Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IRgwk4i9ofmejT2N_XNWvPpM26o.roa
File:                     IRgwk4i9ofmejT2N_XNWvPpM26o.roa (raw, json)
Hash identifier:          VH8VAZRfgD7+ORUS2Fj0EN6E1n/VxWdsFlFYY6ZXjt8=
Subject key identifier:   21:18:30:93:88:BD:A1:F9:9E:8D:3D:8D:FD:73:56:BC:FA:4C:DB:AA
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       018D40F5DF62F1655137E10E62E7B199ADCB
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IRgwk4i9ofmejT2N_XNWvPpM26o.roa
Signing time:             Thu 25 Jan 2024 14:11:11 +0000
ROA not before:           Thu 25 Jan 2024 14:11:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39543
IP address blocks:        86.106.81.0/24 maxlen: 24
                          89.34.27.0/24 maxlen: 24
                          89.35.158.0/24 maxlen: 24
                          89.38.228.0/24 maxlen: 24
                          89.38.229.0/24 maxlen: 24
                          89.39.111.0/24 maxlen: 24
                          89.40.67.0/24 maxlen: 24
                          89.45.164.0/24 maxlen: 24
                          89.47.96.0/20 maxlen: 20
                          89.47.96.0/24 maxlen: 24
                          89.47.97.0/24 maxlen: 24
                          89.47.98.0/24 maxlen: 24
                          89.47.99.0/24 maxlen: 24
                          89.47.100.0/24 maxlen: 24
                          89.47.101.0/24 maxlen: 24
                          89.47.102.0/24 maxlen: 24
                          89.47.103.0/24 maxlen: 24
                          89.47.104.0/24 maxlen: 24
                          89.47.105.0/24 maxlen: 24
                          89.47.106.0/24 maxlen: 24
                          89.47.107.0/24 maxlen: 24
                          89.47.108.0/24 maxlen: 24
                          89.47.109.0/24 maxlen: 24
                          89.47.110.0/24 maxlen: 24
                          89.47.111.0/24 maxlen: 24
                          89.47.114.0/24 maxlen: 24
                          89.47.115.0/24 maxlen: 24
                          89.47.118.0/24 maxlen: 24
                          89.47.119.0/24 maxlen: 24
                          89.47.120.0/24 maxlen: 24
                          89.47.122.0/24 maxlen: 24
                          93.113.204.0/24 maxlen: 24
                          93.114.79.0/24 maxlen: 24
                          93.114.194.0/24 maxlen: 24
                          188.241.3.0/24 maxlen: 24
                          193.19.192.0/22 maxlen: 22
                          193.19.192.0/24 maxlen: 24
                          193.19.193.0/24 maxlen: 24
                          193.19.194.0/24 maxlen: 24
                          193.19.195.0/24 maxlen: 24
                          195.28.2.0/23 maxlen: 23
                          2001:4d18::/32 maxlen: 32
                          2001:4d18::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 14:10:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:40:f5:df:62:f1:65:51:37:e1:0e:62:e7:b1:99:ad:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Jan 25 14:11:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2118309388bda1f99e8d3d8dfd7356bcfa4cdbaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:43:f3:99:5c:09:3d:d5:95:6b:a5:0b:0f:07:
                    51:cb:dd:f4:c8:81:0a:fd:84:0b:f2:23:75:df:e0:
                    ae:7b:06:66:a4:2c:fb:88:6f:40:68:05:bf:19:35:
                    f9:ba:df:c3:22:da:9a:da:36:5b:71:1e:56:d1:6e:
                    56:d1:ce:af:15:9f:8c:6a:73:58:8d:d6:e9:80:9a:
                    08:d7:8f:2a:2b:77:2f:d3:6a:15:c0:8f:bf:fd:87:
                    08:1f:43:fa:dc:b1:b4:3e:e7:95:22:ac:3b:95:cc:
                    6e:bb:1f:fc:53:8a:87:d8:12:c1:56:c7:64:e4:26:
                    49:56:b7:43:a4:a1:21:79:f8:56:a6:3f:c3:67:6b:
                    14:b1:94:03:be:6d:28:27:2f:b7:34:36:a6:8f:3f:
                    c1:73:ea:48:f5:da:e2:3f:c7:7c:f8:fe:cc:35:cb:
                    49:06:1b:51:1f:97:92:2b:21:0c:da:2c:0a:dc:a5:
                    61:4c:0f:7c:d5:a7:5b:08:a8:da:7b:87:dc:48:33:
                    1a:51:27:4f:b7:0a:5c:98:9b:e2:ef:18:49:55:c4:
                    86:18:99:f0:8c:b8:cf:d8:f4:4e:99:f3:f8:ad:cb:
                    8d:6b:79:bd:f0:6b:15:cd:92:59:8e:66:13:2b:53:
                    9e:8b:d6:19:ef:4f:77:82:d3:b5:7c:ae:4c:92:4b:
                    6e:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:18:30:93:88:BD:A1:F9:9E:8D:3D:8D:FD:73:56:BC:FA:4C:DB:AA
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IRgwk4i9ofmejT2N_XNWvPpM26o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.106.81.0/24
                  89.34.27.0/24
                  89.35.158.0/24
                  89.38.228.0/23
                  89.39.111.0/24
                  89.40.67.0/24
                  89.45.164.0/24
                  89.47.96.0/20
                  89.47.114.0/23
                  89.47.118.0-89.47.120.255
                  89.47.122.0/24
                  93.113.204.0/24
                  93.114.79.0/24
                  93.114.194.0/24
                  188.241.3.0/24
                  193.19.192.0/22
                  195.28.2.0/23
                IPv6:
                  2001:4d18::/32

    Signature Algorithm: sha256WithRSAEncryption
         3d:8c:39:a9:91:b7:ff:02:2f:82:9c:e1:e9:ad:70:88:14:2b:
         cb:45:7b:d0:ad:61:a1:f9:80:77:d1:e7:5a:46:0f:17:f7:75:
         54:7e:cb:dc:05:4f:fb:7b:70:fe:d7:31:a4:88:d2:c6:8a:03:
         89:89:21:db:a5:d1:57:3b:0b:35:98:bd:e2:fc:45:74:af:cd:
         bf:84:68:f5:c6:e8:29:ec:d2:90:85:fd:70:0e:30:aa:69:b9:
         c8:ba:59:ec:8d:5c:8c:2d:19:00:ad:99:48:a9:1a:e3:c3:a7:
         41:e7:b9:6c:60:71:07:37:7a:39:b5:d9:d5:0b:58:63:b9:df:
         77:73:05:23:63:1c:ed:d3:93:4c:1b:3b:5e:9a:af:6a:8a:1d:
         7d:fe:0a:86:9f:59:2f:e1:86:10:11:53:6c:02:14:9e:a6:55:
         e6:91:09:4d:e8:f1:6e:97:9a:d3:2a:b9:8d:ba:74:d2:06:04:
         5e:96:c1:6a:ff:15:a3:98:6b:e0:a6:48:5f:4a:ae:a8:2f:cb:
         2e:f7:1c:09:db:97:39:30:e2:9b:2d:66:a2:20:ec:08:bd:25:
         82:e0:a3:1d:f4:7b:eb:07:bb:7d:3e:e4:e5:2c:b2:55:6d:4b:
         2d:1d:b4:a0:88:28:b2:64:ff:ac:1f:f4:58:14:88:cb:71:c8:
         ac:68:4f:7d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAY1A9d9i8WVRN+EOYuexma3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTI1MTQxMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTE4MzA5Mzg4YmRhMWY5OWU4ZDNkOGRmZDczNTZiY2ZhNGNkYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUPzmVwJPdWVa6ULDwdRy930yIEK
/YQL8iN13+CuewZmpCz7iG9AaAW/GTX5ut/DItqa2jZbcR5W0W5W0c6vFZ+ManNY
jdbpgJoI148qK3cv02oVwI+//YcIH0P63LG0PueVIqw7lcxuux/8U4qH2BLBVsdk
5CZJVrdDpKEhefhWpj/DZ2sUsZQDvm0oJy+3NDamjz/Bc+pI9driP8d8+P7MNctJ
BhtRH5eSKyEM2iwK3KVhTA981adbCKjae4fcSDMaUSdPtwpcmJvi7xhJVcSGGJnw
jLjP2PROmfP4rcuNa3m98GsVzZJZjmYTK1Oei9YZ7093gtO1fK5MkktudQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFCEYMJOIvaH5no09jf1zVrz6TNuqMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSVJnd2s0aTlvZm1lalQyTl9YTld2UHBNMjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQAVmpR
AwQAWSIbAwQAWSOeAwQBWSbkAwQAWSdvAwQAWShDAwQAWS2kAwQEWS9gAwQBWS9y
MAwDBAFZL3YDBABZL3gDBABZL3oDBABdccwDBABdck8DBABdcsIDBAC88QMDBALB
E8ADBAHDHAIwDQQCAAIwBwMFACABTRgwDQYJKoZIhvcNAQELBQADggEBAD2MOamR
t/8CL4Kc4emtcIgUK8tFe9CtYaH5gHfR51pGDxf3dVR+y9wFT/t7cP7XMaSI0saK
A4mJIdul0Vc7CzWYveL8RXSvzb+EaPXG6Cns0pCF/XAOMKppuci6WeyNXIwtGQCt
mUipGuPDp0HnuWxgcQc3ejm12dULWGO533dzBSNjHO3Tk0wbO16ar2qKHX3+Coaf
WS/hhhARU2wCFJ6mVeaRCU3o8W6XmtMquY26dNIGBF6WwWr/FaOYa+CmSF9Krqgv
yy73HAnblzkw4pstZqIg7Ai9JYLgox30e+sHu30+5OUsslVtSy0dtKCIKLJk/6wf
9FgUiMtxyKxoT30=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org