Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/kcLJ4hgQrv9TXZOYhNqSFVEEunY.roa
File:                     kcLJ4hgQrv9TXZOYhNqSFVEEunY.roa (raw, json)
Hash identifier:          5HG+pI+i9jxh2EAGbYnjr4U+A3A14EJO7VLkfSA5zJ4=
Subject key identifier:   91:C2:C9:E2:18:10:AE:FF:53:5D:93:98:84:DA:92:15:51:04:BA:76
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018C385D687A4DE6611DA4215C44A46DCFC8
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/kcLJ4hgQrv9TXZOYhNqSFVEEunY.roa
Signing time:             Tue 05 Dec 2023 05:04:54 +0000
ROA not before:           Tue 05 Dec 2023 05:04:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        95.215.109.0/24 maxlen: 24
                          45.151.139.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          45.142.210.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          2a09:3d00::/29 maxlen: 36
                          2a11:207::/32 maxlen: 32
                          2a11:206::/32 maxlen: 32
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 32
                          2a11:e87:6000::/36 maxlen: 36
                          2a11:af01::/32 maxlen: 32
                          2a11:205::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a09:3805::/32 maxlen: 32
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a0d:5ec0::/29 maxlen: 36
                          2a06:d900::/29 maxlen: 29
                          2a09:4e03::/32 maxlen: 32
                          2a09:3b00::/29 maxlen: 29
                          2a10:c0c6::/32 maxlen: 32
                          2a0f:cc81::/32 maxlen: 32
                          2a0d:8b03::/32 maxlen: 32
                          2a0f:cc87::/36 maxlen: 36
                          2a11:b80::/29 maxlen: 36
                          2a09:b680::/29 maxlen: 36
                          2a09:3800::/32 maxlen: 32
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200:d000::/36 maxlen: 36
                          2a11:200:9000::/36 maxlen: 36
                          2a09:3505:b000::/36 maxlen: 36
                          2a11:200:e000::/36 maxlen: 36
                          2a11:200:c000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:8000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:a000::/36 maxlen: 36
                          2a09:3505:9000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a11:782::/32 maxlen: 32
                          2a0d:8b04::/32 maxlen: 32
                          2a09:3802::/32 maxlen: 32
                          2a0d:8b07::/32 maxlen: 32
                          2a11:e82::/32 maxlen: 32
                          2a11:780::/29 maxlen: 36
                          2a09:3506::/32 maxlen: 32
                          2a09:3801::/32 maxlen: 32
                          2a10:c0c5::/32 maxlen: 32
                          2a09:4e01:a000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:3000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a09:3804::/36 maxlen: 36
                          2a0c:2104::/32 maxlen: 32
                          2a11:980::/29 maxlen: 29
                          2a11:204::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Thu 07 Dec 2023 08:59:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:38:5d:68:7a:4d:e6:61:1d:a4:21:5c:44:a4:6d:cf:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Dec  5 05:04:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=91c2c9e21810aeff535d939884da92155104ba76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:7d:e9:18:a4:80:3f:59:67:15:8b:4d:00:74:
                    2d:ea:26:90:c9:99:a3:e0:1c:f7:97:d9:a0:61:c0:
                    e2:c5:d7:2e:de:88:9b:8e:12:8d:5e:06:d3:56:25:
                    c4:c9:bb:68:d6:ae:67:41:84:d4:06:2d:91:ec:a0:
                    e4:e8:2a:5b:a9:c3:01:f7:7f:b2:ff:ba:0d:ed:b7:
                    eb:5f:c0:66:ed:77:ee:3e:35:92:cb:05:54:9b:b0:
                    f2:75:ae:6f:e7:b7:28:c8:bf:7a:46:bb:9c:24:d4:
                    52:17:d8:4b:dd:7a:cf:55:e6:2d:bc:52:b2:be:13:
                    f2:76:5a:b0:78:56:0f:2e:7d:ff:e7:ef:56:6b:df:
                    81:60:39:7f:f3:fb:13:a6:17:e2:d4:76:5e:41:29:
                    0c:67:99:40:44:a6:a0:f4:07:aa:d0:08:6a:ac:d0:
                    4f:df:cc:e9:2f:90:8f:2e:1a:0a:16:ff:92:48:e2:
                    4a:6d:e3:10:d8:eb:86:7d:b3:7f:95:9d:ea:81:a3:
                    84:49:bb:2f:65:03:48:58:40:96:b4:41:ef:d5:ac:
                    a1:36:f1:91:7c:f8:22:a7:84:9f:ec:96:5a:c7:4a:
                    e8:88:de:0b:e4:14:36:ed:43:b7:ed:ec:e3:4b:31:
                    f8:39:59:82:83:e3:c9:49:c9:44:0b:48:16:71:20:
                    a3:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:C2:C9:E2:18:10:AE:FF:53:5D:93:98:84:DA:92:15:51:04:BA:76
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/kcLJ4hgQrv9TXZOYhNqSFVEEunY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/24
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  95.215.109.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3505:9000::/36
                  2a09:3505:b000::/36
                  2a09:3506::/32
                  2a09:3800::-2a09:3802:ffff:ffff:ffff:ffff:ffff:ffff
                  2a09:3804::/36
                  2a09:3805::/32
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e03::/32
                  2a09:b680::/29
                  2a0c:2104::/32
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0d:8b07::/32
                  2a0f:cc81::/32
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:afff:ffff:ffff:ffff:ffff:ffff
                  2a11:200:c000::-2a11:200:efff:ffff:ffff:ffff:ffff:ffff
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:204::/30
                  2a11:780::/29
                  2a11:980::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:e87:6000::/36
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         59:ce:5f:ec:6d:c1:d0:e9:a1:4d:9a:1f:8f:4b:c4:1f:db:ca:
         24:eb:a9:50:f5:11:27:3c:49:47:5e:84:6b:60:44:0d:39:24:
         1b:8a:c2:7a:79:e8:ae:76:a9:b6:0b:43:ca:3b:c6:82:04:d5:
         08:07:25:95:fb:73:f2:e9:bf:63:80:6a:c6:9d:ad:27:f3:30:
         7c:03:94:30:52:18:ad:6b:81:b1:c6:64:e1:b1:a2:74:b5:df:
         db:4c:89:70:31:75:f2:92:63:8c:7b:7f:f2:b3:97:b2:dc:8a:
         2e:d7:81:d7:5a:d4:7e:bd:6a:b7:09:90:bd:75:5f:5c:ed:5e:
         78:a0:72:de:eb:88:e4:52:d1:0f:ef:0e:06:27:86:32:3f:d1:
         27:04:bd:d4:19:4b:ff:2c:a9:e5:1e:3e:d9:43:24:11:48:ef:
         95:e1:1a:61:84:13:6f:4c:ad:e0:fd:cf:ec:8a:b0:30:31:ac:
         54:ae:c1:af:85:4e:a2:f9:04:f2:53:3b:d3:57:5e:4d:a5:9d:
         fa:f8:8d:d3:96:84:9d:4e:c0:4b:aa:65:34:4e:7d:af:bd:30:
         36:77:e7:df:83:12:87:71:f3:11:ea:95:04:53:66:3e:1b:2d:
         4b:e9:9a:3e:28:9b:dc:c2:44:29:e3:38:e4:28:7f:87:c5:dd:
         73:35:f4:c8
-----BEGIN CERTIFICATE-----
MIIGaDCCBVCgAwIBAgISAYw4XWh6TeZhHaQhXESkbc/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMxMjA1MDUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWMyYzllMjE4MTBhZWZmNTM1ZDkzOTg4NGRhOTIxNTUxMDRiYTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgn3pGKSAP1lnFYtNAHQt6iaQyZmj
4Bz3l9mgYcDixdcu3oibjhKNXgbTViXEybto1q5nQYTUBi2R7KDk6CpbqcMB93+y
/7oN7bfrX8Bm7XfuPjWSywVUm7Dyda5v57coyL96RrucJNRSF9hL3XrPVeYtvFKy
vhPydlqweFYPLn3/5+9Wa9+BYDl/8/sTphfi1HZeQSkMZ5lARKag9Aeq0AhqrNBP
38zpL5CPLhoKFv+SSOJKbeMQ2OuGfbN/lZ3qgaOESbsvZQNIWECWtEHv1ayhNvGR
fPgip4Sf7JZax0roiN4L5BQ27UO37ezjSzH4OVmCg+PJSclEC0gWcSCjIQIDAQAB
o4IDdDCCA3AwHQYDVR0OBBYEFJHCyeIYEK7/U12TmITakhVRBLp2MB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEva2NMSjRoZ1FydjlUWFpPWWhOcVNGVkVFdW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBiAYIKwYBBQUHAQcBAf8EggF3MIIBczAqBAIAATAkAwQA
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAX9dtAwQAwnFpMIIBQwQCAAIwggE7AwUD
KgbZAAMGBCoJNQWQAwYEKgk1BbADBQAqCTUGMA0DBAMqCTgDBQAqCTgCAwYEKgk4
BAADBQAqCTgFAwUDKgk7AAMFAyoJPQAwEAMGBCoJTgEwAwYFKglOAUAwEAMGBCoJ
TgGQAwYEKglOAaADBQAqCU4DAwUDKgm2gAMFACoMIQQDBQMqDOjAAwUDKg1ewDAO
AwUAKg2LAwMFACoNiwQDBQAqDYsHAwUAKg/MgQMGBCoPzIcAAwUDKhDAwAMFAyoQ
w0ADBgQqEQIAAAMGBSoRAgBAMBADBgQqEQIAcAMGBCoRAgCgMBADBgYqEQIAwAMG
BCoRAgDgMA4DBQAqEQIBAwUAKhECAgMFAioRAgQDBQMqEQeAAwUDKhEJgAMFAyoR
C4ADBQAqEQ6CAwYEKhEOh2ADBQAqEa8BMA0GCSqGSIb3DQEBCwUAA4IBAQBZzl/s
bcHQ6aFNmh+PS8Qf28ok66lQ9REnPElHXoRrYEQNOSQbisJ6eeiudqm2C0PKO8aC
BNUIByWV+3Py6b9jgGrGna0n8zB8A5QwUhita4GxxmThsaJ0td/bTIlwMXXykmOM
e3/ys5ey3Iou14HXWtR+vWq3CZC9dV9c7V54oHLe64jkUtEP7w4GJ4YyP9EnBL3U
GUv/LKnlHj7ZQyQRSO+V4RphhBNvTK3g/c/sirAwMaxUrsGvhU6i+QTyUzvTV15N
pZ36+I3TloSdTsBLqmU0Tn2vvTA2d+ffgxKHcfMR6pUEU2Y+Gy1L6Zo+KJvcwkQp
4zjkKH+Hxd1zNfTI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org