Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/FEdmGQEjV-I56U6CFi1_IWRVcG0.roa
File:                     FEdmGQEjV-I56U6CFi1_IWRVcG0.roa (raw, json)
Hash identifier:          RLbEyxjvLkoqmN6OZnvIT2AoCr1ef9Xdz+19GuWixgM=
Subject key identifier:   14:47:66:19:01:23:57:E2:39:E9:4E:82:16:2D:7F:21:64:55:70:6D
Certificate issuer:       /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial:       018BA8A2B0C0D66535D4ED3EF6EC21D876D0
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/FEdmGQEjV-I56U6CFi1_IWRVcG0.roa
Signing time:             Tue 07 Nov 2023 07:15:16 +0000
ROA not before:           Tue 07 Nov 2023 07:15:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49505
IP address blocks:        195.208.56.0/24 maxlen: 24
                          195.19.172.0/22 maxlen: 24
                          195.19.168.0/22 maxlen: 24
                          195.208.80.0/22 maxlen: 24
                          195.208.84.0/24 maxlen: 24
                          195.208.88.0/22 maxlen: 24
                          195.208.86.0/23 maxlen: 24
                          195.208.92.0/22 maxlen: 24
                          195.19.199.0/24 maxlen: 24
                          195.19.195.0/24 maxlen: 24
                          62.76.164.0/24 maxlen: 24
                          195.208.21.0/24 maxlen: 24
                          195.208.20.0/24 maxlen: 24
                          195.208.178.0/24 maxlen: 24
                          195.208.180.0/24 maxlen: 24
                          193.232.88.0/22 maxlen: 24
                          195.208.110.0/24 maxlen: 24
                          195.208.117.0/24 maxlen: 24
                          195.19.219.0/24 maxlen: 24
                          62.76.7.0/24 maxlen: 24
                          194.190.149.0/24 maxlen: 24
                          212.193.184.0/22 maxlen: 24
                          212.193.188.0/22 maxlen: 24
                          194.190.131.0/24 maxlen: 24
                          62.76.155.0/24 maxlen: 24
                          194.190.210.0/23 maxlen: 24
                          195.19.29.0/24 maxlen: 24
                          194.226.187.0/24 maxlen: 24
                          212.192.228.0/24 maxlen: 24
                          195.209.188.0/24 maxlen: 24
                          194.226.166.0/24 maxlen: 24
                          194.226.165.0/24 maxlen: 24
                          194.226.184.0/24 maxlen: 24
                          194.85.179.0/24 maxlen: 24
                          194.85.180.0/24 maxlen: 24
                          194.85.181.0/24 maxlen: 24
                          194.85.182.0/24 maxlen: 24
                          212.193.162.0/24 maxlen: 24
                          212.193.164.0/24 maxlen: 24
                          212.193.168.0/24 maxlen: 24
                          212.193.171.0/24 maxlen: 24
                          212.193.167.0/24 maxlen: 24
                          212.193.102.0/24 maxlen: 24
                          212.192.56.0/22 maxlen: 24
                          212.192.63.0/24 maxlen: 24
                          212.192.60.0/24 maxlen: 24
                          212.192.61.0/24 maxlen: 24
                          194.226.4.0/24 maxlen: 24
                          194.226.5.0/24 maxlen: 24
                          193.232.204.0/23 maxlen: 24
                          194.226.20.0/24 maxlen: 24
                          193.232.113.0/24 maxlen: 24
                          212.192.168.0/24 maxlen: 24
                          194.226.97.0/24 maxlen: 24
