Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/mVgtdrUQtV8USg9TvR1dw4MJPXQ.roa
File:                     mVgtdrUQtV8USg9TvR1dw4MJPXQ.roa (raw, json)
Hash identifier:          +32LhjKTjN09+s6B1a243dkYbRWeJZHKmk4OXPz/8/w=
Subject key identifier:   99:58:2D:76:B5:10:B5:5F:14:4A:0F:53:BD:1D:5D:C3:83:09:3D:74
Certificate issuer:       /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial:       018972C037E1879A9F909C8709A05409A60F
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/mVgtdrUQtV8USg9TvR1dw4MJPXQ.roa
Signing time:             Thu 20 Jul 2023 10:02:27 +0000
ROA not before:           Thu 20 Jul 2023 10:02:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9123
IP address blocks:        195.80.50.0/24 maxlen: 24
                          195.80.51.0/24 maxlen: 24
                          85.92.110.0/24 maxlen: 24
                          85.92.111.0/24 maxlen: 24
                          45.95.234.0/24 maxlen: 24
                          45.8.96.0/24 maxlen: 24
                          45.8.97.0/24 maxlen: 24
                          45.8.99.0/24 maxlen: 24
                          37.220.80.0/24 maxlen: 24
                          94.198.217.0/24 maxlen: 24
                          94.198.218.0/24 maxlen: 24
                          94.198.219.0/24 maxlen: 24
                          94.198.216.0/24 maxlen: 24
                          81.200.144.0/24 maxlen: 24
                          81.200.145.0/24 maxlen: 24
                          81.200.150.0/24 maxlen: 24
                          81.200.151.0/24 maxlen: 24
                          81.200.152.0/24 maxlen: 24
                          81.200.146.0/24 maxlen: 24
                          81.200.147.0/24 maxlen: 24
                          81.200.148.0/24 maxlen: 24
                          81.200.149.0/24 maxlen: 24
                          81.200.153.0/24 maxlen: 24
                          46.19.64.0/24 maxlen: 24
                          46.19.67.0/24 maxlen: 24
                          46.19.65.0/24 maxlen: 24
                          46.19.66.0/24 maxlen: 24
                          45.89.190.0/24 maxlen: 24
                          92.118.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 05 Oct 2023 11:08:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:72:c0:37:e1:87:9a:9f:90:9c:87:09:a0:54:09:a6:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
        Validity
            Not Before: Jul 20 10:02:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=99582d76b510b55f144a0f53bd1d5dc383093d74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:9e:e3:25:81:7e:01:65:99:79:2a:9d:9c:1d:
                    aa:c8:62:88:d2:b8:c2:c8:61:70:8e:e7:7f:eb:4d:
                    68:7a:f1:b9:f0:1f:ce:14:08:34:fe:18:cc:98:58:
                    a1:85:4b:c8:c8:ac:5f:7d:21:95:ae:25:75:98:ad:
                    7b:da:f7:6b:4f:d5:f9:b6:e4:fa:b7:a7:72:cb:85:
                    80:20:27:cb:80:90:62:6c:8c:2f:07:eb:e0:9c:98:
                    5b:88:73:bf:a7:b2:13:c2:67:41:a6:7d:fe:fc:6d:
                    17:af:15:b0:b7:63:05:68:f2:ec:87:88:96:d3:eb:
                    32:ad:b1:24:f1:25:c7:49:3e:f6:51:ed:93:47:d4:
                    24:b4:7c:a8:e4:ef:34:6c:92:59:69:bd:a9:90:82:
                    fc:24:24:38:21:99:08:a7:ca:bd:d6:2d:90:2b:1f:
                    2a:23:6a:b8:e5:60:d3:74:cf:57:68:a6:4c:d9:36:
