Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/ahEx6a-9dXZ5KweKl-mzl1GrQwA.roa
File:                     ahEx6a-9dXZ5KweKl-mzl1GrQwA.roa (raw, json)
Hash identifier:          IOK6RU6uTpiWM5uxlt7LSW7WJJPLi/qdkqYG0BcBIf8=
Subject key identifier:   6A:11:31:E9:AF:BD:75:76:79:2B:07:8A:97:E9:B3:97:51:AB:43:00
Certificate issuer:       /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial:       018A458CB802C199B702A3118BEA1D9CFC67
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/ahEx6a-9dXZ5KweKl-mzl1GrQwA.roa
Signing time:             Wed 30 Aug 2023 08:26:04 +0000
ROA not before:           Wed 30 Aug 2023 08:26:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12578
IP address blocks:        185.38.56.0/22 maxlen: 22
                          46.109.0.0/16 maxlen: 16
                          195.122.28.0/24 maxlen: 24
                          195.122.29.0/24 maxlen: 24
                          81.198.0.0/16 maxlen: 16
                          78.84.0.0/16 maxlen: 16
                          195.114.32.0/19 maxlen: 19
                          81.198.95.0/24 maxlen: 24
                          194.8.16.0/21 maxlen: 21
                          194.8.24.0/22 maxlen: 22
                          195.13.201.0/24 maxlen: 24
                          195.13.200.0/24 maxlen: 24
                          80.232.150.13/32 maxlen: 32
                          80.232.195.0/24 maxlen: 24
                          84.237.128.0/17 maxlen: 17
                          195.13.128.0/17 maxlen: 17
                          80.232.128.0/17 maxlen: 17
                          80.232.150.0/24 maxlen: 24
                          80.232.147.0/24 maxlen: 24
                          95.68.0.0/17 maxlen: 17
                          87.246.144.0/20 maxlen: 20
                          195.2.96.0/19 maxlen: 19
                          195.122.0.0/19 maxlen: 19
                          87.246.160.0/19 maxlen: 19
                          62.85.0.0/17 maxlen: 17
                          195.13.228.0/24 maxlen: 24
                          195.13.253.0/24 maxlen: 24
                          195.13.251.0/24 maxlen: 24
                          195.13.249.0/24 maxlen: 24
                          87.110.0.0/16 maxlen: 16
                          91.105.0.0/17 maxlen: 17
                          2a02:2330::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 29 Nov 2023 06:50:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:45:8c:b8:02:c1:99:b7:02:a3:11:8b:ea:1d:9c:fc:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
        Validity
            Not Before: Aug 30 08:26:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a1131e9afbd7576792b078a97e9b39751ab4300
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d7:1e:69:13:e7:d9:e5:f8:aa:64:12:d9:5f:
                    16:e9:27:47:07:a9:bb:c7:10:07:97:85:31:12:90:
                    40:be:89:dc:51:18:ba:a9:00:99:f1:cc:2a:d6:0d:
                    24:ff:99:4c:eb:99:6d:1e:17:5c:ff:cc:da:ec:d8:
                    ad:8b:2d:a5:2d:9a:0f:38:33:43:14:89:f1:67:dc:
                    27:3d:b5:0a:57:7d:8e:fb:e2:ec:83:82:24:3a:80:
                    78:c7:50:3d:11:8f:d0:b9:61:fe:bd:15:22:e8:63:
                    9f:96:97:88:ac:72:a7:08:6e:90:2f:4e:41:a7:ac:
                    7f:6a:a3:b2:69:e7:3c:c1:4e:82:f9:58:c4:4b:d8:
                    45:ff:df:e4:63:3b:bb:16:74:c1:cc:5c:01:73:a9:
                    14:82:38:f9:4a:49:c3:69:3b:c1:35:34:4c:7b:92:
                    86:4b:b0:20:bf:d9:81:ee:b4:cd:67:fd:74:6f:f1:
                    05:25:77:e3:0f:0d:23:6f:08:1f:17:15:cd:23:58:
                    42:1b:ee:f5:45:e9:b6:42:78:e6:d3:2b:57:f5:4c:
                    2e:6d:fb:e9:c8:43:2a:22:4e:be:88:e7:1a:70:af:
                    27:5c:57:60:45:77:04:ba:d3:11:5e:67:d4:3d:98:
                    2b:f3:13:c3:f5:88:60:65:58:8e:7d:f3:9b:88:11:
                    60:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:11:31:E9:AF:BD:75:76:79:2B:07:8A:97:E9:B3:97:51:AB:43:00
            X509v3 Authority Key Identifier:
                keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/ahEx6a-9dXZ5KweKl-mzl1GrQwA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.109.0.0/16
                  62.85.0.0/17
                  78.84.0.0/16
                  80.232.128.0/17
                  81.198.0.0/16
                  84.237.128.0/17
                  87.110.0.0/16
                  87.246.144.0-87.246.191.255
                  91.105.0.0/17
                  95.68.0.0/17
                  185.38.56.0/22
                  194.8.16.0-194.8.27.255
                  195.2.96.0/19
                  195.13.128.0/17
                  195.114.32.0/19
                  195.122.0.0/19
                IPv6:
                  2a02:2330::/29

    Signature Algorithm: sha256WithRSAEncryption
         05:b3:52:fb:a0:22:7e:84:86:8e:91:19:1d:23:29:6a:6d:09:
         36:9e:a4:ae:ce:5b:57:f4:34:3a:96:e5:21:43:26:7c:16:e0:
         a2:98:b7:2f:ba:01:5c:6b:4b:e6:e1:17:81:21:46:e1:6c:eb:
         c0:77:7a:57:88:ff:90:df:cd:c7:ff:cf:19:f7:7e:9e:86:d7:
         6f:3e:93:06:34:12:5a:08:c3:f5:dc:e7:ec:d5:dc:1f:73:b4:
         55:87:e8:41:4d:ff:f7:d8:33:a1:4c:6d:67:5c:ad:1f:cd:68:
         79:50:de:fd:88:c1:b9:87:4f:3c:da:e7:9c:04:fe:00:fe:2c:
         f6:d5:c1:79:b0:26:42:be:7f:18:76:b8:78:9e:83:78:cc:7b:
         58:44:fc:8d:c5:c1:ea:25:2d:bc:e3:0d:60:f7:45:ff:37:b0:
         fb:86:89:0c:31:83:58:34:cf:62:2e:55:47:0c:d7:21:60:45:
         e1:a4:d8:00:02:19:af:b1:14:5e:08:86:ac:f3:48:ea:27:85:
         e7:21:13:2b:9d:c8:91:24:a0:60:b0:48:90:59:c3:5e:35:58:
         2f:55:03:6d:0a:80:8a:bb:2d:f5:c6:58:43:bf:1f:b4:25:d5:
         13:62:bb:e4:30:d4:3a:b4:85:ae:aa:7f:86:5e:4e:42:bf:41:
         6e:ea:73:1c
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYpFjLgCwZm3AqMRi+odnPxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMwODMwMDgyNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTExMzFlOWFmYmQ3NTc2NzkyYjA3OGE5N2U5YjM5NzUxYWI0MzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNceaRPn2eX4qmQS2V8W6SdHB6m7
xxAHl4UxEpBAvoncURi6qQCZ8cwq1g0k/5lM65ltHhdc/8za7Nitiy2lLZoPODND
FInxZ9wnPbUKV32O++Lsg4IkOoB4x1A9EY/QuWH+vRUi6GOflpeIrHKnCG6QL05B
p6x/aqOyaec8wU6C+VjES9hF/9/kYzu7FnTBzFwBc6kUgjj5SknDaTvBNTRMe5KG
S7Agv9mB7rTNZ/10b/EFJXfjDw0jbwgfFxXNI1hCG+71Rem2Qnjm0ytX9Uwubfvp
yEMqIk6+iOcacK8nXFdgRXcEutMRXmfUPZgr8xPD9YhgZViOffObiBFgYwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFGoRMemvvXV2eSsHipfps5dRq0MAMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvYWhFeDZhLTlkWFo1S3dlS2wtbXpsMUdyUXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwMALm0D
BAc+VQADAwBOVAMEB1DogAMDAFHGAwQHVO2AAwMAV24wDAMEBFf2kAMEBlf2gAME
B1tpAAMEB19EAAMEArkmODAMAwQEwggQAwQCwggYAwQFwwJgAwQHww2AAwQFw3Ig
AwQFw3oAMA0EAgACMAcDBQMqAiMwMA0GCSqGSIb3DQEBCwUAA4IBAQAFs1L7oCJ+
hIaOkRkdIylqbQk2nqSuzltX9DQ6luUhQyZ8FuCimLcvugFca0vm4ReBIUbhbOvA
d3pXiP+Q383H/88Z936ehtdvPpMGNBJaCMP13Ofs1dwfc7RVh+hBTf/32DOhTG1n
XK0fzWh5UN79iMG5h0882uecBP4A/iz21cF5sCZCvn8Ydrh4noN4zHtYRPyNxcHq
JS284w1g90X/N7D7hokMMYNYNM9iLlVHDNchYEXhpNgAAhmvsRReCIas80jqJ4Xn
IRMrnciRJKBgsEiQWcNeNVgvVQNtCoCKuy31xlhDvx+0JdUTYrvkMNQ6tIWuqn+G
Xk5Cv0Fu6nMc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:29 2024 by rpki-client on console-fra.rpki-client.org