Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/gCJNo6CKo3GdAnFmckI7plcN4IY.roa
File:                     gCJNo6CKo3GdAnFmckI7plcN4IY.roa (raw, json)
Hash identifier:          zPTFSWl94402ovgPd3v8AewZn2w8+aDL0mkUzJAL53s=
Subject key identifier:   80:22:4D:A3:A0:8A:A3:71:9D:02:71:66:72:42:3B:A6:57:0D:E0:86
Certificate issuer:       /CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Certificate serial:       01856F0249F3761F19A9025CAA96DC962C6B
Authority key identifier: 58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/gCJNo6CKo3GdAnFmckI7plcN4IY.roa
Signing time:             Sun 01 Jan 2023 20:24:59 +0000
ROA not before:           Sun 01 Jan 2023 20:24:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43146
IP address blocks:        185.46.8.0/22 maxlen: 22
                          194.58.124.0/24 maxlen: 24
                          194.58.125.0/24 maxlen: 24
                          80.78.244.0/22 maxlen: 22
                          80.78.249.0/24 maxlen: 24
                          176.99.2.0/24 maxlen: 24
                          176.99.3.0/24 maxlen: 24
                          176.99.10.0/24 maxlen: 24
                          176.99.14.0/24 maxlen: 24
                          212.158.162.0/24 maxlen: 24
                          194.67.107.0/24 maxlen: 24
                          89.108.112.0/24 maxlen: 24
                          89.108.110.0/24 maxlen: 24
                          89.108.108.0/24 maxlen: 24
                          89.108.106.0/24 maxlen: 24
                          89.108.111.0/24 maxlen: 24
                          89.108.109.0/24 maxlen: 24
                          89.108.107.0/24 maxlen: 24
                          89.108.108.0/22 maxlen: 22
                          89.108.118.0/24 maxlen: 24
                          89.108.116.0/24 maxlen: 24
                          89.108.117.0/24 maxlen: 24
                          89.108.116.0/22 maxlen: 22
                          89.108.120.0/24 maxlen: 24
                          89.108.124.0/24 maxlen: 24
                          89.108.122.0/24 maxlen: 24
                          89.108.119.0/24 maxlen: 24
                          89.108.125.0/24 maxlen: 24
                          89.108.123.0/24 maxlen: 24
                          89.108.121.0/24 maxlen: 24
                          89.108.124.0/22 maxlen: 22
                          89.108.120.0/22 maxlen: 22
                          89.108.126.0/24 maxlen: 24
                          89.108.127.0/24 maxlen: 24
                          89.108.68.0/24 maxlen: 24
                          89.108.74.0/24 maxlen: 24
                          89.108.72.0/24 maxlen: 24
                          89.108.72.0/22 maxlen: 22
                          89.108.75.0/24 maxlen: 24
                          89.108.73.0/24 maxlen: 24
                          89.108.84.0/24 maxlen: 24
                          89.108.82.0/24 maxlen: 24
                          89.108.80.0/24 maxlen: 24
                          89.108.85.0/24 maxlen: 24
                          89.108.90.0/24 maxlen: 24
                          89.108.86.0/24 maxlen: 24
