Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/xkr5RwnuwC4B6YZ3-emQH2FOdTI.roa
File:                     xkr5RwnuwC4B6YZ3-emQH2FOdTI.roa (raw, json)
Hash identifier:          i9c8M4lljwePaSA9o3i/OgN/QFbLZEer1xSSAdUjLUw=
Subject key identifier:   C6:4A:F9:47:09:EE:C0:2E:01:E9:86:77:F9:E9:90:1F:61:4E:75:32
Certificate issuer:       /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial:       0189D533558F63676061F877AA8DAA378345
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/xkr5RwnuwC4B6YZ3-emQH2FOdTI.roa
Signing time:             Tue 08 Aug 2023 12:50:58 +0000
ROA not before:           Tue 08 Aug 2023 12:50:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204916
IP address blocks:        45.151.139.0/24 maxlen: 24
                          84.54.36.0/24 maxlen: 24
                          83.171.240.0/24 maxlen: 24
                          83.171.240.0/22 maxlen: 22
                          83.171.243.0/24 maxlen: 24
                          83.171.242.0/24 maxlen: 24
                          194.113.105.0/24 maxlen: 24
                          2a0f:cc87::/36 maxlen: 36
                          2a10:c0c3::/32 maxlen: 32
                          2a10:c0c0::/29 maxlen: 29
                          2a11:200:8000::/36 maxlen: 36
                          2a11:200:7000::/36 maxlen: 36
                          2a11:200:5000::/36 maxlen: 36
                          2a11:200::/36 maxlen: 36
                          2a11:200:4000::/36 maxlen: 36
                          2a0d:5ec5::/32 maxlen: 32
                          2a11:202::/32 maxlen: 32
                          2a11:af01::/32 maxlen: 32
                          2a0c:e8c0::/29 maxlen: 29
                          2a10:c0c1::/32 maxlen: 32
                          2a10:c0c7:3000::/36 maxlen: 36
                          2a10:c0c7:5000::/36 maxlen: 36
                          2a10:c0c0::/32 maxlen: 32
                          2a11:e82::/32 maxlen: 32
                          2a06:d900::/29 maxlen: 29
                          2a09:3b00::/29 maxlen: 29
                          2a09:4e01:3000::/36 maxlen: 36
                          2a09:4e01:4000::/36 maxlen: 36
                          2a09:4e01:5000::/36 maxlen: 36
                          2a09:4e01:9000::/36 maxlen: 36
                          2a11:201::/32 maxlen: 32
                          2a10:c340::/29 maxlen: 36

Validation:               Failed, certificate revoked on Wed 09 Aug 2023 06:54:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d5:33:55:8f:63:67:60:61:f8:77:aa:8d:aa:37:83:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
        Validity
            Not Before: Aug  8 12:50:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c64af94709eec02e01e98677f9e9901f614e7532
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d0:e3:7f:ec:c7:42:0e:b8:05:0a:d3:cd:37:
                    a0:d6:1a:94:55:e4:a3:0e:c0:24:de:76:39:c0:6f:
                    e7:89:e5:9d:5f:c7:b7:87:bd:cd:e3:13:ff:41:38:
                    25:52:1a:23:20:37:a6:6b:bd:79:f9:4c:fc:ba:0b:
                    37:34:ea:41:8a:2e:d9:e3:c9:d7:a0:29:23:6f:47:
                    4f:06:43:f1:3b:a4:82:a5:c6:4c:00:0e:31:6b:ea:
                    0e:fa:9f:82:5c:e5:7e:01:90:52:d5:af:84:ed:d4:
                    95:c4:b8:6d:20:72:a9:0f:a8:26:ee:14:73:13:3f:
                    e9:a4:77:f8:a0:7c:5a:88:d8:64:81:a0:e1:67:fb:
                    fa:69:25:93:da:cd:d6:89:8e:17:e8:d1:e7:59:32:
                    d9:fe:fb:7d:e5:86:86:1a:8f:27:2e:d0:08:97:af:
                    35:fb:23:8f:2c:cd:40:bf:a6:8e:7d:b0:69:8c:79:
                    a9:f7:27:2f:0f:d6:2e:0a:25:34:36:7c:fd:87:09:
                    b8:f8:f9:44:0a:fb:a0:01:b4:bb:b7:1c:e1:88:dc:
                    33:bb:dd:90:cd:fe:55:25:58:ba:02:c0:be:c2:dd:
                    53:23:40:c1:f4:21:e4:be:b6:ec:37:58:9f:3d:85:
                    13:00:38:7f:5f:d8:c9:f5:d3:5e:b4:d5:7f:48:82:
                    15:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:4A:F9:47:09:EE:C0:2E:01:E9:86:77:F9:E9:90:1F:61:4E:75:32
            X509v3 Authority Key Identifier:
                keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/xkr5RwnuwC4B6YZ3-emQH2FOdTI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.151.139.0/24
                  83.171.240.0/22
                  84.54.36.0/24
                  194.113.105.0/24
                IPv6:
                  2a06:d900::/29
                  2a09:3b00::/29
                  2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
                  2a09:4e01:9000::/36
                  2a0c:e8c0::/29
                  2a0d:5ec5::/32
                  2a0f:cc87::/36
                  2a10:c0c0::/29
                  2a10:c340::/29
                  2a11:200::/36
                  2a11:200:4000::/35
                  2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
                  2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
                  2a11:e82::/32
                  2a11:af01::/32

    Signature Algorithm: sha256WithRSAEncryption
         86:ad:06:10:d1:ad:5d:69:fc:61:2b:01:f6:f2:84:08:95:08:
         2b:99:bc:cc:59:04:9a:f4:c1:7e:14:c0:84:8f:ae:d5:e9:21:
         48:e1:ea:71:12:a5:76:71:fa:dd:f9:00:b6:98:ca:20:3d:05:
         d9:19:34:43:d5:5e:65:c5:d2:7f:bd:c9:4c:94:46:18:4f:a9:
         82:af:90:24:04:83:ef:c1:5d:a0:63:f4:16:a2:2c:6a:69:1f:
         28:00:53:de:bc:c2:9b:3b:d1:bc:57:dc:e3:49:c1:0d:4a:65:
         fd:f8:1a:e6:f2:b4:cd:7f:c2:8b:13:10:4c:1e:fc:1b:35:50:
         91:6f:39:2e:ea:78:d6:23:9b:20:52:d1:43:07:6e:1d:40:5f:
         0a:78:b7:e8:ad:91:95:22:a7:46:d3:84:e1:4b:e1:7d:53:41:
         86:80:aa:c0:3d:8e:86:1e:4a:f5:91:6e:08:c1:03:a8:87:d9:
         15:84:a0:f9:55:6e:87:5a:5b:8a:b7:e8:72:0d:2b:d0:0d:4d:
         c7:36:21:aa:13:96:3c:73:c2:1c:7f:50:6c:90:5c:00:4a:de:
         3a:5b:46:68:0c:12:ff:a6:09:8b:c5:90:a1:9d:11:7e:8a:5e:
         90:92:df:7a:db:0c:28:3d:5f:21:28:ac:9b:f9:99:76:0d:14:
         a8:2e:06:c1
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYnVM1WPY2dgYfh3qo2qN4NFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwODA4MTI1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRhZjk0NzA5ZWVjMDJlMDFlOTg2NzdmOWU5OTAxZjYxNGU3NTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtDjf+zHQg64BQrTzTeg1hqUVeSj
DsAk3nY5wG/nieWdX8e3h73N4xP/QTglUhojIDema715+Uz8ugs3NOpBii7Z48nX
oCkjb0dPBkPxO6SCpcZMAA4xa+oO+p+CXOV+AZBS1a+E7dSVxLhtIHKpD6gm7hRz
Ez/ppHf4oHxaiNhkgaDhZ/v6aSWT2s3WiY4X6NHnWTLZ/vt95YaGGo8nLtAIl681
+yOPLM1Av6aOfbBpjHmp9ycvD9YuCiU0Nnz9hwm4+PlECvugAbS7txzhiNwzu92Q
zf5VJVi6AsC+wt1TI0DB9CHkvrbsN1ifPYUTADh/X9jJ9dNetNV/SIIVBwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFMZK+UcJ7sAuAemGd/npkB9hTnUyMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEveGtyNVJ3bnV3QzRCNllaMy1lbVFIMkZPZFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjAeBAIAATAYAwQALZeL
AwQCU6vwAwQAVDYkAwQAwnFpMIGTBAIAAjCBjAMFAyoG2QADBQMqCTsAMBADBgQq
CU4BMAMGBSoJTgFAAwYEKglOAZADBQMqDOjAAwUAKg1exQMGBCoPzIcAAwUDKhDA
wAMFAyoQw0ADBgQqEQIAAAMGBSoRAgBAMBADBgQqEQIAcAMGBCoRAgCAMA4DBQAq
EQIBAwUAKhECAgMFACoRDoIDBQAqEa8BMA0GCSqGSIb3DQEBCwUAA4IBAQCGrQYQ
0a1dafxhKwH28oQIlQgrmbzMWQSa9MF+FMCEj67V6SFI4epxEqV2cfrd+QC2mMog
PQXZGTRD1V5lxdJ/vclMlEYYT6mCr5AkBIPvwV2gY/QWoixqaR8oAFPevMKbO9G8
V9zjScENSmX9+Brm8rTNf8KLExBMHvwbNVCRbzku6njWI5sgUtFDB24dQF8KeLfo
rZGVIqdG04ThS+F9U0GGgKrAPY6GHkr1kW4IwQOoh9kVhKD5VW6HWluKt+hyDSvQ
DU3HNiGqE5Y8c8Icf1BskFwASt46W0ZoDBL/pgmLxZChnRF+il6Qkt962wwoPV8h
KKyb+Zl2DRSoLgbB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:59 2024 by rpki-client on console-ams.rpki-client.org