Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/kMrqWdiP4mI8ZqMLpJOjVknNaxA.roa
File:                     kMrqWdiP4mI8ZqMLpJOjVknNaxA.roa (raw, json)
Hash identifier:          MWUZCOliYLMrMMxs1x1TO5uOOHSnR5p4RqTw3gc4FkY=
Subject key identifier:   90:CA:EA:59:D8:8F:E2:62:3C:66:A3:0B:A4:93:A3:56:49:CD:6B:10
Certificate issuer:       /CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Certificate serial:       018721D913096948AC64078EB7E29C236DD7
Authority key identifier: B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/kMrqWdiP4mI8ZqMLpJOjVknNaxA.roa
Signing time:             Mon 27 Mar 2023 06:54:46 +0000
ROA not before:           Mon 27 Mar 2023 06:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15547
IP address blocks:        81.88.176.0/21 maxlen: 21
                          81.88.176.0/20 maxlen: 20
                          213.230.56.0/21 maxlen: 21
                          213.230.52.0/22 maxlen: 22
                          92.240.96.0/19 maxlen: 19
                          185.17.176.0/22 maxlen: 22
                          31.31.48.0/20 maxlen: 20
                          213.221.128.0/19 maxlen: 19
                          195.162.160.0/22 maxlen: 22
                          195.162.164.0/23 maxlen: 23
                          185.44.196.0/22 maxlen: 22
                          195.162.167.0/24 maxlen: 24
                          195.162.168.0/21 maxlen: 21
                          195.162.176.0/20 maxlen: 20
                          178.237.80.0/20 maxlen: 20
                          95.215.60.0/22 maxlen: 22
                          194.12.16.0/20 maxlen: 20
                          86.111.128.0/20 maxlen: 20
                          185.50.220.0/22 maxlen: 22
                          92.62.176.0/20 maxlen: 20
                          192.162.24.0/22 maxlen: 22
                          81.13.128.0/17 maxlen: 17
                          78.155.0.0/19 maxlen: 19
                          77.242.160.0/20 maxlen: 20
                          178.157.84.0/22 maxlen: 22
                          213.238.0.0/19 maxlen: 19
                          185.17.108.0/22 maxlen: 22
                          217.79.192.0/20 maxlen: 20
                          2a03:4380::/32 maxlen: 32
                          2a02:26a0::/29 maxlen: 29
                          2001:14a8::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 27 Mar 2023 06:56:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:21:d9:13:09:69:48:ac:64:07:8e:b7:e2:9c:23:6d:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
        Validity
            Not Before: Mar 27 06:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=90caea59d88fe2623c66a30ba493a35649cd6b10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:cc:7a:db:47:7b:fa:d6:65:df:09:39:04:c1:
                    c2:b5:7a:49:07:7d:5e:b2:40:7e:8b:32:b7:5e:b7:
                    d7:3a:5e:a0:e9:71:b1:60:10:17:53:a0:ce:0a:fe:
                    91:27:9d:d1:f5:79:1c:e7:9b:4a:e7:ca:5a:9b:c2:
                    98:e1:da:ee:c5:9a:b0:9a:d1:e2:fa:43:d4:1d:a4:
                    f9:b5:f5:9a:f4:4a:d3:b1:aa:07:71:02:b7:34:ac:
                    4f:b1:98:6e:6a:2e:5d:52:11:35:c7:bc:90:ff:68:
                    a1:82:40:56:7d:01:db:0d:46:97:bf:ae:2b:3a:45:
                    41:4b:2e:3f:d0:54:f5:ba:ca:eb:db:d2:1e:70:d1:
                    5a:7a:92:b0:99:28:e4:37:5f:46:d4:29:72:54:6a:
                    44:96:fd:4f:4d:51:5e:e5:12:7d:44:ab:a5:87:5f:
                    24:0d:73:bd:77:a2:88:75:c5:a5:ac:1a:b6:70:e7:
                    b9:a8:39:68:4d:3b:b2:80:d6:5e:11:61:fc:e8:52:
                    41:21:03:b3:50:07:fb:e2:bd:de:87:8a:69:a9:52:
                    f6:c1:a7:7e:18:1b:af:36:34:33:a6:40:43:39:f6:
                    7f:b2:32:5b:e0:76:33:d1:36:b7:8e:db:89:09:0f:
                    b8:48:e5:0d:cb:64:2a:d3:dc:e4:fd:c6:43:02:61:
                    c5:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:CA:EA:59:D8:8F:E2:62:3C:66:A3:0B:A4:93:A3:56:49:CD:6B:10
