Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/1U9WVuZ1NZnKj9PlJUt1U8hIkU4.roa
File:                     1U9WVuZ1NZnKj9PlJUt1U8hIkU4.roa (raw, json)
Hash identifier:          Z/iaxiyAiXbHcbXFB4oPEgRU3yzCgIkiMr/C8oFEl3Y=
Subject key identifier:   D5:4F:56:56:E6:75:35:99:CA:8F:D3:E5:25:4B:75:53:C8:48:91:4E
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       018E5149F4C1FF642C9179D0E6F17930CC08
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/1U9WVuZ1NZnKj9PlJUt1U8hIkU4.roa
Signing time:             Mon 18 Mar 2024 11:19:45 +0000
ROA not before:           Mon 18 Mar 2024 11:19:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21341
IP address blocks:        62.220.96.0/21 maxlen: 24
                          62.220.104.0/21 maxlen: 24
                          62.220.120.0/22 maxlen: 22
                          62.220.124.0/23 maxlen: 23
                          81.12.8.0/22 maxlen: 22
                          81.12.12.0/22 maxlen: 22
                          81.12.16.0/21 maxlen: 21
                          81.12.48.0/22 maxlen: 24
                          81.12.58.0/24 maxlen: 24
                          81.12.59.0/24 maxlen: 24
                          87.107.0.0/21 maxlen: 24
                          87.107.24.0/22 maxlen: 22
                          87.107.34.0/23 maxlen: 23
                          87.107.40.0/24 maxlen: 24
                          87.107.41.0/24 maxlen: 24
                          87.107.42.0/23 maxlen: 23
                          87.107.50.0/23 maxlen: 24
                          87.107.51.0/24 maxlen: 24
                          87.107.52.0/23 maxlen: 23
                          87.107.68.0/22 maxlen: 24
                          87.107.88.0/22 maxlen: 22
                          87.107.96.0/22 maxlen: 24
                          87.107.106.0/23 maxlen: 24
                          87.107.108.0/22 maxlen: 24
                          87.107.112.0/22 maxlen: 24
                          87.107.116.0/23 maxlen: 23
                          87.107.120.0/21 maxlen: 24
                          87.107.128.0/22 maxlen: 22
                          87.107.132.0/22 maxlen: 22
                          87.107.168.0/22 maxlen: 24
                          87.107.173.0/24 maxlen: 24
                          185.60.136.0/24 maxlen: 24
                          185.60.137.0/24 maxlen: 24
                          185.60.138.0/24 maxlen: 24
                          185.60.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Mar 2024 15:23:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:51:49:f4:c1:ff:64:2c:91:79:d0:e6:f1:79:30:cc:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Mar 18 11:19:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d54f5656e6753599ca8fd3e5254b7553c848914e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:0b:03:65:c8:f4:c1:7e:75:c9:63:86:be:a8:
                    27:80:ae:d1:e2:84:ba:dd:1c:f4:29:c0:c3:3e:b4:
                    16:5a:ec:5f:a9:fa:ff:0c:a4:26:5b:90:42:77:c5:
                    ca:50:3b:ba:9f:7a:95:31:44:72:16:ce:52:00:fe:
                    23:7d:9d:01:51:17:97:97:ff:6b:7f:3e:85:ae:d9:
                    cd:d3:3a:7d:c0:de:7d:ad:74:58:f2:11:9e:e4:92:
                    80:64:3e:1e:9d:9f:cf:38:76:ff:db:3c:d3:06:77:
                    dd:d3:19:22:ba:73:04:c2:1c:32:45:33:ed:e7:0c:
                    da:c6:df:dd:05:cc:b7:42:f5:4b:76:6b:48:0c:bb:
                    76:44:99:af:bf:1e:5f:f0:14:bc:27:85:ea:30:9b:
                    ef:59:71:50:5a:02:32:67:0b:15:5b:c2:c3:19:cb:
                    93:e3:ed:7b:fa:fe:b2:37:92:31:aa:c7:08:be:c4:
                    1b:6d:a7:dd:5e:98:64:56:8b:fc:b6:bf:ad:c1:f6:
                    9f:f6:47:2c:18:fe:04:58:52:b5:84:dc:82:3d:ba:
                    57:f9:78:42:22:95:12:92:38:9f:38:1c:42:7a:40:
                    d5:ed:eb:fd:58:f7:e9:05:c6:19:8d:2d:fc:5c:1f:
                    38:7b:42:41:b5:b2:9c:81:8b:04:99:49:ea:20:b8:
                    8b:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:4F:56:56:E6:75:35:99:CA:8F:D3:E5:25:4B:75:53:C8:48:91:4E
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/1U9WVuZ1NZnKj9PlJUt1U8hIkU4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.220.96.0/20
                  62.220.120.0-62.220.125.255
                  81.12.8.0-81.12.23.255
                  81.12.48.0/22
                  81.12.58.0/23
                  87.107.0.0/21
                  87.107.24.0/22
                  87.107.34.0/23
                  87.107.40.0/22
                  87.107.50.0-87.107.53.255
                  87.107.68.0/22
                  87.107.88.0/22
                  87.107.96.0/22
                  87.107.106.0-87.107.117.255
                  87.107.120.0-87.107.135.255
                  87.107.168.0/22
                  87.107.173.0/24
                  185.60.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:10:7e:f8:b1:95:fe:34:0a:20:52:25:52:71:eb:fd:98:41:
         d5:3f:01:38:ab:8f:e8:7d:db:c0:9b:c2:75:97:95:8b:cc:c7:
         18:90:20:fa:c3:0d:8d:14:3f:43:e7:fe:2e:9d:69:15:27:73:
         28:04:00:5b:0f:97:ab:82:fb:c1:a9:8d:9f:80:7a:a2:5b:20:
         8e:f8:e4:de:fa:9a:e3:68:b7:98:e5:01:7c:65:99:34:c9:34:
         41:c6:83:30:c0:07:ae:e2:2c:0f:3d:69:78:a6:d6:81:f6:14:
         af:1d:10:99:c0:38:af:c0:33:df:45:8c:d2:55:e0:f0:21:78:
         82:e3:8b:08:f5:4a:ff:d8:d1:a1:ab:a0:54:05:eb:07:5a:8a:
         a7:33:65:71:02:cb:ae:6e:de:90:ce:39:64:51:54:0c:d8:26:
         1a:10:94:1b:00:d5:d6:f8:49:75:bc:73:8e:7b:26:e4:ec:ea:
         09:28:43:1f:e4:90:52:4e:42:76:e5:f5:a3:cd:04:a3:e8:02:
         2c:77:84:88:32:86:76:3a:51:bb:65:2c:68:46:4b:cf:70:04:
         c4:4f:26:9f:5a:8d:5c:91:c9:d5:4a:a5:a3:83:ec:57:bd:75:
         22:a6:26:5e:f4:88:e3:7b:02:a1:7e:b3:92:dc:be:45:7f:11:
         53:f6:e6:a8
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAY5RSfTB/2QskXnQ5vF5MMwIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMzE4MTExOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTRmNTY1NmU2NzUzNTk5Y2E4ZmQzZTUyNTRiNzU1M2M4NDg5MTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwsDZcj0wX51yWOGvqgngK7R4oS6
3Rz0KcDDPrQWWuxfqfr/DKQmW5BCd8XKUDu6n3qVMURyFs5SAP4jfZ0BUReXl/9r
fz6FrtnN0zp9wN59rXRY8hGe5JKAZD4enZ/POHb/2zzTBnfd0xkiunMEwhwyRTPt
5wzaxt/dBcy3QvVLdmtIDLt2RJmvvx5f8BS8J4XqMJvvWXFQWgIyZwsVW8LDGcuT
4+17+v6yN5IxqscIvsQbbafdXphkVov8tr+twfaf9kcsGP4EWFK1hNyCPbpX+XhC
IpUSkjifOBxCekDV7ev9WPfpBcYZjS38XB84e0JBtbKcgYsEmUnqILiLewIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFNVPVlbmdTWZyo/T5SVLdVPISJFOMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvMVU5V1Z1WjFOWm5LajlQbEpVdDFVOGhJa1U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAQ+
3GAwDAMEAz7ceAMEAT7cfDAMAwQDUQwIAwQDUQwQAwQCUQwwAwQBUQw6AwQDV2sA
AwQCV2sYAwQBV2siAwQCV2soMAwDBAFXazIDBAFXazQDBAJXa0QDBAJXa1gDBAJX
a2AwDAMEAVdragMEAVdrdDAMAwQDV2t4AwQDV2uAAwQCV2uoAwQAV2utAwQCuTyI
MA0GCSqGSIb3DQEBCwUAA4IBAQA8EH74sZX+NAogUiVScev9mEHVPwE4q4/ofdvA
m8J1l5WLzMcYkCD6ww2NFD9D5/4unWkVJ3MoBABbD5ergvvBqY2fgHqiWyCO+OTe
+prjaLeY5QF8ZZk0yTRBxoMwwAeu4iwPPWl4ptaB9hSvHRCZwDivwDPfRYzSVeDw
IXiC44sI9Ur/2NGhq6BUBesHWoqnM2VxAsuubt6QzjlkUVQM2CYaEJQbANXW+El1
vHOOeybk7OoJKEMf5JBSTkJ25fWjzQSj6AIsd4SIMoZ2OlG7ZSxoRkvPcATETyaf
Wo1ckcnVSqWjg+xXvXUipiZe9IjjewKhfrOS3L5FfxFT9uao
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org