Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/lqAQFNFYOldMqytUlrnv3Wgngis.roa
File:                     lqAQFNFYOldMqytUlrnv3Wgngis.roa (raw, json)
Hash identifier:          WPHqEvu58LFnAwm6iuFJZZUQ6PlIpeiVclBfjt5s3CU=
Subject key identifier:   96:A0:10:14:D1:58:3A:57:4C:AB:2B:54:96:B9:EF:DD:68:27:82:2B
Certificate issuer:       /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial:       018C1BA0A35ABDF6C9B1E8FDF2A4396420CB
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/lqAQFNFYOldMqytUlrnv3Wgngis.roa
Signing time:             Wed 29 Nov 2023 15:09:21 +0000
ROA not before:           Wed 29 Nov 2023 15:09:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44534
IP address blocks:        95.108.164.0/24 maxlen: 24
                          95.108.168.0/22 maxlen: 22
                          95.108.170.0/24 maxlen: 24
                          37.140.168.0/24 maxlen: 24
                          95.108.177.0/24 maxlen: 24
                          95.108.178.0/24 maxlen: 24
                          37.140.173.0/24 maxlen: 24
                          95.108.198.0/23 maxlen: 23
                          5.255.232.0/24 maxlen: 24
                          5.255.236.0/22 maxlen: 22
                          87.250.232.0/24 maxlen: 24
                          87.250.238.0/24 maxlen: 24
                          178.154.152.0/24 maxlen: 24
                          93.158.155.0/24 maxlen: 24
                          5.45.209.0/24 maxlen: 24
                          5.45.212.0/24 maxlen: 24
                          93.158.185.0/24 maxlen: 24
                          93.158.184.0/24 maxlen: 24
                          93.158.186.0/24 maxlen: 24
                          87.250.242.0/24 maxlen: 24
                          90.156.176.0/20 maxlen: 24
                          90.156.176.0/24 maxlen: 24
                          77.88.52.0/23 maxlen: 23
                          77.88.61.0/24 maxlen: 24
                          93.158.187.0/24 maxlen: 24
                          93.158.190.0/24 maxlen: 24
                          77.88.42.0/23 maxlen: 23
                          213.180.201.0/24 maxlen: 24
                          2a02:6bf:8004::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1b:a0:a3:5a:bd:f6:c9:b1:e8:fd:f2:a4:39:64:20:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
        Validity
            Not Before: Nov 29 15:09:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=96a01014d1583a574cab2b5496b9efdd6827822b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:da:fa:c5:3c:d7:c5:2b:f0:9f:92:fb:d7:c0:
                    1c:2e:01:56:6b:e1:13:ba:75:ff:ac:c1:d3:ac:ed:
                    34:c0:17:81:8a:5d:54:02:9f:66:db:9b:e4:9e:57:
                    18:e2:79:68:04:e9:0b:46:c1:81:74:30:02:87:0a:
                    12:43:4f:9d:74:2b:2f:84:e2:fc:35:52:78:11:9e:
                    78:93:e9:c3:a2:39:44:0d:fa:03:f5:45:93:d6:33:
                    76:77:2d:01:db:34:7d:a8:50:e4:14:eb:d8:ac:2b:
                    56:96:a3:e4:b2:c0:42:54:d7:a2:cb:41:d0:08:1f:
                    d6:a1:9a:ef:b5:29:5f:ac:db:8f:56:dd:69:a6:4f:
                    70:54:db:5d:11:fe:b1:a5:33:c6:1c:fa:7e:37:66:
                    72:72:b0:e5:b7:80:b4:1b:8e:7e:a9:9a:f0:ea:e4:
                    b4:26:57:2e:cd:46:a6:8c:5f:a9:7b:f6:9d:3b:bf:
                    b3:89:c3:7b:cf:14:5d:1f:8e:e8:14:ef:3d:93:d2:
                    fc:34:86:5d:8d:9d:05:14:0a:06:9d:25:8f:3b:94:
                    db:b8:e7:ab:e9:c5:24:bc:c3:b1:44:9d:fe:1f:94:
                    11:a4:ff:99:20:ab:2c:33:e8:aa:b8:81:ed:80:7e:
                    72:30:f0:73:36:41:9a:42:2b:ff:f8:cc:27:5c:24:
                    31:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:A0:10:14:D1:58:3A:57:4C:AB:2B:54:96:B9:EF:DD:68:27:82:2B
            X509v3 Authority Key Identifier:
                keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/lqAQFNFYOldMqytUlrnv3Wgngis.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.45.209.0/24
                  5.45.212.0/24
                  5.255.232.0/24
                  5.255.236.0/22
                  37.140.168.0/24
                  37.140.173.0/24
                  77.88.42.0/23
                  77.88.52.0/23
                  77.88.61.0/24
                  87.250.232.0/24
                  87.250.238.0/24
                  87.250.242.0/24
                  90.156.176.0/20
                  93.158.155.0/24
                  93.158.184.0/22
                  93.158.190.0/24
                  95.108.164.0/24
                  95.108.168.0/22
                  95.108.177.0-95.108.178.255
                  95.108.198.0/23
                  178.154.152.0/24
                  213.180.201.0/24
                IPv6:
                  2a02:6bf:8004::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:85:88:07:26:29:ac:36:d9:8e:46:cb:dd:66:41:a2:77:4a:
         ed:a4:f6:89:29:cd:f2:d9:f9:ee:18:a1:58:f2:02:c5:7d:aa:
         92:6e:fb:7c:41:f1:38:e9:fb:38:aa:1e:14:9d:b8:55:52:0c:
         31:46:93:36:8e:04:5f:bf:4c:10:c8:96:78:27:8d:bc:78:2b:
         59:d3:67:7a:7b:3e:45:ac:44:e6:1d:07:8b:f2:fa:d3:84:5b:
         35:a3:8d:2d:31:05:5f:78:13:c0:c8:82:96:4c:a2:ef:e3:a2:
         dc:50:23:bb:25:69:e3:7c:f8:6e:c3:cd:af:c8:3f:20:c8:ca:
         65:1e:19:a9:34:80:28:b6:11:28:68:d6:71:50:58:6e:a0:59:
         b0:b3:b0:fe:d8:6a:9b:ce:76:6b:c4:b8:46:61:9a:6a:9a:46:
         07:40:f9:5b:8f:52:a7:95:c0:9d:69:a8:f6:7e:d4:5e:74:fa:
         f8:4a:71:75:c1:eb:30:59:e4:d5:d8:6a:00:99:11:2e:27:cf:
         ae:76:b7:50:00:27:a3:b7:1d:c1:a4:0e:bb:35:09:70:d2:15:
         57:79:78:61:f7:1c:70:cd:13:82:d6:fe:bf:f8:c1:35:88:43:
         11:c0:6a:e1:f5:e2:c1:b3:c3:c1:8d:e5:d6:fe:ea:60:ab:e1:
         06:84:9c:cf
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYwboKNavfbJsej98qQ5ZCDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjMxMTI5MTUwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmEwMTAxNGQxNTgzYTU3NGNhYjJiNTQ5NmI5ZWZkZDY4Mjc4MjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNr6xTzXxSvwn5L718AcLgFWa+ET
unX/rMHTrO00wBeBil1UAp9m25vknlcY4nloBOkLRsGBdDAChwoSQ0+ddCsvhOL8
NVJ4EZ54k+nDojlEDfoD9UWT1jN2dy0B2zR9qFDkFOvYrCtWlqPkssBCVNeiy0HQ
CB/WoZrvtSlfrNuPVt1ppk9wVNtdEf6xpTPGHPp+N2ZycrDlt4C0G45+qZrw6uS0
JlcuzUamjF+pe/adO7+zicN7zxRdH47oFO89k9L8NIZdjZ0FFAoGnSWPO5TbuOer
6cUkvMOxRJ3+H5QRpP+ZIKssM+iquIHtgH5yMPBzNkGaQiv/+MwnXCQxbQIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFJagEBTRWDpXTKsrVJa5791oJ4IrMB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvbHFBUUZORllPbGRNcXl0VWxybnYzV2duZ2lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBkwQCAAEwgYwDBAAF
LdEDBAAFLdQDBAAF/+gDBAIF/+wDBAAljKgDBAAljK0DBAFNWCoDBAFNWDQDBABN
WD0DBABX+ugDBABX+u4DBABX+vIDBARanLADBABdnpsDBAJdnrgDBABdnr4DBABf
bKQDBAJfbKgwDAMEAF9ssQMEAF9ssgMEAV9sxgMEALKamAMEANW0yTAPBAIAAjAJ
AwcAKgIGv4AEMA0GCSqGSIb3DQEBCwUAA4IBAQANhYgHJimsNtmORsvdZkGid0rt
pPaJKc3y2fnuGKFY8gLFfaqSbvt8QfE46fs4qh4UnbhVUgwxRpM2jgRfv0wQyJZ4
J428eCtZ02d6ez5FrETmHQeL8vrThFs1o40tMQVfeBPAyIKWTKLv46LcUCO7JWnj
fPhuw82vyD8gyMplHhmpNIAothEoaNZxUFhuoFmws7D+2GqbznZrxLhGYZpqmkYH
QPlbj1KnlcCdaaj2ftRedPr4SnF1weswWeTV2GoAmREuJ8+udrdQACejtx3BpA67
NQlw0hVXeXhh9xxwzROC1v6/+ME1iEMRwGrh9eLBs8PBjeXW/upgq+EGhJzP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:58 2024 by rpki-client on console-fra.rpki-client.org