Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/sKAJ_Qm6SUvmBuJKXH9Klit8fFU.roa
File:                     sKAJ_Qm6SUvmBuJKXH9Klit8fFU.roa (raw, json)
Hash identifier:          8Xsx69eaaAFeWuskD9XeET1cUBNXhOlJVnwDSad0NVU=
Subject key identifier:   B0:A0:09:FD:09:BA:49:4B:E6:06:E2:4A:5C:7F:4A:96:2B:7C:7C:55
Certificate issuer:       /CN=89da60f049dfba34be4b4e8418b9ff492125c449
Certificate serial:       0186AA78FC2DD8CE4DF23BD12E1FA594044C
Authority key identifier: 89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/sKAJ_Qm6SUvmBuJKXH9Klit8fFU.roa
Signing time:             Sat 04 Mar 2023 02:35:00 +0000
ROA not before:           Sat 04 Mar 2023 02:35:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15802
IP address blocks:        91.73.80.0/20 maxlen: 20
                          91.73.96.0/20 maxlen: 20
                          91.73.112.0/20 maxlen: 20
                          91.73.252.0/22 maxlen: 22
                          94.201.251.0/24 maxlen: 24
                          87.201.176.0/22 maxlen: 22
                          87.201.180.0/22 maxlen: 22
                          87.201.184.0/22 maxlen: 22
                          94.201.196.0/22 maxlen: 22
                          91.73.216.0/23 maxlen: 23
                          5.32.64.0/19 maxlen: 19
                          5.32.72.0/24 maxlen: 24
                          91.72.188.0/22 maxlen: 22
                          91.72.204.0/24 maxlen: 24
                          5.32.94.0/24 maxlen: 24
                          5.32.96.0/19 maxlen: 19
                          91.72.205.0/24 maxlen: 24
                          91.72.206.0/24 maxlen: 24
                          5.32.0.0/17 maxlen: 19
                          5.32.23.0/24 maxlen: 24
                          5.32.27.0/24 maxlen: 24
                          5.32.32.0/19 maxlen: 19
                          5.32.36.0/24 maxlen: 24
                          94.200.156.0/24 maxlen: 24
                          87.201.14.0/24 maxlen: 24
                          91.73.16.0/20 maxlen: 20
                          91.73.32.0/20 maxlen: 20
                          87.201.40.0/24 maxlen: 24
                          94.207.239.0/24 maxlen: 24
                          87.201.46.0/24 maxlen: 24
                          91.73.64.0/20 maxlen: 20
                          80.227.200.0/22 maxlen: 22
                          5.32.111.0/24 maxlen: 24
                          91.72.229.0/24 maxlen: 24
                          94.200.248.0/22 maxlen: 22
                          91.73.0.0/20 maxlen: 20
                          5.31.96.0/19 maxlen: 19
                          94.206.148.0/22 maxlen: 22
                          94.206.152.0/23 maxlen: 23
                          94.206.164.0/24 maxlen: 24
                          5.31.128.0/20 maxlen: 20
                          5.31.128.0/19 maxlen: 19
                          94.206.183.0/24 maxlen: 24
                          94.206.181.0/24 maxlen: 24
                          94.206.182.0/24 maxlen: 24
                          5.31.144.0/20 maxlen: 20
                          94.206.84.0/24 maxlen: 24
                          94.206.92.0/24 maxlen: 24
                          94.206.97.0/24 maxlen: 24
                          5.31.64.0/19 maxlen: 19
                          94.206.106.0/24 maxlen: 24
                          94.206.112.0/23 maxlen: 23
                          94.200.0.0/13 maxlen: 19
                          5.31.208.0/20 maxlen: 20
                          5.31.224.0/20 maxlen: 20
