Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/mvDvQTCscARrZ8fIYfreyQ9Sp5M.roa
File:                     mvDvQTCscARrZ8fIYfreyQ9Sp5M.roa (raw, json)
Hash identifier:          ZMfwcusk2JYRlbnjjLeOACJs+CH8sS2FooI8rS6f8K8=
Subject key identifier:   9A:F0:EF:41:30:AC:70:04:6B:67:C7:C8:61:FA:DE:C9:0F:52:A7:93
Certificate issuer:       /CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Certificate serial:       01890C2019FEB5FCB36361C23A7AF12FC9BF
Authority key identifier: C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/mvDvQTCscARrZ8fIYfreyQ9Sp5M.roa
Signing time:             Fri 30 Jun 2023 11:46:17 +0000
ROA not before:           Fri 30 Jun 2023 11:46:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197133
IP address blocks:        217.114.200.0/21 maxlen: 24
                          217.114.207.0/24 maxlen: 24
                          194.143.132.0/23 maxlen: 24
                          193.202.121.0/24 maxlen: 24
                          185.32.102.0/24 maxlen: 24
                          178.248.208.0/21 maxlen: 24
                          185.32.100.0/23 maxlen: 24
                          178.251.248.0/21 maxlen: 24
                          194.69.194.0/23 maxlen: 24
                          185.114.128.0/22 maxlen: 24
                          91.197.136.0/22 maxlen: 24
                          2a02:1740::/32 maxlen: 48
                          2a03:d280::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:0c:20:19:fe:b5:fc:b3:63:61:c2:3a:7a:f1:2f:c9:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
        Validity
            Not Before: Jun 30 11:46:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9af0ef4130ac70046b67c7c861fadec90f52a793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:a0:2e:53:50:46:d8:8e:aa:6c:fe:7b:39:07:
                    1d:f2:1d:4c:ef:54:63:95:42:d2:90:0c:9d:0a:d1:
                    fd:67:f9:9e:a2:0b:92:8c:db:47:57:5b:95:8e:4c:
                    de:cc:54:e8:e8:0e:a1:f1:60:84:57:8d:4d:b6:ad:
                    b7:47:1b:78:5e:6a:3e:bd:28:2e:03:60:f6:7b:d5:
                    15:f1:7a:08:45:c7:a7:b1:0e:dc:02:a2:3e:af:2b:
                    52:45:99:63:78:a9:ae:0a:9a:d2:8b:9e:39:7b:9d:
                    0a:bd:8f:14:c7:55:54:f7:31:80:66:7a:f9:cd:ee:
                    14:83:93:a8:d3:d2:03:15:f5:24:ea:4b:10:7d:b5:
                    81:3d:58:3a:2e:d7:ba:1a:dc:4b:14:5b:6e:60:6a:
                    53:16:51:13:80:20:a7:69:cc:91:e0:d5:dc:ce:8f:
                    ba:39:02:e3:b1:84:22:9d:66:0d:fb:c1:ff:f8:4a:
                    42:8a:8e:21:ea:19:6e:d1:fb:86:62:fa:85:1a:ff:
                    51:80:8d:da:f3:6f:b0:72:e7:6b:f3:f2:87:58:61:
                    27:54:85:04:2d:46:f1:9d:cd:ca:45:0a:f7:3d:bb:
                    a7:49:43:e7:e7:4b:4b:23:c8:e6:82:60:bb:96:f1:
                    24:11:f7:fd:e0:ab:91:f4:bc:72:f9:30:ff:60:da:
                    c9:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:F0:EF:41:30:AC:70:04:6B:67:C7:C8:61:FA:DE:C9:0F:52:A7:93
            X509v3 Authority Key Identifier:
