Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/PfGfg7J6O7LnlYbvCUJU5UpdmL4.roa
File:                     PfGfg7J6O7LnlYbvCUJU5UpdmL4.roa (raw, json)
Hash identifier:          2XnQjO7xjz0B9fGMpzsF7M01Z9hHM5pzyPvpKV3RxWw=
Subject key identifier:   3D:F1:9F:83:B2:7A:3B:B2:E7:95:86:EF:09:42:54:E5:4A:5D:98:BE
Certificate issuer:       /CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
Certificate serial:       01888B5C7392448050B2658A776AF58D9280
Authority key identifier: 91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/PfGfg7J6O7LnlYbvCUJU5UpdmL4.roa
Signing time:             Mon 05 Jun 2023 11:41:11 +0000
ROA not before:           Mon 05 Jun 2023 11:41:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     33915
IP address blocks:        213.127.128.0/17 maxlen: 17
                          213.93.128.0/17 maxlen: 17
                          213.160.252.0/22 maxlen: 22
                          213.160.248.0/21 maxlen: 21
                          213.160.248.0/22 maxlen: 22
                          213.46.128.0/17 maxlen: 17
                          62.195.0.0/16 maxlen: 16
                          212.187.64.0/18 maxlen: 18
                          62.194.0.0/16 maxlen: 16
                          62.194.0.0/15 maxlen: 15
                          213.93.0.0/17 maxlen: 17
                          213.93.0.0/16 maxlen: 16
                          212.187.0.0/18 maxlen: 18
                          212.187.0.0/17 maxlen: 17
                          80.113.0.0/17 maxlen: 17
                          80.113.0.0/16 maxlen: 16
                          213.126.128.0/18 maxlen: 18
                          213.126.128.0/17 maxlen: 17
                          62.100.0.0/18 maxlen: 18
                          80.113.128.0/17 maxlen: 17
                          213.127.0.0/17 maxlen: 17
                          213.127.0.0/16 maxlen: 16
                          213.160.192.0/19 maxlen: 19
                          213.160.192.0/20 maxlen: 20
                          213.160.208.0/20 maxlen: 20
                          213.126.192.0/18 maxlen: 18
                          77.248.0.0/15 maxlen: 15
                          77.248.0.0/14 maxlen: 14
                          213.46.0.0/17 maxlen: 17
                          213.46.0.0/16 maxlen: 16
                          89.220.0.0/17 maxlen: 17
                          24.132.128.0/17 maxlen: 17
                          80.85.32.0/20 maxlen: 20
                          217.105.240.0/20 maxlen: 20
                          217.112.112.0/20 maxlen: 20
                          89.99.0.0/16 maxlen: 16
                          195.18.64.0/18 maxlen: 18
                          217.105.224.0/20 maxlen: 20
                          217.105.224.0/19 maxlen: 19
                          213.124.224.0/19 maxlen: 19
                          217.104.192.0/18 maxlen: 18
                          89.98.0.0/16 maxlen: 16
                          89.98.0.0/15 maxlen: 15
                          213.124.160.0/20 maxlen: 20
                          213.124.160.0/19 maxlen: 19
                          213.124.176.0/20 maxlen: 20
                          217.104.128.0/18 maxlen: 18