                          5.31.224.0/19 maxlen: 19
                          5.31.240.0/20 maxlen: 20
                          87.200.0.0/15 maxlen: 19
                          5.31.160.0/19 maxlen: 19
                          5.31.160.0/20 maxlen: 20
                          80.227.0.0/16 maxlen: 19
                          5.31.176.0/20 maxlen: 20
                          91.72.0.0/14 maxlen: 19
                          5.31.192.0/20 maxlen: 20
                          5.31.192.0/19 maxlen: 19
                          5.30.160.0/19 maxlen: 19
                          94.205.204.0/22 maxlen: 22
                          5.30.96.0/19 maxlen: 19
                          5.30.128.0/19 maxlen: 19
                          94.206.31.0/24 maxlen: 24
                          94.206.40.0/22 maxlen: 22
                          5.31.0.0/19 maxlen: 19
                          94.206.51.0/24 maxlen: 24
                          213.132.32.0/19 maxlen: 19
                          94.206.61.0/24 maxlen: 24
                          5.31.32.0/19 maxlen: 19
                          94.206.74.0/23 maxlen: 23
                          5.30.192.0/19 maxlen: 19
                          94.205.240.0/24 maxlen: 24
                          94.205.254.0/24 maxlen: 24
                          5.30.224.0/19 maxlen: 19
                          94.206.16.0/23 maxlen: 23
                          94.206.21.0/24 maxlen: 24
                          94.205.8.0/22 maxlen: 22
                          5.30.32.0/19 maxlen: 19
                          5.30.64.0/19 maxlen: 19
                          5.30.0.0/19 maxlen: 19
                          5.30.8.0/22 maxlen: 22
                          5.30.0.0/15 maxlen: 15
                          94.203.200.0/22 maxlen: 22
                          94.203.204.0/22 maxlen: 22
                          94.203.228.0/22 maxlen: 22
                          94.203.44.0/23 maxlen: 23
                          94.203.62.0/23 maxlen: 23
                          94.203.156.0/22 maxlen: 22
                          94.203.199.0/24 maxlen: 24
                          91.74.56.0/24 maxlen: 24
                          91.74.78.0/23 maxlen: 23
                          2a00:f2b::/32 maxlen: 32
                          2a00:f2e::/32 maxlen: 32
                          2a00:f2c::/32 maxlen: 32
                          2a00:f2d::/32 maxlen: 32
                          2a00:f29::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 08 Mar 2023 12:51:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:aa:78:fc:2d:d8:ce:4d:f2:3b:d1:2e:1f:a5:94:04:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89da60f049dfba34be4b4e8418b9ff492125c449
        Validity
            Not Before: Mar  4 02:35:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0a009fd09ba494be606e24a5c7f4a962b7c7c55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:07:58:82:bd:c6:34:c0:db:7b:e5:5f:a5:22:
                    9a:d5:8b:43:83:45:fa:88:d2:cc:5e:54:b3:96:15:
                    b0:6d:2c:27:c4:6c:24:56:14:f8:ea:1f:09:b9:d0:
                    f9:88:7c:ed:5d:82:c0:4e:f1:0e:c9:06:3e:3a:b3:
                    2f:dc:9e:d2:4c:2a:d6:2b:35:da:d4:23:15:2d:33:
                    c7:f0:8f:6d:d7:ad:af:bf:ae:f6:4e:c7:af:f6:99:
                    97:53:73:8d:7b:aa:4b:83:14:f4:2f:a5:ba:f0:de:
                    54:5b:df:d6:2a:c3:0e:e6:8c:3b:7c:34:bf:c3:ef:
                    fd:46:d1:54:b0:36:27:d3:e8:77:af:17:7c:bf:e8:
                    b2:0b:dd:29:c2:5d:7e:71:f9:b1:5f:c1:99:be:62:
                    42:89:f4:2c:b4:a4:d0:00:16:76:70:84:4d:4b:ab:
                    fe:9a:4d:95:71:a0:e4:f1:6b:bb:ef:f6:ba:8c:d1:
                    65:42:ed:1b:06:89:ce:d5:ab:c8:af:ac:ee:b0:07:
                    8f:7a:97:80:a9:f0:5a:a9:97:00:f9:eb:b4:ad:62:
                    b9:6b:a9:b1:5d:11:61:80:ff:ad:aa:7a:5d:3b:01:
                    eb:af:38:84:a1:06:44:14:bd:b7:7e:4d:44:9d:ca:
                    02:5c:76:6f:dd:d0:e7:fe:05:ce:ed:5c:f9:54:0a:
                    b8:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:A0:09:FD:09:BA:49:4B:E6:06:E2:4A:5C:7F:4A:96:2B:7C:7C:55
            X509v3 Authority Key Identifier:
                keyid:89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/sKAJ_Qm6SUvmBuJKXH9Klit8fFU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.30.0.0-5.32.127.255
                  80.227.0.0/16
                  87.200.0.0/15
                  91.72.0.0/14
                  94.200.0.0/13
                  213.132.32.0/19
                IPv6:
                  2a00:f29::/32
                  2a00:f2b::-2a00:f2e:ffff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         57:14:d3:d4:b5:67:1d:c4:ce:ce:5b:e9:c8:8c:f3:07:3d:d4:
         3f:61:e6:67:ac:f2:13:cf:17:5a:33:8a:3d:aa:c8:ad:06:5b:
         c1:4d:00:99:21:6b:ea:56:37:55:3c:04:44:f2:be:67:2a:b6:
         c1:4a:45:38:24:af:c7:6b:ec:a3:b8:a7:9e:7b:e8:44:73:60:
         5b:75:e6:89:9b:f7:77:84:43:16:12:ae:ef:c8:f2:29:7f:63:
         63:2a:a8:25:58:69:44:ac:bd:51:2b:a3:b8:17:69:18:6e:51:
         1f:da:8e:87:96:53:45:a2:f7:32:1a:f0:87:2c:53:2b:93:87:
         bb:32:43:47:b6:60:db:cd:f3:82:c6:b8:a2:85:09:cf:57:8f:
         47:6b:af:9c:a0:34:82:07:25:41:eb:ac:94:32:15:54:d6:29:
         48:f1:f3:5d:42:0f:f7:c5:02:e5:95:2d:32:3f:64:54:e5:3d:
         94:47:58:40:6f:e9:ed:b8:51:4c:a6:b4:3a:3e:a4:76:94:3e:
         14:93:2a:38:5c:27:13:68:fd:5e:8c:1b:1f:96:eb:92:51:b2:
         7d:ac:84:c9:bf:56:0b:4a:5d:ea:43:68:9b:38:62:87:55:27:
         8b:a1:ed:14:5c:c4:7a:be:4b:a8:d3:53:86:5e:85:ee:cb:6c:
         c5:45:56:81
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYaqePwt2M5N8jvRLh+llARMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZGE2MGYwNDlkZmJhMzRiZTRiNGU4NDE4YjlmZjQ5MjEy
NWM0NDkwHhcNMjMwMzA0MDIzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGEwMDlmZDA5YmE0OTRiZTYwNmUyNGE1YzdmNGE5NjJiN2M3YzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwdYgr3GNMDbe+VfpSKa1YtDg0X6
iNLMXlSzlhWwbSwnxGwkVhT46h8JudD5iHztXYLATvEOyQY+OrMv3J7STCrWKzXa
1CMVLTPH8I9t162vv672Tsev9pmXU3ONe6pLgxT0L6W68N5UW9/WKsMO5ow7fDS/
w+/9RtFUsDYn0+h3rxd8v+iyC90pwl1+cfmxX8GZvmJCifQstKTQABZ2cIRNS6v+
mk2VcaDk8Wu77/a6jNFlQu0bBonO1avIr6zusAePepeAqfBaqZcA+eu0rWK5a6mx
XRFhgP+tqnpdOwHrrziEoQZEFL23fk1EncoCXHZv3dDn/gXO7Vz5VAq4nQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLCgCf0JuklL5gbiSlx/SpYrfHxVMB8GA1UdIwQY
MBaAFInaYPBJ37o0vktOhBi5/0khJcRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUt
Njk4OTBjODI5ZTMzLzEvc0tBSl9RbTZTVXZtQnVKS1hIOUtsaXQ4ZkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUtNjk4OTBjODI5ZTMz
LzEvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAtBAIAATAnMAsDAwEFHgME
BwUgAAMDAFDjAwMBV8gDAwJbSAMDA17IAwQF1YQgMB0EAgACMBcDBQAqAA8pMA4D
BQAqAA8rAwUAKgAPLjANBgkqhkiG9w0BAQsFAAOCAQEAVxTT1LVnHcTOzlvpyIzz
Bz3UP2HmZ6zyE88XWjOKParIrQZbwU0AmSFr6lY3VTwERPK+Zyq2wUpFOCSvx2vs
o7innnvoRHNgW3XmiZv3d4RDFhKu78jyKX9jYyqoJVhpRKy9USujuBdpGG5RH9qO
h5ZTRaL3MhrwhyxTK5OHuzJDR7Zg283zgsa4ooUJz1ePR2uvnKA0ggclQeuslDIV
VNYpSPHzXUIP98UC5ZUtMj9kVOU9lEdYQG/p7bhRTKa0Oj6kdpQ+FJMqOFwnE2j9
XowbH5brklGyfayEyb9WC0pd6kNomzhih1Uni6HtFFzEer5LqNNThl6F7stsxUVW
gQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org