Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/N4KxxA-7YX5FIuL3ABmSFf_thvA.roa
File:                     N4KxxA-7YX5FIuL3ABmSFf_thvA.roa (raw, json)
Hash identifier:          QurYDQDFz3DBTwICB5tSuyqCCciPtfLCNF+1pwZnJVQ=
Subject key identifier:   37:82:B1:C4:0F:BB:61:7E:45:22:E2:F7:00:19:92:15:FF:ED:86:F0
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       01895A9CCE910B5C908EFE41B1FDFF822F13
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/N4KxxA-7YX5FIuL3ABmSFf_thvA.roa
Signing time:             Sat 15 Jul 2023 17:32:53 +0000
ROA not before:           Sat 15 Jul 2023 17:32:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        85.208.105.0/24 maxlen: 24
                          45.66.152.0/24 maxlen: 24
                          45.66.154.0/24 maxlen: 24
                          45.66.155.0/24 maxlen: 24
                          5.180.32.0/22 maxlen: 24
                          5.180.51.0/24 maxlen: 24
                          5.180.48.0/24 maxlen: 24
                          5.180.50.0/24 maxlen: 24
                          85.208.113.0/24 maxlen: 24
                          85.208.115.0/24 maxlen: 24
                          45.8.184.0/22 maxlen: 24
                          45.8.192.0/22 maxlen: 24
                          45.8.188.0/22 maxlen: 24
                          45.8.199.0/24 maxlen: 24
                          45.8.198.0/24 maxlen: 24
                          45.8.197.0/24 maxlen: 24
                          45.8.203.0/24 maxlen: 24
                          193.168.208.0/22 maxlen: 24
                          5.180.80.0/24 maxlen: 24
                          5.180.235.0/24 maxlen: 24
                          5.180.234.0/24 maxlen: 24
                          85.209.162.0/24 maxlen: 24
                          85.209.160.0/24 maxlen: 24
                          5.253.44.0/24 maxlen: 24
                          5.253.39.0/24 maxlen: 24
                          45.8.252.0/24 maxlen: 24
                          45.8.253.0/24 maxlen: 24
                          5.253.46.0/24 maxlen: 24
                          5.253.47.0/24 maxlen: 24
                          5.253.45.0/24 maxlen: 24
                          45.9.3.0/24 maxlen: 24
                          45.9.4.0/24 maxlen: 24
                          45.8.255.0/24 maxlen: 24
                          45.9.1.0/24 maxlen: 24
                          45.9.0.0/24 maxlen: 24
                          45.9.6.0/24 maxlen: 24
                          45.9.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 05 Aug 2023 14:52:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:5a:9c:ce:91:0b:5c:90:8e:fe:41:b1:fd:ff:82:2f:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jul 15 17:32:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3782b1c40fbb617e4522e2f700199215ffed86f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f4:72:87:94:9d:a7:bc:a6:97:97:6b:9e:d7:
                    21:8e:4d:24:cf:69:f3:f0:91:b2:22:b6:40:e8:17:
                    e3:98:f3:b1:c2:8f:8d:4e:6a:43:ae:f5:79:8b:bd:
                    1d:e1:14:7c:2c:fb:58:70:f4:0e:f7:f8:f6:0f:2f:
                    7b:36:2d:9a:4f:11:d7:88:a1:01:01:3a:9b:b5:40:
                    4b:e5:1a:54:8b:20:60:39:c3:e6:70:60:e8:86:50:
                    81:8c:13:65:56:0b:a5:6f:7c:b8:8f:12:26:9f:8a:
                    17:a8:d8:05:22:f6:71:88:f0:2e:a2:57:69:19:e4:
                    f0:52:d3:3d:e1:6e:79:81:ee:f3:28:c6:60:3e:23:
                    88:9b:65:45:94:a0:4e:da:b5:a6:1c:8c:f0:85:1f:
                    a6:7c:99:00:ce:88:1a:82:71:0e:fd:44:22:62:fa:
                    0a:e8:86:44:91:c7:00:55:b2:be:7f:25:13:c1:8e:
                    db:5b:b2:1a:75:27:f0:16:30:8c:82:e8:08:9a:9e:
                    a3:54:82:76:2a:d9:5a:2f:2c:50:10:1d:ce:cf:f0:
                    21:5b:a0:35:c7:46:44:a4:5c:98:f9:77:65:23:65:
                    cb:9f:c7:3e:13:d9:9c:75:1a:de:cd:80:e5:11:51:
                    ed:c4:17:1b:b2:62:2c:97:b1:83:2b:18:07:ba:40:
                    1b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:82:B1:C4:0F:BB:61:7E:45:22:E2:F7:00:19:92:15:FF:ED:86:F0
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/N4KxxA-7YX5FIuL3ABmSFf_thvA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.32.0/22
                  5.180.48.0/24
                  5.180.50.0/23
                  5.180.80.0/24
                  5.180.234.0/23
                  5.253.39.0/24
                  5.253.44.0/22
                  45.8.184.0-45.8.195.255
                  45.8.197.0-45.8.199.255
                  45.8.203.0/24
                  45.8.252.0/23
                  45.8.255.0-45.9.1.255
                  45.9.3.0-45.9.4.255
                  45.9.6.0/23
                  45.66.152.0/24
                  45.66.154.0/23
                  85.208.105.0/24
                  85.208.113.0/24
                  85.208.115.0/24
                  85.209.160.0/24
                  85.209.162.0/24
                  193.168.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:6b:91:f6:3f:35:27:86:2b:7e:13:33:21:ca:49:dc:06:e6:
         d0:01:3f:d9:51:88:fa:12:03:b7:13:8f:9e:db:69:36:dd:42:
         fd:d1:5a:bb:ed:76:d0:08:06:d7:fb:b9:f5:2c:2f:24:62:34:
         de:2b:09:52:09:df:7b:26:ee:f9:23:18:cc:d1:e8:e6:68:a9:
         c2:b4:6e:e0:53:e6:62:b7:bf:07:e4:e5:14:df:a9:22:df:42:
         7b:47:06:60:09:4b:29:4d:b8:7f:04:f3:29:36:b8:cb:17:aa:
         09:eb:eb:8f:99:e5:7a:32:a6:2a:5d:b5:2f:79:d8:eb:ae:32:
         9a:b7:b0:b0:7a:a1:a6:24:13:08:3d:c3:42:d8:35:89:1b:e3:
         7b:16:84:c5:6f:c1:09:c2:01:62:6b:7f:16:a9:8e:89:3d:bd:
         45:68:84:bf:da:41:a8:fe:62:99:f3:a3:b6:1f:73:89:3d:70:
         96:e6:9c:68:23:43:74:03:14:b5:6a:0b:5f:84:cd:bd:9d:32:
         b7:3e:e0:96:13:1f:d0:5c:16:ff:79:4e:eb:ea:6e:89:4f:82:
         2b:48:7a:4b:26:a5:5d:f0:0d:a7:ef:bd:51:eb:01:a9:6f:3e:
         dc:f5:96:59:38:49:ed:0d:7b:76:3e:e2:c9:39:9e:90:83:30:
         c8:56:fb:f6
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYlanM6RC1yQjv5Bsf3/gi8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNzE1MTczMjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzgyYjFjNDBmYmI2MTdlNDUyMmUyZjcwMDE5OTIxNWZmZWQ4NmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfRyh5Sdp7yml5drntchjk0kz2nz
8JGyIrZA6BfjmPOxwo+NTmpDrvV5i70d4RR8LPtYcPQO9/j2Dy97Ni2aTxHXiKEB
ATqbtUBL5RpUiyBgOcPmcGDohlCBjBNlVgulb3y4jxImn4oXqNgFIvZxiPAuoldp
GeTwUtM94W55ge7zKMZgPiOIm2VFlKBO2rWmHIzwhR+mfJkAzogagnEO/UQiYvoK
6IZEkccAVbK+fyUTwY7bW7IadSfwFjCMgugImp6jVIJ2KtlaLyxQEB3Oz/AhW6A1
x0ZEpFyY+XdlI2XLn8c+E9mcdRrezYDlEVHtxBcbsmIsl7GDKxgHukAbnwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFDeCscQPu2F+RSLi9wAZkhX/7YbwMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTjRLeHhBLTdZWDVGSXVMM0FCbVNGZl90aHZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAIF
tCADBAAFtDADBAEFtDIDBAAFtFADBAEFtOoDBAAF/ScDBAIF/SwwDAMEAy0IuAME
Ai0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAtCP8DBAEtCQAwDAME
AC0JAwMEAC0JBAMEAS0JBgMEAC1CmAMEAS1CmgMEAFXQaQMEAFXQcQMEAFXQcwME
AFXRoAMEAFXRogMEAsGo0DANBgkqhkiG9w0BAQsFAAOCAQEAS2uR9j81J4YrfhMz
IcpJ3Abm0AE/2VGI+hIDtxOPnttpNt1C/dFau+120AgG1/u59SwvJGI03isJUgnf
eybu+SMYzNHo5mipwrRu4FPmYre/B+TlFN+pIt9Ce0cGYAlLKU24fwTzKTa4yxeq
Cevrj5nlejKmKl21L3nY664ymrewsHqhpiQTCD3DQtg1iRvjexaExW/BCcIBYmt/
FqmOiT29RWiEv9pBqP5imfOjth9ziT1wluacaCNDdAMUtWoLX4TNvZ0ytz7glhMf
0FwW/3lO6+puiU+CK0h6SyalXfANp++9UesBqW8+3PWWWThJ7Q17dj7iyTmekIMw
yFb79g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:24 2024 by rpki-client on console-fra.rpki-client.org