Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/fSXIbOAj3y46lqyyl6DEVWkj-iU.roa
File:                     fSXIbOAj3y46lqyyl6DEVWkj-iU.roa (raw, json)
Hash identifier:          uXTatVvOsnCEnxfJIfggT4pAn/L9yh0EFsfU9l82uQs=
Subject key identifier:   7D:25:C8:6C:E0:23:DF:2E:3A:96:AC:B2:97:A0:C4:55:69:23:FA:25
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018D5980A56B04F156CA6711676DDCB21830
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/fSXIbOAj3y46lqyyl6DEVWkj-iU.roa
Signing time:             Tue 30 Jan 2024 08:33:39 +0000
ROA not before:           Tue 30 Jan 2024 08:33:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204916
IP address blocks:        45.142.210.0/24 maxlen: 24
                          45.151.139.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.240.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          83.171.243.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          95.215.109.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          2a06:d900::/29 maxlen: 29
                          2a09:3505:9000::/36 maxlen: 36
                          2a09:3505:b000::/36 maxlen: 36
                          2a09:3506::/32 maxlen: 32
                          2a09:3800::/32 maxlen: 32
                          2a09:3801::/32 maxlen: 32
                          2a09:3802::/32 maxlen: 32
                          2a09:3804::/36 maxlen: 36
                          2a09:3804:1000::/36 maxlen: 36
                          2a09:3804:2000::/36 maxlen: 36
                          2a09:3804:3000::/36 maxlen: 36
                          2a09:3804:4000::/36 maxlen: 36
                          2a09:3804:5000::/36 maxlen: 36
                          2a09:3804:6000::/36 maxlen: 36
                          2a09:3805::/32 maxlen: 32
                          2a09:3806::/32 maxlen: 32
                          2a09:3807::/32 maxlen: 32
                          2a09:3b00::/29 maxlen: 29
                          2a09:3d00::/29 maxlen: 36
                          2a09:4e01:3000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a09:4e01:a000::/36 maxlen: 36
                          2a09:4e03::/32 maxlen: 32
                          2a09:6f00::/32 maxlen: 32
                          2a09:b680::/29 maxlen: 36
                          2a09:bd80::/32 maxlen: 32
                          2a0a:4784::/32 maxlen: 32
                          2a0c:2103::/32 maxlen: 32
                          2a0c:2104::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a0d:5ec0::/29 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a0d:8b03::/32 maxlen: 32
                          2a0d:8b04::/32 maxlen: 32
                          2a0d:8b07::/32 maxlen: 32
                          2a0f:cc80::/32 maxlen: 32
                          2a0f:cc81::/32 maxlen: 32
                          2a0f:cc87::/36 maxlen: 36
                          2a10:c0c0::/29 maxlen: 32
                          2a10:c0c0::/32 maxlen: 32
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c5::/32 maxlen: 32
                          2a10:c0c6::/32 maxlen: 32
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c340::/29 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:8000::/36 maxlen: 36
                          2a11:200:9000::/36 maxlen: 36
                          2a11:200:a000::/36 maxlen: 36