            X509v3 Authority Key Identifier:
                keyid:B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/kMrqWdiP4mI8ZqMLpJOjVknNaxA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.31.48.0/20
                  77.242.160.0/20
                  78.155.0.0/19
                  81.13.128.0/17
                  81.88.176.0/20
                  86.111.128.0/20
                  92.62.176.0/20
                  92.240.96.0/19
                  95.215.60.0/22
                  178.157.84.0/22
                  178.237.80.0/20
                  185.17.108.0/22
                  185.17.176.0/22
                  185.44.196.0/22
                  185.50.220.0/22
                  192.162.24.0/22
                  194.12.16.0/20
                  195.162.160.0-195.162.165.255
                  195.162.167.0-195.162.191.255
                  213.221.128.0/19
                  213.230.52.0-213.230.63.255
                  213.238.0.0/19
                  217.79.192.0/20
                IPv6:
                  2001:14a8::/32
                  2a02:26a0::/29
                  2a03:4380::/32

    Signature Algorithm: sha256WithRSAEncryption
         55:c6:2d:68:94:47:6d:2b:96:ea:42:d2:ed:de:cf:35:f9:6c:
         bb:92:1f:ab:a1:40:57:89:98:c2:3a:00:9e:e5:09:0b:06:af:
         c9:fd:72:d2:47:ad:40:67:93:ec:d4:6f:1f:4c:a3:e8:6a:93:
         4a:03:f1:e0:bd:24:53:de:a8:ac:86:53:5d:3f:bf:a4:71:08:
         58:c0:fe:70:23:c9:a4:c4:1a:e4:d4:73:09:c2:57:60:85:ed:
         43:e4:18:8d:6b:c3:03:b7:bb:82:42:1d:d2:46:5a:5c:90:18:
         5c:05:f2:fe:bf:12:71:aa:8c:33:9a:06:17:ba:36:76:55:3f:
         c6:f9:e8:ce:14:4c:bf:54:57:3a:8b:9d:c5:f9:95:d5:96:db:
         fe:93:5e:cb:0c:6c:e2:8a:a7:9c:d6:4c:e5:2b:b0:1d:f4:d7:
         50:dd:03:cd:d0:cf:ec:1f:e8:4a:9d:37:8a:f3:a9:21:2b:a3:
         0a:40:55:9f:75:73:a3:fd:3b:03:d9:bd:da:1a:9f:43:be:ae:
         5b:59:13:d8:68:38:ae:a6:78:b5:38:89:14:e6:b7:4f:ef:fe:
         2f:6e:84:be:1d:6a:b6:6f:6e:e5:86:59:92:54:6a:30:8d:c5:
         44:aa:1f:58:8e:00:49:b4:fe:e1:22:f7:b9:27:f2:08:92:63:
         ed:c1:f4:38
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYch2RMJaUisZAeOt+KcI23XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTY3ZmNiMGJkYzYwMDFkOGNmNzA3M2M2NDllYjk4MTlm
YzVlYjgwHhcNMjMwMzI3MDY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNhZWE1OWQ4OGZlMjYyM2M2NmEzMGJhNDkzYTM1NjQ5Y2Q2YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsx620d7+tZl3wk5BMHCtXpJB31e
skB+izK3XrfXOl6g6XGxYBAXU6DOCv6RJ53R9Xkc55tK58pam8KY4druxZqwmtHi
+kPUHaT5tfWa9ErTsaoHcQK3NKxPsZhuai5dUhE1x7yQ/2ihgkBWfQHbDUaXv64r
OkVBSy4/0FT1usrr29IecNFaepKwmSjkN19G1ClyVGpElv1PTVFe5RJ9RKulh18k
DXO9d6KIdcWlrBq2cOe5qDloTTuygNZeEWH86FJBIQOzUAf74r3eh4ppqVL2wad+
GBuvNjQzpkBDOfZ/sjJb4HYz0Ta3jtuJCQ+4SOUNy2Qq09zk/cZDAmHFNwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFJDK6lnYj+JiPGajC6STo1ZJzWsQMB8GA1UdIwQY
MBaAFLnmf8sL3GAB2M9wc8ZJ65gZ/F64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEt
ZmE3MWFlMDVkYzNmLzEva01ycVdkaVA0bUk4WnFNTHBKT2pWa25OYXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEtZmE3MWFlMDVkYzNm
LzEvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBqQQCAAEwgaIDBAQf
HzADBARN8qADBAVOmwADBAdRDYADBARRWLADBARWb4ADBARcPrADBAVc8GADBAJf
1zwDBAKynVQDBASy7VADBAK5EWwDBAK5EbADBAK5LMQDBAK5MtwDBALAohgDBATC
DBAwDAMEBcOioAMEAcOipDAMAwQAw6KnAwQGw6KAAwQF1d2AMAwDBALV5jQDBAbV
5gADBAXV7gADBATZT8AwGwQCAAIwFQMFACABFKgDBQMqAiagAwUAKgNDgDANBgkq
hkiG9w0BAQsFAAOCAQEAVcYtaJRHbSuW6kLS7d7PNflsu5Ifq6FAV4mYwjoAnuUJ
Cwavyf1y0ketQGeT7NRvH0yj6GqTSgPx4L0kU96orIZTXT+/pHEIWMD+cCPJpMQa
5NRzCcJXYIXtQ+QYjWvDA7e7gkId0kZaXJAYXAXy/r8ScaqMM5oGF7o2dlU/xvno
zhRMv1RXOoudxfmV1Zbb/pNeywxs4oqnnNZM5SuwHfTXUN0DzdDP7B/oSp03ivOp
ISujCkBVn3Vzo/07A9m92hqfQ76uW1kT2Gg4rqZ4tTiJFOa3T+/+L26Evh1qtm9u
5YZZklRqMI3FRKofWI4ASbT+4SL3uSfyCJJj7cH0OA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:09 2024 by rpki-client on console-ams.rpki-client.org