                keyid:C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/mvDvQTCscARrZ8fIYfreyQ9Sp5M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/wesHbRZwLH2-qXLily71dqHyyHM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.197.136.0/22
                  178.248.208.0/21
                  178.251.248.0/21
                  185.32.100.0-185.32.102.255
                  185.114.128.0/22
                  193.202.121.0/24
                  194.69.194.0/23
                  194.143.132.0/23
                  217.114.200.0/21
                IPv6:
                  2a02:1740::/32
                  2a03:d280::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:be:45:95:39:91:56:83:22:b5:6d:91:d1:90:fd:8a:7c:52:
         79:bd:be:23:4e:02:d4:64:9c:1e:39:af:2a:f4:a0:c5:49:0c:
         f8:a1:67:ce:75:a9:10:06:52:a2:57:0b:62:27:53:0c:58:78:
         c0:08:bb:fe:a7:59:3c:e9:ef:e4:99:0c:f0:a6:0b:f1:b4:c4:
         1a:42:4c:cc:d2:cf:64:88:d0:aa:29:82:e9:08:fc:5b:43:ea:
         40:14:b0:f1:c8:a1:ba:90:18:68:7c:91:a6:a1:c1:17:7e:c0:
         d4:46:1f:90:97:44:5f:f0:76:b0:d0:c8:6d:f9:53:f5:88:a6:
         96:bb:e3:ad:e5:f6:16:e5:c7:9d:0e:78:d0:28:bc:67:4f:08:
         0b:3e:82:75:6f:d3:79:bf:d9:86:0b:63:34:15:26:75:a4:ed:
         61:52:c1:45:d3:81:fc:2f:ad:e0:14:fd:83:0b:47:57:b7:90:
         69:2c:08:5e:d0:24:b1:a6:33:67:51:99:03:1d:bd:28:39:62:
         33:82:db:2b:a1:45:70:ca:1c:a1:5e:ea:cf:d2:55:44:7a:e0:
         3f:43:74:bf:d5:03:fd:9f:22:d6:00:06:4a:88:13:bf:d3:d1:
         62:4c:b0:79:e9:24:b3:dc:53:0f:19:f5:93:a7:8c:44:65:30:
         44:8a:64:ce
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYkMIBn+tfyzY2HCOnrxL8m/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZWIwNzZkMTY3MDJjN2RiZWE5NzJlMjk3MmVmNTc2YTFm
MmM4NzMwHhcNMjMwNjMwMTE0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWYwZWY0MTMwYWM3MDA0NmI2N2M3Yzg2MWZhZGVjOTBmNTJhNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKAuU1BG2I6qbP57OQcd8h1M71Rj
lULSkAydCtH9Z/meoguSjNtHV1uVjkzezFTo6A6h8WCEV41Ntq23Rxt4Xmo+vSgu
A2D2e9UV8XoIRcensQ7cAqI+rytSRZljeKmuCprSi545e50KvY8Ux1VU9zGAZnr5
ze4Ug5Oo09IDFfUk6ksQfbWBPVg6Lte6GtxLFFtuYGpTFlETgCCnacyR4NXczo+6
OQLjsYQinWYN+8H/+EpCio4h6hlu0fuGYvqFGv9RgI3a82+wcudr8/KHWGEnVIUE
LUbxnc3KRQr3PbunSUPn50tLI8jmgmC7lvEkEff94KuR9Lxy+TD/YNrJFwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJrw70EwrHAEa2fHyGH63skPUqeTMB8GA1UdIwQY
MBaAFMHrB20WcCx9vqly4pcu9Xah8shzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMt
NmMzMmE2YWIxZWYyLzEvbXZEdlFUQ3NjQVJyWjhmSVlmcmV5UTlTcDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMtNmMzMmE2YWIxZWYy
LzEvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCW8WIAwQD
svjQAwQDsvv4MAwDBAK5IGQDBAC5IGYDBAK5coADBADBynkDBAHCRcIDBAHCj4QD
BAPZcsgwFAQCAAIwDgMFACoCF0ADBQAqA9KAMA0GCSqGSIb3DQEBCwUAA4IBAQBL
vkWVOZFWgyK1bZHRkP2KfFJ5vb4jTgLUZJweOa8q9KDFSQz4oWfOdakQBlKiVwti
J1MMWHjACLv+p1k86e/kmQzwpgvxtMQaQkzM0s9kiNCqKYLpCPxbQ+pAFLDxyKG6
kBhofJGmocEXfsDURh+Ql0Rf8Haw0Mht+VP1iKaWu+Ot5fYW5cedDnjQKLxnTwgL
PoJ1b9N5v9mGC2M0FSZ1pO1hUsFF04H8L63gFP2DC0dXt5BpLAhe0CSxpjNnUZkD
Hb0oOWIzgtsroUVwyhyhXurP0lVEeuA/Q3S/1QP9nyLWAAZKiBO/09FiTLB56SSz
3FMPGfWTp4xEZTBEimTO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:22 2024 by rpki-client on console-ams.rpki-client.org