                          217.104.128.0/17 maxlen: 17
                          213.124.192.0/19 maxlen: 19
                          213.124.192.0/18 maxlen: 18
                          24.132.0.0/17 maxlen: 17
                          24.132.0.0/16 maxlen: 16
                          217.17.128.0/20 maxlen: 20
                          217.105.32.0/19 maxlen: 19
                          178.85.0.0/16 maxlen: 16
                          217.105.0.0/18 maxlen: 18
                          217.105.0.0/19 maxlen: 19
                          31.151.0.0/17 maxlen: 17
                          31.151.0.0/16 maxlen: 16
                          217.63.128.0/18 maxlen: 18
                          217.63.128.0/19 maxlen: 19
                          88.211.128.0/18 maxlen: 18
                          95.97.0.0/16 maxlen: 16
                          178.84.0.0/16 maxlen: 16
                          178.84.0.0/15 maxlen: 15
                          31.151.128.0/17 maxlen: 17
                          212.178.32.0/19 maxlen: 19
                          212.178.32.0/20 maxlen: 20
                          217.63.160.0/19 maxlen: 19
                          212.178.48.0/20 maxlen: 20
                          185.137.202.0/23 maxlen: 23
                          185.137.200.0/23 maxlen: 23
                          185.137.200.0/22 maxlen: 22
                          80.57.0.0/16 maxlen: 16
                          217.103.0.0/17 maxlen: 17
                          217.103.0.0/16 maxlen: 16
                          95.96.0.0/16 maxlen: 16
                          95.96.0.0/15 maxlen: 15
                          62.163.128.0/17 maxlen: 17
                          212.83.64.0/19 maxlen: 19
                          212.83.64.0/20 maxlen: 20
                          217.103.128.0/17 maxlen: 17
                          212.83.80.0/20 maxlen: 20
                          80.56.0.0/16 maxlen: 16
                          80.56.0.0/15 maxlen: 15
                          92.110.0.0/15 maxlen: 15
                          84.41.128.0/17 maxlen: 17
                          217.102.64.0/18 maxlen: 18
                          217.102.0.0/18 maxlen: 18
                          217.102.0.0/17 maxlen: 17
                          46.129.0.0/17 maxlen: 17
                          46.129.0.0/16 maxlen: 16
                          46.129.128.0/17 maxlen: 17
                          62.163.0.0/17 maxlen: 17
                          62.163.0.0/16 maxlen: 16
                          81.175.96.0/19 maxlen: 19
                          62.108.0.0/20 maxlen: 20
                          62.108.0.0/19 maxlen: 19
                          62.108.16.0/20 maxlen: 20
                          212.67.160.0/19 maxlen: 19
                          92.108.0.0/15 maxlen: 15
                          92.108.0.0/14 maxlen: 14
                          213.34.0.0/19 maxlen: 19
                          213.34.0.0/20 maxlen: 20
                          213.34.16.0/20 maxlen: 20
                          185.94.92.0/22 maxlen: 22
                          81.175.64.0/19 maxlen: 19
                          81.175.64.0/18 maxlen: 18
                          77.250.0.0/15 maxlen: 15
