Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ADTs4QQq2Xq8DgeouzgAg-q3LF8.roa
File:                     ADTs4QQq2Xq8DgeouzgAg-q3LF8.roa (raw, json)
Hash identifier:          ftMfJ2FaJl6Ky0YPfQ9lWbKHrU1WOLhJzPL/D1UsXDI=
Subject key identifier:   00:34:EC:E1:04:2A:D9:7A:BC:0E:07:A8:BB:38:00:83:EA:B7:2C:5F
Certificate issuer:       /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial:       01891B7F1276A90A5EC718B54A6F40A31CB4
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ADTs4QQq2Xq8DgeouzgAg-q3LF8.roa
Signing time:             Mon 03 Jul 2023 11:24:19 +0000
ROA not before:           Mon 03 Jul 2023 11:24:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58305
IP address blocks:        198.105.124.0/23 maxlen: 24
                          45.43.64.0/19 maxlen: 24
                          45.43.74.0/23 maxlen: 24
                          45.43.80.0/22 maxlen: 24
                          198.105.96.0/19 maxlen: 24
                          198.105.116.0/23 maxlen: 24
                          155.254.32.0/22 maxlen: 24
                          155.254.32.0/19 maxlen: 24
                          155.254.48.0/23 maxlen: 23
                          155.254.63.0/24 maxlen: 24
                          155.254.61.0/24 maxlen: 24
                          107.161.160.0/24 maxlen: 24
                          107.161.161.0/24 maxlen: 24
                          107.161.162.0/24 maxlen: 24
                          107.161.172.0/24 maxlen: 24
                          107.161.168.0/24 maxlen: 24
                          107.161.169.0/24 maxlen: 24
                          107.161.170.0/24 maxlen: 24
                          107.161.171.0/24 maxlen: 24
                          107.181.128.0/19 maxlen: 24
                          162.220.240.0/24 maxlen: 24
                          162.220.242.0/24 maxlen: 24
                          162.220.240.0/21 maxlen: 24
                          162.220.241.0/24 maxlen: 24
                          113.20.156.0/22 maxlen: 24
                          107.161.173.0/24 maxlen: 24
                          107.161.174.0/23 maxlen: 24
                          162.217.248.0/24 maxlen: 24
                          162.217.249.0/24 maxlen: 24
                          162.217.250.0/24 maxlen: 24
                          162.217.251.0/24 maxlen: 24
                          2a05:9f40::/29 maxlen: 48
                          2a07:9944:20::/48 maxlen: 48
                          2a07:9942:39d7::/48 maxlen: 48
                          2a07:9944:2222::/48 maxlen: 48
                          2a07:9940::/29 maxlen: 48
                          2a07:9944:10::/48 maxlen: 48
                          2a02:2ca0::/29 maxlen: 48

Validation:               Failed, certificate revoked on Wed 12 Jul 2023 19:16:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1b:7f:12:76:a9:0a:5e:c7:18:b5:4a:6f:40:a3:1c:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
        Validity
            Not Before: Jul  3 11:24:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0034ece1042ad97abc0e07a8bb380083eab72c5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:87:bb:3e:39:e3:58:5a:c0:5b:3a:0a:b7:61:
                    cc:19:22:a6:28:38:40:49:3a:fb:f5:31:a7:e8:cb:
                    ca:d9:c7:95:ec:47:ce:5d:39:fa:bf:7d:f0:40:66:
                    77:d9:25:2f:8c:a4:74:81:aa:36:3f:fd:58:90:aa:
                    c6:ed:91:96:11:ab:c0:15:a1:54:e2:7c:a9:ab:51:
                    63:49:30:4b:8a:c9:8c:4e:90:3a:d7:c0:1b:20:03:
                    7d:f7:58:23:0f:8f:8f:0c:21:9c:a5:11:f2:e9:f8:
                    fa:cd:d0:37:e4:b4:da:f8:aa:c7:d0:24:bd:5a:09:
                    f4:3a:c0:c8:46:7e:51:2c:b0:4e:4d:9f:fe:7f:bd:
                    96:9c:6e:f5:55:cb:2e:1e:c5:b6:15:a3:32:91:91:
                    8a:6b:c1:5a:20:b6:5b:ab:70:9c:69:67:11:ee:a7:
                    ec:35:5e:54:c1:b5:8b:58:64:9e:bd:ab:8e:a5:dc:
                    65:4b:f0:8c:bc:24:4c:c4:22:54:d2:f6:8d:45:23:
                    77:98:94:49:af:c5:1f:e3:9b:e0:7c:20:f7:18:dc:
                    d6:5d:e6:bd:03:35:6d:6e:f0:d4:54:4d:6b:4f:a4:
                    37:c0:1b:e8:f5:67:8a:46:ec:42:27:a9:87:71:fe:
                    66:4d:e5:26:fc:60:53:1f:ef:62:ab:d7:c2:10:82:
                    61:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:34:EC:E1:04:2A:D9:7A:BC:0E:07:A8:BB:38:00:83:EA:B7:2C:5F
            X509v3 Authority Key Identifier:
                keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ADTs4QQq2Xq8DgeouzgAg-q3LF8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.43.64.0/19
                  107.161.160.0-107.161.162.255
                  107.161.168.0/21
                  107.181.128.0/19
                  113.20.156.0/22
                  155.254.32.0/19
                  162.217.248.0/22
                  162.220.240.0/21
                  198.105.96.0/19
                IPv6:
                  2a02:2ca0::/29
                  2a05:9f40::/29
                  2a07:9940::/29

    Signature Algorithm: sha256WithRSAEncryption
         4a:d4:8b:e1:04:52:06:4b:eb:ed:d4:ad:71:96:53:48:7d:ec:
         74:de:4b:20:5b:73:5d:00:c1:38:8f:86:ec:d9:f1:4d:23:e4:
         31:96:db:d9:51:7b:ed:ab:87:ea:f2:30:9f:ea:2f:db:63:28:
         6f:62:3b:af:fe:ad:b4:18:76:01:56:d0:c8:d0:f9:3a:f6:78:
         65:b5:02:8c:5c:38:f0:58:55:9c:52:52:3e:5d:2b:62:f9:51:
         47:c6:eb:0c:3f:46:15:92:30:ed:f9:46:a5:22:a4:0c:8c:0c:
         8f:7a:47:60:d2:07:48:99:ad:27:b5:e3:2b:ee:98:c0:65:65:
         15:a1:6a:0c:20:6f:fa:4d:54:d3:e4:1c:64:68:dd:49:e9:df:
         e2:4b:f7:bd:72:16:da:49:f6:da:8f:b5:49:3e:0a:cc:9a:5e:
         66:90:0f:95:82:1c:ab:97:25:d4:38:45:e3:5e:eb:9a:f9:3e:
         18:5f:3f:1e:9b:4a:87:04:12:62:d7:c5:c0:d7:55:d8:db:5d:
         b1:1d:80:02:b4:5b:78:80:77:88:d9:c2:6f:b2:ff:a1:ef:81:
         ea:1b:e3:43:71:ee:ad:4f:74:c3:0e:36:d5:8c:8d:32:b9:e8:
         8f:7a:33:35:6e:bd:cf:77:6f:d1:70:18:1a:f0:31:e6:6d:3c:
         b1:77:62:c3
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYkbfxJ2qQpexxi1Sm9Aoxy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwNzAzMTEyNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDM0ZWNlMTA0MmFkOTdhYmMwZTA3YThiYjM4MDA4M2VhYjcyYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoe7PjnjWFrAWzoKt2HMGSKmKDhA
STr79TGn6MvK2ceV7EfOXTn6v33wQGZ32SUvjKR0gao2P/1YkKrG7ZGWEavAFaFU
4nypq1FjSTBLismMTpA618AbIAN991gjD4+PDCGcpRHy6fj6zdA35LTa+KrH0CS9
Wgn0OsDIRn5RLLBOTZ/+f72WnG71VcsuHsW2FaMykZGKa8FaILZbq3CcaWcR7qfs
NV5UwbWLWGSevauOpdxlS/CMvCRMxCJU0vaNRSN3mJRJr8Uf45vgfCD3GNzWXea9
AzVtbvDUVE1rT6Q3wBvo9WeKRuxCJ6mHcf5mTeUm/GBTH+9iq9fCEIJhqQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFAA07OEEKtl6vA4HqLs4AIPqtyxfMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvQURUczRRUXEyWHE4RGdlb3V6Z0FnLXEzTEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBEBAIAATA+AwQFLStAMAwD
BAVroaADBABroaIDBANroagDBAVrtYADBAJxFJwDBAWb/iADBAKi2fgDBAOi3PAD
BAXGaWAwGwQCAAIwFQMFAyoCLKADBQMqBZ9AAwUDKgeZQDANBgkqhkiG9w0BAQsF
AAOCAQEAStSL4QRSBkvr7dStcZZTSH3sdN5LIFtzXQDBOI+G7NnxTSPkMZbb2VF7
7auH6vIwn+ov22Mob2I7r/6ttBh2AVbQyND5OvZ4ZbUCjFw48FhVnFJSPl0rYvlR
R8brDD9GFZIw7flGpSKkDIwMj3pHYNIHSJmtJ7XjK+6YwGVlFaFqDCBv+k1U0+Qc
ZGjdSenf4kv3vXIW2kn22o+1ST4KzJpeZpAPlYIcq5cl1DhF417rmvk+GF8/HptK
hwQSYtfFwNdV2NtdsR2AArRbeIB3iNnCb7L/oe+B6hvjQ3HurU90ww421YyNMrno
j3ozNW69z3dv0XAYGvAx5m08sXdiww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org