Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/R4HhnnSrQXZzRd2kepQkb0vWhaI.roa
File:                     R4HhnnSrQXZzRd2kepQkb0vWhaI.roa (raw, json)
Hash identifier:          db1pTiI85DnNDI+uKSx7Rlgh3YNArHgfVYq0rRmSqkQ=
Subject key identifier:   47:81:E1:9E:74:AB:41:76:73:45:DD:A4:7A:94:24:6F:4B:D6:85:A2
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018B8EFD70DC7174D3D3EBF42EB2753BF0E8
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/R4HhnnSrQXZzRd2kepQkb0vWhaI.roa
Signing time:             Thu 02 Nov 2023 07:44:16 +0000
ROA not before:           Thu 02 Nov 2023 07:44:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9123
IP address blocks:        91.186.198.0/24 maxlen: 24
                          91.186.199.0/24 maxlen: 24
                          91.186.196.0/24 maxlen: 24
                          91.186.197.0/24 maxlen: 24
                          94.241.138.0/24 maxlen: 24
                          94.241.139.0/24 maxlen: 24
                          94.241.141.0/24 maxlen: 24
                          94.241.142.0/24 maxlen: 24
                          94.241.143.0/24 maxlen: 24
                          94.241.140.0/24 maxlen: 24
                          94.241.168.0/24 maxlen: 24
                          94.241.169.0/24 maxlen: 24
                          94.241.170.0/24 maxlen: 24
                          94.241.171.0/24 maxlen: 24
                          178.253.22.0/24 maxlen: 24
                          178.253.23.0/24 maxlen: 24
                          178.253.40.0/24 maxlen: 24
                          178.253.41.0/24 maxlen: 24
                          178.253.42.0/24 maxlen: 24
                          178.253.43.0/24 maxlen: 24
                          83.147.244.0/24 maxlen: 24
                          83.147.245.0/24 maxlen: 24
                          83.147.246.0/24 maxlen: 24
                          83.147.247.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 04 Nov 2023 12:17:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:8e:fd:70:dc:71:74:d3:d3:eb:f4:2e:b2:75:3b:f0:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Nov  2 07:44:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4781e19e74ab41767345dda47a94246f4bd685a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:82:15:6e:96:0e:9e:d3:99:2f:41:cf:e9:fe:
                    bd:20:89:d1:42:56:2d:6f:02:4f:f9:ad:ec:56:33:
                    f8:3b:e4:4a:8b:6a:ac:6f:bc:5d:16:4f:4b:93:67:
                    4c:df:b8:12:54:c4:87:a8:3a:13:63:18:28:36:33:
                    19:b8:7d:11:e7:3f:86:32:76:de:8f:5e:02:92:b8:
                    7e:20:88:8f:cb:eb:63:ef:b5:12:a3:83:e6:a3:0d:
                    a6:84:88:fa:72:0d:ad:6e:b4:48:7b:4a:77:d1:cc:
                    f9:5d:84:be:1c:c2:50:ea:ab:38:ba:07:54:fb:f0:
                    7d:e9:1f:b2:da:78:d1:52:bd:82:c2:82:ab:de:07:
                    e2:ac:da:66:06:5b:82:12:92:4f:ff:7a:99:04:3e:
                    49:60:88:0a:74:84:87:5d:c5:d8:df:1a:23:f6:c0:
                    b5:3d:57:de:17:41:fa:81:a8:ec:b0:b0:d3:ef:47:
                    6c:00:61:b7:73:7e:05:f5:c5:1c:7f:a0:64:e9:e0:
                    a9:6d:2e:e4:f6:86:aa:0d:0d:85:7c:1d:94:7f:de:
                    7b:b6:3b:24:7b:44:84:45:25:d2:20:20:de:45:3e:
                    f5:38:37:5e:43:b9:d6:a0:5c:af:04:2c:1f:e5:fe:
                    d6:25:9f:ce:d0:af:6d:c3:90:b0:f4:79:fb:26:01:
                    91:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:81:E1:9E:74:AB:41:76:73:45:DD:A4:7A:94:24:6F:4B:D6:85:A2
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/R4HhnnSrQXZzRd2kepQkb0vWhaI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.244.0/22
                  91.186.196.0/22
                  94.241.138.0-94.241.143.255
                  94.241.168.0/22
                  178.253.22.0/23
                  178.253.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7d:47:a7:49:6e:96:71:09:a2:90:f4:b9:89:f9:66:13:d7:e1:
         b5:4c:6d:a6:0d:8a:b0:ca:e5:59:d8:4f:3b:21:44:28:60:50:
         44:20:b8:e8:8e:1c:74:20:d8:d9:9c:e3:d2:50:1c:f0:10:cc:
         e5:89:07:e5:68:94:6f:66:43:69:eb:b8:6f:80:04:6e:b3:70:
         7c:28:44:17:6b:12:bf:f1:51:34:43:90:ac:e7:50:2a:45:59:
         bb:3e:1c:9d:04:f3:16:83:1b:80:b6:70:15:7c:3a:d4:92:84:
         cf:36:e7:38:f3:6d:eb:79:4d:28:fd:e5:af:9e:1c:9b:86:40:
         fb:c3:36:14:8a:42:44:5e:66:6e:6a:04:e1:45:60:a3:f1:f2:
         d0:92:8c:2d:1e:c8:44:af:e1:d8:88:df:07:5f:cb:a3:26:da:
         62:4b:b1:2e:3f:ef:73:d8:09:13:9f:64:20:0e:85:89:d1:4b:
         17:f7:ff:49:5f:dd:27:d3:c8:21:14:dd:fc:ef:fa:80:82:6f:
         cc:c0:19:a3:4c:b4:f2:cb:a3:68:9a:03:75:cc:af:2d:a4:e3:
         2e:b3:22:d0:8b:b7:33:22:7f:f4:d1:c6:aa:87:da:f2:10:a5:
         63:e4:3f:e6:93:51:8d:27:76:01:4f:3c:1b:2d:62:cb:6e:ef:
         53:ce:7e:9c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYuO/XDccXTT0+v0LrJ1O/DoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMTAyMDc0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzgxZTE5ZTc0YWI0MTc2NzM0NWRkYTQ3YTk0MjQ2ZjRiZDY4NWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4IVbpYOntOZL0HP6f69IInRQlYt
bwJP+a3sVjP4O+RKi2qsb7xdFk9Lk2dM37gSVMSHqDoTYxgoNjMZuH0R5z+GMnbe
j14Ckrh+IIiPy+tj77USo4Pmow2mhIj6cg2tbrRIe0p30cz5XYS+HMJQ6qs4ugdU
+/B96R+y2njRUr2CwoKr3gfirNpmBluCEpJP/3qZBD5JYIgKdISHXcXY3xoj9sC1
PVfeF0H6gajssLDT70dsAGG3c34F9cUcf6Bk6eCpbS7k9oaqDQ2FfB2Uf957tjsk
e0SERSXSICDeRT71ODdeQ7nWoFyvBCwf5f7WJZ/O0K9tw5Cw9Hn7JgGRwQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEeB4Z50q0F2c0XdpHqUJG9L1oWiMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvUjRIaG5uU3JRWFp6UmQya2VwUWtiMHZXaGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCU5P0AwQC
W7rEMAwDBAFe8YoDBARe8YADBAJe8agDBAGy/RYDBAKy/SgwDQYJKoZIhvcNAQEL
BQADggEBAH1Hp0lulnEJopD0uYn5ZhPX4bVMbaYNirDK5VnYTzshRChgUEQguOiO
HHQg2Nmc49JQHPAQzOWJB+VolG9mQ2nruG+ABG6zcHwoRBdrEr/xUTRDkKznUCpF
Wbs+HJ0E8xaDG4C2cBV8OtSShM825zjzbet5TSj95a+eHJuGQPvDNhSKQkReZm5q
BOFFYKPx8tCSjC0eyESv4diI3wdfy6Mm2mJLsS4/73PYCROfZCAOhYnRSxf3/0lf
3SfTyCEU3fzv+oCCb8zAGaNMtPLLo2iaA3XMry2k4y6zItCLtzMif/TRxqqH2vIQ
pWPkP+aTUY0ndgFPPBstYstu71POfpw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org