                          2a02:a200::/28 maxlen: 28
                          2a02:a200::/27 maxlen: 27
                          2a03:4aa0::/29 maxlen: 29
                          2a02:a210::/28 maxlen: 28

Validation:               Failed, certificate revoked on Wed 25 Oct 2023 11:41:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8b:5c:73:92:44:80:50:b2:65:8a:77:6a:f5:8d:92:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
        Validity
            Not Before: Jun  5 11:41:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3df19f83b27a3bb2e79586ef094254e54a5d98be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:61:f4:09:74:cf:9a:52:40:c8:2b:12:cc:ff:
                    a0:88:b5:73:0a:b3:46:70:ae:9c:fa:43:bd:08:28:
                    e1:f2:84:19:47:3f:f7:67:d4:fa:81:49:3b:61:8e:
                    cb:70:80:39:ff:8d:92:30:9e:3e:9b:a2:ce:91:fe:
                    92:7f:54:43:57:d5:87:68:da:13:ea:60:5b:50:43:
                    3e:0f:2d:37:90:57:b2:2c:76:c3:d2:cf:ef:88:97:
                    3d:30:e0:9f:dc:41:51:41:e8:d6:94:d8:7c:e4:b6:
                    eb:7c:a1:81:8a:00:a0:0a:0b:b6:2e:bf:80:5b:bb:
                    ab:6d:9c:d7:81:9e:c2:ce:68:06:7e:2f:f6:24:de:
                    1e:ff:47:6a:e0:81:0e:59:6e:1a:29:9b:63:56:de:
                    5a:78:f6:c4:3d:b5:e7:b4:9b:a6:8e:c0:3a:b3:eb:
                    9c:10:ab:e3:cf:95:f5:69:be:2e:5c:19:4d:d4:ac:
                    07:c5:f9:66:c6:9c:d6:aa:62:bb:1d:9a:82:2b:91:
                    60:d6:d9:54:6e:95:33:93:1d:9e:1e:96:23:3a:f8:
                    f7:d3:70:2b:1b:04:65:26:91:e3:8f:b3:92:17:c5:
                    c3:89:65:89:cb:be:cf:5f:8f:71:fb:3b:66:dd:b5:
                    a1:3d:fd:c4:d1:33:68:fa:2b:9f:9c:54:13:67:eb:
                    7f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:F1:9F:83:B2:7A:3B:B2:E7:95:86:EF:09:42:54:E5:4A:5D:98:BE
            X509v3 Authority Key Identifier:
                keyid:91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/PfGfg7J6O7LnlYbvCUJU5UpdmL4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  24.132.0.0/16
                  31.151.0.0/16
                  46.129.0.0/16
                  62.100.0.0/18
                  62.108.0.0/19
                  62.163.0.0/16
                  62.194.0.0/15
                  77.248.0.0/14
                  80.56.0.0/15
                  80.85.32.0/20
                  80.113.0.0/16
                  81.175.64.0/18
                  84.41.128.0/17
                  88.211.128.0/18
                  89.98.0.0/15
                  89.220.0.0/17
                  92.108.0.0/14
                  95.96.0.0/15
                  178.84.0.0/15
                  185.94.92.0/22
                  185.137.200.0/22
                  195.18.64.0/18
                  212.67.160.0/19
                  212.83.64.0/19
                  212.178.32.0/19
                  212.187.0.0/17
                  213.34.0.0/19
                  213.46.0.0/16
                  213.93.0.0/16
                  213.124.160.0-213.124.255.255
                  213.126.128.0-213.127.255.255
                  213.160.192.0/19
                  213.160.248.0/21
                  217.17.128.0/20