                          195.209.135.0/24 maxlen: 24
                          195.209.145.0/24 maxlen: 24
                          194.226.112.0/24 maxlen: 24
                          212.192.192.0/24 maxlen: 24
                          194.226.115.0/24 maxlen: 24
                          212.192.196.0/22 maxlen: 24
                          194.226.113.0/24 maxlen: 24
                          212.192.195.0/24 maxlen: 24
                          194.226.120.0/24 maxlen: 24
                          194.226.124.0/24 maxlen: 24
                          194.226.125.0/24 maxlen: 24
                          194.226.123.0/24 maxlen: 24
                          194.226.126.0/24 maxlen: 24
                          193.232.222.0/24 maxlen: 24
                          193.232.220.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a8:a2:b0:c0:d6:65:35:d4:ed:3e:f6:ec:21:d8:76:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
        Validity
            Not Before: Nov  7 07:15:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=14476619012357e239e94e82162d7f216455706d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:e2:14:7c:13:be:21:04:4c:ab:af:b2:10:29:
                    d5:e2:33:c7:dc:81:ae:71:3d:eb:7d:f1:a6:82:f3:
                    e2:60:e3:5e:29:8b:b1:09:10:17:11:9f:9d:84:d5:
                    d1:d2:cf:c2:a4:21:7e:78:21:ff:a2:c8:be:4f:54:
                    0c:95:dd:d2:6d:7b:c6:9c:61:0b:1c:10:be:d4:80:
                    a9:91:6e:89:ed:0b:6e:a0:6a:45:9a:a6:89:70:58:
                    ff:42:7b:2c:0f:c1:13:a8:63:36:79:13:34:05:ec:
                    fe:38:e6:83:00:35:d4:0b:9d:65:b2:c9:d9:c0:6a:
                    e9:fd:4c:94:4d:c6:31:e7:4b:1c:af:a8:e9:fc:c6:
                    11:70:aa:6d:da:56:66:6e:78:5f:65:e5:08:07:d6:
                    f6:2e:55:fb:ad:56:44:f0:ae:08:f8:86:6e:70:eb:
                    20:b0:b2:10:99:a7:38:2d:46:dd:c4:9b:44:48:1c:
                    7e:e1:5f:55:e0:a8:71:c7:13:0d:89:4b:c8:63:ca:
                    c7:64:72:25:7e:d0:9f:e3:91:ae:38:6f:3a:a8:df:
                    a1:37:27:74:9b:c3:78:76:98:7f:f8:9a:42:af:1e:
                    b1:66:b1:82:9d:e9:f9:59:6a:07:2c:09:4a:5d:64:
                    0c:fc:28:20:11:98:1e:b6:88:13:05:85:d5:38:cb:
                    a6:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:47:66:19:01:23:57:E2:39:E9:4E:82:16:2D:7F:21:64:55:70:6D
            X509v3 Authority Key Identifier:
                keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/FEdmGQEjV-I56U6CFi1_IWRVcG0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.7.0/24
                  62.76.155.0/24
                  62.76.164.0/24
                  193.232.88.0/22
                  193.232.113.0/24
                  193.232.204.0/23
                  193.232.220.0-193.232.222.255
                  194.85.179.0-194.85.182.255
                  194.190.131.0/24
                  194.190.149.0/24
                  194.190.210.0/23
                  194.226.4.0/23
                  194.226.20.0/24
                  194.226.97.0/24
                  194.226.112.0/23
                  194.226.115.0/24
                  194.226.120.0/24
                  194.226.123.0-194.226.126.255
                  194.226.165.0-194.226.166.255
                  194.226.184.0/24
                  194.226.187.0/24
                  195.19.29.0/24
                  195.19.168.0/21
                  195.19.195.0/24
                  195.19.199.0/24
                  195.19.219.0/24
                  195.208.20.0/23
                  195.208.56.0/24
