Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/pSf2-Z9GMyG69p94luGuEampFJU.roa
File:                     pSf2-Z9GMyG69p94luGuEampFJU.roa (raw, json)
Hash identifier:          JCzhSGokoQQuAJw2mH72oC/fSH9R+yH6cWYv00Hs4Vk=
Subject key identifier:   A5:27:F6:F9:9F:46:33:21:BA:F6:9F:78:96:E1:AE:11:A9:A9:14:95
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       018D218AF626E925852EC5F5093C411D2CF7
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/pSf2-Z9GMyG69p94luGuEampFJU.roa
Signing time:             Fri 19 Jan 2024 11:46:11 +0000
ROA not before:           Fri 19 Jan 2024 11:46:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204916
IP address blocks:        45.142.210.0/24 maxlen: 24
                          45.151.139.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.240.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          83.171.243.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          95.215.109.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          2a06:d900::/29 maxlen: 29
                          2a09:3505:9000::/36 maxlen: 36
                          2a09:3505:b000::/36 maxlen: 36
                          2a09:3506::/32 maxlen: 32
                          2a09:3800::/32 maxlen: 32
                          2a09:3801::/32 maxlen: 32
                          2a09:3802::/32 maxlen: 32
                          2a09:3804::/36 maxlen: 36
                          2a09:3804:1000::/36 maxlen: 36
                          2a09:3804:2000::/36 maxlen: 36
                          2a09:3804:3000::/36 maxlen: 36
                          2a09:3804:4000::/36 maxlen: 36
                          2a09:3804:5000::/36 maxlen: 36
                          2a09:3805::/32 maxlen: 32
                          2a09:3806::/32 maxlen: 32
                          2a09:3807::/32 maxlen: 32
                          2a09:3b00::/29 maxlen: 29
                          2a09:3d00::/29 maxlen: 36
                          2a09:4e01:3000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a09:4e01:a000::/36 maxlen: 36
                          2a09:4e03::/32 maxlen: 32
                          2a09:6f00::/32 maxlen: 32
                          2a09:b680::/29 maxlen: 36
                          2a09:bd80::/32 maxlen: 32
                          2a0a:4784::/32 maxlen: 32
                          2a0c:2103::/32 maxlen: 32
                          2a0c:2104::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a0d:5ec0::/29 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a0d:8b03::/32 maxlen: 32
                          2a0d:8b04::/32 maxlen: 32
                          2a0d:8b07::/32 maxlen: 32
                          2a0f:cc80::/32 maxlen: 32
                          2a0f:cc81::/32 maxlen: 32
                          2a0f:cc87::/36 maxlen: 36
                          2a10:c0c0::/29 maxlen: 32
                          2a10:c0c0::/32 maxlen: 32
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c5::/32 maxlen: 32
                          2a10:c0c6::/32 maxlen: 32
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c340::/29 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:8000::/36 maxlen: 36
                          2a11:200:9000::/36 maxlen: 36
                          2a11:200:a000::/36 maxlen: 36
                          2a11:200:c000::/36 maxlen: 36
                          2a11:200:d000::/36 maxlen: 36
