Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/1-i5xVGP0RKqLqQdjm7Eb3In4O7o.roa
File:                     1-i5xVGP0RKqLqQdjm7Eb3In4O7o.roa (raw, json)
Hash identifier:          o+EetBGd+Re7kaAQATInD9YkhNpxjjKboA66fAT/iXk=
Subject key identifier:   FA:2E:71:54:63:F4:44:AA:8B:A9:07:63:9B:B1:1B:DC:89:F8:3B:BA
Certificate issuer:       /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial:       018E31F7C56633F05679859DFC31E22099A7
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/1-i5xVGP0RKqLqQdjm7Eb3In4O7o.roa
Signing time:             Tue 12 Mar 2024 09:21:45 +0000
ROA not before:           Tue 12 Mar 2024 09:21:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209854
IP address blocks:        46.102.177.0/24 maxlen: 24
                          46.102.178.0/24 maxlen: 24
                          46.102.179.0/24 maxlen: 24
                          77.81.90.0/24 maxlen: 24
                          77.81.91.0/24 maxlen: 24
                          86.104.2.0/24 maxlen: 24
                          86.104.212.0/24 maxlen: 24
                          86.104.213.0/24 maxlen: 24
                          86.106.116.0/24 maxlen: 24
                          89.37.93.0/24 maxlen: 24
                          89.37.94.0/24 maxlen: 24
                          89.41.27.0/24 maxlen: 24
                          89.42.154.0/24 maxlen: 24
                          93.119.125.0/24 maxlen: 24
                          176.223.160.0/24 maxlen: 24
                          188.208.220.0/24 maxlen: 24
                          188.208.221.0/24 maxlen: 24
                          188.208.223.0/24 maxlen: 24
                          188.209.124.0/24 maxlen: 24
                          188.209.125.0/24 maxlen: 24
                          193.30.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 May 2024 14:10:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:31:f7:c5:66:33:f0:56:79:85:9d:fc:31:e2:20:99:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
        Validity
            Not Before: Mar 12 09:21:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fa2e715463f444aa8ba907639bb11bdc89f83bba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:2b:df:41:23:c6:76:21:80:c2:7c:00:82:28:
                    b5:75:e8:1f:a9:38:98:11:00:fb:ba:ea:20:c2:3e:
                    28:8f:38:38:8e:64:8d:0e:ce:05:85:d3:81:0e:43:
                    85:f0:47:71:0b:31:1d:85:a4:16:6c:5a:a3:8d:0c:
                    6e:90:f7:f5:fe:e6:a4:1d:52:24:66:4c:6b:de:1b:
                    6a:bc:7f:95:46:92:71:d5:63:db:01:ab:ec:84:a9:
                    cb:d2:bf:b3:2c:9f:96:95:a6:1b:6b:54:b1:66:b4:
                    3f:8d:41:44:10:3c:5c:26:af:0a:ad:47:00:b7:19:
                    09:a6:a4:4c:62:64:30:08:d6:c9:58:a6:bb:f0:77:
                    a0:7d:a5:ba:f6:4b:85:5c:63:af:b7:d7:c2:0a:b5:
                    b7:71:49:fa:96:bc:88:0e:93:3a:ba:16:40:96:94:
                    75:47:4f:f7:9d:71:b5:64:9e:cb:05:c7:82:74:82:
                    39:d3:5f:76:cc:f3:ae:46:1b:9a:81:93:82:c6:fe:
                    7a:6f:1a:2e:28:4f:cf:c9:8e:5e:c5:45:62:ee:d0:
                    a5:1d:b3:d6:4b:6e:42:37:f8:c7:60:e4:5e:45:40:
                    4b:0b:bd:f4:c8:7e:f3:0d:57:24:77:6c:d4:66:c0:
                    e0:fc:b2:75:d0:ef:c9:95:cb:41:9b:e1:fd:44:42:
                    43:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:2E:71:54:63:F4:44:AA:8B:A9:07:63:9B:B1:1B:DC:89:F8:3B:BA
            X509v3 Authority Key Identifier:
                keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/1-i5xVGP0RKqLqQdjm7Eb3In4O7o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.102.177.0-46.102.179.255
                  77.81.90.0/23
                  86.104.2.0/24
                  86.104.212.0/23
                  86.106.116.0/24
                  89.37.93.0-89.37.94.255
                  89.41.27.0/24
                  89.42.154.0/24
                  93.119.125.0/24
                  176.223.160.0/24
                  188.208.220.0/23
                  188.208.223.0/24
                  188.209.124.0/23
                  193.30.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:74:09:12:37:11:d5:c8:c1:ca:0f:ef:c3:45:f2:98:0f:9f:
         00:c7:3b:d3:2a:6a:2c:ed:cb:13:50:b8:46:86:0d:44:fe:f9:
         c0:4f:cb:6b:ba:40:6e:7b:30:94:85:3a:42:7b:5e:28:28:74:
         47:60:5e:5b:a3:dc:71:91:13:73:02:4d:f5:2c:83:6c:04:72:
         2e:8d:50:cc:6d:35:20:4c:86:2e:fc:b6:6a:76:4e:fc:71:f9:
         11:c0:17:85:0e:04:c4:bd:42:c7:fc:7e:51:b4:9f:75:62:2e:
         b3:7d:ca:2a:16:23:d5:a5:d1:71:52:2a:02:6a:8f:85:75:e9:
         c1:6e:02:11:b3:92:aa:23:65:1a:83:b4:1a:a0:e5:ce:11:4c:
         bd:39:9d:bb:dc:f7:41:8c:e2:99:ee:3d:86:ad:28:e1:30:e0:
         fd:92:15:ea:cf:46:de:81:a7:7a:83:22:a2:7b:0c:95:a7:7d:
         07:21:92:fc:7a:b2:20:bf:6d:7b:7a:10:04:f9:82:a1:ef:eb:
         3f:1c:08:0a:31:7e:38:60:bd:7d:1c:67:5a:ca:2d:aa:4a:8f:
         5b:4e:31:73:b1:d6:8a:f9:94:ff:e2:bb:2b:aa:4c:ef:c6:05:
         c0:70:f0:c4:e6:49:4a:97:e5:27:d4:ec:15:00:d3:7e:b5:0c:
         6b:75:17:b3
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAY4x98VmM/BWeYWd/DHiIJmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjQwMzEyMDkyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJlNzE1NDYzZjQ0NGFhOGJhOTA3NjM5YmIxMWJkYzg5ZjgzYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCvfQSPGdiGAwnwAgii1degfqTiY
EQD7uuogwj4ojzg4jmSNDs4FhdOBDkOF8EdxCzEdhaQWbFqjjQxukPf1/uakHVIk
Zkxr3htqvH+VRpJx1WPbAavshKnL0r+zLJ+WlaYba1SxZrQ/jUFEEDxcJq8KrUcA
txkJpqRMYmQwCNbJWKa78HegfaW69kuFXGOvt9fCCrW3cUn6lryIDpM6uhZAlpR1
R0/3nXG1ZJ7LBceCdII50192zPOuRhuagZOCxv56bxouKE/PyY5exUVi7tClHbPW
S25CN/jHYOReRUBLC730yH7zDVckd2zUZsDg/LJ10O/JlctBm+H9REJDywIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFPoucVRj9ESqi6kHY5uxG9yJ+Du6MB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvMS1pNXhWR1AwUktxTHFRZGptN0ViM0luNE83by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTEvOWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1
Mi8xL2hQZ2sweTN4cFJFOWdoQVRSZGVGbzRyZHZlVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB9BggrBgEFBQcBBwEB/wRuMGwwagQCAAEwZDAMAwQALmax
AwQCLmawAwQBTVFaAwQAVmgCAwQBVmjUAwQAVmp0MAwDBABZJV0DBABZJV4DBABZ
KRsDBABZKpoDBABdd30DBACw36ADBAG80NwDBAC80N8DBAG80XwDBADBHv8wDQYJ
KoZIhvcNAQELBQADggEBAKd0CRI3EdXIwcoP78NF8pgPnwDHO9MqaiztyxNQuEaG
DUT++cBPy2u6QG57MJSFOkJ7XigodEdgXluj3HGRE3MCTfUsg2wEci6NUMxtNSBM
hi78tmp2Tvxx+RHAF4UOBMS9Qsf8flG0n3ViLrN9yioWI9Wl0XFSKgJqj4V16cFu
AhGzkqojZRqDtBqg5c4RTL05nbvc90GM4pnuPYatKOEw4P2SFerPRt6Bp3qDIqJ7
DJWnfQchkvx6siC/bXt6EAT5gqHv6z8cCAoxfjhgvX0cZ1rKLapKj1tOMXOx1or5
lP/iuyuqTO/GBcBw8MTmSUqX5SfU7BUA0361DGt1F7M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org