Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/KaAhrV_fg3LHieZmSKNI4vErNYw.roa
File:                     KaAhrV_fg3LHieZmSKNI4vErNYw.roa (raw, json)
Hash identifier:          WFUPHN0gm1/BFE/ZZZVVruH+MxAyKwvyiL1njZgX3Ms=
Subject key identifier:   29:A0:21:AD:5F:DF:83:72:C7:89:E6:66:48:A3:48:E2:F1:2B:35:8C
Certificate issuer:       /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial:       0186BB6456B076A166CBAFAF33C114BC9680
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/KaAhrV_fg3LHieZmSKNI4vErNYw.roa
Signing time:             Tue 07 Mar 2023 09:26:00 +0000
ROA not before:           Tue 07 Mar 2023 09:26:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198610
IP address blocks:        45.80.68.0/22 maxlen: 22
                          45.80.68.0/24 maxlen: 24
                          45.80.69.0/24 maxlen: 24
                          45.80.70.0/24 maxlen: 24
                          45.80.71.0/24 maxlen: 24
                          45.147.176.0/22 maxlen: 22
                          45.147.176.0/24 maxlen: 24
                          45.147.177.0/24 maxlen: 24
                          45.147.178.0/24 maxlen: 24
                          45.147.179.0/24 maxlen: 24
                          5.181.109.0/24 maxlen: 24
                          5.181.110.0/24 maxlen: 24
                          5.181.111.0/24 maxlen: 24
                          5.181.108.0/24 maxlen: 24
                          5.181.108.0/22 maxlen: 22
                          45.141.77.0/24 maxlen: 24
                          45.141.76.0/22 maxlen: 22
                          45.141.78.0/24 maxlen: 24
                          45.141.76.0/24 maxlen: 24
                          45.67.57.0/24 maxlen: 24
                          45.67.58.0/24 maxlen: 24
                          45.141.79.0/24 maxlen: 24
                          45.67.56.0/24 maxlen: 24
                          45.67.56.0/22 maxlen: 22
                          45.67.59.0/24 maxlen: 24
                          185.19.204.0/22 maxlen: 22
                          185.19.204.0/24 maxlen: 24
                          185.19.205.0/24 maxlen: 24
                          185.19.206.0/24 maxlen: 24
                          185.19.207.0/24 maxlen: 24
                          193.168.46.0/24 maxlen: 24
                          193.168.46.0/23 maxlen: 23
                          193.168.47.0/24 maxlen: 24
                          193.168.48.0/23 maxlen: 23
                          193.168.48.0/24 maxlen: 24
                          193.168.49.0/24 maxlen: 24
                          45.12.16.0/24 maxlen: 24
                          45.12.17.0/24 maxlen: 24
                          45.12.16.0/22 maxlen: 22
                          45.12.18.0/24 maxlen: 24
                          45.12.19.0/24 maxlen: 24
                          95.214.61.0/24 maxlen: 24
                          95.214.62.0/24 maxlen: 24
                          95.214.63.0/24 maxlen: 24
                          95.214.60.0/24 maxlen: 24
                          95.214.60.0/22 maxlen: 22
                          81.200.112.0/24 maxlen: 24
                          81.200.113.0/24 maxlen: 24
                          213.139.208.0/22 maxlen: 22
                          81.200.112.0/21 maxlen: 21
                          213.139.208.0/24 maxlen: 24
                          81.200.114.0/24 maxlen: 24
                          213.139.209.0/24 maxlen: 24
                          81.200.115.0/24 maxlen: 24
                          81.200.116.0/24 maxlen: 24
                          81.200.118.0/24 maxlen: 24
                          81.200.117.0/24 maxlen: 24
                          213.139.210.0/24 maxlen: 24
