Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ny-GDM2Nk-2L6nEGTijJ47tdDco.roa
File:                     ny-GDM2Nk-2L6nEGTijJ47tdDco.roa (raw, json)
Hash identifier:          o+OJLrnK+eqNVQLL2e2ZAaLydzTzBfabYlURCLUv+sk=
Subject key identifier:   9F:2F:86:0C:CD:8D:93:ED:8B:EA:71:06:4E:28:C9:E3:BB:5D:0D:CA
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0189E39A28B48ED9DB35995C6D39D624D225
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ny-GDM2Nk-2L6nEGTijJ47tdDco.roa
Signing time:             Fri 11 Aug 2023 07:57:58 +0000
ROA not before:           Fri 11 Aug 2023 07:57:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        85.208.105.0/24 maxlen: 24
                          45.66.152.0/24 maxlen: 24
                          45.66.154.0/24 maxlen: 24
                          45.66.155.0/24 maxlen: 24
                          5.180.32.0/22 maxlen: 24
                          5.180.51.0/24 maxlen: 24
                          5.180.48.0/24 maxlen: 24
                          5.180.50.0/24 maxlen: 24
                          85.208.107.0/24 maxlen: 24
                          85.208.113.0/24 maxlen: 24
                          85.208.115.0/24 maxlen: 24
                          45.8.184.0/22 maxlen: 24
                          45.8.192.0/22 maxlen: 24
                          45.8.188.0/22 maxlen: 24
                          45.8.199.0/24 maxlen: 24
                          45.8.198.0/24 maxlen: 24
                          45.8.197.0/24 maxlen: 24
                          45.8.203.0/24 maxlen: 24
                          193.168.208.0/22 maxlen: 24
                          5.180.80.0/24 maxlen: 24
                          5.180.235.0/24 maxlen: 24
                          5.180.234.0/24 maxlen: 24
                          85.209.160.0/24 maxlen: 24
                          5.253.44.0/24 maxlen: 24
                          5.253.39.0/24 maxlen: 24
                          45.8.252.0/24 maxlen: 24
                          45.8.253.0/24 maxlen: 24
                          5.253.47.0/24 maxlen: 24
                          5.253.45.0/24 maxlen: 24
                          45.9.3.0/24 maxlen: 24
                          45.9.4.0/24 maxlen: 24
                          45.8.255.0/24 maxlen: 24
                          45.9.1.0/24 maxlen: 24
                          45.9.0.0/24 maxlen: 24
                          45.9.6.0/24 maxlen: 24
                          45.9.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Sep 2023 08:44:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e3:9a:28:b4:8e:d9:db:35:99:5c:6d:39:d6:24:d2:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Aug 11 07:57:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f2f860ccd8d93ed8bea71064e28c9e3bb5d0dca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:97:3a:07:93:25:7d:3a:d9:de:be:44:58:c5:
                    d0:65:96:2d:2c:50:95:45:7c:72:20:13:87:04:1d:
                    76:87:ab:1a:ad:61:d7:ce:0e:cb:82:07:66:5c:4e:
                    a6:fe:5f:aa:5f:a8:81:73:f3:b0:1f:fe:bd:d7:97:
                    ad:56:52:28:60:6d:be:95:5f:03:7c:78:f8:78:38:
                    f9:32:7f:bc:f3:7a:d9:4a:e1:9c:a2:0d:80:ad:fc:
                    e8:56:e0:58:86:74:57:2b:ca:a4:39:2f:37:76:75:
                    a8:ad:ef:73:51:8b:9b:e3:29:6b:2b:09:fa:71:f1:
                    c8:4b:0e:03:e5:10:e1:ae:3d:d1:68:d5:b0:d9:4c:
                    3b:ab:20:e6:e8:79:b8:f8:5e:56:50:0e:ab:c9:a4:
                    e1:af:e7:6b:f0:50:4c:ab:d2:77:e1:30:69:d4:3f:
                    52:f9:ec:8e:c2:59:85:7c:09:e7:ca:86:3e:d3:ee:
                    17:b1:d9:82:7c:c5:88:91:25:72:70:66:94:b5:46:
                    13:52:29:24:f2:e0:da:8a:13:d3:1c:92:12:0b:d2:
