Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/GIH6aqqvs9692zuVg9itd8rvlNw.roa
File:                     GIH6aqqvs9692zuVg9itd8rvlNw.roa (raw, json)
Hash identifier:          v1PS2pV6/jc5N2nWybm3Kw8bxhhbdGb0k5GSxlhdAhk=
Subject key identifier:   18:81:FA:6A:AA:AF:B3:DE:BD:DB:3B:95:83:D8:AD:77:CA:EF:94:DC
Certificate issuer:       /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial:       018833C2CDE6BD72FD77D3C89D585583A844
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/GIH6aqqvs9692zuVg9itd8rvlNw.roa
Signing time:             Fri 19 May 2023 11:26:24 +0000
ROA not before:           Fri 19 May 2023 11:26:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199967
IP address blocks:        45.66.133.0/24 maxlen: 24
                          185.159.70.0/24 maxlen: 24
                          185.159.69.0/24 maxlen: 24
                          185.159.68.0/24 maxlen: 24
                          185.187.239.0/24 maxlen: 24
                          185.187.238.0/24 maxlen: 24
                          185.187.237.0/24 maxlen: 24
                          45.12.205.0/24 maxlen: 24
                          45.12.204.0/24 maxlen: 24
                          45.134.19.0/24 maxlen: 24
                          81.90.191.0/24 maxlen: 24
                          188.119.101.0/24 maxlen: 24
                          188.119.100.0/24 maxlen: 24
                          185.126.70.0/24 maxlen: 24
                          185.126.69.0/24 maxlen: 24
                          185.126.71.0/24 maxlen: 24
                          185.105.189.0/24 maxlen: 24
                          185.105.190.0/24 maxlen: 24
                          185.168.23.0/24 maxlen: 24
                          185.168.22.0/24 maxlen: 24
                          185.168.21.0/24 maxlen: 24
                          185.171.121.0/24 maxlen: 24
                          185.126.139.0/24 maxlen: 24
                          185.126.138.0/24 maxlen: 24
                          91.217.121.0/24 maxlen: 24
                          91.217.120.0/24 maxlen: 24
                          194.156.228.0/24 maxlen: 24
                          185.175.141.0/24 maxlen: 24
                          185.175.140.0/24 maxlen: 24
                          45.144.240.0/24 maxlen: 24
                          45.144.241.0/24 maxlen: 24
                          45.82.166.0/24 maxlen: 24
                          5.183.178.0/24 maxlen: 24
                          185.160.27.0/24 maxlen: 24
                          185.160.25.0/24 maxlen: 24
                          185.126.118.0/24 maxlen: 24
                          185.126.119.0/24 maxlen: 24
                          5.181.6.0/24 maxlen: 24
                          5.181.7.0/24 maxlen: 24
                          45.66.132.0/24 maxlen: 24
                          185.120.19.0/24 maxlen: 24
                          185.120.18.0/24 maxlen: 24
                          152.89.209.0/24 maxlen: 24
                          217.197.163.0/24 maxlen: 24
                          147.78.15.0/24 maxlen: 24
                          45.128.154.0/24 maxlen: 24
                          2a0c:8a40:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 27 May 2023 14:11:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:33:c2:cd:e6:bd:72:fd:77:d3:c8:9d:58:55:83:a8:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
        Validity
            Not Before: May 19 11:26:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1881fa6aaaafb3debddb3b9583d8ad77caef94dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:eb:34:98:c3:6f:57:34:79:95:a4:f5:5b:e2:
                    c5:68:18:dd:bf:c4:78:77:d4:ff:80:36:fb:18:ed:
                    17:0a:7c:6b:b2:bd:30:77:fb:1c:1c:65:90:22:c6:
                    99:bf:5d:e5:54:c3:c9:2b:7e:ca:54:21:ba:4a:b9:
                    80:40:ee:fd:30:85:6d:cc:d1:0b:65:21:91:5b:ee:
                    65:9d:8e:0b:01:41:a7:de:18:81:09:13:ea:67:62:
                    e0:de:03:52:23:df:7d:33:3f:04:b0:63:f9:ef:fd:
                    55:58:bc:29:56:cb:7e:ce:18:a6:3a:0a:40:ea:9f:
                    eb:52:ed:bf:d4:66:cd:d7:68:52:e0:00:67:f6:a6:
                    2c:3e:ee:01:a8:f2:3a:8c:d7:53:9d:6e:5f:c8:76:
                    d2:bf:a7:e1:5a:53:72:43:9e:80:ad:f6:92:1b:41:
                    99:07:a5:85:33:ba:31:27:1b:e2:e1:19:dc:69:85:
                    f9:09:bc:8a:a6:d7:f5:e5:95:6f:42:f7:8c:ba:86:
                    d6:11:5e:6b:36:3e:12:7b:42:8a:fa:46:b6:7b:29:
                    d0:7a:8b:98:87:8d:00:e7:2a:12:bd:34:6e:13:9b:
                    e0:90:41:bb:af:c1:83:30:08:df:2f:4d:c8:1e:fe:
                    cf:47:ab:9c:d1:07:52:d5:90:b2:0c:26:39:4b:7b:
                    c4:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:81:FA:6A:AA:AF:B3:DE:BD:DB:3B:95:83:D8:AD:77:CA:EF:94:DC
            X509v3 Authority Key Identifier:
                keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/GIH6aqqvs9692zuVg9itd8rvlNw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.6.0/23
                  5.183.178.0/24
                  45.12.204.0/23
                  45.66.132.0/23
                  45.82.166.0/24
                  45.128.154.0/24
                  45.134.19.0/24
                  45.144.240.0/23
                  81.90.191.0/24
                  91.217.120.0/23
                  147.78.15.0/24
                  152.89.209.0/24
                  185.105.189.0-185.105.190.255
                  185.120.18.0/23
                  185.126.69.0-185.126.71.255
                  185.126.118.0/23
                  185.126.138.0/23
                  185.159.68.0-185.159.70.255
                  185.160.25.0/24
                  185.160.27.0/24
                  185.168.21.0-185.168.23.255
                  185.171.121.0/24
                  185.175.140.0/23
                  185.187.237.0-185.187.239.255
                  188.119.100.0/23
                  194.156.228.0/24
                  217.197.163.0/24
                IPv6:
                  2a0c:8a40:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         75:a0:ef:39:67:25:0f:95:f6:82:ad:8c:e2:20:8b:1d:52:2b:
         2b:f7:01:ce:f5:46:2f:bb:f5:d2:ed:0b:e2:04:5e:57:ac:da:
         32:ca:0c:d1:35:89:47:4a:03:56:06:81:23:eb:e1:79:64:0c:
         5b:fb:e4:e0:f3:3f:af:f0:74:0a:97:64:59:56:4e:0c:86:fa:
         6c:a9:df:1a:2c:c6:ae:b3:97:c8:fb:4d:81:90:af:19:ad:ac:
         f3:84:40:cd:aa:d6:b0:b9:6a:7a:d8:ec:69:9c:46:94:d6:55:
         a7:01:9a:a5:96:9c:ce:ff:a4:57:be:34:a3:48:42:b4:7f:ff:
         01:7d:0a:25:6e:ea:24:a5:45:65:62:9f:92:93:28:33:32:87:
         75:1b:36:81:7e:4b:83:c9:0f:e6:a1:77:39:bf:c3:84:3f:dc:
         b3:7c:67:4b:48:90:df:5f:26:9a:fd:36:17:93:bc:7a:8d:66:
         36:47:29:81:fa:cf:93:70:c9:c8:c5:03:cc:5e:88:e2:48:7c:
         fa:a1:26:4d:aa:9b:68:ac:68:34:fc:86:cf:18:68:a7:22:e1:
         ed:cf:4c:1a:07:5b:ec:93:c2:64:e8:91:4c:48:2b:3b:f0:a2:
         b1:c8:07:77:c8:35:88:de:06:0f:c4:67:3e:d1:1a:cb:a3:c3:
         6f:52:4d:04
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAYgzws3mvXL9d9PInVhVg6hEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjMwNTE5MTEyNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODgxZmE2YWFhYWZiM2RlYmRkYjNiOTU4M2Q4YWQ3N2NhZWY5NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlus0mMNvVzR5laT1W+LFaBjdv8R4
d9T/gDb7GO0XCnxrsr0wd/scHGWQIsaZv13lVMPJK37KVCG6SrmAQO79MIVtzNEL
ZSGRW+5lnY4LAUGn3hiBCRPqZ2Lg3gNSI999Mz8EsGP57/1VWLwpVst+zhimOgpA
6p/rUu2/1GbN12hS4ABn9qYsPu4BqPI6jNdTnW5fyHbSv6fhWlNyQ56ArfaSG0GZ
B6WFM7oxJxvi4RncaYX5CbyKptf15ZVvQveMuobWEV5rNj4Se0KK+ka2eynQeouY
h40A5yoSvTRuE5vgkEG7r8GDMAjfL03IHv7PR6uc0QdS1ZCyDCY5S3vE8wIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFBiB+mqqr7Pevds7lYPYrXfK75TcMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvR0lINmFxcXZzOTY5Mnp1Vmc5aXRkOHJ2bE53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH4BggrBgEFBQcBBwEB/wSB6DCB5TCB0QQCAAEwgcoDBAEF
tQYDBAAFt7IDBAEtDMwDBAEtQoQDBAAtUqYDBAAtgJoDBAAthhMDBAEtkPADBABR
Wr8DBAFb2XgDBACTTg8DBACYWdEwDAMEALlpvQMEALlpvgMEAbl4EjAMAwQAuX5F
AwQDuX5AAwQBuX52AwQBuX6KMAwDBAK5n0QDBAC5n0YDBAC5oBkDBAC5oBswDAME
ALmoFQMEA7moEAMEALmreQMEAbmvjDAMAwQAubvtAwQEubvgAwQBvHdkAwQAwpzk
AwQA2cWjMA8EAgACMAkDBwAqDIpAAAEwDQYJKoZIhvcNAQELBQADggEBAHWg7zln
JQ+V9oKtjOIgix1SKyv3Ac71Ri+79dLtC+IEXles2jLKDNE1iUdKA1YGgSPr4Xlk
DFv75ODzP6/wdAqXZFlWTgyG+myp3xosxq6zl8j7TYGQrxmtrPOEQM2q1rC5anrY
7GmcRpTWVacBmqWWnM7/pFe+NKNIQrR//wF9CiVu6iSlRWVin5KTKDMyh3UbNoF+
S4PJD+ahdzm/w4Q/3LN8Z0tIkN9fJpr9NheTvHqNZjZHKYH6z5NwycjFA8xeiOJI
fPqhJk2qm2isaDT8hs8YaKci4e3PTBoHW+yTwmTokUxIKzvworHIB3fINYjeBg/E
Zz7RGsujw29STQQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:50 2024 by rpki-client on console-fra.rpki-client.org