                          213.139.211.0/24 maxlen: 24
                          81.200.119.0/24 maxlen: 24
                          45.146.164.0/22 maxlen: 22
                          91.106.206.0/24 maxlen: 24
                          91.106.200.0/21 maxlen: 21
                          91.106.200.0/24 maxlen: 24
                          91.106.201.0/24 maxlen: 24
                          91.106.202.0/24 maxlen: 24
                          91.106.203.0/24 maxlen: 24
                          91.106.204.0/24 maxlen: 24
                          91.106.205.0/24 maxlen: 24
                          91.106.207.0/24 maxlen: 24
                          62.113.97.0/24 maxlen: 24
                          62.113.98.0/24 maxlen: 24
                          62.113.96.0/20 maxlen: 20
                          62.113.96.0/24 maxlen: 24
                          62.113.104.0/24 maxlen: 24
                          62.113.105.0/24 maxlen: 24
                          62.113.99.0/24 maxlen: 24
                          62.113.100.0/24 maxlen: 24
                          62.113.101.0/24 maxlen: 24
                          62.113.102.0/24 maxlen: 24
                          62.113.103.0/24 maxlen: 24
                          62.113.110.0/24 maxlen: 24
                          62.113.111.0/24 maxlen: 24
                          62.113.106.0/24 maxlen: 24
                          62.113.107.0/24 maxlen: 24
                          62.113.108.0/24 maxlen: 24
                          62.113.109.0/24 maxlen: 24
                          193.200.72.0/22 maxlen: 22
                          193.200.72.0/24 maxlen: 24
                          193.200.73.0/24 maxlen: 24
                          193.200.74.0/24 maxlen: 24
                          193.200.75.0/24 maxlen: 24
                          217.172.24.0/22 maxlen: 22
                          217.172.24.0/24 maxlen: 24
                          217.172.27.0/24 maxlen: 24
                          217.172.25.0/24 maxlen: 24
                          217.172.26.0/24 maxlen: 24
                          185.78.30.0/24 maxlen: 24
                          185.78.28.0/22 maxlen: 22
                          185.78.31.0/24 maxlen: 24
                          185.78.28.0/24 maxlen: 24
                          185.78.29.0/24 maxlen: 24
                          45.84.224.0/24 maxlen: 24
                          45.84.225.0/24 maxlen: 24
                          45.84.224.0/22 maxlen: 22
                          45.84.226.0/24 maxlen: 24
                          45.84.227.0/24 maxlen: 24
                          185.225.34.0/24 maxlen: 24
                          185.225.32.0/22 maxlen: 22
                          185.225.35.0/24 maxlen: 24
                          185.225.32.0/24 maxlen: 24
                          185.225.33.0/24 maxlen: 24
                          185.50.24.0/24 maxlen: 24
                          185.50.24.0/22 maxlen: 22
                          45.90.32.0/24 maxlen: 24
                          45.90.33.0/24 maxlen: 24
                          45.90.34.0/24 maxlen: 24
                          45.90.35.0/24 maxlen: 24
                          45.90.32.0/22 maxlen: 22
                          5.101.153.244/32 maxlen: 32
                          87.236.17.122/32 maxlen: 32
                          5.101.153.242/32 maxlen: 32
                          185.50.25.0/24 maxlen: 24
                          185.50.26.0/24 maxlen: 24
                          185.50.27.0/24 maxlen: 24
                          62.217.177.0/24 maxlen: 24
                          62.217.178.0/24 maxlen: 24
                          62.217.179.0/24 maxlen: 24
                          62.217.176.0/24 maxlen: 24