                          2a11:200:e000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a11:204::/32 maxlen: 32
                          2a11:205::/32 maxlen: 32
                          2a11:206::/32 maxlen: 32
                          2a11:207::/32 maxlen: 32
                          2a11:780::/29 maxlen: 36
                          2a11:782::/32 maxlen: 32
                          2a11:980::/29 maxlen: 29
                          2a11:b80::/29 maxlen: 36
                          2a11:e82::/32 maxlen: 32
                          2a11:e87:6000::/36 maxlen: 36
                          2a11:af01::/32 maxlen: 32
                          2a11:af02::/32 maxlen: 32
                          2a12:7c00::/29 maxlen: 36

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 08:33:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:21:8a:f6:26:e9:25:85:2e:c5:f5:09:3c:41:1d:2c:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Jan 19 11:46:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a527f6f99f463321baf69f7896e1ae11a9a91495
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:75:84:4e:73:87:eb:1d:3c:73:7f:ce:63:dc:
                    1d:6f:14:a8:c7:ac:fa:a0:0a:f9:54:21:a2:89:d3:
                    e8:fc:70:8b:13:29:8f:5f:92:1c:05:2c:d3:24:aa:
                    d2:20:e5:95:c4:7e:fb:61:e3:4e:9e:a0:5e:f7:60:
                    34:fa:ff:c2:71:a3:d3:7b:35:c1:ab:41:cc:35:4c:
                    bd:5f:7d:79:95:bb:ca:a3:fc:b3:ae:0f:b6:72:ea:
                    b1:08:d3:ee:da:f4:d8:c9:10:fa:91:76:30:72:d6:
                    2e:6d:fa:0f:06:2d:bc:f8:b8:b4:7e:74:d1:b7:31:
                    5a:df:aa:7b:ed:7a:2a:e6:33:f7:5d:04:f2:7f:32:
                    6b:fe:2d:56:c7:22:69:f0:9e:e7:c7:62:c3:a1:b7:
                    23:7e:6e:8a:0e:6b:7e:51:30:5b:a7:d9:72:58:66:
                    e5:cb:ef:73:44:74:bf:27:ae:d3:d6:1a:23:47:56:
                    be:74:0c:61:b3:68:6e:23:cd:45:f1:8c:53:54:6d:
                    03:b3:59:53:2d:0b:7b:8f:95:df:eb:b7:f8:60:18:
                    c4:0e:df:cd:84:6f:a0:92:56:44:35:a0:88:2f:e6:
                    b5:ce:9f:46:cf:fa:62:ca:52:f1:4e:65:a4:d2:58:
                    3c:21:73:8f:0e:69:80:9c:07:33:12:be:f6:a0:df:
                    68:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:27:F6:F9:9F:46:33:21:BA:F6:9F:78:96:E1:AE:11:A9:A9:14:95
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/pSf2-Z9GMyG69p94luGuEampFJU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.210.0/24
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  95.215.109.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3505:9000::/36
                  2a09:3505:b000::/36
                  2a09:3506::/32
                  2a09:3800::-2a09:3802:ffff:ffff:ffff:ffff:ffff:ffff
                  2a09:3804::-2a09:3804:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:3805::-2a09:3807:ffff:ffff:ffff:ffff:ffff:ffff
                  2a09:3b00::/29
                  2a09:3d00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e03::/32
                  2a09:6f00::/32
                  2a09:b680::/29
                  2a09:bd80::/32
                  2a0a:4784::/32
                  2a0c:2103::-2a0c:2104:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0c:e8c0::/29
                  2a0d:5ec0::/29
                  2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
                  2a0d:8b07::/32
                  2a0f:cc80::/31
