Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/zejk1kmyF8hmGSjklZZwiXIq0j0.roa
File:                     zejk1kmyF8hmGSjklZZwiXIq0j0.roa (raw, json)
Hash identifier:          O4GAjGoRZH0o3m4XUuB6chXie+8PLRmVi8rgBSyFl84=
Subject key identifier:   CD:E8:E4:D6:49:B2:17:C8:66:19:28:E4:95:96:70:89:72:2A:D2:3D
Certificate issuer:       /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial:       01892D087DF71523FB567871A3180BF88DDA
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/zejk1kmyF8hmGSjklZZwiXIq0j0.roa
Signing time:             Thu 06 Jul 2023 21:07:58 +0000
ROA not before:           Thu 06 Jul 2023 21:07:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     136258
IP address blocks:        185.213.23.0/24 maxlen: 24
                          109.104.152.0/24 maxlen: 24
                          109.104.155.0/24 maxlen: 24
                          109.104.153.0/24 maxlen: 24
                          147.78.3.0/24 maxlen: 24
                          147.78.0.0/24 maxlen: 24
                          147.78.1.0/24 maxlen: 24
                          185.126.239.0/24 maxlen: 24
                          2a11:840:12::/48 maxlen: 48
                          2a11:840:8::/48 maxlen: 48
                          2a11:840:18::/48 maxlen: 48
                          2a11:840:13::/48 maxlen: 48
                          2a11:840:6::/48 maxlen: 48
                          2a11:840:11::/48 maxlen: 48
                          2a11:840:41::/48 maxlen: 48
                          2a11:840:17::/48 maxlen: 48
                          2a11:840:7::/48 maxlen: 48
                          2a11:840:47::/48 maxlen: 48
                          2a11:840:25::/48 maxlen: 48
                          2a11:840:40::/48 maxlen: 48
                          2a11:840:10::/48 maxlen: 48
                          2a11:840:19::/48 maxlen: 48
                          2a11:840:14::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 08 Jul 2023 13:23:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2d:08:7d:f7:15:23:fb:56:78:71:a3:18:0b:f8:8d:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
        Validity
            Not Before: Jul  6 21:07:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cde8e4d649b217c8661928e495967089722ad23d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:fa:ee:6b:de:97:1d:ff:76:72:ec:c6:02:a1:
                    69:b5:d9:2d:81:9a:fe:8d:36:ff:4b:fe:77:21:5b:
                    d1:d3:9c:13:f8:01:e1:7d:c5:0c:d8:8d:04:a1:2b:
                    e7:63:42:57:40:58:0e:3c:cd:5c:85:88:af:d8:22:
                    bc:18:d0:c3:4d:aa:2d:e2:d4:81:13:fa:0a:5f:cf:
                    0b:cd:df:c3:40:4d:eb:24:70:20:b9:0f:45:d1:8c:
                    39:ab:a0:0b:4e:85:c5:55:f7:c4:d3:6a:af:6d:e0:
                    77:bd:1a:29:db:6d:06:b1:2b:c2:a2:4f:72:11:51:
                    27:5a:d6:4c:22:53:aa:4e:97:82:e0:e6:0a:09:82:
                    44:c9:6d:84:9f:85:51:47:b0:27:fd:be:0f:48:8c:
                    3c:35:4b:50:96:e9:7d:e5:9b:2e:85:86:60:d0:9e:
                    0c:87:9c:f7:43:d1:d4:da:80:f9:21:dc:bf:e5:fc:
                    aa:dc:9e:b4:4b:e8:3a:50:fb:83:70:28:a7:51:a9:
                    95:45:fe:0b:5f:df:d9:18:85:9e:8a:36:fa:3e:99:
                    5f:16:fb:b8:7c:19:85:94:a1:b5:12:b9:ed:2f:c4:
                    5a:f7:15:47:0a:9f:11:df:c7:20:c3:c8:38:74:80:
                    d7:7e:1e:82:4e:7c:54:c3:dd:d4:54:a2:19:c1:e3:
                    e2:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:E8:E4:D6:49:B2:17:C8:66:19:28:E4:95:96:70:89:72:2A:D2:3D
            X509v3 Authority Key Identifier:
                keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/zejk1kmyF8hmGSjklZZwiXIq0j0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.104.152.0/23
                  109.104.155.0/24
                  147.78.0.0/23
                  147.78.3.0/24
                  185.126.239.0/24
                  185.213.23.0/24
                IPv6:
                  2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
                  2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
                  2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
                  2a11:840:25::/48
                  2a11:840:40::/47
                  2a11:840:47::/48

    Signature Algorithm: sha256WithRSAEncryption
         70:39:c5:a1:97:69:f8:0b:fd:a4:23:79:bc:c2:4b:65:0b:5a:
         9e:ac:f0:ae:10:06:9f:bc:06:c7:f0:cd:ce:52:36:b0:28:1e:
         fd:7f:1b:90:91:b7:2c:b0:84:3a:03:9f:3a:86:6b:f3:a2:8c:
         f7:09:87:6c:61:1d:51:6d:51:b5:e0:81:81:01:ba:aa:98:c0:
         49:f2:26:c9:b2:bf:06:cb:a9:96:0d:96:5a:15:a5:42:8b:57:
         3d:04:00:c7:e9:5b:d8:7a:35:5d:24:f3:f8:14:24:a3:5d:23:
         ab:ca:4e:14:18:26:a5:ea:45:e1:d4:ef:63:bf:97:49:10:13:
         7f:b2:c3:9a:f3:78:c0:d6:8f:85:fb:da:34:43:74:5d:a3:2d:
         4e:b2:ee:0e:1d:1b:42:78:7e:99:1d:63:49:c7:3e:34:86:8e:
         ca:c4:c3:67:fc:42:a5:de:c1:9e:f3:fa:27:f4:e9:77:b1:35:
         50:a3:f1:b4:35:39:e7:d5:be:5e:bd:2c:fc:24:e2:c1:66:96:
         33:6a:cd:12:aa:36:bd:9c:5c:03:18:9a:e5:7f:63:38:db:16:
         23:9b:74:31:68:78:34:cb:59:b6:fa:e8:f2:d8:af:d4:12:5f:
         26:8e:c2:51:54:86:b8:f0:3b:51:60:ac:ce:64:55:36:91:5d:
         91:79:b1:75
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYktCH33FSP7VnhxoxgL+I3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjMwNzA2MjEwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGU4ZTRkNjQ5YjIxN2M4NjYxOTI4ZTQ5NTk2NzA4OTcyMmFkMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/rua96XHf92cuzGAqFptdktgZr+
jTb/S/53IVvR05wT+AHhfcUM2I0EoSvnY0JXQFgOPM1chYiv2CK8GNDDTaot4tSB
E/oKX88Lzd/DQE3rJHAguQ9F0Yw5q6ALToXFVffE02qvbeB3vRop220GsSvCok9y
EVEnWtZMIlOqTpeC4OYKCYJEyW2En4VRR7An/b4PSIw8NUtQlul95ZsuhYZg0J4M
h5z3Q9HU2oD5Idy/5fyq3J60S+g6UPuDcCinUamVRf4LX9/ZGIWeijb6PplfFvu4
fBmFlKG1ErntL8Ra9xVHCp8R38cgw8g4dIDXfh6CTnxUw93UVKIZwePipwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFM3o5NZJshfIZhko5JWWcIlyKtI9MB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvemVqazFrbXlGOGhtR1Nqa2xaWndpWElxMGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizAqBAIAATAkAwQBbWiY
AwQAbWibAwQBk04AAwQAk04DAwQAuX7vAwQAudUXMF0EAgACMFcwEgMHASoRCEAA
BgMHACoRCEAACDASAwcEKhEIQAAQAwcAKhEIQAAUMBIDBwAqEQhAABcDBwEqEQhA
ABgDBwAqEQhAACUDBwEqEQhAAEADBwAqEQhAAEcwDQYJKoZIhvcNAQELBQADggEB
AHA5xaGXafgL/aQjebzCS2ULWp6s8K4QBp+8Bsfwzc5SNrAoHv1/G5CRtyywhDoD
nzqGa/OijPcJh2xhHVFtUbXggYEBuqqYwEnyJsmyvwbLqZYNlloVpUKLVz0EAMfp
W9h6NV0k8/gUJKNdI6vKThQYJqXqReHU72O/l0kQE3+yw5rzeMDWj4X72jRDdF2j
LU6y7g4dG0J4fpkdY0nHPjSGjsrEw2f8QqXewZ7z+if06XexNVCj8bQ1OefVvl69
LPwk4sFmljNqzRKqNr2cXAMYmuV/YzjbFiObdDFoeDTLWbb66PLYr9QSXyaOwlFU
hrjwO1FgrM5kVTaRXZF5sXU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:52 2024 by rpki-client on console-ams.rpki-client.org