                          2a11:200:c000::/36 maxlen: 36
                          2a11:200:d000::/36 maxlen: 36
                          2a11:200:e000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a11:204::/32 maxlen: 32
                          2a11:205::/32 maxlen: 32
                          2a11:206::/32 maxlen: 32
                          2a11:207::/32 maxlen: 32
                          2a11:780::/29 maxlen: 36
                          2a11:782::/32 maxlen: 32
                          2a11:980::/29 maxlen: 29
                          2a11:b80::/29 maxlen: 36
                          2a11:e82::/32 maxlen: 32
                          2a11:e87:6000::/36 maxlen: 36
                          2a11:af01::/32 maxlen: 32
                          2a11:af02::/32 maxlen: 32
                          2a12:7c00::/29 maxlen: 36

Validation:               Failed, certificate revoked on Thu 01 Feb 2024 07:46:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:59:80:a5:6b:04:f1:56:ca:67:11:67:6d:dc:b2:18:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Jan 30 08:33:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7d25c86ce023df2e3a96acb297a0c4556923fa25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:b4:79:19:de:a5:b3:40:6a:94:f6:37:fb:f9:
                    46:bf:fe:d5:40:1b:a6:ad:45:ce:a5:5c:9f:39:46:
                    e8:77:70:e4:40:11:48:92:b8:a8:1a:96:df:03:10:
                    53:90:42:ab:91:e9:82:1e:24:d0:2d:b9:01:f1:f9:
                    39:d5:ba:05:57:6b:e3:97:bd:d1:15:bd:1c:da:8b:
                    42:b7:23:8a:2d:08:25:59:e0:99:09:8b:ce:9b:08:
                    3e:45:e2:03:bd:22:b1:dc:3e:3a:3d:4c:56:f4:f5:
                    af:88:bf:35:0e:5e:1c:03:b2:b0:b4:f8:c5:27:3b:
                    88:0e:aa:9e:7a:43:d0:e1:4a:83:c8:f7:9b:0a:82:
                    0f:21:26:e1:b6:4f:8b:4f:4f:27:25:6d:ec:7b:2a:
                    36:a9:2e:6b:17:3a:e4:41:22:5b:58:a1:0e:5b:61:
                    4d:ab:cb:ce:8f:26:bc:59:d8:1f:43:02:5d:27:1d:
                    72:8f:82:53:f2:cd:3d:ab:bf:6f:c5:cf:34:88:6f:
                    b5:c2:e0:86:a2:64:5c:55:25:82:f0:27:9f:ef:2c:
                    1d:26:d8:41:8c:37:66:42:23:66:94:f2:92:7f:a4:
                    d0:50:e6:7c:c0:ee:ec:85:3c:02:20:a7:7d:86:bb:
                    da:c2:b7:f2:ba:a3:93:b4:fd:87:56:a8:56:8d:7d:
                    4c:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:25:C8:6C:E0:23:DF:2E:3A:96:AC:B2:97:A0:C4:55:69:23:FA:25
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/fSXIbOAj3y46lqyyl6DEVWkj-iU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/24
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  95.215.109.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3505:9000::/36
                  2a09:3505:b000::/36
                  2a09:3506::/32
                  2a09:3800::-2a09:3802:ffff:ffff:ffff:ffff:ffff:ffff
                  2a09:3804::-2a09:3804:6fff:ffff:ffff:ffff:ffff:ffff
                  2a09:3805::-2a09:3807:ffff:ffff:ffff:ffff:ffff:ffff
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e03::/32
                  2a09:6f00::/32
                  2a09:b680::/29
                  2a09:bd80::/32
                  2a0a:4784::/32
                  2a0c:2103::-2a0c:2104:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0d:8b07::/32