                          62.217.176.0/21 maxlen: 21
                          62.217.183.0/24 maxlen: 24
                          62.217.180.0/24 maxlen: 24
                          62.217.181.0/24 maxlen: 24
                          62.217.182.0/24 maxlen: 24
                          45.130.42.0/24 maxlen: 24
                          45.130.43.0/24 maxlen: 24
                          45.130.40.0/22 maxlen: 22
                          45.130.40.0/24 maxlen: 24
                          45.130.41.0/24 maxlen: 24
                          193.176.76.0/24 maxlen: 24
                          193.176.77.0/24 maxlen: 24
                          193.176.78.0/24 maxlen: 24
                          193.176.76.0/22 maxlen: 22
                          193.176.79.0/24 maxlen: 24
                          5.101.154.191/32 maxlen: 32
                          31.129.96.0/20 maxlen: 20
                          31.129.98.0/24 maxlen: 24
                          31.129.96.0/24 maxlen: 24
                          87.236.16.0/24 maxlen: 24
                          87.236.17.0/24 maxlen: 24
                          87.236.16.0/21 maxlen: 21
                          87.236.21.0/24 maxlen: 24
                          87.236.22.0/24 maxlen: 24
                          87.236.23.0/24 maxlen: 24
                          87.236.18.0/24 maxlen: 24
                          87.236.19.0/24 maxlen: 24
                          87.236.20.0/24 maxlen: 24
                          185.155.118.0/24 maxlen: 24
                          5.101.152.0/24 maxlen: 24
                          5.101.152.0/21 maxlen: 21
                          5.101.153.0/24 maxlen: 24
                          5.101.154.0/24 maxlen: 24
                          5.101.155.0/24 maxlen: 24
                          5.101.156.0/24 maxlen: 24
                          5.101.157.0/24 maxlen: 24
                          5.101.158.0/24 maxlen: 24
                          5.101.159.0/24 maxlen: 24
                          2a04:bac0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 07 Mar 2023 10:26:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:bb:64:56:b0:76:a1:66:cb:af:af:33:c1:14:bc:96:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
        Validity
            Not Before: Mar  7 09:26:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=29a021ad5fdf8372c789e66648a348e2f12b358c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0b:3b:19:56:12:3e:34:d8:b6:02:21:38:c5:
                    45:5c:e7:47:5b:df:48:47:88:ba:76:b1:0e:51:79:
                    da:a0:fe:0d:3f:83:45:48:9a:4e:b4:87:b8:67:1f:
                    55:74:05:3e:d4:66:2a:bd:53:63:4c:d7:ad:66:34:
                    0a:32:00:c2:88:a5:f9:e9:e7:01:e4:21:18:69:8b:
                    d1:bb:24:71:bf:da:a3:4d:f1:c1:5a:67:6f:c3:81:
                    9e:a0:89:8e:b1:8e:62:18:cd:22:da:6e:b7:ed:d7:
                    89:ff:25:d8:82:5c:93:33:a7:0a:45:3c:d0:19:aa:
                    b7:90:da:bb:85:54:19:5c:e1:3d:63:ee:3b:2e:b9:
                    37:97:df:00:57:a4:41:55:2f:83:dc:15:9b:c1:f2:
                    fa:64:cf:94:fb:e2:43:80:fa:f4:d5:33:95:ff:c8:
                    a4:8e:dd:7b:05:1a:9e:eb:c2:81:d0:67:97:f6:a8:
                    8d:16:0a:67:07:23:8f:58:c2:10:e6:25:14:d8:52:
                    7a:4c:95:32:e8:72:b1:da:c1:49:d9:61:c4:b8:79:
                    c3:1b:d3:43:52:d4:08:4c:92:c4:34:66:f2:f5:6b:
                    2f:83:bd:ff:d4:5c:a1:d7:24:9b:90:fc:be:39:44:
                    33:4e:18:7a:fd:84:c5:f0:49:97:c7:4c:aa:f2:44:
                    33:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:A0:21:AD:5F:DF:83:72:C7:89:E6:66:48:A3:48:E2:F1:2B:35:8C
            X509v3 Authority Key Identifier:
                keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/KaAhrV_fg3LHieZmSKNI4vErNYw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.101.152.0/21
                  5.181.108.0/22
                  31.129.96.0/20
                  45.12.16.0/22
                  45.67.56.0/22
                  45.80.68.0/22
                  45.84.224.0/22
                  45.90.32.0/22
                  45.130.40.0/22
                  45.141.76.0/22
                  45.146.164.0/22
                  45.147.176.0/22
                  62.113.96.0/20
                  62.217.176.0/21
                  81.200.112.0/21
                  87.236.16.0/21
                  91.106.200.0/21
                  95.214.60.0/22
                  185.19.204.0/22
                  185.50.24.0/22
                  185.78.28.0/22
                  185.155.118.0/24
                  185.225.32.0/22
                  193.168.46.0-193.168.49.255
                  193.176.76.0/22
                  193.200.72.0/22
                  213.139.208.0/22
                  217.172.24.0/22
                IPv6:
                  2a04:bac0::/29

    Signature Algorithm: sha256WithRSAEncryption
         6f:84:22:0a:7c:d0:1a:7d:80:48:8c:e2:b6:93:f7:b2:e6:ce:
         ec:53:50:d1:6c:0b:9e:6a:71:51:c4:e4:70:9e:45:58:72:ad:
         32:53:84:a8:a5:14:1c:3f:9d:ae:7d:fd:3c:b3:89:91:f1:b8:
         1f:df:81:1e:fa:59:f2:70:27:98:39:32:ae:98:e6:f9:b8:3c:
         f1:5c:93:18:6c:aa:af:86:b0:35:0f:6d:7f:03:d6:34:10:e8:
         a2:df:81:88:cf:68:85:01:1e:96:e5:ab:d2:cb:9f:78:dc:81:
         9d:b6:fb:53:cf:c1:44:35:1f:f8:08:d0:cf:ab:db:7e:5a:28:
         dd:99:ec:10:48:00:77:db:b8:e7:c4:68:8f:4d:91:d4:8c:8f:
         5e:37:75:48:17:21:cd:ad:3e:72:4b:fd:b3:c5:17:c0:9e:8b:
         16:43:73:ce:f9:9c:fc:17:5c:20:96:38:b9:2f:88:df:55:91:
         43:d2:c0:32:48:27:5c:5e:0e:83:5b:d1:be:7a:59:5f:17:29:
         48:b0:0c:db:cc:a9:e8:c1:20:bf:83:73:d8:ea:9f:e2:a9:1c:
         6d:07:d1:a9:22:fc:42:13:9c:8f:d8:55:47:a1:d7:20:f7:f7:
         0d:63:0d:69:bc:d2:53:1a:c2:fe:16:05:8b:1e:59:6a:f0:57:
         0b:34:9e:ac
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYa7ZFawdqFmy6+vM8EUvJaAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjMwMzA3MDkyNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWEwMjFhZDVmZGY4MzcyYzc4OWU2NjY0OGEzNDhlMmYxMmIzNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQs7GVYSPjTYtgIhOMVFXOdHW99I
R4i6drEOUXnaoP4NP4NFSJpOtIe4Zx9VdAU+1GYqvVNjTNetZjQKMgDCiKX56ecB
5CEYaYvRuyRxv9qjTfHBWmdvw4GeoImOsY5iGM0i2m637deJ/yXYglyTM6cKRTzQ
Gaq3kNq7hVQZXOE9Y+47Lrk3l98AV6RBVS+D3BWbwfL6ZM+U++JDgPr01TOV/8ik
jt17BRqe68KB0GeX9qiNFgpnByOPWMIQ5iUU2FJ6TJUy6HKx2sFJ2WHEuHnDG9ND
UtQITJLENGby9Wsvg73/1Fyh1ySbkPy+OUQzThh6/YTF8EmXx0yq8kQzNwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFCmgIa1f34Nyx4nmZkijSOLxKzWMMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvS2FBaHJWX2ZnM0xIaWVabVNLTkk0dkVyTll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBtwQCAAEwgbADBAMF
ZZgDBAIFtWwDBAQfgWADBAItDBADBAItQzgDBAItUEQDBAItVOADBAItWiADBAIt
gigDBAItjUwDBAItkqQDBAItk7ADBAQ+cWADBAM+2bADBANRyHADBANX7BADBANb
asgDBAJf1jwDBAK5E8wDBAK5MhgDBAK5ThwDBAC5m3YDBAK54SAwDAMEAcGoLgME
AcGoMAMEAsGwTAMEAsHISAMEAtWL0AMEAtmsGDANBAIAAjAHAwUDKgS6wDANBgkq
hkiG9w0BAQsFAAOCAQEAb4QiCnzQGn2ASIzitpP3subO7FNQ0WwLnmpxUcTkcJ5F
WHKtMlOEqKUUHD+drn39PLOJkfG4H9+BHvpZ8nAnmDkyrpjm+bg88VyTGGyqr4aw
NQ9tfwPWNBDoot+BiM9ohQEeluWr0sufeNyBnbb7U8/BRDUf+AjQz6vbfloo3Zns
EEgAd9u458Roj02R1IyPXjd1SBchza0+ckv9s8UXwJ6LFkNzzvmc/BdcIJY4uS+I
31WRQ9LAMkgnXF4Og1vRvnpZXxcpSLAM28yp6MEgv4Nz2Oqf4qkcbQfRqSL8QhOc
j9hVR6HXIPf3DWMNabzSUxrC/hYFix5ZavBXCzSerA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:20 2024 by rpki-client on console-ams.rpki-client.org