Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/wNqjjwkPczK4uhBBOODHJLYoUdM.roa
File:                     wNqjjwkPczK4uhBBOODHJLYoUdM.roa (raw, json)
Hash identifier:          TLqNsCekleq8DJB/2LkFrnA+hQo0UXzkKWxWCszE6LE=
Subject key identifier:   C0:DA:A3:8F:09:0F:73:32:B8:BA:10:41:38:E0:C7:24:B6:28:51:D3
Certificate issuer:       /CN=65df379faaf210a7036dac05de6b5772dbe4dd6c
Certificate serial:       018AF0A7ED9823D7F7C2CDE03BDAAB234433
Authority key identifier: 65:DF:37:9F:AA:F2:10:A7:03:6D:AC:05:DE:6B:57:72:DB:E4:DD:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zd83n6ryEKcDbawF3mtXctvk3Ww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/wNqjjwkPczK4uhBBOODHJLYoUdM.roa
Signing time:             Mon 02 Oct 2023 13:50:51 +0000
ROA not before:           Mon 02 Oct 2023 13:50:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201838
IP address blocks:        45.144.56.0/22 maxlen: 24
                          89.36.112.0/20 maxlen: 20
                          188.215.16.0/23 maxlen: 23
                          45.12.172.0/22 maxlen: 24
                          45.248.144.0/22 maxlen: 24
                          213.32.248.0/22 maxlen: 24
                          95.214.228.0/22 maxlen: 22
                          45.93.172.0/22 maxlen: 22
                          45.144.160.0/22 maxlen: 24
                          79.171.156.0/22 maxlen: 22
                          79.171.154.0/23 maxlen: 23
                          79.171.153.0/24 maxlen: 24
                          45.148.12.0/22 maxlen: 22
                          45.94.60.0/22 maxlen: 22
                          103.205.24.0/22 maxlen: 24
                          45.117.136.0/22 maxlen: 22
                          45.90.172.0/22 maxlen: 22
                          188.215.74.0/23 maxlen: 23
                          185.238.220.0/22 maxlen: 22
                          89.45.176.0/20 maxlen: 20
                          185.230.248.0/22 maxlen: 24
                          93.113.26.0/23 maxlen: 23
                          45.133.88.0/22 maxlen: 24
                          45.89.156.0/22 maxlen: 22
                          45.89.84.0/22 maxlen: 22
                          192.166.212.0/22 maxlen: 24
                          192.166.208.0/22 maxlen: 22
                          193.42.52.0/22 maxlen: 24
                          45.86.8.0/22 maxlen: 24
                          62.133.48.0/22 maxlen: 22
                          45.150.144.0/22 maxlen: 22
                          94.177.138.0/23 maxlen: 23
                          147.12.128.0/17 maxlen: 17
                          193.164.20.0/22 maxlen: 22
                          185.241.164.0/22 maxlen: 22
                          95.214.184.0/22 maxlen: 22
                          80.76.56.0/22 maxlen: 22
                          62.197.132.0/22 maxlen: 24
                          171.22.104.0/22 maxlen: 22
                          185.59.124.0/22 maxlen: 22
                          185.103.72.0/22 maxlen: 24
                          188.241.106.0/23 maxlen: 23
                          45.153.220.0/22 maxlen: 24
                          103.7.204.0/22 maxlen: 22
                          45.149.72.0/22 maxlen: 24
                          77.75.60.0/22 maxlen: 24
                          45.132.136.0/22 maxlen: 24
