Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/7T1w40CCL9VtgTf7QznmW8iQMAM.roa
File:                     7T1w40CCL9VtgTf7QznmW8iQMAM.roa (raw, json)
Hash identifier:          okRlJ8Bzuz4BZtitEeaXtC0AUkXqgVmvlI3Zfdhfzz0=
Subject key identifier:   ED:3D:70:E3:40:82:2F:D5:6D:81:37:FB:43:39:E6:5B:C8:90:30:03
Certificate issuer:       /CN=ad109dee6fbdc256df911460ccc915d066a8ff8b
Certificate serial:       018AB1E0E3CB904D65BD083212E90C9BE57C
Authority key identifier: AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/7T1w40CCL9VtgTf7QznmW8iQMAM.roa
Signing time:             Wed 20 Sep 2023 09:17:00 +0000
ROA not before:           Wed 20 Sep 2023 09:17:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     33924
IP address blocks:        31.222.44.0/24 maxlen: 24
                          31.222.44.0/22 maxlen: 22
                          31.222.40.0/22 maxlen: 22
                          31.222.40.0/21 maxlen: 21
                          31.222.40.0/24 maxlen: 24
                          31.222.41.0/24 maxlen: 24
                          31.222.42.0/24 maxlen: 24
                          31.222.43.0/24 maxlen: 24
                          31.222.45.0/24 maxlen: 24
                          31.222.46.0/24 maxlen: 24
                          31.222.47.0/24 maxlen: 24
                          185.55.44.0/22 maxlen: 22
                          185.55.44.0/24 maxlen: 24
                          185.55.44.0/23 maxlen: 23
                          185.55.45.0/24 maxlen: 24
                          185.55.46.0/23 maxlen: 23
                          185.55.46.0/24 maxlen: 24
                          185.55.47.0/24 maxlen: 24
                          84.20.64.0/19 maxlen: 19
                          84.20.64.0/20 maxlen: 20
                          84.20.64.0/24 maxlen: 24
                          84.20.64.0/22 maxlen: 22
                          84.20.64.0/21 maxlen: 21
                          84.20.65.0/24 maxlen: 24
                          84.20.66.0/24 maxlen: 24
                          84.20.67.0/24 maxlen: 24
                          84.20.68.0/24 maxlen: 24
                          84.20.68.0/22 maxlen: 22
                          84.20.69.0/24 maxlen: 24
                          84.20.70.0/24 maxlen: 24
                          84.20.71.0/24 maxlen: 24
                          84.20.78.0/24 maxlen: 24
                          84.20.72.0/24 maxlen: 24
                          84.20.72.0/22 maxlen: 22
                          84.20.78.0/23 maxlen: 23
                          84.20.73.0/24 maxlen: 24
                          84.20.74.0/24 maxlen: 24
                          84.20.75.0/24 maxlen: 24
                          84.20.76.0/23 maxlen: 23
                          84.20.76.0/24 maxlen: 24
                          84.20.76.0/22 maxlen: 22
                          84.20.77.0/24 maxlen: 24
                          84.20.85.0/24 maxlen: 24
                          84.20.83.0/24 maxlen: 24
                          84.20.82.0/24 maxlen: 24