                    6a:d0:e3:79:1b:fb:42:c2:c0:48:20:bf:fa:4c:38:
                    75:9e:1d:13:90:a2:5a:fa:58:81:f6:89:ee:5c:6a:
                    e4:eb:94:ae:c1:da:f8:e2:58:5b:e5:3f:b9:36:41:
                    7e:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:2F:86:0C:CD:8D:93:ED:8B:EA:71:06:4E:28:C9:E3:BB:5D:0D:CA
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ny-GDM2Nk-2L6nEGTijJ47tdDco.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.32.0/22
                  5.180.48.0/24
                  5.180.50.0/23
                  5.180.80.0/24
                  5.180.234.0/23
                  5.253.39.0/24
                  5.253.44.0/23
                  5.253.47.0/24
                  45.8.184.0-45.8.195.255
                  45.8.197.0-45.8.199.255
                  45.8.203.0/24
                  45.8.252.0/23
                  45.8.255.0-45.9.1.255
                  45.9.3.0-45.9.4.255
                  45.9.6.0/23
                  45.66.152.0/24
                  45.66.154.0/23
                  85.208.105.0/24
                  85.208.107.0/24
                  85.208.113.0/24
                  85.208.115.0/24
                  85.209.160.0/24
                  193.168.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:10:bc:98:b9:63:f0:c9:e8:24:04:22:f4:5b:c4:8e:f7:41:
         d3:0b:3e:49:96:64:21:de:cd:51:89:d8:d4:12:71:4c:f4:b9:
         94:e9:0f:bc:46:36:01:49:11:0a:20:e0:e6:67:b2:27:88:4d:
         b3:5d:36:87:75:36:c8:b4:9e:43:4d:00:c3:58:6a:7d:17:f1:
         ae:fe:7e:79:3e:da:9a:a2:ae:17:6c:c0:1d:8a:50:83:7d:d4:
         32:c5:f1:37:a3:5c:e6:4e:c2:cb:a9:b1:79:8a:1c:fb:fc:af:
         99:0a:ca:5c:8f:48:dc:39:5a:15:aa:95:5a:61:56:0d:fd:f7:
         bf:01:a0:04:9b:51:b1:92:4f:85:d7:2e:a2:f6:14:bd:07:04:
         4c:e4:86:ff:89:7d:91:42:48:24:f5:cd:95:93:18:d9:8b:cb:
         b0:a1:f7:bc:d2:99:dc:6a:a5:2b:88:6c:b9:36:79:7b:5b:0b:
         b2:52:51:5b:67:04:10:51:3e:dc:9f:c9:dc:77:5a:e8:cc:02:
         7c:8a:71:ec:ab:9f:b3:a1:77:d8:ee:e1:ce:e5:7e:a2:7a:1f:
         de:66:a9:89:9d:aa:ff:40:8b:a0:ef:18:6a:08:c4:7f:b1:dc:
         65:29:fc:cc:0b:1d:3e:92:ea:af:58:93:e0:1b:12:0a:b8:00:
         10:fd:b8:8b
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYnjmii0jtnbNZlcbTnWJNIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwODExMDc1NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjJmODYwY2NkOGQ5M2VkOGJlYTcxMDY0ZTI4YzllM2JiNWQwZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipc6B5MlfTrZ3r5EWMXQZZYtLFCV
RXxyIBOHBB12h6sarWHXzg7LggdmXE6m/l+qX6iBc/OwH/6915etVlIoYG2+lV8D
fHj4eDj5Mn+883rZSuGcog2ArfzoVuBYhnRXK8qkOS83dnWore9zUYub4ylrKwn6
cfHISw4D5RDhrj3RaNWw2Uw7qyDm6Hm4+F5WUA6ryaThr+dr8FBMq9J34TBp1D9S
+eyOwlmFfAnnyoY+0+4XsdmCfMWIkSVycGaUtUYTUikk8uDaihPTHJISC9Jq0ON5
G/tCwsBIIL/6TDh1nh0TkKJa+liB9onuXGrk65Suwdr44lhb5T+5NkF+CwIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFJ8vhgzNjZPti+pxBk4oyeO7XQ3KMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbnktR0RNMk5rLTJMNm5FR1Rpako0N3RkRGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAIF
tCADBAAFtDADBAEFtDIDBAAFtFADBAEFtOoDBAAF/ScDBAEF/SwDBAAF/S8wDAME
Ay0IuAMEAi0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAtCP8DBAEt
CQAwDAMEAC0JAwMEAC0JBAMEAS0JBgMEAC1CmAMEAS1CmgMEAFXQaQMEAFXQawME
AFXQcQMEAFXQcwMEAFXRoAMEAsGo0DANBgkqhkiG9w0BAQsFAAOCAQEAYxC8mLlj
8MnoJAQi9FvEjvdB0ws+SZZkId7NUYnY1BJxTPS5lOkPvEY2AUkRCiDg5meyJ4hN
s102h3U2yLSeQ00Aw1hqfRfxrv5+eT7amqKuF2zAHYpQg33UMsXxN6Nc5k7Cy6mx
eYoc+/yvmQrKXI9I3DlaFaqVWmFWDf33vwGgBJtRsZJPhdcuovYUvQcETOSG/4l9
kUJIJPXNlZMY2YvLsKH3vNKZ3GqlK4hsuTZ5e1sLslJRW2cEEFE+3J/J3Hda6MwC
fIpx7Kufs6F32O7hzuV+onof3mapiZ2q/0CLoO8YagjEf7HcZSn8zAsdPpLqr1iT
4BsSCrgAEP24iw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org