                  2a0f:cc80::/31
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:afff:ffff:ffff:ffff:ffff:ffff
                  2a11:200:c000::-2a11:200:efff:ffff:ffff:ffff:ffff:ffff
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:204::/30
                  2a11:780::/29
                  2a11:980::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:e87:6000::/36
                  2a11:af01::-2a11:af02:ffff:ffff:ffff:ffff:ffff:ffff
                  2a12:7c00::/29

    Signature Algorithm: sha256WithRSAEncryption
         4d:f2:a6:2f:94:4e:a3:97:51:7c:05:13:33:12:ce:86:7e:d6:
         bc:11:0f:96:c6:45:28:61:1e:ad:0e:c7:dc:3b:2e:de:49:1f:
         1e:2b:3c:2c:a1:ed:36:3c:16:f7:e6:ba:05:a8:c3:fd:93:4f:
         57:78:d0:4c:e9:e3:5f:92:65:fb:e1:82:2f:d0:55:aa:01:a1:
         31:1a:b2:ed:f0:0f:e4:d5:0d:ef:f4:af:aa:8a:5d:c9:43:f2:
         8b:cd:33:10:00:0e:a3:29:ce:fe:15:92:39:f9:df:23:38:68:
         3b:e3:72:dd:87:68:d6:c8:23:da:fa:53:09:a4:c3:da:0f:45:
         b1:fd:17:57:41:55:58:fa:53:94:33:c0:6e:bd:d5:bb:6c:60:
         94:2c:0e:2b:f2:70:39:c5:77:cc:11:ed:ad:fe:d9:35:88:dd:
         5a:91:c5:18:ba:d3:41:70:df:1a:15:fd:c4:b4:39:48:a5:31:
         70:e2:b8:08:63:66:0c:24:9d:c0:2d:bf:4f:de:27:de:39:25:
         b5:7a:3e:b0:76:ad:a1:bd:8a:52:5a:94:ca:6e:7c:e6:24:fe:
         36:d6:c6:6a:fc:43:d2:c6:72:27:db:b5:64:dd:70:6c:c7:34:
         e8:2b:78:ec:10:16:b5:ae:53:82:dc:63:7b:ab:10:f1:58:6a:
         58:55:05:bb
-----BEGIN CERTIFICATE-----
MIIGqDCCBZCgAwIBAgISAY1ZgKVrBPFWymcRZ23cshgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwMTMwMDgzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDI1Yzg2Y2UwMjNkZjJlM2E5NmFjYjI5N2EwYzQ1NTY5MjNmYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLR5Gd6ls0BqlPY3+/lGv/7VQBum
rUXOpVyfOUbod3DkQBFIkrioGpbfAxBTkEKrkemCHiTQLbkB8fk51boFV2vjl73R
Fb0c2otCtyOKLQglWeCZCYvOmwg+ReIDvSKx3D46PUxW9PWviL81Dl4cA7KwtPjF
JzuIDqqeekPQ4UqDyPebCoIPISbhtk+LT08nJW3seyo2qS5rFzrkQSJbWKEOW2FN
q8vOjya8WdgfQwJdJx1yj4JT8s09q79vxc80iG+1wuCGomRcVSWC8Cef7ywdJthB
jDdmQiNmlPKSf6TQUOZ8wO7shTwCIKd9hrvawrfyuqOTtP2HVqhWjX1MOQIDAQAB
o4IDtDCCA7AwHQYDVR0OBBYEFH0lyGzgI98uOpasspegxFVpI/olMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvZlNYSWJPQWozeTQ2bHF5eWw2REVWV2tqLWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIByAYIKwYBBQUHAQcBAf8EggG3MIIBszAqBAIAATAkAwQA
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAX9dtAwQAwnFpMIIBgwQCAAIwggF7AwUD
KgbZAAMGBCoJNQWQAwYEKgk1BbADBQAqCTUGMA0DBAMqCTgDBQAqCTgCMA8DBQIq
CTgEAwYEKgk4BGAwDgMFACoJOAUDBQMqCTgAAwUDKgk7AAMFAyoJPQAwEAMGBCoJ
TgEwAwYFKglOAUAwEAMGBCoJTgGQAwYEKglOAaADBQAqCU4DAwUAKglvAAMFAyoJ
toADBQAqCb2AAwUAKgpHhDAOAwUAKgwhAwMFACoMIQQDBQMqDOjAAwUDKg1ewDAO
AwUAKg2LAwMFACoNiwQDBQAqDYsHAwUBKg/MgAMGBCoPzIcAAwUDKhDAwAMFAyoQ
w0ADBgQqEQIAAAMGBSoRAgBAMBADBgQqEQIAcAMGBCoRAgCgMBADBgYqEQIAwAMG
BCoRAgDgMA4DBQAqEQIBAwUAKhECAgMFAioRAgQDBQMqEQeAAwUDKhEJgAMFAyoR
C4ADBQAqEQ6CAwYEKhEOh2AwDgMFACoRrwEDBQAqEa8CAwUDKhJ8ADANBgkqhkiG
9w0BAQsFAAOCAQEATfKmL5ROo5dRfAUTMxLOhn7WvBEPlsZFKGEerQ7H3Dsu3kkf
His8LKHtNjwW9+a6BajD/ZNPV3jQTOnjX5Jl++GCL9BVqgGhMRqy7fAP5NUN7/Sv
qopdyUPyi80zEAAOoynO/hWSOfnfIzhoO+Ny3Ydo1sgj2vpTCaTD2g9Fsf0XV0FV
WPpTlDPAbr3Vu2xglCwOK/JwOcV3zBHtrf7ZNYjdWpHFGLrTQXDfGhX9xLQ5SKUx
cOK4CGNmDCSdwC2/T94n3jkltXo+sHatob2KUlqUym585iT+NtbGavxD0sZyJ9u1
ZN1wbMc06Ct47BAWta5Tgtxje6sQ8VhqWFUFuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org