                          45.146.8.0/22 maxlen: 22
                          45.132.140.0/22 maxlen: 24
                          194.4.156.0/22 maxlen: 24
                          185.115.144.0/22 maxlen: 24
                          45.159.88.0/22 maxlen: 22
                          46.102.171.0/24 maxlen: 24
                          46.102.170.0/24 maxlen: 24
                          46.102.170.0/23 maxlen: 23
                          185.240.196.0/22 maxlen: 22
                          94.176.208.0/23 maxlen: 23
                          45.149.220.0/22 maxlen: 22
                          45.95.248.0/22 maxlen: 22
                          45.159.152.0/22 maxlen: 24
                          212.132.192.0/18 maxlen: 18
                          185.237.60.0/22 maxlen: 22
                          94.247.86.0/23 maxlen: 23
                          188.212.122.0/23 maxlen: 23
                          185.229.104.0/22 maxlen: 24
                          45.94.176.0/22 maxlen: 22
                          185.71.36.0/22 maxlen: 22
                          45.148.56.0/22 maxlen: 22
                          185.245.236.0/22 maxlen: 24
                          89.43.208.0/21 maxlen: 24
                          45.128.32.0/22 maxlen: 22
                          185.121.228.0/22 maxlen: 24
                          178.239.200.0/22 maxlen: 24
                          45.148.252.0/22 maxlen: 24
                          45.141.236.0/22 maxlen: 22
                          185.236.60.0/22 maxlen: 24
                          45.81.72.0/22 maxlen: 22
                          45.91.112.0/22 maxlen: 22
                          185.111.172.0/22 maxlen: 22
                          45.128.136.0/22 maxlen: 22
                          178.239.192.0/22 maxlen: 24
                          2a03:3820::/32 maxlen: 32
                          2a02:6b60::/29 maxlen: 29
                          2a02:6b60::/28 maxlen: 28

Validation:               Failed, certificate revoked on Tue 03 Oct 2023 13:32:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f0:a7:ed:98:23:d7:f7:c2:cd:e0:3b:da:ab:23:44:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65df379faaf210a7036dac05de6b5772dbe4dd6c
        Validity
            Not Before: Oct  2 13:50:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c0daa38f090f7332b8ba104138e0c724b62851d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e1:ba:23:b6:ec:1c:9f:e7:86:11:00:ec:27:
                    0d:d6:d9:24:d4:09:67:e3:5f:10:cd:13:bb:fa:b5:
                    e9:bc:22:75:e5:a8:1f:be:b1:98:c8:d8:2a:82:be:
                    f0:42:24:e2:b5:20:0a:49:c0:a1:38:75:50:ed:11:
                    b5:4a:7f:c5:37:7c:ae:1f:3f:a3:ad:3c:ee:26:98:
                    e2:e5:79:40:4b:ad:21:d5:50:1a:3a:a7:af:1e:54:
                    5a:e8:fe:4a:03:43:4c:65:13:d7:04:00:13:47:e0:
                    52:3f:ce:49:55:86:2d:cc:66:f4:ab:31:d2:07:f2:
                    2b:7d:f5:72:2c:dd:8a:ab:d7:86:4b:a5:54:12:ac:
                    8a:77:b7:10:2b:82:57:de:38:3a:e1:5b:8b:b7:df:
                    a3:fb:d6:19:bb:05:0d:b5:88:b3:61:fb:4f:f6:7c:
                    85:c3:e3:52:18:23:68:74:a5:f7:13:de:97:96:b8:
                    23:27:7d:f2:f7:d1:d0:fa:90:4d:cc:8f:6d:7c:2c:
                    53:d8:7c:b8:3a:20:21:c1:8d:3d:87:4c:2b:42:7b:
                    ea:ac:0b:15:6f:7e:3e:6e:94:c5:cc:22:1e:31:cb:
                    67:bd:5e:0c:a7:99:2c:6f:79:bf:5e:2e:71:97:37:
                    bb:20:d2:a4:83:6d:ca:7d:63:4e:42:50:cd:b7:ca:
                    a8:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:DA:A3:8F:09:0F:73:32:B8:BA:10:41:38:E0:C7:24:B6:28:51:D3
            X509v3 Authority Key Identifier:
                keyid:65:DF:37:9F:AA:F2:10:A7:03:6D:AC:05:DE:6B:57:72:DB:E4:DD:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zd83n6ryEKcDbawF3mtXctvk3Ww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/wNqjjwkPczK4uhBBOODHJLYoUdM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/ed51ec-78e6-4ff0-ba58-076c88b8802f/1/Zd83n6ryEKcDbawF3mtXctvk3Ww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.12.172.0/22
                  45.81.72.0/22
                  45.86.8.0/22
                  45.89.84.0/22
                  45.89.156.0/22
                  45.90.172.0/22
                  45.91.112.0/22
                  45.93.172.0/22
                  45.94.60.0/22
                  45.94.176.0/22
                  45.95.248.0/22
                  45.117.136.0/22
                  45.128.32.0/22
                  45.128.136.0/22
                  45.132.136.0/21
                  45.133.88.0/22
                  45.141.236.0/22
                  45.144.56.0/22
                  45.144.160.0/22
                  45.146.8.0/22
                  45.148.12.0/22
                  45.148.56.0/22
                  45.148.252.0/22
                  45.149.72.0/22
                  45.149.220.0/22
                  45.150.144.0/22
                  45.153.220.0/22
                  45.159.88.0/22
                  45.159.152.0/22
                  45.248.144.0/22
                  46.102.170.0/23
                  62.133.48.0/22
                  62.197.132.0/22
                  77.75.60.0/22
                  79.171.153.0-79.171.159.255
                  80.76.56.0/22
                  89.36.112.0/20
                  89.43.208.0/21
                  89.45.176.0/20
                  93.113.26.0/23
                  94.176.208.0/23
                  94.177.138.0/23
                  94.247.86.0/23
                  95.214.184.0/22
                  95.214.228.0/22
                  103.7.204.0/22
                  103.205.24.0/22
                  147.12.128.0/17
                  171.22.104.0/22
                  178.239.192.0/22
                  178.239.200.0/22
                  185.59.124.0/22
                  185.71.36.0/22
                  185.103.72.0/22
                  185.111.172.0/22
                  185.115.144.0/22
                  185.121.228.0/22
                  185.229.104.0/22
                  185.230.248.0/22
                  185.236.60.0/22
                  185.237.60.0/22
                  185.238.220.0/22
                  185.240.196.0/22
                  185.241.164.0/22
                  185.245.236.0/22
                  188.212.122.0/23
                  188.215.16.0/23
                  188.215.74.0/23
                  188.241.106.0/23
                  192.166.208.0/21
                  193.42.52.0/22
                  193.164.20.0/22
                  194.4.156.0/22
                  212.132.192.0/18
                  213.32.248.0/22
                IPv6:
                  2a02:6b60::/28
                  2a03:3820::/32

