Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/lhWG4nlUvwd2biBbCkTRUtsmvms.roa
File:                     lhWG4nlUvwd2biBbCkTRUtsmvms.roa (raw, json)
Hash identifier:          ddNSFXwKyvWjqcKLROsgmZYPF09Ni3nI1mkUUa1EUfU=
Subject key identifier:   96:15:86:E2:79:54:BF:07:76:6E:20:5B:0A:44:D1:52:DB:26:BE:6B
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0189C62FF41D0C650292F55164908C180C41
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/lhWG4nlUvwd2biBbCkTRUtsmvms.roa
Signing time:             Sat 05 Aug 2023 14:52:58 +0000
ROA not before:           Sat 05 Aug 2023 14:52:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        85.208.105.0/24 maxlen: 24
                          45.66.152.0/24 maxlen: 24
                          45.66.154.0/24 maxlen: 24
                          45.66.155.0/24 maxlen: 24
                          5.180.32.0/22 maxlen: 24
                          5.180.51.0/24 maxlen: 24
                          5.180.48.0/24 maxlen: 24
                          5.180.50.0/24 maxlen: 24
                          85.208.107.0/24 maxlen: 24
                          85.208.113.0/24 maxlen: 24
                          85.208.115.0/24 maxlen: 24
                          45.8.184.0/22 maxlen: 24
                          45.8.192.0/22 maxlen: 24
                          45.8.188.0/22 maxlen: 24
                          45.8.199.0/24 maxlen: 24
                          45.8.198.0/24 maxlen: 24
                          45.8.197.0/24 maxlen: 24
                          45.8.203.0/24 maxlen: 24
                          193.168.208.0/22 maxlen: 24
                          5.180.80.0/24 maxlen: 24
                          5.180.235.0/24 maxlen: 24
                          5.180.234.0/24 maxlen: 24
                          85.209.162.0/24 maxlen: 24
                          85.209.160.0/24 maxlen: 24
                          5.253.44.0/24 maxlen: 24
                          5.253.39.0/24 maxlen: 24
                          45.8.252.0/24 maxlen: 24
                          45.8.253.0/24 maxlen: 24
                          5.253.46.0/24 maxlen: 24
                          5.253.47.0/24 maxlen: 24
                          5.253.45.0/24 maxlen: 24
                          45.9.3.0/24 maxlen: 24
                          45.9.4.0/24 maxlen: 24
                          45.8.255.0/24 maxlen: 24
                          45.9.1.0/24 maxlen: 24
                          45.9.0.0/24 maxlen: 24
                          45.9.6.0/24 maxlen: 24
                          45.9.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 07:40:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:c6:2f:f4:1d:0c:65:02:92:f5:51:64:90:8c:18:0c:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Aug  5 14:52:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=961586e27954bf07766e205b0a44d152db26be6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:45:59:99:ff:14:c6:34:10:2f:ce:27:d4:5a:
                    eb:77:50:89:ca:0a:e4:80:82:2f:2c:5b:6b:01:25:
                    2f:6f:8a:5f:d9:a2:4d:03:c6:9a:0b:33:b8:89:15:
                    14:e8:96:34:ad:20:24:b9:d2:7f:4d:cf:c8:84:2a:
                    33:91:5d:19:3b:0e:a1:56:b8:90:c3:60:a4:48:c3:
                    31:5a:72:69:a7:10:28:ec:a3:97:d8:16:dc:af:e0:
                    d6:9e:90:14:d1:df:49:5b:1b:1a:07:9e:a5:81:42:
                    36:92:5b:4b:c0:2b:0f:8a:a2:76:4e:4e:82:de:54:
                    2d:b9:76:dd:b3:ad:47:d3:93:49:73:d7:d2:ca:1d:
                    e6:db:e6:63:2f:7a:f4:9a:dd:20:ef:6c:dc:5d:fc:
                    a2:02:4a:1b:01:26:c8:0c:60:be:89:5a:15:ea:2f:
                    ca:3f:62:07:65:74:ba:67:16:bc:69:ca:d9:15:7d:
                    3a:71:70:5a:b0:5a:04:12:45:a3:9b:4c:8e:1e:10:
                    5e:92:68:e5:33:12:b7:07:0a:e1:a5:6c:a1:ca:31:
                    b0:aa:3e:d9:86:24:a9:f5:c1:10:2a:61:16:68:23:
                    94:6e:ef:cf:09:c3:e7:ea:09:a7:6e:ad:dc:33:01:
                    a3:99:2d:a8:71:d3:f6:7b:68:a6:3b:6a:ee:c6:40:
                    11:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:15:86:E2:79:54:BF:07:76:6E:20:5B:0A:44:D1:52:DB:26:BE:6B
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/lhWG4nlUvwd2biBbCkTRUtsmvms.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.32.0/22
                  5.180.48.0/24
                  5.180.50.0/23
                  5.180.80.0/24
                  5.180.234.0/23
                  5.253.39.0/24
                  5.253.44.0/22
                  45.8.184.0-45.8.195.255
                  45.8.197.0-45.8.199.255
                  45.8.203.0/24
                  45.8.252.0/23
                  45.8.255.0-45.9.1.255
                  45.9.3.0-45.9.4.255
                  45.9.6.0/23
                  45.66.152.0/24
                  45.66.154.0/23
                  85.208.105.0/24
                  85.208.107.0/24
                  85.208.113.0/24
                  85.208.115.0/24
                  85.209.160.0/24
                  85.209.162.0/24
                  193.168.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c4:48:cc:d1:2a:19:03:01:f1:e2:c1:b7:df:6b:fe:ac:cf:ef:
         c9:62:4d:bb:94:8e:90:7b:d3:20:2c:a7:a5:b2:d0:db:17:95:
         02:b7:23:cd:fa:06:a2:65:eb:6f:29:66:7c:fb:5d:72:79:cf:
         10:b9:09:97:f2:ae:9c:96:5d:0c:0c:24:fc:95:03:02:34:81:
         a1:81:42:dc:a9:cd:99:ee:5f:e7:ec:e9:64:70:c1:35:39:0b:
         1d:14:48:27:0d:36:d0:10:d4:85:9d:e4:06:8d:b8:ac:e8:d1:
         cb:ac:0b:4f:82:fe:ae:cb:5f:65:36:e7:c3:45:e9:4d:53:65:
         8d:c0:ae:c0:43:00:41:9a:79:a7:22:b1:2e:68:e4:cd:6e:98:
         55:db:82:0b:8a:a8:2b:1f:20:7d:fd:72:62:1b:fd:54:c1:9c:
         cd:f7:b0:1a:df:3f:cb:91:f4:b5:78:6c:fe:6c:af:c5:8e:32:
         b7:f1:7e:c8:0a:9e:dd:1f:f3:c6:c0:bd:b7:57:b3:f1:10:b9:
         e4:a6:d2:3f:e1:96:63:2b:a5:89:07:14:4c:70:c5:16:e7:98:
         2c:22:dc:24:d7:fa:d5:dc:74:81:dc:ad:cd:4c:2c:89:4a:79:
         69:ae:1f:03:9d:c1:bb:4b:d3:29:53:75:47:6a:ba:6e:6d:e8:
         1b:60:4b:95
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYnGL/QdDGUCkvVRZJCMGAxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwODA1MTQ1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjE1ODZlMjc5NTRiZjA3NzY2ZTIwNWIwYTQ0ZDE1MmRiMjZiZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkVZmf8UxjQQL84n1Frrd1CJygrk
gIIvLFtrASUvb4pf2aJNA8aaCzO4iRUU6JY0rSAkudJ/Tc/IhCozkV0ZOw6hVriQ
w2CkSMMxWnJppxAo7KOX2Bbcr+DWnpAU0d9JWxsaB56lgUI2kltLwCsPiqJ2Tk6C
3lQtuXbds61H05NJc9fSyh3m2+ZjL3r0mt0g72zcXfyiAkobASbIDGC+iVoV6i/K
P2IHZXS6Zxa8acrZFX06cXBasFoEEkWjm0yOHhBekmjlMxK3BwrhpWyhyjGwqj7Z
hiSp9cEQKmEWaCOUbu/PCcPn6gmnbq3cMwGjmS2ocdP2e2imO2ruxkARAQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFJYVhuJ5VL8Hdm4gWwpE0VLbJr5rMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbGhXRzRubFV2d2QyYmlCYkNrVFJVdHNtdm1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAIF
tCADBAAFtDADBAEFtDIDBAAFtFADBAEFtOoDBAAF/ScDBAIF/SwwDAMEAy0IuAME
Ai0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAtCP8DBAEtCQAwDAME
AC0JAwMEAC0JBAMEAS0JBgMEAC1CmAMEAS1CmgMEAFXQaQMEAFXQawMEAFXQcQME
AFXQcwMEAFXRoAMEAFXRogMEAsGo0DANBgkqhkiG9w0BAQsFAAOCAQEAxEjM0SoZ
AwHx4sG332v+rM/vyWJNu5SOkHvTICynpbLQ2xeVArcjzfoGomXrbylmfPtdcnnP
ELkJl/KunJZdDAwk/JUDAjSBoYFC3KnNme5f5+zpZHDBNTkLHRRIJw020BDUhZ3k
Bo24rOjRy6wLT4L+rstfZTbnw0XpTVNljcCuwEMAQZp5pyKxLmjkzW6YVduCC4qo
Kx8gff1yYhv9VMGczfewGt8/y5H0tXhs/myvxY4yt/F+yAqe3R/zxsC9t1ez8RC5
5KbSP+GWYyuliQcUTHDFFueYLCLcJNf61dx0gdytzUwsiUp5aa4fA53Bu0vTKVN1
R2q6bm3oG2BLlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org