:50:4d
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAYvsEt78bc+T4WCWlnkbJIAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMxMTIwMDkzMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQ5NGE1M2RmM2RkZjM1NGMwYzIzNGU5YjQzMWYxNjkyMWM5MTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1rgVo3Y+FGQw+elkX941lrFoiOq
4wp/w4lcuHsI9gFnDRPusEkRhI3wJhAoNc9jL7cJomMrVU54K6x/qcjcF0FQI6FA
I4/zqQHDqj9QefEQRJFnFEaYeR6S0BLprbqWeQJRBIwqpSnZXy7bk7o3/O4bAwft
7bkmTWfOR8gY97yXvxIOi/HD22bYh+PqWOxJTh0Bf0bwQrNwn1dsC6ZYqCC5H3i9
SCpQJaDdkoyCJfYyping4Uz7+9hrRzoz2b8m0KEUkrXidi6SyWVpK7gjwUFa1MMg
1FcR/658FPSZUiRCWbHj8rb59SHIbRKxEzY95eo169m6PLfIlP1BjRbrFwIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFF1JSlPfPd81TAwjTptDHxaSHJGJMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvWFVsS1U5ODkzelZNRENOT20wTWZGcElja1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjAqBAIAATAkAwQA
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAX9dtAwQAwnFpMIIBGgQCAAIwggESAwUD
KgbZAAMGBCoJNQWQAwUAKgk1BgMFASoJOAADBQMqCTsAAwUDKgk9ADAQAwYEKglO
ATADBgUqCU4BQDAQAwYEKglOAZADBgQqCU4BoAMFACoJTgMDBQMqCbaAAwUAKgwh
BAMFAyoM6MADBQMqDV7AMA4DBQAqDYsDAwUAKg2LBAMFACoNiwcDBQAqD8yBAwYE
Kg/MhwADBQMqEMDAAwUDKhDDQAMGBCoRAgAAAwYFKhECAEAwEAMGBCoRAgBwAwYE
KhECAIADBgQqEQIAoDAOAwUAKhECAQMFACoRAgIDBQIqEQIEAwUDKhEHgAMFAyoR
CYADBQMqEQuAAwUAKhEOggMGBCoRDodgAwUAKhGvATANBgkqhkiG9w0BAQsFAAOC
AQEAK+4PccBPFW0zUWrTsAhHRGwifsFLuqufpk6B1TFLM16CAqd7Hh77Esj1juB9
D0un+x8zNHI1svZu+WdWQCZYKp31Ao1EPhfh6gS9P9sufw8kjOvCOv7Q6gMn9Qq3
Yihpirkxc7vvbm1f+sY90RIpjUc4zN8BfRpdURbacJQe/k/PuXhxRKa94QQ/hnjQ
Q0R09GBJ+fuOSCgOHIMLCJZeHv9MLv5XLyr7jgOszDmttwMa8wdfsJd/wCj3pWD5
d/2jMGPvzwAfCN+Vxk9b01KZ4JuYrS5TUWTqHzk+0G0HkTsJiNZnPGxrXr0infim
ztDYFQ6NpXXs+yoWY58f3yNQTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org