    Signature Algorithm: sha256WithRSAEncryption
         17:80:e5:31:50:d3:29:a9:2f:b0:07:2b:27:b8:53:a6:3c:54:
         0b:53:05:d0:78:65:b1:f2:09:01:74:6b:71:bc:66:09:a5:ee:
         6f:c3:d6:e5:7c:ab:46:d2:f5:7b:93:45:b1:99:64:41:43:5d:
         ab:7b:ef:8d:e0:79:00:bf:e5:a5:e2:0f:45:60:df:ca:da:97:
         bb:ec:93:41:1c:81:e9:8f:85:f2:4a:5b:79:41:00:d1:00:97:
         e1:5b:57:14:60:3c:da:0e:3f:e0:b9:c9:07:b7:e6:6f:0c:18:
         0a:ee:5b:d0:28:99:9d:29:a1:c1:f1:9f:12:d4:27:ef:c2:f0:
         93:99:84:dd:46:bd:e3:24:cd:54:9c:04:36:ba:02:43:25:1e:
         48:6a:30:77:1c:4e:de:60:e7:b3:95:f8:85:fa:5a:1f:2c:c5:
         70:96:46:fc:01:f6:78:ff:dd:0b:cf:ac:c1:ac:90:9b:13:5c:
         45:bc:61:9d:5d:9d:8a:41:87:9c:8e:13:2b:96:99:5b:05:ac:
         1a:03:7f:1d:57:12:6c:9f:aa:59:2b:8c:27:46:1b:d8:f8:f9:
         06:ca:28:94:62:ae:0c:e2:32:ce:f1:d6:f5:53:84:3b:44:77:
         15:7d:2b:72:bc:47:3f:82:1d:10:8d:51:5d:ac:a0:77:f9:97:
         04:06:22:98
-----BEGIN CERTIFICATE-----
MIIG4TCCBcmgAwIBAgISAYrwp+2YI9f3ws3gO9qrI0QzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZGYzNzlmYWFmMjEwYTcwMzZkYWMwNWRlNmI1NzcyZGJl
NGRkNmMwHhcNMjMxMDAyMTM1MDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGRhYTM4ZjA5MGY3MzMyYjhiYTEwNDEzOGUwYzcyNGI2Mjg1MWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruG6I7bsHJ/nhhEA7CcN1tkk1Aln
418QzRO7+rXpvCJ15agfvrGYyNgqgr7wQiTitSAKScChOHVQ7RG1Sn/FN3yuHz+j
rTzuJpji5XlAS60h1VAaOqevHlRa6P5KA0NMZRPXBAATR+BSP85JVYYtzGb0qzHS
B/IrffVyLN2Kq9eGS6VUEqyKd7cQK4JX3jg64VuLt9+j+9YZuwUNtYizYftP9nyF
w+NSGCNodKX3E96XlrgjJ33y99HQ+pBNzI9tfCxT2Hy4OiAhwY09h0wrQnvqrAsV
b34+bpTFzCIeMctnvV4Mp5ksb3m/Xi5xlze7INKkg23KfWNOQlDNt8qonQIDAQAB
o4ID7TCCA+kwHQYDVR0OBBYEFMDao48JD3MyuLoQQTjgxyS2KFHTMB8GA1UdIwQY
MBaAFGXfN5+q8hCnA22sBd5rV3Lb5N1sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmQ4M242cnlFS2NEYmF3RjNtdFhjdHZrM1d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lZDUxZWMtNzhlNi00ZmYwLWJhNTgt
MDc2Yzg4Yjg4MDJmLzEvd05xamp3a1Bjeks0dWhCQk9PREhKTFlvVWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lZDUxZWMtNzhlNi00ZmYwLWJhNTgtMDc2Yzg4Yjg4MDJm
LzEvWmQ4M242cnlFS2NEYmF3RjNtdFhjdHZrM1d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICAQYIKwYBBQUHAQcBAf8EggHwMIIB7DCCAdIEAgABMIIB
ygMEAi0MrAMEAi1RSAMEAi1WCAMEAi1ZVAMEAi1ZnAMEAi1arAMEAi1bcAMEAi1d
rAMEAi1ePAMEAi1esAMEAi1f+AMEAi11iAMEAi2AIAMEAi2AiAMEAy2EiAMEAi2F
WAMEAi2N7AMEAi2QOAMEAi2QoAMEAi2SCAMEAi2UDAMEAi2UOAMEAi2U/AMEAi2V
SAMEAi2V3AMEAi2WkAMEAi2Z3AMEAi2fWAMEAi2fmAMEAi34kAMEAS5mqgMEAj6F
MAMEAj7FhAMEAk1LPDAMAwQAT6uZAwQFT6uAAwQCUEw4AwQEWSRwAwQDWSvQAwQE
WS2wAwQBXXEaAwQBXrDQAwQBXrGKAwQBXvdWAwQCX9a4AwQCX9bkAwQCZwfMAwQC
Z80YAwQHkwyAAwQCqxZoAwQCsu/AAwQCsu/IAwQCuTt8AwQCuUckAwQCuWdIAwQC
uW+sAwQCuXOQAwQCuXnkAwQCueVoAwQCueb4AwQCuew8AwQCue08AwQCue7cAwQC
ufDEAwQCufGkAwQCufXsAwQBvNR6AwQBvNcQAwQBvNdKAwQBvPFqAwQDwKbQAwQC
wSo0AwQCwaQUAwQCwgScAwQG1ITAAwQC1SD4MBQEAgACMA4DBQQqAmtgAwUAKgM4
IDANBgkqhkiG9w0BAQsFAAOCAQEAF4DlMVDTKakvsAcrJ7hTpjxUC1MF0HhlsfIJ
AXRrcbxmCaXub8PW5XyrRtL1e5NFsZlkQUNdq3vvjeB5AL/lpeIPRWDfytqXu+yT
QRyB6Y+F8kpbeUEA0QCX4VtXFGA82g4/4LnJB7fmbwwYCu5b0CiZnSmhwfGfEtQn
78Lwk5mE3Ua94yTNVJwENroCQyUeSGowdxxO3mDns5X4hfpaHyzFcJZG/AH2eP/d
C8+swayQmxNcRbxhnV2dikGHnI4TK5aZWwWsGgN/HVcSbJ+qWSuMJ0Yb2Pj5Bsoo
lGKuDOIyzvHW9VOEO0R3FX0rcrxHP4IdEI1RXaygd/mXBAYimA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:54 2024 by rpki-client on console-ams.rpki-client.org