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:afff:ffff:ffff:ffff:ffff:ffff
                  2a11:200:c000::-2a11:200:efff:ffff:ffff:ffff:ffff:ffff
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:204::/30
                  2a11:780::/29
                  2a11:980::/29
                  2a11:b80::/29
                  2a11:e82::/32
                  2a11:e87:6000::/36
                  2a11:af01::-2a11:af02:ffff:ffff:ffff:ffff:ffff:ffff
                  2a12:7c00::/29

    Signature Algorithm: sha256WithRSAEncryption
         08:05:0f:c7:2a:0f:bf:76:68:7d:07:3a:70:17:d4:4c:79:38:
         64:f9:86:10:8f:40:ce:8c:23:e7:ba:62:9b:0d:11:9a:94:e0:
         e1:da:eb:1c:ff:02:83:45:95:22:6e:4b:ec:7b:8d:2d:83:64:
         61:c3:6e:02:8b:e4:d7:cf:49:70:f7:aa:dd:1a:2d:bb:74:ca:
         76:ab:bd:19:a9:a1:9c:da:de:db:ab:34:c4:25:50:b9:41:aa:
         bf:fa:85:c3:9c:b7:d6:2d:98:d7:ce:f9:38:1a:a5:8c:6c:44:
         7c:22:98:22:1a:f4:1c:d3:37:d0:0a:f0:5e:49:30:b0:8f:a9:
         ea:65:f5:0a:0e:28:8b:33:e6:e9:1a:1d:a8:8b:36:e2:a5:65:
         d6:67:79:88:a6:de:30:a3:1d:8b:bf:85:5c:e3:02:64:62:f6:
         5b:46:ed:22:2f:7a:31:62:18:10:e6:33:db:74:91:7c:b5:62:
         b7:3f:44:e6:0f:37:ed:b8:27:bc:38:c1:6c:a6:d0:12:c3:1c:
         28:88:31:49:da:90:04:93:b2:45:e4:03:b6:44:51:55:71:7c:
         13:e2:fe:eb:95:96:54:a2:6b:52:8e:d6:dd:2c:3e:1a:a2:b9:
         c1:55:9a:9c:8f:9a:04:89:d4:10:2f:3c:3e:d3:74:d3:e6:3c:
         8d:d8:37:10
-----BEGIN CERTIFICATE-----
MIIGqDCCBZCgAwIBAgISAY0hivYm6SWFLsX1CTxBHSz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwMTE5MTE0NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTI3ZjZmOTlmNDYzMzIxYmFmNjlmNzg5NmUxYWUxMWE5YTkxNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXWETnOH6x08c3/OY9wdbxSox6z6
oAr5VCGiidPo/HCLEymPX5IcBSzTJKrSIOWVxH77YeNOnqBe92A0+v/CcaPTezXB
q0HMNUy9X315lbvKo/yzrg+2cuqxCNPu2vTYyRD6kXYwctYubfoPBi28+Li0fnTR
tzFa36p77Xoq5jP3XQTyfzJr/i1WxyJp8J7nx2LDobcjfm6KDmt+UTBbp9lyWGbl
y+9zRHS/J67T1hojR1a+dAxhs2huI81F8YxTVG0Ds1lTLQt7j5Xf67f4YBjEDt/N
hG+gklZENaCIL+a1zp9Gz/piylLxTmWk0lg8IXOPDmmAnAczEr72oN9okQIDAQAB
o4IDtDCCA7AwHQYDVR0OBBYEFKUn9vmfRjMhuvafeJbhrhGpqRSVMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvcFNmMi1aOUdNeUc2OXA5NGx1R3VFYW1wRkpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIByAYIKwYBBQUHAQcBAf8EggG3MIIBszAqBAIAATAkAwQA
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAX9dtAwQAwnFpMIIBgwQCAAIwggF7AwUD
KgbZAAMGBCoJNQWQAwYEKgk1BbADBQAqCTUGMA0DBAMqCTgDBQAqCTgCMA8DBQIq
CTgEAwYFKgk4BEAwDgMFACoJOAUDBQMqCTgAAwUDKgk7AAMFAyoJPQAwEAMGBCoJ
TgEwAwYFKglOAUAwEAMGBCoJTgGQAwYEKglOAaADBQAqCU4DAwUAKglvAAMFAyoJ
toADBQAqCb2AAwUAKgpHhDAOAwUAKgwhAwMFACoMIQQDBQMqDOjAAwUDKg1ewDAO
AwUAKg2LAwMFACoNiwQDBQAqDYsHAwUBKg/MgAMGBCoPzIcAAwUDKhDAwAMFAyoQ
w0ADBgQqEQIAAAMGBSoRAgBAMBADBgQqEQIAcAMGBCoRAgCgMBADBgYqEQIAwAMG
BCoRAgDgMA4DBQAqEQIBAwUAKhECAgMFAioRAgQDBQMqEQeAAwUDKhEJgAMFAyoR
C4ADBQAqEQ6CAwYEKhEOh2AwDgMFACoRrwEDBQAqEa8CAwUDKhJ8ADANBgkqhkiG
9w0BAQsFAAOCAQEACAUPxyoPv3ZofQc6cBfUTHk4ZPmGEI9Azowj57pimw0RmpTg
4drrHP8Cg0WVIm5L7HuNLYNkYcNuAovk189JcPeq3Rotu3TKdqu9GamhnNre26s0
xCVQuUGqv/qFw5y31i2Y1875OBqljGxEfCKYIhr0HNM30ArwXkkwsI+p6mX1Cg4o
izPm6RodqIs24qVl1md5iKbeMKMdi7+FXOMCZGL2W0btIi96MWIYEOYz23SRfLVi
tz9E5g837bgnvDjBbKbQEsMcKIgxSdqQBJOyReQDtkRRVXF8E+L+65WWVKJrUo7W
3Sw+GqK5wVWanI+aBInUEC88PtN00+Y8jdg3EA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:59 2024 by rpki-client on console-ams.rpki-client.org