Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mefa6L0aKm4FAeGTaKXPkepWe7s.roa
File:                     mefa6L0aKm4FAeGTaKXPkepWe7s.roa (raw, json)
Hash identifier:          btfHRxMIfPMj2GEsBuYAcDwtG5e+1rJR+Mu1CS/EKVs=
Subject key identifier:   99:E7:DA:E8:BD:1A:2A:6E:05:01:E1:93:68:A5:CF:91:EA:56:7B:BB
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0189CEF07B81E2188540A13F4BDA1C1AE141
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mefa6L0aKm4FAeGTaKXPkepWe7s.roa
Signing time:             Mon 07 Aug 2023 07:40:14 +0000
ROA not before:           Mon 07 Aug 2023 07:40:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        85.208.105.0/24 maxlen: 24
                          45.66.152.0/24 maxlen: 24
                          45.66.154.0/24 maxlen: 24
                          45.66.155.0/24 maxlen: 24
                          5.180.32.0/22 maxlen: 24
                          5.180.51.0/24 maxlen: 24
                          5.180.48.0/24 maxlen: 24
                          5.180.50.0/24 maxlen: 24
                          85.208.107.0/24 maxlen: 24
                          85.208.113.0/24 maxlen: 24
                          85.208.115.0/24 maxlen: 24
                          45.8.184.0/22 maxlen: 24
                          45.8.192.0/22 maxlen: 24
                          45.8.188.0/22 maxlen: 24
                          45.8.199.0/24 maxlen: 24
                          45.8.198.0/24 maxlen: 24
                          45.8.197.0/24 maxlen: 24
                          45.8.203.0/24 maxlen: 24
                          193.168.208.0/22 maxlen: 24
                          5.180.80.0/24 maxlen: 24
                          5.180.235.0/24 maxlen: 24
                          5.180.234.0/24 maxlen: 24
                          85.209.162.0/24 maxlen: 24
                          85.209.160.0/24 maxlen: 24
                          5.253.44.0/24 maxlen: 24
                          5.253.39.0/24 maxlen: 24
                          45.8.252.0/24 maxlen: 24
                          45.8.253.0/24 maxlen: 24
                          5.253.47.0/24 maxlen: 24
                          5.253.45.0/24 maxlen: 24
                          45.9.3.0/24 maxlen: 24
                          45.9.4.0/24 maxlen: 24
                          45.8.255.0/24 maxlen: 24
                          45.9.1.0/24 maxlen: 24
                          45.9.0.0/24 maxlen: 24
                          45.9.6.0/24 maxlen: 24
                          45.9.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 11 Aug 2023 07:57:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ce:f0:7b:81:e2:18:85:40:a1:3f:4b:da:1c:1a:e1:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Aug  7 07:40:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=99e7dae8bd1a2a6e0501e19368a5cf91ea567bbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:b8:67:41:4c:66:19:39:5b:d1:b6:e7:ba:ad:
                    22:9e:b4:72:7e:37:85:c0:26:43:14:b8:03:5e:b2:
                    4c:d4:59:61:8f:4b:f3:86:41:af:6c:47:42:61:e0:
                    4b:14:22:ab:a1:5d:42:1e:c6:c6:9f:92:22:59:15:
                    7b:a7:50:14:88:58:39:a7:3d:93:2d:1b:51:f3:dd:
                    bf:92:71:e6:6d:f3:02:c8:fe:63:73:96:80:08:9c:
                    22:00:09:96:b6:29:a1:8c:46:ef:a5:29:2c:33:d4:
                    6f:da:9e:d2:d0:52:f0:d0:84:a1:46:d9:66:e6:90:
                    fa:7c:96:76:0a:1e:3e:c2:92:9a:a7:a3:4a:79:e1:
                    d5:0b:37:61:ff:98:77:74:68:d3:5b:ce:51:89:db:
                    b2:37:a8:a0:33:b4:ae:e6:50:5a:c0:71:9e:6e:b7:
                    67:51:a0:d5:a7:38:18:3f:79:df:fc:9d:03:65:47:
                    07:51:f5:10:07:a3:14:e3:13:f6:39:45:b6:9c:2b:
                    5f:aa:db:a0:22:c1:3c:dc:f4:18:78:d4:07:7f:b2:
                    d5:e7:50:3d:3a:37:82:bd:c7:9f:9b:0f:9f:e7:8d:
                    34:1b:aa:2c:2d:1f:bb:60:ba:df:63:25:8c:ba:8a:
                    d9:d3:9e:73:bb:92:6b:71:13:60:ae:3a:29:c9:34:
                    21:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:E7:DA:E8:BD:1A:2A:6E:05:01:E1:93:68:A5:CF:91:EA:56:7B:BB
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mefa6L0aKm4FAeGTaKXPkepWe7s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.32.0/22
                  5.180.48.0/24
                  5.180.50.0/23
                  5.180.80.0/24
                  5.180.234.0/23
                  5.253.39.0/24
                  5.253.44.0/23
                  5.253.47.0/24
                  45.8.184.0-45.8.195.255
                  45.8.197.0-45.8.199.255
                  45.8.203.0/24
                  45.8.252.0/23
                  45.8.255.0-45.9.1.255
                  45.9.3.0-45.9.4.255
                  45.9.6.0/23
                  45.66.152.0/24
                  45.66.154.0/23
                  85.208.105.0/24
                  85.208.107.0/24
                  85.208.113.0/24
                  85.208.115.0/24
                  85.209.160.0/24
                  85.209.162.0/24
                  193.168.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         be:4d:e1:e5:c3:90:4b:4d:d7:97:39:6b:8b:3d:c4:a9:44:e9:
         34:c6:70:c2:80:4d:20:fe:f1:77:d2:fb:1b:e3:c1:fe:69:59:
         de:9c:1c:7b:7e:08:b1:59:b9:30:f8:2f:4b:8c:a2:61:1f:ae:
         41:76:60:40:69:ab:6e:f8:bf:0a:68:e7:0b:a9:a3:f4:77:d4:
         a3:86:ca:49:77:c1:f8:4e:a6:5f:90:be:18:29:f3:69:fe:a1:
         0d:72:ba:32:df:e2:11:dd:de:75:a4:23:3b:19:ee:b7:e0:ee:
         ba:2f:98:8a:10:2c:a1:f9:1f:12:75:46:9d:69:40:34:fc:6b:
         16:28:bc:9c:37:17:ad:05:68:0c:92:f9:6f:6c:68:79:57:64:
         d8:51:a4:d5:33:19:c6:3e:73:9f:62:2d:82:f1:34:60:17:d4:
         24:92:56:be:49:e4:6f:50:21:43:c4:c6:3d:2e:eb:67:ca:0e:
         97:02:fd:d0:d7:7b:01:2f:4e:ca:24:58:fd:16:d7:06:74:83:
         17:82:18:9f:27:8a:94:de:12:16:3b:59:1b:cf:13:e4:11:44:
         55:35:f7:cc:dc:e8:09:16:73:ff:bd:44:35:d1:d7:46:2d:09:
         16:4b:5d:ee:28:d3:91:95:dc:6a:a0:39:3f:2f:88:db:7f:da:
         bd:06:5a:97
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYnO8HuB4hiFQKE/S9ocGuFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwODA3MDc0MDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWU3ZGFlOGJkMWEyYTZlMDUwMWUxOTM2OGE1Y2Y5MWVhNTY3YmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrhnQUxmGTlb0bbnuq0inrRyfjeF
wCZDFLgDXrJM1Flhj0vzhkGvbEdCYeBLFCKroV1CHsbGn5IiWRV7p1AUiFg5pz2T
LRtR892/knHmbfMCyP5jc5aACJwiAAmWtimhjEbvpSksM9Rv2p7S0FLw0IShRtlm
5pD6fJZ2Ch4+wpKap6NKeeHVCzdh/5h3dGjTW85RiduyN6igM7Su5lBawHGebrdn
UaDVpzgYP3nf/J0DZUcHUfUQB6MU4xP2OUW2nCtfqtugIsE83PQYeNQHf7LV51A9
OjeCvcefmw+f5400G6osLR+7YLrfYyWMuorZ055zu5JrcRNgrjopyTQhNwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFJnn2ui9GipuBQHhk2ilz5HqVnu7MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbWVmYTZMMGFLbTRGQWVHVGFLWFBrZXBXZTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAIF
tCADBAAFtDADBAEFtDIDBAAFtFADBAEFtOoDBAAF/ScDBAEF/SwDBAAF/S8wDAME
Ay0IuAMEAi0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAtCP8DBAEt
CQAwDAMEAC0JAwMEAC0JBAMEAS0JBgMEAC1CmAMEAS1CmgMEAFXQaQMEAFXQawME
AFXQcQMEAFXQcwMEAFXRoAMEAFXRogMEAsGo0DANBgkqhkiG9w0BAQsFAAOCAQEA
vk3h5cOQS03Xlzlriz3EqUTpNMZwwoBNIP7xd9L7G+PB/mlZ3pwce34IsVm5MPgv
S4yiYR+uQXZgQGmrbvi/CmjnC6mj9HfUo4bKSXfB+E6mX5C+GCnzaf6hDXK6Mt/i
Ed3edaQjOxnut+Duui+YihAsofkfEnVGnWlANPxrFii8nDcXrQVoDJL5b2xoeVdk
2FGk1TMZxj5zn2ItgvE0YBfUJJJWvknkb1AhQ8TGPS7rZ8oOlwL90Nd7AS9OyiRY
/RbXBnSDF4IYnyeKlN4SFjtZG88T5BFEVTX3zNzoCRZz/71ENdHXRi0JFktd7ijT
kZXcaqA5Py+I23/avQZalw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org