Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xP7V3Y2k1qy__F_RqmXIq0iUyAY.roa
File:                     xP7V3Y2k1qy__F_RqmXIq0iUyAY.roa (raw, json)
Hash identifier:          15E/5mzIuIMQl7RdjHjcNrZoPlyQbOAZ8ojMLDa8b7M=
Subject key identifier:   C4:FE:D5:DD:8D:A4:D6:AC:BF:FC:5F:D1:AA:65:C8:AB:48:94:C8:06
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       01897890DCCC813D000DF391C094FF72DA24
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xP7V3Y2k1qy__F_RqmXIq0iUyAY.roa
Signing time:             Fri 21 Jul 2023 13:08:26 +0000
ROA not before:           Fri 21 Jul 2023 13:08:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207569
IP address blocks:        139.28.221.0/24 maxlen: 24
                          139.28.220.0/24 maxlen: 24
                          5.180.136.0/24 maxlen: 24
                          5.180.137.0/24 maxlen: 24
                          185.94.167.0/24 maxlen: 24
                          45.133.245.0/24 maxlen: 24
                          185.188.181.0/24 maxlen: 24
                          95.214.8.0/24 maxlen: 24
                          185.17.2.0/24 maxlen: 24
                          194.53.54.0/24 maxlen: 24
                          85.209.0.0/24 maxlen: 24
                          185.105.118.0/24 maxlen: 24
                          195.66.87.0/24 maxlen: 24
                          5.252.116.0/24 maxlen: 24
                          193.109.84.0/24 maxlen: 24
                          45.89.64.0/24 maxlen: 24
                          194.67.200.0/24 maxlen: 24
                          185.104.250.0/24 maxlen: 24
                          46.17.106.0/24 maxlen: 24
                          2a0a:9300:1::/48 maxlen: 48
                          2a0a:9300:aaaa::/48 maxlen: 48
                          2a0a:9300::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 24 Jul 2023 16:45:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:78:90:dc:cc:81:3d:00:0d:f3:91:c0:94:ff:72:da:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jul 21 13:08:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c4fed5dd8da4d6acbffc5fd1aa65c8ab4894c806
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d1:c7:58:e9:c0:94:a3:ce:62:01:05:43:99:
                    02:a7:a0:b2:1d:c2:7c:c0:4f:3d:1f:c5:f4:45:d9:
                    a7:c1:eb:19:a2:7c:0a:9d:2e:63:9b:ad:16:8c:64:
                    a9:0a:12:9e:e8:a0:e9:9e:5e:7b:89:61:b6:8b:b2:
                    8a:e5:0e:30:23:3b:61:0a:83:ff:c8:b7:a1:77:02:
                    ac:d6:2e:ea:31:41:4e:c6:33:7c:5d:ca:a4:68:06:
                    86:21:11:e9:7a:74:40:2f:fc:b6:69:a6:09:7b:3e:
                    fa:6a:d8:6b:16:4c:dc:9c:ee:40:46:87:10:ad:a2:
                    b9:24:9b:26:23:34:b3:a5:f8:ce:85:9a:9f:be:15:
                    f9:1e:30:1e:bb:23:f1:47:7b:07:7a:5a:1b:72:db:
                    5d:08:a5:60:59:d9:10:dc:bd:7c:58:fe:8f:5f:fe:
                    a4:8b:b5:be:84:2b:3f:6a:a2:da:f2:35:32:00:ee:
                    81:ea:b4:a0:8c:e1:17:0c:b6:4d:6e:7f:ce:ee:7a:
                    a1:04:4c:99:06:8f:25:77:bc:7a:35:d1:2b:8e:f9:
                    9a:d3:cb:a1:c6:f2:fa:30:d1:5e:9f:41:e4:8c:d1:
                    bf:f4:ad:73:af:65:a8:3d:a3:94:85:76:8e:06:0e:
                    37:5d:8e:9a:c0:39:bb:12:a3:08:23:15:6c:34:fb:
