Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/WMxVT8kYqkq4u3wtdzX2tZEGTt4.roa
File:                     WMxVT8kYqkq4u3wtdzX2tZEGTt4.roa (raw, json)
Hash identifier:          rZWqr/uNsgCLoK8DX5cUtpBhs1pQpCYO527SMG6b0mI=
Subject key identifier:   58:CC:55:4F:C9:18:AA:4A:B8:BB:7C:2D:77:35:F6:B5:91:06:4E:DE
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018C7347FC91578A698B61B6153E6B6E9060
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/WMxVT8kYqkq4u3wtdzX2tZEGTt4.roa
Signing time:             Sat 16 Dec 2023 15:39:06 +0000
ROA not before:           Sat 16 Dec 2023 15:39:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        85.208.105.0/24 maxlen: 24
                          45.66.152.0/24 maxlen: 24
                          45.66.154.0/24 maxlen: 24
                          45.66.155.0/24 maxlen: 24
                          5.180.32.0/22 maxlen: 24
                          5.180.51.0/24 maxlen: 24
                          5.180.50.0/24 maxlen: 24
                          85.208.107.0/24 maxlen: 24
                          85.208.113.0/24 maxlen: 24
                          85.208.115.0/24 maxlen: 24
                          45.8.184.0/24 maxlen: 24
                          45.8.192.0/22 maxlen: 24
                          45.8.188.0/22 maxlen: 24
                          45.8.199.0/24 maxlen: 24
                          45.8.198.0/24 maxlen: 24
                          45.8.197.0/24 maxlen: 24
                          45.8.203.0/24 maxlen: 24
                          193.168.208.0/22 maxlen: 24
                          5.180.80.0/24 maxlen: 24
                          5.180.235.0/24 maxlen: 24
                          85.209.160.0/24 maxlen: 24
                          5.253.44.0/24 maxlen: 24
                          5.253.39.0/24 maxlen: 24
                          45.8.252.0/24 maxlen: 24
                          45.8.253.0/24 maxlen: 24
                          5.253.47.0/24 maxlen: 24
                          5.253.45.0/24 maxlen: 24
                          45.9.4.0/24 maxlen: 24
                          45.8.255.0/24 maxlen: 24
                          45.9.1.0/24 maxlen: 24
                          45.9.0.0/24 maxlen: 24
                          45.9.6.0/24 maxlen: 24
                          45.9.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 17 Dec 2023 11:10:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:73:47:fc:91:57:8a:69:8b:61:b6:15:3e:6b:6e:90:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Dec 16 15:39:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=58cc554fc918aa4ab8bb7c2d7735f6b591064ede
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:af:67:b8:d3:f9:39:b5:c3:f5:8b:77:88:e8:
                    dc:41:53:cf:b8:f9:82:4f:16:1f:26:09:c3:7e:55:
                    43:9b:86:b8:f3:07:a5:ba:c2:ba:6b:4b:b7:27:d6:
                    71:a0:e2:db:e6:df:5f:fa:15:de:cb:37:41:76:7b:
                    10:1b:0b:d1:ab:40:c6:0c:ed:38:d3:ec:c8:d5:70:
                    88:e7:b5:ab:a3:b7:e0:90:26:98:8f:3a:e4:cf:c3:
                    69:4d:d8:65:8b:88:e5:ff:82:e6:be:2e:cc:ee:2c:
                    8f:0c:e5:30:b2:a3:17:78:f8:fd:40:b7:70:65:f8:
                    2c:17:f6:c7:e3:8f:bb:7d:39:67:c3:b5:8d:45:77:
                    10:99:08:75:8b:59:d6:b5:fc:a8:05:5e:e5:f0:55:
                    e7:ac:d2:66:57:85:15:f5:c7:eb:7a:85:23:96:70:
                    3c:12:ff:4b:80:bc:03:e5:e2:a2:f7:3a:2f:58:3e:
                    b0:5e:16:8a:fb:33:84:47:ce:93:37:f2:b0:e5:52:
                    b5:16:04:65:43:27:7b:37:c9:46:30:35:b8:92:16:
                    a3:c1:58:d7:a3:1c:aa:eb:c6:43:27:0c:bd:6a:92:
                    6f:f9:d9:ad:a3:00:a0:58:ad:a8:94:36:eb:ba:07:
                    c2:a6:66:f8:1f:db:02:d6:4f:71:3a:b5:fa:00:ff:
                    a7:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:CC:55:4F:C9:18:AA:4A:B8:BB:7C:2D:77:35:F6:B5:91:06:4E:DE
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/WMxVT8kYqkq4u3wtdzX2tZEGTt4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.32.0/22
                  5.180.50.0/23
                  5.180.80.0/24
                  5.180.235.0/24
                  5.253.39.0/24
                  5.253.44.0/23
                  5.253.47.0/24
                  45.8.184.0/24
                  45.8.188.0-45.8.195.255
                  45.8.197.0-45.8.199.255
                  45.8.203.0/24
                  45.8.252.0/23
                  45.8.255.0-45.9.1.255
                  45.9.4.0/24
                  45.9.6.0/23
                  45.66.152.0/24
                  45.66.154.0/23
                  85.208.105.0/24
                  85.208.107.0/24
                  85.208.113.0/24
                  85.208.115.0/24
                  85.209.160.0/24
                  193.168.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:81:b5:03:82:1a:a4:96:05:25:40:8d:86:4a:2b:c8:fc:c3:
         9b:13:ba:aa:b5:65:2d:a2:b2:83:7b:ea:02:b5:31:3b:74:bc:
         22:e4:bf:44:06:d4:2c:13:44:05:93:77:5d:46:ee:7e:04:32:
         ec:8e:90:82:8e:b8:2e:b7:f2:3d:0e:8e:8d:7e:51:3a:03:90:
         05:66:37:b8:bf:f8:b1:99:f5:f9:0a:47:bc:b4:69:d7:f7:1a:
         ee:8e:56:ef:6e:59:b8:7e:2b:19:6f:8a:17:87:ac:4a:0c:d4:
         15:16:f3:b3:2e:37:33:60:9d:89:d7:4d:d4:54:30:02:fd:3a:
         82:9a:ef:96:98:c1:e2:96:ba:37:f0:3e:9b:f5:4e:dc:70:47:
         b9:af:03:16:01:6f:af:e8:39:d1:03:a7:cc:e0:9b:a2:b9:6e:
         c9:67:d0:cc:4f:af:0e:ce:73:53:5d:8b:3e:8a:50:99:0f:01:
         56:f7:e7:bb:89:b3:75:12:56:a8:da:5e:3c:79:d9:93:f4:f3:
         23:27:2b:0c:62:26:ca:a1:05:ff:a0:c6:bd:57:5a:ca:de:65:
         c6:4c:7a:2e:16:08:5d:bb:50:9b:07:3a:97:2b:9c:44:ac:19:
         11:0f:cc:5f:e9:18:49:3b:6b:44:20:0b:7d:05:12:05:a0:bd:
         d2:d6:9d:c3
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYxzR/yRV4ppi2G2FT5rbpBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMjE2MTUzOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGNjNTU0ZmM5MThhYTRhYjhiYjdjMmQ3NzM1ZjZiNTkxMDY0ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3K9nuNP5ObXD9Yt3iOjcQVPPuPmC
TxYfJgnDflVDm4a48welusK6a0u3J9ZxoOLb5t9f+hXeyzdBdnsQGwvRq0DGDO04
0+zI1XCI57Wro7fgkCaYjzrkz8NpTdhli4jl/4Lmvi7M7iyPDOUwsqMXePj9QLdw
ZfgsF/bH44+7fTlnw7WNRXcQmQh1i1nWtfyoBV7l8FXnrNJmV4UV9cfreoUjlnA8
Ev9LgLwD5eKi9zovWD6wXhaK+zOER86TN/Kw5VK1FgRlQyd7N8lGMDW4khajwVjX
oxyq68ZDJwy9apJv+dmtowCgWK2olDbrugfCpmb4H9sC1k9xOrX6AP+nWwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFFjMVU/JGKpKuLt8LXc19rWRBk7eMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvV014VlQ4a1lxa3E0dTN3dGR6WDJ0WkVHVHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAIF
tCADBAEFtDIDBAAFtFADBAAFtOsDBAAF/ScDBAEF/SwDBAAF/S8DBAAtCLgwDAME
Ai0IvAMEAi0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAtCP8DBAEt
CQADBAAtCQQDBAEtCQYDBAAtQpgDBAEtQpoDBABV0GkDBABV0GsDBABV0HEDBABV
0HMDBABV0aADBALBqNAwDQYJKoZIhvcNAQELBQADggEBADqBtQOCGqSWBSVAjYZK
K8j8w5sTuqq1ZS2isoN76gK1MTt0vCLkv0QG1CwTRAWTd11G7n4EMuyOkIKOuC63
8j0Ojo1+UToDkAVmN7i/+LGZ9fkKR7y0adf3Gu6OVu9uWbh+KxlviheHrEoM1BUW
87MuNzNgnYnXTdRUMAL9OoKa75aYweKWujfwPpv1TtxwR7mvAxYBb6/oOdEDp8zg
m6K5bsln0MxPrw7Oc1Ndiz6KUJkPAVb357uJs3USVqjaXjx52ZP08yMnKwxiJsqh
Bf+gxr1XWsreZcZMei4WCF27UJsHOpcrnESsGREPzF/pGEk7a0QgC30FEgWgvdLW
ncM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org