Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/pQAtXYT5TFHtVq48bziVVcKqCxg.roa
File:                     pQAtXYT5TFHtVq48bziVVcKqCxg.roa (raw, json)
Hash identifier:          KYGmRvyU+8FRFlQ4JZU0NnimSOoeFDuA1UUij91XP/E=
Subject key identifier:   A5:00:2D:5D:84:F9:4C:51:ED:56:AE:3C:6F:38:95:55:C2:AA:0B:18
Certificate issuer:       /CN=bdd244214d76468d3fb72abad1892ef23dede978
Certificate serial:       018CC64B0851D734EF7925CB41D1EDB0CF46
Authority key identifier: BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/pQAtXYT5TFHtVq48bziVVcKqCxg.roa
Signing time:             Mon 01 Jan 2024 18:30:55 +0000
ROA not before:           Mon 01 Jan 2024 18:30:55 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6730
IP address blocks:        84.20.32.0/21 maxlen: 21
                          84.20.32.0/20 maxlen: 20
                          84.74.0.0/15 maxlen: 15
                          84.20.40.0/21 maxlen: 21
                          84.20.48.0/22 maxlen: 22
                          84.20.48.0/21 maxlen: 21
                          217.168.32.0/19 maxlen: 19
                          217.168.32.0/20 maxlen: 20
                          217.168.48.0/20 maxlen: 20
                          46.140.0.0/17 maxlen: 17
                          46.140.0.0/16 maxlen: 16
                          62.2.0.0/17 maxlen: 17
                          62.2.0.0/16 maxlen: 16
                          194.29.0.0/19 maxlen: 19
                          194.29.0.0/20 maxlen: 20
                          46.140.128.0/17 maxlen: 17
                          46.127.0.0/16 maxlen: 16
                          80.218.0.0/16 maxlen: 16
                          80.218.0.0/15 maxlen: 15
                          62.2.128.0/17 maxlen: 17
                          194.29.16.0/20 maxlen: 20
                          77.56.0.0/15 maxlen: 15
                          178.83.0.0/16 maxlen: 16
                          77.56.0.0/14 maxlen: 14
                          81.7.224.0/20 maxlen: 20
                          81.7.224.0/19 maxlen: 19
                          178.82.0.0/17 maxlen: 17
                          178.82.0.0/16 maxlen: 16
                          178.82.0.0/15 maxlen: 15
                          81.7.240.0/20 maxlen: 20
                          213.193.64.0/19 maxlen: 19
                          178.82.128.0/17 maxlen: 17
                          213.193.64.0/18 maxlen: 18
                          84.72.0.0/15 maxlen: 15
                          213.193.96.0/19 maxlen: 19
                          84.72.0.0/14 maxlen: 14
                          46.126.0.0/16 maxlen: 16
                          46.126.0.0/15 maxlen: 15
                          217.162.0.0/17 maxlen: 17
                          217.162.0.0/16 maxlen: 16
                          31.10.128.0/18 maxlen: 18
                          31.10.128.0/17 maxlen: 17
                          84.20.52.0/22 maxlen: 22
                          80.219.0.0/16 maxlen: 16
                          195.202.192.0/19 maxlen: 19
                          195.202.192.0/18 maxlen: 18
                          31.10.192.0/18 maxlen: 18
                          195.202.224.0/19 maxlen: 19
                          77.58.0.0/15 maxlen: 15
                          217.162.128.0/17 maxlen: 17
                          212.47.160.0/20 maxlen: 20
                          212.47.160.0/19 maxlen: 19
                          212.47.176.0/20 maxlen: 20
                          2a02:aa00::/27 maxlen: 27
                          2a02:aa00::/28 maxlen: 28
                          2a00:e2c0:8000::/33 maxlen: 33
                          2a00:e2c0::/33 maxlen: 33
                          2a00:e2c0::/32 maxlen: 32
                          2a02:aa10::/28 maxlen: 28

Validation:               Failed, certificate revoked on Fri 07 Jun 2024 10:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4b:08:51:d7:34:ef:79:25:cb:41:d1:ed:b0:cf:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdd244214d76468d3fb72abad1892ef23dede978
        Validity
            Not Before: Jan  1 18:30:55 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a5002d5d84f94c51ed56ae3c6f389555c2aa0b18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:77:d3:86:77:ae:1b:b2:43:52:ec:7f:a4:77:
                    91:9c:10:9e:bf:30:5e:6f:4a:b2:28:64:27:0e:3b:
                    7e:cf:34:ce:f3:66:cc:ae:09:02:7f:a7:a9:5e:22:
                    db:12:a1:ba:5b:ee:52:3e:aa:4f:5e:be:86:56:b3:
                    a1:a8:3a:6c:fa:76:af:4a:83:5a:08:51:17:db:09:
                    c5:65:01:dc:eb:19:9f:72:cd:ab:42:dc:59:8b:c2:
                    33:4e:43:c4:68:d2:d7:6e:cd:89:03:be:67:79:ec:
                    a9:ed:ed:1e:9c:29:38:4b:bc:28:ba:33:d2:67:72:
                    08:da:10:83:8e:cc:0c:38:94:81:2b:1d:7c:2c:1a:
                    34:ef:ca:ef:e7:36:76:dd:ae:ac:99:e7:f6:dc:73:
                    8f:8c:96:27:1f:23:81:3e:a5:d8:3d:c1:21:78:dd:
                    6b:e4:f4:9c:9b:8d:49:b8:40:bd:ee:ec:55:4a:9d:
                    7b:96:b6:6d:00:99:48:45:85:2e:44:7d:73:f2:f2:
                    13:1a:44:87:47:fb:0c:2d:26:4c:14:df:86:14:70:
                    29:06:22:be:f4:9a:83:8d:2f:c4:17:e6:60:7a:42:
                    12:e0:44:2a:96:19:36:dd:35:b9:64:86:3a:7b:51:
                    34:8d:46:b4:d7:55:fa:cc:b3:f5:27:55:93:ea:a6:
                    f9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:00:2D:5D:84:F9:4C:51:ED:56:AE:3C:6F:38:95:55:C2:AA:0B:18
            X509v3 Authority Key Identifier:
                keyid:BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/pQAtXYT5TFHtVq48bziVVcKqCxg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.10.128.0/17
                  46.126.0.0/15
                  46.140.0.0/16
                  62.2.0.0/16
                  77.56.0.0/14
                  80.218.0.0/15
                  81.7.224.0/19
                  84.20.32.0-84.20.55.255
                  84.72.0.0/14
                  178.82.0.0/15
                  194.29.0.0/19
                  195.202.192.0/18
                  212.47.160.0/19
                  213.193.64.0/18
                  217.162.0.0/16
                  217.168.32.0/19
                IPv6:
                  2a00:e2c0::/32
                  2a02:aa00::/27

    Signature Algorithm: sha256WithRSAEncryption
         0f:23:8c:fb:78:da:5e:08:2e:a3:97:83:19:25:41:1c:1c:81:
         d6:2a:0f:32:ba:ac:4a:8f:eb:75:c4:58:11:a9:d6:e7:ab:c2:
         ca:5e:f9:d7:e7:d2:6c:f6:f6:53:2c:6f:0f:36:73:49:5b:cd:
         38:84:16:8a:f4:00:4c:b2:53:ad:2d:d6:7d:37:52:d3:d7:85:
         81:35:fa:bb:6b:59:47:e4:76:41:42:99:1e:98:a3:47:ef:49:
         25:6a:f7:06:66:61:98:f7:b8:70:18:3a:94:c3:c7:24:e6:d4:
         46:b9:9c:95:84:b1:a2:98:03:dc:0b:1b:53:d6:34:49:9f:ba:
         dc:55:25:67:44:82:d8:26:f4:99:36:e3:d1:29:d4:26:57:82:
         c2:58:db:86:47:5f:c8:b0:02:ac:e4:e5:8e:7c:95:6b:65:5e:
         2a:c5:10:91:13:56:e8:c7:62:ee:8c:98:dd:a7:a4:3f:a4:90:
         25:f3:53:a8:ff:08:a6:a5:18:dd:12:f6:32:e3:4a:6e:e4:92:
         f5:27:bb:7a:72:fd:0c:a9:c7:fb:cc:b9:22:f9:67:bc:6d:05:
         72:fc:ec:56:f5:1f:2a:d6:1c:23:72:73:c9:1c:fc:03:31:ae:
         b0:bf:3e:86:57:22:ac:16:e4:44:2f:93:a0:86:32:68:95:76:
         26:83:74:18
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYzGSwhR1zTveSXLQdHtsM9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDI0NDIxNGQ3NjQ2OGQzZmI3MmFiYWQxODkyZWYyM2Rl
ZGU5NzgwHhcNMjQwMTAxMTgzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTAwMmQ1ZDg0Zjk0YzUxZWQ1NmFlM2M2ZjM4OTU1NWMyYWEwYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHfThneuG7JDUux/pHeRnBCevzBe
b0qyKGQnDjt+zzTO82bMrgkCf6epXiLbEqG6W+5SPqpPXr6GVrOhqDps+navSoNa
CFEX2wnFZQHc6xmfcs2rQtxZi8IzTkPEaNLXbs2JA75neeyp7e0enCk4S7woujPS
Z3II2hCDjswMOJSBKx18LBo078rv5zZ23a6smef23HOPjJYnHyOBPqXYPcEheN1r
5PScm41JuEC97uxVSp17lrZtAJlIRYUuRH1z8vITGkSHR/sMLSZMFN+GFHApBiK+
9JqDjS/EF+ZgekIS4EQqlhk23TW5ZIY6e1E0jUa011X6zLP1J1WT6qb5NQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFKUALV2E+UxR7VauPG84lVXCqgsYMB8GA1UdIwQY
MBaAFL3SRCFNdkaNP7cqutGJLvI97el4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYt
NDZhNDNlZjAyMjFiLzEvcFFBdFhZVDVURkh0VnE0OGJ6aVZWY0txQ3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYtNDZhNDNlZjAyMjFi
LzEvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBAcfCoAD
AwEufgMDAC6MAwMAPgIDAwJNOAMDAVDaAwQFUQfgMAwDBAVUFCADBANUFDADAwJU
SAMDAbJSAwQFwh0AAwQGw8rAAwQF1C+gAwQG1cFAAwMA2aIDBAXZqCAwFAQCAAIw
DgMFACoA4sADBQUqAqoAMA0GCSqGSIb3DQEBCwUAA4IBAQAPI4z7eNpeCC6jl4MZ
JUEcHIHWKg8yuqxKj+t1xFgRqdbnq8LKXvnX59Js9vZTLG8PNnNJW804hBaK9ABM
slOtLdZ9N1LT14WBNfq7a1lH5HZBQpkemKNH70klavcGZmGY97hwGDqUw8ck5tRG
uZyVhLGimAPcCxtT1jRJn7rcVSVnRILYJvSZNuPRKdQmV4LCWNuGR1/IsAKs5OWO
fJVrZV4qxRCRE1box2LujJjdp6Q/pJAl81Oo/wimpRjdEvYy40pu5JL1J7t6cv0M
qcf7zLki+We8bQVy/OxW9R8q1hwjcnPJHPwDMa6wvz6GVyKsFuREL5OghjJolXYm
g3QY
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:48:49 2024 by rpki-client on console-ams.rpki-client.org