                  217.63.128.0/18
                  217.102.0.0/17
                  217.103.0.0/16
                  217.104.128.0-217.105.63.255
                  217.105.224.0/19
                  217.112.112.0/20
                IPv6:
                  2a02:a200::/27
                  2a03:4aa0::/29

    Signature Algorithm: sha256WithRSAEncryption
         64:d7:13:e0:3e:fe:0b:6b:79:43:21:21:df:b2:d2:4b:4a:09:
         5f:41:a1:08:14:8b:b5:25:6b:5d:12:c0:7f:93:fd:48:56:de:
         27:53:70:15:67:e9:47:c4:02:c4:91:ad:66:2b:ed:10:4d:4d:
         21:a1:39:92:0b:b7:19:d5:a3:b8:4b:ba:8d:9d:c4:19:3d:5b:
         3e:8d:9d:e2:65:13:d7:82:a4:1b:9a:32:85:9a:08:8d:1f:8b:
         1c:00:b2:e7:90:33:8d:3f:55:d6:ee:c6:c9:26:d2:d4:6e:50:
         ae:c8:9e:f6:de:8d:73:6e:81:4c:81:01:c3:c4:07:86:b1:95:
         bd:52:cf:94:5b:1d:bb:6a:bb:a8:37:8e:b3:67:f6:76:22:99:
         9c:ff:b4:7d:f8:5a:0d:a5:a2:df:8c:da:e3:a7:a2:22:dd:61:
         4e:e5:3c:fd:2b:ba:0d:f4:89:f8:4d:64:2f:42:6d:92:8f:59:
         fc:9a:48:98:90:1b:e3:32:b4:7e:b9:95:41:2a:89:1b:6d:79:
         e8:cd:15:2c:75:68:13:31:4d:37:ee:f0:c0:bf:15:fd:8c:67:
         00:6e:b7:5d:13:e0:39:a1:b0:03:0b:e5:85:fd:ab:78:b7:05:
         fa:45:08:e7:a4:52:39:8c:a3:07:f0:6a:14:5d:43:90:72:10:
         94:fd:f2:49
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgISAYiLXHOSRIBQsmWKd2r1jZKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzEwYmZkZTU4MTNhYjQ3YzM4YzVjMTkwNGVjMjZiMzJj
MmEwOTUwHhcNMjMwNjA1MTE0MTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGYxOWY4M2IyN2EzYmIyZTc5NTg2ZWYwOTQyNTRlNTRhNWQ5OGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWH0CXTPmlJAyCsSzP+giLVzCrNG
cK6c+kO9CCjh8oQZRz/3Z9T6gUk7YY7LcIA5/42SMJ4+m6LOkf6Sf1RDV9WHaNoT
6mBbUEM+Dy03kFeyLHbD0s/viJc9MOCf3EFRQejWlNh85LbrfKGBigCgCgu2Lr+A
W7urbZzXgZ7CzmgGfi/2JN4e/0dq4IEOWW4aKZtjVt5aePbEPbXntJumjsA6s+uc
EKvjz5X1ab4uXBlN1KwHxflmxpzWqmK7HZqCK5Fg1tlUbpUzkx2eHpYjOvj303Ar
GwRlJpHjj7OSF8XDiWWJy77PX49x+ztm3bWhPf3E0TNo+iufnFQTZ+t//QIDAQAB
o4IDGDCCAxQwHQYDVR0OBBYEFD3xn4Oyejuy55WG7wlCVOVKXZi+MB8GA1UdIwQY
MBaAFJHBC/3lgTq0fDjFwZBOwmsywqCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTct
MDRkNzRmMzY4Njk4LzEvUGZHZmc3SjZPN0xubFlidkNVSlU1VXBkbUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTctMDRkNzRmMzY4Njk4
LzEva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLAYIKwYBBQUHAQcBAf8EggEbMIIBFzCB/gQCAAEwgfcD
AwAYhAMDAB+XAwMALoEDBAY+ZAADBAU+bAADAwA+owMDAT7CAwMCTfgDAwFQOAME
BFBVIAMDAFBxAwQGUa9AAwQHVCmAAwQGWNOAAwMBWWIDBAdZ3AADAwJcbAMDAV9g
AwMBslQDBAK5XlwDBAK5icgDBAbDEkADBAXUQ6ADBAXUU0ADBAXUsiADBAfUuwAD
BAXVIgADAwDVLgMDANVdMAsDBAXVfKADAwDVfDALAwQH1X6AAwMH1QADBAXVoMAD
BAPVoPgDBATZEYADBAbZP4ADBAfZZgADAwDZZzAMAwQH2WiAAwQG2WkAAwQF2Wng
AwQE2XBwMBQEAgACMA4DBQUqAqIAAwUDKgNKoDANBgkqhkiG9w0BAQsFAAOCAQEA
ZNcT4D7+C2t5QyEh37LSS0oJX0GhCBSLtSVrXRLAf5P9SFbeJ1NwFWfpR8QCxJGt
ZivtEE1NIaE5kgu3GdWjuEu6jZ3EGT1bPo2d4mUT14KkG5oyhZoIjR+LHACy55Az
jT9V1u7GySbS1G5Qrsie9t6Nc26BTIEBw8QHhrGVvVLPlFsdu2q7qDeOs2f2diKZ
nP+0ffhaDaWi34za46eiIt1hTuU8/Su6DfSJ+E1kL0Jtko9Z/JpImJAb4zK0frmV
QSqJG2156M0VLHVoEzFNN+7wwL8V/YxnAG63XRPgOaGwAwvlhf2reLcF+kUI56RS
OYyjB/BqFF1DkHIQlP3ySQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:41 2024 by rpki-client on console-ams.rpki-client.org