                          89.108.91.0/24 maxlen: 24
                          89.108.87.0/24 maxlen: 24
                          89.108.96.0/24 maxlen: 24
                          89.108.92.0/24 maxlen: 24
                          89.108.97.0/24 maxlen: 24
                          89.108.93.0/24 maxlen: 24
                          89.108.104.0/24 maxlen: 24
                          89.108.105.0/24 maxlen: 24
                          2a03:4900:fffd::/48 maxlen: 48
                          2a03:4900:a0::/48 maxlen: 48
                          2a03:4900:fffb::/48 maxlen: 48
                          2a03:4900:ffff::/48 maxlen: 48
                          2a03:4900:a1::/48 maxlen: 48
                          2a00:f940:8::/48 maxlen: 48
                          2a03:4900:fffc::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:49:f3:76:1f:19:a9:02:5c:aa:96:dc:96:2c:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5833294a1cdc1358afc439c0a72733b065a86f8b
        Validity
            Not Before: Jan  1 20:24:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=80224da3a08aa3719d02716672423ba6570de086
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:6d:52:de:09:00:06:44:10:a5:dc:7b:9c:cc:
                    d1:9f:d1:b2:a7:3a:f4:4e:d9:b7:75:5b:26:fe:a0:
                    5b:e2:0e:d9:2f:b5:ba:ea:2e:f4:90:a5:94:f2:f9:
                    45:19:03:4d:2d:5c:b4:23:30:50:ff:38:27:8e:5f:
                    7a:fb:68:4b:57:cd:89:2b:86:51:ad:e9:6c:70:86:
                    ec:e2:a6:ea:7f:ba:ee:75:26:7e:e4:84:65:b1:5d:
                    08:a5:89:f0:57:b0:cf:af:70:e4:b0:bb:92:df:d2:
                    a9:ac:78:9f:d1:21:f6:c6:b9:ce:46:3c:6c:1f:46:
                    39:a9:af:63:38:ce:d9:9e:22:14:81:3c:7b:3c:e5:
                    43:4a:82:ab:57:94:86:d5:9c:4f:5e:da:4b:7e:7e:
                    c0:45:7c:39:a3:36:eb:db:cc:54:ac:9f:99:0f:ac:
                    c7:ab:82:7d:14:74:7a:6a:02:39:82:fa:5f:04:8f:
                    cf:e8:a8:b6:df:c8:5a:c2:85:a7:f9:53:1b:60:f3:
                    a3:d8:f6:95:d9:d5:65:aa:54:c6:fe:f9:78:7d:fd:
                    6d:2a:96:e3:c6:49:df:ae:be:88:4a:7c:63:6e:47:
                    07:f0:25:17:0d:7f:95:62:2b:60:45:26:33:03:db:
                    36:45:0a:22:e6:c4:13:3c:9c:4a:77:43:79:d6:e8:
                    8d:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:22:4D:A3:A0:8A:A3:71:9D:02:71:66:72:42:3B:A6:57:0D:E0:86
            X509v3 Authority Key Identifier:
                keyid:58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/gCJNo6CKo3GdAnFmckI7plcN4IY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.78.244.0/22
                  80.78.249.0/24
                  89.108.68.0/24
                  89.108.72.0/22
                  89.108.80.0/24
                  89.108.82.0/24
                  89.108.84.0/22
                  89.108.90.0-89.108.93.255
                  89.108.96.0/23
                  89.108.104.0-89.108.112.255
                  89.108.116.0-89.108.127.255
                  176.99.2.0/23
                  176.99.10.0/24
                  176.99.14.0/24
                  185.46.8.0/22
