Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mS3thirp4HdJycK1vE0ReIn0a7s.roa
File:                     mS3thirp4HdJycK1vE0ReIn0a7s.roa (raw, json)
Hash identifier:          WNRWCsEWYOZ+Kzf5CRtE9wlkP75vGM4UT5mwEoCEtG8=
Subject key identifier:   99:2D:ED:86:2A:E9:E0:77:49:C9:C2:B5:BC:4D:11:78:89:F4:6B:BB
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       018C777812527C45DD8A7478CEFB9C504479
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mS3thirp4HdJycK1vE0ReIn0a7s.roa
Signing time:             Sun 17 Dec 2023 11:10:06 +0000
ROA not before:           Sun 17 Dec 2023 11:10:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        85.208.105.0/24 maxlen: 24
                          45.66.152.0/24 maxlen: 24
                          45.66.154.0/24 maxlen: 24
                          45.66.155.0/24 maxlen: 24
                          5.180.32.0/22 maxlen: 24
                          5.180.51.0/24 maxlen: 24
                          5.180.50.0/24 maxlen: 24
                          85.208.107.0/24 maxlen: 24
                          85.208.113.0/24 maxlen: 24
                          85.208.115.0/24 maxlen: 24
                          45.8.192.0/22 maxlen: 24
                          45.8.188.0/22 maxlen: 24
                          45.8.199.0/24 maxlen: 24
                          45.8.198.0/24 maxlen: 24
                          45.8.197.0/24 maxlen: 24
                          45.8.203.0/24 maxlen: 24
                          193.168.208.0/22 maxlen: 24
                          5.180.80.0/24 maxlen: 24
                          5.180.235.0/24 maxlen: 24
                          85.209.160.0/24 maxlen: 24
                          5.253.44.0/24 maxlen: 24
                          5.253.39.0/24 maxlen: 24
                          45.8.252.0/24 maxlen: 24
                          45.8.253.0/24 maxlen: 24
                          5.253.47.0/24 maxlen: 24
                          5.253.45.0/24 maxlen: 24
                          45.9.4.0/24 maxlen: 24
                          45.8.255.0/24 maxlen: 24
                          45.9.1.0/24 maxlen: 24
                          45.9.0.0/24 maxlen: 24
                          45.9.6.0/24 maxlen: 24
                          45.9.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:77:78:12:52:7c:45:dd:8a:74:78:ce:fb:9c:50:44:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Dec 17 11:10:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=992ded862ae9e07749c9c2b5bc4d117889f46bbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:51:2d:fe:81:75:4e:6b:30:6b:4a:ab:9a:d0:
                    08:7d:70:6c:d5:2d:1d:42:d8:13:a9:13:c0:e9:43:
                    ae:a3:29:16:31:ee:9c:c1:71:52:b3:f8:8e:e3:6f:
                    07:f9:08:89:b8:24:3e:e4:0c:77:63:66:a3:4e:92:
                    2d:32:a6:9d:6b:d9:15:91:d7:8f:4a:68:1b:e8:ae:
                    d8:16:55:64:5a:7b:29:81:af:ab:54:7d:74:1b:f4:
                    11:a7:f3:56:82:a9:cd:c6:b9:bb:74:90:0c:9e:fa:
                    37:33:ed:80:78:c6:5b:83:3f:46:fd:db:4d:16:7a:
                    a8:5d:14:6f:c6:fc:f1:fb:7f:ae:44:b5:08:44:0b:
                    6f:89:ea:50:d9:bf:76:c3:b7:ef:f5:f0:af:f3:ea:
                    f4:cc:e8:04:30:11:a5:ee:01:d4:42:62:6d:b1:fe:
                    33:8c:55:8d:1b:c9:d6:20:a0:26:f6:95:c3:ac:c0:
                    bd:9c:1b:21:5f:1f:d8:7d:3a:20:e9:65:96:27:09:
                    8e:d3:f1:71:2f:68:b5:01:93:28:bc:0c:8a:5a:a8:
                    cd:ae:70:b6:a5:b0:87:c8:ea:d6:68:be:4b:b8:b0:
                    6e:3e:52:ef:65:84:eb:23:88:b9:13:af:a1:2e:62:
                    bd:2f:eb:44:42:2b:6b:d9:4e:96:1d:62:bd:8f:68:
                    19:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:2D:ED:86:2A:E9:E0:77:49:C9:C2:B5:BC:4D:11:78:89:F4:6B:BB
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mS3thirp4HdJycK1vE0ReIn0a7s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.32.0/22
                  5.180.50.0/23
                  5.180.80.0/24
                  5.180.235.0/24
                  5.253.39.0/24
                  5.253.44.0/23
                  5.253.47.0/24
                  45.8.188.0-45.8.195.255
                  45.8.197.0-45.8.199.255
                  45.8.203.0/24
                  45.8.252.0/23
                  45.8.255.0-45.9.1.255
                  45.9.4.0/24
                  45.9.6.0/23
                  45.66.152.0/24
                  45.66.154.0/23
                  85.208.105.0/24
                  85.208.107.0/24
                  85.208.113.0/24
                  85.208.115.0/24
                  85.209.160.0/24
                  193.168.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0f:38:47:71:6f:42:11:16:cc:fa:31:ea:ec:6f:0f:2d:7a:97:
         04:b7:1a:30:f3:1b:79:23:e5:4a:61:75:66:f2:05:dc:f9:f6:
         2f:47:00:11:7e:60:bd:7b:ec:52:23:ad:e0:af:48:43:7f:05:
         bd:53:69:b9:9c:22:f1:eb:b8:fb:6a:f9:2d:10:2d:ed:3f:3d:
         41:bb:f0:c4:bd:6b:eb:e4:1c:c5:8b:bc:a3:6a:fb:b7:32:a3:
         85:f6:28:20:a6:80:d0:77:87:c0:5d:9f:b0:a2:89:23:94:f9:
         54:44:5e:68:5d:48:3c:77:15:cb:19:a9:34:a1:d9:a5:80:50:
         ba:b4:65:31:3e:ca:e4:60:01:c5:d1:f7:19:1d:23:87:87:dc:
         b0:ff:d0:87:55:de:0d:d0:40:e0:bf:d7:f2:c9:58:85:12:0c:
         49:ee:4b:f3:d2:d3:9d:cd:5c:26:94:b4:ba:b7:87:99:db:e6:
         7e:04:2e:71:66:9c:b5:ff:87:f9:5c:63:69:00:51:f4:f1:0d:
         d0:8b:c4:ad:e3:07:24:c5:75:ab:73:7a:d4:1a:76:2e:c9:d7:
         2a:de:f9:46:d6:f3:52:0d:64:3d:30:11:58:7a:2e:a3:6d:90:
         8e:8c:45:41:e7:7f:e4:04:aa:1c:07:05:6a:7e:87:f3:0d:53:
         34:5a:5a:8f
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYx3eBJSfEXdinR4zvucUER5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMjE3MTExMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJkZWQ4NjJhZTllMDc3NDljOWMyYjViYzRkMTE3ODg5ZjQ2YmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFEt/oF1Tmswa0qrmtAIfXBs1S0d
QtgTqRPA6UOuoykWMe6cwXFSs/iO428H+QiJuCQ+5Ax3Y2ajTpItMqada9kVkdeP
Smgb6K7YFlVkWnspga+rVH10G/QRp/NWgqnNxrm7dJAMnvo3M+2AeMZbgz9G/dtN
FnqoXRRvxvzx+3+uRLUIRAtviepQ2b92w7fv9fCv8+r0zOgEMBGl7gHUQmJtsf4z
jFWNG8nWIKAm9pXDrMC9nBshXx/YfTog6WWWJwmO0/FxL2i1AZMovAyKWqjNrnC2
pbCHyOrWaL5LuLBuPlLvZYTrI4i5E6+hLmK9L+tEQitr2U6WHWK9j2gZSQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFJkt7YYq6eB3ScnCtbxNEXiJ9Gu7MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbVMzdGhpcnA0SGRKeWNLMXZFMFJlSW4wYTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAIF
tCADBAEFtDIDBAAFtFADBAAFtOsDBAAF/ScDBAEF/SwDBAAF/S8wDAMEAi0IvAME
Ai0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAtCP8DBAEtCQADBAAt
CQQDBAEtCQYDBAAtQpgDBAEtQpoDBABV0GkDBABV0GsDBABV0HEDBABV0HMDBABV
0aADBALBqNAwDQYJKoZIhvcNAQELBQADggEBAA84R3FvQhEWzPox6uxvDy16lwS3
GjDzG3kj5UphdWbyBdz59i9HABF+YL177FIjreCvSEN/Bb1TabmcIvHruPtq+S0Q
Le0/PUG78MS9a+vkHMWLvKNq+7cyo4X2KCCmgNB3h8Bdn7CiiSOU+VREXmhdSDx3
FcsZqTSh2aWAULq0ZTE+yuRgAcXR9xkdI4eH3LD/0IdV3g3QQOC/1/LJWIUSDEnu
S/PS053NXCaUtLq3h5nb5n4ELnFmnLX/h/lcY2kAUfTxDdCLxK3jByTFdatzetQa
di7J1yre+UbW81INZD0wEVh6LqNtkI6MRUHnf+QEqhwHBWp+h/MNUzRaWo8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org