                          84.20.84.0/24 maxlen: 24
                          84.20.84.0/22 maxlen: 22
                          84.20.79.0/24 maxlen: 24
                          84.20.80.0/22 maxlen: 22
                          84.20.80.0/24 maxlen: 24
                          84.20.80.0/21 maxlen: 21
                          84.20.81.0/24 maxlen: 24
                          84.20.86.0/24 maxlen: 24
                          84.20.87.0/24 maxlen: 24
                          84.20.88.0/23 maxlen: 23
                          84.20.88.0/24 maxlen: 24
                          84.20.88.0/22 maxlen: 22
                          84.20.89.0/24 maxlen: 24
                          84.20.90.0/24 maxlen: 24
                          84.20.91.0/24 maxlen: 24
                          84.20.95.0/24 maxlen: 24
                          84.20.92.0/24 maxlen: 24
                          2a00:6b81::/32 maxlen: 32
                          2a00:6b82::/32 maxlen: 32
                          2a00:6b84::/32 maxlen: 32
                          2a00:6b85::/32 maxlen: 32
                          2a00:6b80::/29 maxlen: 29
                          2a00:6b87::/32 maxlen: 32
                          2a00:6b83::/32 maxlen: 32
                          2a00:6b86::/32 maxlen: 32
                          2a00:6b80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b1:e0:e3:cb:90:4d:65:bd:08:32:12:e9:0c:9b:e5:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad109dee6fbdc256df911460ccc915d066a8ff8b
        Validity
            Not Before: Sep 20 09:17:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ed3d70e340822fd56d8137fb4339e65bc8903003
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:e0:15:f2:0c:41:52:bf:87:31:98:e7:49:04:
                    e5:ac:b6:d3:f8:8c:f7:da:8c:95:1c:f9:9c:25:c7:
                    9c:ad:17:cd:36:4a:59:3a:71:79:a4:27:fc:ac:64:
                    70:f9:5a:e8:5d:46:44:52:6f:57:4f:b2:88:ad:73:
                    5c:3f:af:06:e2:8f:f3:2e:46:06:6a:05:51:f0:37:
                    3a:e4:75:79:67:44:93:5b:d6:85:0f:ec:48:3c:68:
                    44:f2:1f:05:7c:87:ac:58:ea:ea:28:ab:6b:d0:76:
                    5a:f0:83:e6:47:f9:dd:ab:df:91:d9:69:25:e6:9b:
                    d3:d9:b1:4c:d9:23:61:61:1f:97:f7:01:55:61:6d:
                    21:7e:65:24:7a:5b:36:44:f7:4d:b0:cb:a0:1c:9f:
                    67:7f:3f:c8:55:b1:d8:3b:d8:15:42:85:90:f7:40:
                    28:b5:f2:3e:8d:6a:be:67:2e:bc:25:43:04:68:d5:
                    4d:4b:d5:56:70:c9:6c:11:b2:70:6f:e5:21:e0:bb:
                    a1:ab:dc:14:20:d6:c7:e6:91:f0:b5:d5:9f:17:d5:
                    7a:ad:ed:df:b4:29:a3:12:a0:2f:b2:34:bf:57:39:
                    18:bf:fd:0b:11:6f:51:e9:ab:91:70:81:2f:5a:e2:
                    78:ba:28:e7:ff:8a:61:92:c5:78:f0:f0:23:76:e2:
                    61:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:3D:70:E3:40:82:2F:D5:6D:81:37:FB:43:39:E6:5B:C8:90:30:03
            X509v3 Authority Key Identifier:
                keyid:AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/7T1w40CCL9VtgTf7QznmW8iQMAM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/rRCd7m-9wlbfkRRgzMkV0Gao_4s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.222.40.0/21
                  84.20.64.0/19
                  185.55.44.0/22
                IPv6:
                  2a00:6b80::/29

    Signature Algorithm: sha256WithRSAEncryption
         59:f8:08:db:c9:ee:6f:c2:62:03:4c:d5:d9:ef:f0:ff:be:a3:
         47:14:fd:c6:b2:1f:56:ca:50:33:ef:1f:33:44:ca:fe:23:ca:
         42:53:f0:db:3e:c3:0e:84:d8:83:2e:3d:c8:d3:6f:d9:8b:40:
         c4:09:91:e1:a6:74:52:85:c9:c1:2a:c1:86:22:48:33:7a:b9:
         65:5c:b4:ce:e0:7f:fb:99:d2:dd:ea:95:e4:73:d3:12:0a:ca:
         40:e8:86:2d:fa:60:63:c4:49:2b:42:98:a0:2f:da:cd:f6:bd:
         85:4c:5f:6f:77:55:4d:ed:82:f6:90:ec:85:00:24:7f:eb:02:
         e4:be:ad:c4:67:28:46:58:2f:b4:04:b1:b6:3f:32:80:6c:c8:
         41:1c:d4:a7:e3:0c:26:93:28:de:65:53:5a:52:b5:52:5c:be:
         b8:8f:da:4f:38:62:72:dc:d6:16:29:12:ef:53:fc:b9:a4:ff:
         b7:76:00:85:9a:1c:c7:87:a3:05:b0:81:f4:3b:6b:34:ac:74:
         cf:92:0b:22:95:83:20:3f:d7:ab:17:c6:4e:af:0e:91:1c:0d:
         5e:04:eb:d5:60:7a:9f:ac:78:b6:4d:92:f3:16:33:8d:c8:f3:
         2d:6f:cc:4d:66:b2:58:4e:ed:6a:d9:4a:77:9e:51:82:84:23:
         42:b2:6e:2e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYqx4OPLkE1lvQgyEukMm+V8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTA5ZGVlNmZiZGMyNTZkZjkxMTQ2MGNjYzkxNWQwNjZh
OGZmOGIwHhcNMjMwOTIwMDkxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDNkNzBlMzQwODIyZmQ1NmQ4MTM3ZmI0MzM5ZTY1YmM4OTAzMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOAV8gxBUr+HMZjnSQTlrLbT+Iz3
2oyVHPmcJcecrRfNNkpZOnF5pCf8rGRw+VroXUZEUm9XT7KIrXNcP68G4o/zLkYG
agVR8Dc65HV5Z0STW9aFD+xIPGhE8h8FfIesWOrqKKtr0HZa8IPmR/ndq9+R2Wkl
5pvT2bFM2SNhYR+X9wFVYW0hfmUkels2RPdNsMugHJ9nfz/IVbHYO9gVQoWQ90Ao
tfI+jWq+Zy68JUMEaNVNS9VWcMlsEbJwb+Uh4Luhq9wUINbH5pHwtdWfF9V6re3f
tCmjEqAvsjS/VzkYv/0LEW9R6auRcIEvWuJ4uijn/4phksV48PAjduJhOQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFO09cONAgi/VbYE3+0M55lvIkDADMB8GA1UdIwQY
MBaAFK0Qne5vvcJW35EUYMzJFdBmqP+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJDZDdtLTl3bGJma1JSZ3pNa1YwR2FvXzRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80NjE1YmUtZTU2Ni00MjUzLTgzZWYt
ZjY2MjZiNjMzODNlLzEvN1QxdzQwQ0NMOVZ0Z1RmN1F6bm1XOGlRTUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80NjE1YmUtZTU2Ni00MjUzLTgzZWYtZjY2MjZiNjMzODNl
LzEvclJDZDdtLTl3bGJma1JSZ3pNa1YwR2FvXzRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH94oAwQF
VBRAAwQCuTcsMA0EAgACMAcDBQMqAGuAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ+Ajb
ye5vwmIDTNXZ7/D/vqNHFP3Gsh9WylAz7x8zRMr+I8pCU/DbPsMOhNiDLj3I02/Z
i0DECZHhpnRShcnBKsGGIkgzerllXLTO4H/7mdLd6pXkc9MSCspA6IYt+mBjxEkr
QpigL9rN9r2FTF9vd1VN7YL2kOyFACR/6wLkvq3EZyhGWC+0BLG2PzKAbMhBHNSn
4wwmkyjeZVNaUrVSXL64j9pPOGJy3NYWKRLvU/y5pP+3dgCFmhzHh6MFsIH0O2s0
rHTPkgsilYMgP9erF8ZOrw6RHA1eBOvVYHqfrHi2TZLzFjONyPMtb8xNZrJYTu1q
2Up3nlGChCNCsm4u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:14 2024 by rpki-client on console-ams.rpki-client.org