Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/59MPYzhkvDoyYoQYMUv26epMWFg.roa
File:                     59MPYzhkvDoyYoQYMUv26epMWFg.roa (raw, json)
Hash identifier:          YYUXkq1SUOhLO+TJmfT+cNWXOnF8qyzG+xogPXbsNAs=
Subject key identifier:   E7:D3:0F:63:38:64:BC:3A:32:62:84:18:31:4B:F6:E9:EA:4C:58:58
Certificate issuer:       /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial:       018AB17020D77120E6B4D9B9F606A847BB0A
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/59MPYzhkvDoyYoQYMUv26epMWFg.roa
Signing time:             Wed 20 Sep 2023 07:13:50 +0000
ROA not before:           Wed 20 Sep 2023 07:13:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25211
IP address blocks:        94.26.79.0/24 maxlen: 24
                          94.26.89.0/24 maxlen: 24
                          94.26.90.0/24 maxlen: 24
                          94.26.28.0/24 maxlen: 24
                          94.26.29.0/24 maxlen: 24
                          185.96.253.0/24 maxlen: 24
                          185.96.252.0/24 maxlen: 24
                          185.96.255.0/24 maxlen: 24
                          94.26.76.0/24 maxlen: 24
                          94.26.76.0/22 maxlen: 22
                          94.26.78.0/24 maxlen: 24
                          94.26.77.0/24 maxlen: 24
                          91.92.33.0/24 maxlen: 24
                          78.159.131.0/24 maxlen: 24
                          78.159.128.0/24 maxlen: 24
                          91.92.34.0/24 maxlen: 24
                          91.92.35.0/24 maxlen: 24
                          78.159.129.0/24 maxlen: 24
                          78.159.137.0/24 maxlen: 24
                          91.92.40.0/24 maxlen: 24
                          91.92.43.0/24 maxlen: 24
                          78.159.138.0/24 maxlen: 24
                          91.92.44.0/24 maxlen: 24
                          93.152.205.0/24 maxlen: 24
                          93.152.206.0/24 maxlen: 24
                          91.92.41.0/24 maxlen: 24
                          91.92.42.0/24 maxlen: 24
                          78.159.136.0/24 maxlen: 24
                          78.159.139.0/24 maxlen: 24
                          93.152.213.0/24 maxlen: 24
                          93.152.208.0/24 maxlen: 24
                          91.92.46.0/24 maxlen: 24
                          93.152.209.0/24 maxlen: 24
                          93.152.210.0/24 maxlen: 24
                          91.92.47.0/24 maxlen: 24
                          91.92.45.0/24 maxlen: 24
                          93.152.207.0/24 maxlen: 24
                          91.92.50.0/24 maxlen: 24
                          91.92.49.0/24 maxlen: 24
                          91.92.51.0/24 maxlen: 24
                          93.152.211.0/24 maxlen: 24
                          93.152.212.0/24 maxlen: 24
                          93.152.219.0/24 maxlen: 24
                          93.152.215.0/24 maxlen: 24
                          91.92.53.0/24 maxlen: 24
                          93.152.216.0/24 maxlen: 24
                          91.92.52.0/24 maxlen: 24
                          93.152.218.0/24 maxlen: 24
                          78.159.152.0/22 maxlen: 22
                          78.159.150.0/24 maxlen: 24
                          93.152.217.0/24 maxlen: 24
                          78.159.149.0/24 maxlen: 24
                          93.152.223.0/24 maxlen: 24
                          93.152.222.0/24 maxlen: 24
                          78.159.158.0/24 maxlen: 24
                          93.152.225.0/24 maxlen: 24
                          78.159.159.0/24 maxlen: 24
                          93.152.226.0/24 maxlen: 24
                          78.159.156.0/24 maxlen: 24
                          93.152.224.0/24 maxlen: 24
                          78.159.157.0/24 maxlen: 24
                          93.152.227.0/24 maxlen: 24
                          212.102.105.0/24 maxlen: 24
                          212.102.107.0/24 maxlen: 24
                          45.141.232.0/24 maxlen: 24
                          45.141.233.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Sep 2023 12:35:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b1:70:20:d7:71:20:e6:b4:d9:b9:f6:06:a8:47:bb:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
        Validity
            Not Before: Sep 20 07:13:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e7d30f633864bc3a32628418314bf6e9ea4c5858
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:1d:26:92:ba:e3:ac:31:94:be:cb:29:0e:08:
                    89:e5:0d:e2:5e:14:62:92:03:07:09:c2:5d:7a:cc:
                    19:a2:bd:c3:11:e7:b8:33:b2:a6:e4:a6:d9:58:4a:
                    65:0e:b1:aa:f9:5b:06:89:90:29:d1:a9:f1:3a:29:
                    b9:73:3f:2a:a1:57:17:76:5f:54:68:64:c4:f3:b3:
                    1f:38:e5:4e:50:3e:d2:de:b4:42:9a:d3:75:84:e1:
                    92:93:3c:71:d4:fd:db:ae:d1:93:a9:94:15:b0:2a:
                    65:bc:70:78:2e:54:9c:49:26:8b:dd:31:6a:56:68:
                    6f:6d:68:0f:97:6b:46:92:79:91:d0:d0:bc:d4:50:
                    ea:6f:bc:f1:60:b0:fb:b8:51:19:48:94:cb:02:9c:
                    3a:0a:f1:79:7e:86:b4:d3:e8:74:90:31:e0:8e:ab:
                    3f:12:b4:2a:a2:86:29:e0:67:e1:da:2b:f9:26:92:
                    84:54:59:7f:01:29:05:27:8b:6e:72:4c:1f:7f:c2:
                    35:e5:75:15:5b:7e:0e:2b:e2:72:18:2f:1a:62:91:
                    0c:35:85:ef:74:71:9e:db:49:1c:06:75:55:78:32:
                    e5:74:57:0f:e1:c5:df:68:ea:8e:7f:0b:d7:7e:49:
                    e1:b4:65:c8:f6:02:f5:75:12:59:cb:03:33:06:a7:
                    53:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:D3:0F:63:38:64:BC:3A:32:62:84:18:31:4B:F6:E9:EA:4C:58:58
            X509v3 Authority Key Identifier:
                keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/59MPYzhkvDoyYoQYMUv26epMWFg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.232.0/23
                  78.159.128.0/23
                  78.159.131.0/24
                  78.159.136.0/22
                  78.159.149.0-78.159.150.255
                  78.159.152.0/21
                  91.92.33.0-91.92.35.255
                  91.92.40.0/21
                  91.92.49.0-91.92.53.255
                  93.152.205.0-93.152.213.255
                  93.152.215.0-93.152.219.255
                  93.152.222.0-93.152.227.255
                  94.26.28.0/23
                  94.26.76.0/22
                  94.26.89.0-94.26.90.255
                  185.96.252.0/23
                  185.96.255.0/24
                  212.102.105.0/24
                  212.102.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:37:75:ad:f4:40:3b:a7:8e:33:a4:9d:de:45:79:1a:ec:03:
         c5:f3:cd:59:96:b8:ef:d0:b7:d2:9a:39:8a:de:3e:4f:20:47:
         74:62:22:2b:c4:83:11:cd:3d:40:67:32:e0:f0:5b:78:6c:74:
         72:3a:7f:b1:52:0b:21:75:24:8f:7b:20:ea:f8:44:90:6a:10:
         b0:0e:c1:a7:64:ee:ef:7c:45:69:2d:70:8e:41:f2:8d:62:82:
         b9:44:69:a9:bf:8b:64:7e:7f:c8:67:08:ee:7d:a3:94:89:6c:
         3f:13:55:09:8d:cc:a6:d5:05:17:8c:c6:4a:36:45:ca:c6:ad:
         1f:6f:4e:16:c6:b2:c4:26:53:ad:a9:15:51:bf:7a:86:5e:f4:
         7b:0a:ed:01:4b:d6:f9:7f:13:c6:c8:3b:c0:67:08:5b:a9:2f:
         d8:78:7b:0e:d4:dd:30:4c:01:ed:95:7e:7b:0d:5f:bf:85:cd:
         d5:ad:d2:ca:cb:c5:9e:33:96:fa:41:78:44:46:1c:00:56:ef:
         31:8c:cf:28:03:09:e0:e9:1d:d2:50:9c:9b:99:4f:f7:2a:74:
         7e:cb:9b:79:ca:f3:c1:bb:1d:a2:48:6e:04:b7:68:2a:5d:45:
         2b:33:2c:4b:d9:ad:51:34:45:f3:6b:8e:ba:0d:9a:c8:a4:e1:
         53:70:09:6c
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYqxcCDXcSDmtNm59gaoR7sKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwOTIwMDcxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2QzMGY2MzM4NjRiYzNhMzI2Mjg0MTgzMTRiZjZlOWVhNGM1ODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8x0mkrrjrDGUvsspDgiJ5Q3iXhRi
kgMHCcJdeswZor3DEee4M7Km5KbZWEplDrGq+VsGiZAp0anxOim5cz8qoVcXdl9U
aGTE87MfOOVOUD7S3rRCmtN1hOGSkzxx1P3brtGTqZQVsCplvHB4LlScSSaL3TFq
VmhvbWgPl2tGknmR0NC81FDqb7zxYLD7uFEZSJTLApw6CvF5foa00+h0kDHgjqs/
ErQqooYp4Gfh2iv5JpKEVFl/ASkFJ4tuckwff8I15XUVW34OK+JyGC8aYpEMNYXv
dHGe20kcBnVVeDLldFcP4cXfaOqOfwvXfknhtGXI9gL1dRJZywMzBqdTpQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFOfTD2M4ZLw6MmKEGDFL9unqTFhYMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvNTlNUFl6aGt2RG95WW9RWU1VdjI2ZXBNV0ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAEt
jegDBAFOn4ADBABOn4MDBAJOn4gwDAMEAE6flQMEAE6flgMEA06fmDAMAwQAW1wh
AwQCW1wgAwQDW1woMAwDBABbXDEDBAFbXDQwDAMEAF2YzQMEAV2Y1DAMAwQAXZjX
AwQCXZjYMAwDBAFdmN4DBAJdmOADBAFeGhwDBAJeGkwwDAMEAF4aWQMEAF4aWgME
Ablg/AMEALlg/wMEANRmaQMEANRmazANBgkqhkiG9w0BAQsFAAOCAQEAczd1rfRA
O6eOM6Sd3kV5GuwDxfPNWZa479C30po5it4+TyBHdGIiK8SDEc09QGcy4PBbeGx0
cjp/sVILIXUkj3sg6vhEkGoQsA7Bp2Tu73xFaS1wjkHyjWKCuURpqb+LZH5/yGcI
7n2jlIlsPxNVCY3MptUFF4zGSjZFysatH29OFsayxCZTrakVUb96hl70ewrtAUvW
+X8Txsg7wGcIW6kv2Hh7DtTdMEwB7ZV+ew1fv4XN1a3SysvFnjOW+kF4REYcAFbv
MYzPKAMJ4Okd0lCcm5lP9yp0fsubecrzwbsdokhuBLdoKl1FKzMsS9mtUTRF82uO
ug2ayKThU3AJbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:26 2024 by rpki-client on console-ams.rpki-client.org