                  194.58.124.0/23
                  194.67.107.0/24
                  212.158.162.0/24
                IPv6:
                  2a00:f940:8::/48
                  2a03:4900:a0::/47
                  2a03:4900:fffb::-2a03:4900:fffd:ffff:ffff:ffff:ffff:ffff
                  2a03:4900:ffff::/48

    Signature Algorithm: sha256WithRSAEncryption
         93:e5:bc:d0:fa:27:c7:5a:4b:92:f4:ef:79:f8:3b:a3:18:73:
         84:88:17:ec:80:3f:b9:29:95:ea:ca:7f:9f:f9:5b:ab:64:c4:
         b2:ff:ff:5f:da:3e:d2:a2:73:4a:00:cf:64:f9:61:37:f1:ee:
         af:92:04:e0:ae:ce:76:96:d7:4a:d5:f8:cf:1d:03:eb:02:03:
         65:de:46:e2:ce:6c:74:be:63:af:41:3d:0e:cf:e3:20:34:12:
         a3:2d:22:07:67:c8:e4:0f:df:fb:b2:b2:99:6c:a4:f4:70:94:
         fe:81:99:0b:31:39:4b:5a:fd:6a:29:68:67:0c:6b:4d:fb:ef:
         5b:28:75:08:2b:96:cf:9b:a3:3f:a2:50:08:e7:0f:7c:0d:03:
         a5:db:b5:d0:fa:10:a0:8d:93:7a:06:ac:0f:51:e2:7d:ca:8d:
         4b:76:55:8b:b5:b9:af:09:6a:1d:01:57:61:c1:69:65:bd:8b:
         d4:39:81:93:5e:a7:5a:82:05:35:f7:12:0d:c9:19:b1:b2:06:
         7a:50:96:3a:21:35:f1:1b:81:5b:6c:3f:4a:aa:23:24:80:c5:
         35:72:17:56:c1:cb:2a:b8:55:ae:9e:16:cb:be:24:7b:30:fe:
         6b:3e:9c:43:2d:c9:df:c5:9e:7b:f3:ea:15:32:c3:36:83:9f:
         4b:6b:00:a4
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAYVvAknzdh8ZqQJcqpbclixrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MzMyOTRhMWNkYzEzNThhZmM0MzljMGE3MjczM2IwNjVh
ODZmOGIwHhcNMjMwMTAxMjAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDIyNGRhM2EwOGFhMzcxOWQwMjcxNjY3MjQyM2JhNjU3MGRlMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm21S3gkABkQQpdx7nMzRn9Gypzr0
Ttm3dVsm/qBb4g7ZL7W66i70kKWU8vlFGQNNLVy0IzBQ/zgnjl96+2hLV82JK4ZR
relscIbs4qbqf7rudSZ+5IRlsV0IpYnwV7DPr3DksLuS39KprHif0SH2xrnORjxs
H0Y5qa9jOM7ZniIUgTx7POVDSoKrV5SG1ZxPXtpLfn7ARXw5ozbr28xUrJ+ZD6zH
q4J9FHR6agI5gvpfBI/P6Ki238hawoWn+VMbYPOj2PaV2dVlqlTG/vl4ff1tKpbj
xknfrr6ISnxjbkcH8CUXDX+VYitgRSYzA9s2RQoi5sQTPJxKd0N51uiNhwIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFIAiTaOgiqNxnQJxZnJCO6ZXDeCGMB8GA1UdIwQY
MBaAFFgzKUoc3BNYr8Q5wKcnM7BlqG+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDct
YmI0YjY1YjZhMGQxLzEvZ0NKTm82Q0tvM0dkQW5GbWNrSTdwbGNONElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDctYmI0YjY1YjZhMGQx
LzEvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHYBggrBgEFBQcBBwEB/wSByDCBxTCBiwQCAAEwgYQDBAJQ
TvQDBABQTvkDBABZbEQDBAJZbEgDBABZbFADBABZbFIDBAJZbFQwDAMEAVlsWgME
AVlsXAMEAVlsYDAMAwQDWWxoAwQAWWxwMAwDBAJZbHQDBAdZbAADBAGwYwIDBACw
YwoDBACwYw4DBAK5LggDBAHCOnwDBADCQ2sDBADUnqIwNQQCAAIwLwMHACoA+UAA
CAMHASoDSQAAoDASAwcAKgNJAP/7AwcBKgNJAP/8AwcAKgNJAP//MA0GCSqGSIb3
DQEBCwUAA4IBAQCT5bzQ+ifHWkuS9O95+DujGHOEiBfsgD+5KZXqyn+f+VurZMSy
//9f2j7SonNKAM9k+WE38e6vkgTgrs52ltdK1fjPHQPrAgNl3kbizmx0vmOvQT0O
z+MgNBKjLSIHZ8jkD9/7srKZbKT0cJT+gZkLMTlLWv1qKWhnDGtN++9bKHUIK5bP
m6M/olAI5w98DQOl27XQ+hCgjZN6BqwPUeJ9yo1LdlWLtbmvCWodAVdhwWllvYvU
OYGTXqdaggU19xINyRmxsgZ6UJY6ITXxG4FbbD9KqiMkgMU1chdWwcsquFWunhbL
viR7MP5rPpxDLcnfxZ578+oVMsM2g59LawCk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:34 2024 by rpki-client on console-ams.rpki-client.org