                  195.208.80.0-195.208.84.255
                  195.208.86.0-195.208.95.255
                  195.208.110.0/24
                  195.208.117.0/24
                  195.208.178.0/24
                  195.208.180.0/24
                  195.209.135.0/24
                  195.209.145.0/24
                  195.209.188.0/24
                  212.192.56.0-212.192.61.255
                  212.192.63.0/24
                  212.192.168.0/24
                  212.192.192.0/24
                  212.192.195.0-212.192.199.255
                  212.192.228.0/24
                  212.193.102.0/24
                  212.193.162.0/24
                  212.193.164.0/24
                  212.193.167.0-212.193.168.255
                  212.193.171.0/24
                  212.193.184.0/21

    Signature Algorithm: sha256WithRSAEncryption
         58:84:fa:a4:e4:03:31:13:81:8e:e4:71:34:0d:d7:21:0f:a0:
         70:19:56:0e:89:80:6f:47:a8:bd:50:01:a2:2d:cd:60:ed:c5:
         df:dd:61:de:7a:0e:d3:e5:f0:02:9a:dc:0f:fe:39:34:c0:3b:
         43:a6:12:75:89:05:7d:2b:cd:7c:57:f0:41:92:f6:2d:2d:3b:
         e7:fb:31:7c:8e:85:d5:65:8b:90:25:a3:37:3b:b0:30:f3:4a:
         4d:5b:c3:fe:19:15:01:4a:11:9e:4e:ac:a4:1e:06:94:36:28:
         dd:7b:b3:49:f8:a6:29:1f:43:ae:9b:66:49:74:77:5f:62:85:
         73:a6:8f:b5:90:3a:13:ce:ab:be:d7:ea:e5:5b:bd:2e:ef:1e:
         71:04:69:4d:09:31:4b:c9:5b:93:7c:c6:81:1a:4b:a2:57:ec:
         a7:82:3c:09:6f:69:ac:41:d7:dc:46:56:9e:51:63:d0:20:28:
         94:7a:ba:e6:5f:ed:8a:27:6e:86:8d:39:3b:28:9b:a5:7c:8d:
         fa:b4:1c:74:01:95:f8:20:c5:fd:41:32:ba:bc:48:0c:5b:cc:
         ed:5a:4e:ef:8e:f0:d3:38:c0:82:4d:65:a2:18:5b:24:3b:d2:
         3d:5a:bf:5f:83:08:d7:1a:62:70:1f:8e:87:15:23:ab:3e:48:
         2a:98:16:89
-----BEGIN CERTIFICATE-----
MIIGbzCCBVegAwIBAgISAYuoorDA1mU11O0+9uwh2HbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMxMTA3MDcxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDQ3NjYxOTAxMjM1N2UyMzllOTRlODIxNjJkN2YyMTY0NTU3MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7eIUfBO+IQRMq6+yECnV4jPH3IGu
cT3rffGmgvPiYONeKYuxCRAXEZ+dhNXR0s/CpCF+eCH/osi+T1QMld3SbXvGnGEL
HBC+1ICpkW6J7QtuoGpFmqaJcFj/QnssD8ETqGM2eRM0Bez+OOaDADXUC51lssnZ
wGrp/UyUTcYx50scr6jp/MYRcKpt2lZmbnhfZeUIB9b2LlX7rVZE8K4I+IZucOsg
sLIQmac4LUbdxJtESBx+4V9V4KhxxxMNiUvIY8rHZHIlftCf45GuOG86qN+hNyd0
m8N4dph/+JpCrx6xZrGCnen5WWoHLAlKXWQM/CggEZgetogTBYXVOMumEQIDAQAB
o4IDezCCA3cwHQYDVR0OBBYEFBRHZhkBI1fiOelOghYtfyFkVXBtMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvRkVkbUdRRWpWLUk1NlU2Q0ZpMV9JV1JWY0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjwYIKwYBBQUHAQcBAf8EggF+MIIBejCCAXYEAgABMIIB
bgMEAD5MBwMEAD5MmwMEAD5MpAMEAsHoWAMEAMHocQMEAcHozDAMAwQCwejcAwQA
wejeMAwDBADCVbMDBADCVbYDBADCvoMDBADCvpUDBAHCvtIDBAHC4gQDBADC4hQD
BADC4mEDBAHC4nADBADC4nMDBADC4ngwDAMEAMLiewMEAMLifjAMAwQAwuKlAwQA
wuKmAwQAwuK4AwQAwuK7AwQAwxMdAwQDwxOoAwQAwxPDAwQAwxPHAwQAwxPbAwQB
w9AUAwQAw9A4MAwDBATD0FADBADD0FQwDAMEAcPQVgMEBcPQQAMEAMPQbgMEAMPQ
dQMEAMPQsgMEAMPQtAMEAMPRhwMEAMPRkQMEAMPRvDAMAwQD1MA4AwQB1MA8AwQA
1MA/AwQA1MCoAwQA1MDAMAwDBADUwMMDBAPUwMADBADUwOQDBADUwWYDBADUwaID
BADUwaQwDAMEANTBpwMEANTBqAMEANTBqwMEA9TBuDANBgkqhkiG9w0BAQsFAAOC
AQEAWIT6pOQDMROBjuRxNA3XIQ+gcBlWDomAb0eovVABoi3NYO3F391h3noO0+Xw
AprcD/45NMA7Q6YSdYkFfSvNfFfwQZL2LS075/sxfI6F1WWLkCWjNzuwMPNKTVvD
/hkVAUoRnk6spB4GlDYo3XuzSfimKR9DrptmSXR3X2KFc6aPtZA6E86rvtfq5Vu9
Lu8ecQRpTQkxS8lbk3zGgRpLolfsp4I8CW9prEHX3EZWnlFj0CAolHq65l/tiidu
ho05OyibpXyN+rQcdAGV+CDF/UEyurxIDFvM7VpO747w0zjAgk1lohhbJDvSPVq/
X4MI1xpicB+OhxUjqz5IKpgWiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org