                    b1:7b:47:23:9c:3f:ee:e6:89:2f:49:34:3f:23:e4:
                    96:8a:5d:4b:5f:e0:42:e4:84:11:56:96:da:03:28:
                    f6:3f:b7:6c:cd:a5:a6:8c:d3:c2:a0:c2:40:82:e0:
                    8e:fc:57:14:ea:c9:6d:ec:14:ce:e5:7d:83:84:6b:
                    51:ef:41:d6:7b:e5:da:1f:08:16:f0:ff:21:15:44:
                    36:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:58:2D:76:B5:10:B5:5F:14:4A:0F:53:BD:1D:5D:C3:83:09:3D:74
            X509v3 Authority Key Identifier:
                keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/mVgtdrUQtV8USg9TvR1dw4MJPXQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.220.80.0/24
                  45.8.96.0/23
                  45.8.99.0/24
                  45.89.190.0/24
                  45.95.234.0/24
                  46.19.64.0/22
                  81.200.144.0-81.200.153.255
                  85.92.110.0/23
                  92.118.114.0/24
                  94.198.216.0/22
                  195.80.50.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0c:6e:9d:f9:62:ae:e4:3f:79:35:27:73:fc:9a:98:b6:49:bf:
         82:37:29:4c:0f:f5:e5:c9:ba:65:fa:4f:22:f0:ed:ca:02:e5:
         d9:64:01:1c:d2:17:87:1c:b8:43:18:40:79:12:2c:bc:8f:f5:
         63:06:6e:c6:ab:33:01:97:30:41:67:c9:3e:36:ea:3f:49:72:
         6a:cc:15:dc:ec:3f:91:94:7d:4c:52:7d:3c:54:dd:65:7a:1e:
         5f:d9:17:d4:0f:fc:de:21:ab:60:40:1e:90:39:43:97:d7:ed:
         05:15:94:86:15:85:5a:87:d4:00:a4:2b:26:11:2f:80:eb:09:
         e6:3d:e7:8d:e0:57:03:fe:65:06:40:a0:ba:bb:16:74:ea:a9:
         35:b4:65:31:75:ee:ec:b9:28:0f:82:51:0f:e0:74:2d:13:09:
         1a:63:f7:9d:41:5c:f7:3b:2b:8a:35:b7:78:59:0a:58:fe:40:
         ef:0e:fa:8f:aa:21:ae:80:a8:53:38:28:0e:31:16:50:b7:46:
         fe:2a:06:e4:db:c8:2a:08:cb:6a:17:6e:44:f1:7b:b1:43:6c:
         a8:db:46:31:ae:17:64:d9:5e:ce:32:26:80:a8:33:a5:c4:8f:
         19:e7:10:b8:c0:08:1c:9c:ba:65:b0:99:d4:bb:db:1d:8a:2d:
         e3:76:c7:07
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYlywDfhh5qfkJyHCaBUCaYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzIwMTAwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTU4MmQ3NmI1MTBiNTVmMTQ0YTBmNTNiZDFkNWRjMzgzMDkzZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp7jJYF+AWWZeSqdnB2qyGKI0rjC
yGFwjud/601oevG58B/OFAg0/hjMmFihhUvIyKxffSGVriV1mK172vdrT9X5tuT6
t6dyy4WAICfLgJBibIwvB+vgnJhbiHO/p7ITwmdBpn3+/G0XrxWwt2MFaPLsh4iW
0+syrbEk8SXHST72Ue2TR9QktHyo5O80bJJZab2pkIL8JCQ4IZkIp8q91i2QKx8q
I2q45WDTdM9XaKZM2Taxe0cjnD/u5okvSTQ/I+SWil1LX+BC5IQRVpbaAyj2P7ds
zaWmjNPCoMJAguCO/FcU6slt7BTO5X2DhGtR70HWe+XaHwgW8P8hFUQ25wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJlYLXa1ELVfFEoPU70dXcODCT10MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvbVZndGRyVVF0VjhVU2c5VHZSMWR3NE1KUFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAJdxQAwQB
LQhgAwQALQhjAwQALVm+AwQALV/qAwQCLhNAMAwDBARRyJADBAFRyJgDBAFVXG4D
BABcdnIDBAJextgDBAHDUDIwDQYJKoZIhvcNAQELBQADggEBAAxunfliruQ/eTUn
c/yamLZJv4I3KUwP9eXJumX6TyLw7coC5dlkARzSF4ccuEMYQHkSLLyP9WMGbsar
MwGXMEFnyT426j9JcmrMFdzsP5GUfUxSfTxU3WV6Hl/ZF9QP/N4hq2BAHpA5Q5fX
7QUVlIYVhVqH1ACkKyYRL4DrCeY9543gVwP+ZQZAoLq7FnTqqTW0ZTF17uy5KA+C
UQ/gdC0TCRpj951BXPc7K4o1t3hZClj+QO8O+o+qIa6AqFM4KA4xFlC3Rv4qBuTb
yCoIy2oXbkTxe7FDbKjbRjGuF2TZXs4yJoCoM6XEjxnnELjACBycumWwmdS72x2K
LeN2xwc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org