                    75:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:FE:D5:DD:8D:A4:D6:AC:BF:FC:5F:D1:AA:65:C8:AB:48:94:C8:06
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/xP7V3Y2k1qy__F_RqmXIq0iUyAY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.136.0/23
                  5.252.116.0/24
                  45.89.64.0/24
                  45.133.245.0/24
                  46.17.106.0/24
                  85.209.0.0/24
                  95.214.8.0/24
                  139.28.220.0/23
                  185.17.2.0/24
                  185.94.167.0/24
                  185.104.250.0/24
                  185.105.118.0/24
                  185.188.181.0/24
                  193.109.84.0/24
                  194.53.54.0/24
                  194.67.200.0/24
                  195.66.87.0/24
                IPv6:
                  2a0a:9300::/32

    Signature Algorithm: sha256WithRSAEncryption
         69:cd:96:1e:31:f6:28:3d:86:9e:a0:c0:13:63:12:07:db:22:
         90:41:f1:e9:c0:c3:d8:13:e9:59:43:ec:6b:44:2c:b0:53:14:
         46:71:59:28:25:00:e3:3b:d6:26:cc:39:b4:6e:65:c7:6e:e6:
         c7:d3:8b:bd:39:e7:2f:76:93:88:48:8f:0c:a1:d4:0d:5a:24:
         76:1c:90:cf:97:fc:8a:54:ee:3a:b9:03:54:ed:3c:cd:c5:b0:
         a2:5c:b2:c1:72:7e:35:32:4b:5e:a8:6b:58:c7:d3:60:6c:3e:
         70:54:08:6f:c0:2c:41:bd:2c:1f:c7:6d:5d:f2:48:98:80:b3:
         e7:5e:06:3c:40:75:3d:b9:d7:6c:04:08:81:a4:85:36:8a:31:
         d2:07:f1:0b:7c:85:d9:6e:d6:2c:46:cc:d9:8d:82:e9:91:6c:
         c7:a1:1d:71:38:30:79:1c:e2:6c:17:aa:b8:60:5f:67:69:f3:
         5c:cb:1c:17:b2:33:d3:40:76:af:c7:33:7b:84:fd:97:e1:83:
         ed:ab:9d:2a:2a:98:97:60:11:7e:21:f9:44:28:68:f5:e1:f9:
         0f:b5:db:38:0c:77:2c:13:51:5f:55:e6:1d:5f:0f:91:cd:15:
         3e:bc:87:73:99:34:22:a8:42:23:b0:7b:37:fe:b9:61:a0:38:
         c5:a3:48:60
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYl4kNzMgT0ADfORwJT/ctokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwNzIxMTMwODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGZlZDVkZDhkYTRkNmFjYmZmYzVmZDFhYTY1YzhhYjQ4OTRjODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdHHWOnAlKPOYgEFQ5kCp6CyHcJ8
wE89H8X0RdmnwesZonwKnS5jm60WjGSpChKe6KDpnl57iWG2i7KK5Q4wIzthCoP/
yLehdwKs1i7qMUFOxjN8XcqkaAaGIRHpenRAL/y2aaYJez76athrFkzcnO5ARocQ
raK5JJsmIzSzpfjOhZqfvhX5HjAeuyPxR3sHelobcttdCKVgWdkQ3L18WP6PX/6k
i7W+hCs/aqLa8jUyAO6B6rSgjOEXDLZNbn/O7nqhBEyZBo8ld7x6NdErjvma08uh
xvL6MNFen0HkjNG/9K1zr2WoPaOUhXaOBg43XY6awDm7EqMIIxVsNPt1EQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFMT+1d2NpNasv/xf0aplyKtIlMgGMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEveFA3VjNZMmsxcXlfX0ZfUnFtWElxMGlVeUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAQW0iAME
AAX8dAMEAC1ZQAMEAC2F9QMEAC4RagMEAFXRAAMEAF/WCAMEAYsc3AMEALkRAgME
ALlepwMEALlo+gMEALlpdgMEALm8tQMEAMFtVAMEAMI1NgMEAMJDyAMEAMNCVzAN
BAIAAjAHAwUAKgqTADANBgkqhkiG9w0BAQsFAAOCAQEAac2WHjH2KD2GnqDAE2MS
B9sikEHx6cDD2BPpWUPsa0QssFMURnFZKCUA4zvWJsw5tG5lx27mx9OLvTnnL3aT
iEiPDKHUDVokdhyQz5f8ilTuOrkDVO08zcWwolyywXJ+NTJLXqhrWMfTYGw+cFQI
b8AsQb0sH8dtXfJImICz514GPEB1PbnXbAQIgaSFNoox0gfxC3yF2W7WLEbM2Y2C
6ZFsx6EdcTgweRzibBequGBfZ2nzXMscF7Iz00B2r8cze4T9l+GD7audKiqYl2AR
fiH5RCho9eH5D7XbOAx3LBNRX1XmHV8Pkc0VPryHc5k0IqhCI7B7N/65YaA4xaNI
YA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org