Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ErBt-PsEN6irDCV1z6rFN2EY3ZQ.roa
File:                     ErBt-PsEN6irDCV1z6rFN2EY3ZQ.roa (raw, json)
Hash identifier:          muQ98IJ2PZ5QcyUcBfht7sDLhhSqK7kOtlUHGVdO+Us=
Subject key identifier:   12:B0:6D:F8:FB:04:37:A8:AB:0C:25:75:CF:AA:C5:37:61:18:DD:94
Certificate issuer:       /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial:       018B901C0086D268AE4C917315431BF0D0BF
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ErBt-PsEN6irDCV1z6rFN2EY3ZQ.roa
Signing time:             Thu 02 Nov 2023 12:57:16 +0000
ROA not before:           Thu 02 Nov 2023 12:57:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25211
IP address blocks:        94.26.79.0/24 maxlen: 24
                          94.26.89.0/24 maxlen: 24
                          94.26.90.0/24 maxlen: 24
                          94.26.28.0/24 maxlen: 24
                          94.26.29.0/24 maxlen: 24
                          185.96.253.0/24 maxlen: 24
                          185.96.252.0/24 maxlen: 24
                          185.96.255.0/24 maxlen: 24
                          94.26.76.0/24 maxlen: 24
                          94.26.76.0/22 maxlen: 22
                          94.26.78.0/24 maxlen: 24
                          94.26.77.0/24 maxlen: 24
                          91.92.33.0/24 maxlen: 24
                          78.159.131.0/24 maxlen: 24
                          78.159.128.0/24 maxlen: 24
                          91.92.34.0/24 maxlen: 24
                          91.92.35.0/24 maxlen: 24
                          78.159.129.0/24 maxlen: 24
                          78.159.137.0/24 maxlen: 24
                          91.92.40.0/24 maxlen: 24
                          91.92.43.0/24 maxlen: 24
                          78.159.138.0/24 maxlen: 24
                          91.92.44.0/24 maxlen: 24
                          93.152.205.0/24 maxlen: 24
                          93.152.206.0/24 maxlen: 24
                          91.92.41.0/24 maxlen: 24
                          91.92.42.0/24 maxlen: 24
                          78.159.136.0/24 maxlen: 24
                          78.159.139.0/24 maxlen: 24
                          93.152.213.0/24 maxlen: 24
                          93.152.208.0/24 maxlen: 24
                          91.92.46.0/24 maxlen: 24
                          93.152.209.0/24 maxlen: 24
                          93.152.210.0/24 maxlen: 24
                          91.92.47.0/24 maxlen: 24
                          91.92.45.0/24 maxlen: 24
                          93.152.207.0/24 maxlen: 24
                          91.92.50.0/24 maxlen: 24
                          91.92.49.0/24 maxlen: 24
                          91.92.51.0/24 maxlen: 24
                          93.152.211.0/24 maxlen: 24
                          93.152.212.0/24 maxlen: 24
                          93.152.219.0/24 maxlen: 24
                          93.152.215.0/24 maxlen: 24
                          91.92.53.0/24 maxlen: 24
                          93.152.216.0/24 maxlen: 24
                          93.152.214.0/24 maxlen: 24
                          91.92.52.0/24 maxlen: 24
                          93.152.218.0/24 maxlen: 24
                          78.159.152.0/22 maxlen: 22
                          78.159.150.0/24 maxlen: 24
                          78.159.149.0/24 maxlen: 24
                          93.152.217.0/24 maxlen: 24
                          93.152.225.0/24 maxlen: 24
                          93.152.222.0/24 maxlen: 24
                          93.152.223.0/24 maxlen: 24
                          93.152.224.0/24 maxlen: 24
                          93.152.220.0/24 maxlen: 24
                          93.152.221.0/24 maxlen: 24
                          78.159.158.0/24 maxlen: 24
                          78.159.159.0/24 maxlen: 24
                          93.152.226.0/24 maxlen: 24
                          78.159.156.0/24 maxlen: 24
                          78.159.157.0/24 maxlen: 24
                          93.152.227.0/24 maxlen: 24
                          212.102.105.0/24 maxlen: 24
                          212.102.107.0/24 maxlen: 24
                          45.141.232.0/24 maxlen: 24
                          45.141.233.0/24 maxlen: 24
                          45.141.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:90:1c:00:86:d2:68:ae:4c:91:73:15:43:1b:f0:d0:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
        Validity
            Not Before: Nov  2 12:57:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=12b06df8fb0437a8ab0c2575cfaac5376118dd94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:b7:86:27:b6:09:da:98:2c:d7:69:d7:9e:b4:
                    32:87:ab:6f:4d:4b:86:cd:94:6e:26:9d:f8:9b:72:
                    40:9e:36:a4:75:17:52:9a:99:82:4d:fb:b7:fb:b7:
                    87:28:1a:8f:26:84:7e:8a:59:b4:3f:31:b5:a6:83:
                    44:c1:ef:e5:5f:74:12:4b:17:01:81:e3:a3:02:8a:
                    a1:e2:3b:ca:d6:b4:94:5c:36:45:19:59:79:80:98:
                    4d:97:50:0b:eb:82:10:c1:81:dc:39:26:0d:72:4d:
                    a2:3f:74:01:53:97:b2:0b:d5:ed:3b:f9:56:ad:8b:
                    fd:8d:ae:23:40:28:57:2e:a9:ad:13:76:f9:6c:d0:
                    00:26:7a:ea:f2:1f:24:73:04:a2:fd:72:8e:1f:b1:
                    c4:28:dc:32:b7:a3:1c:0f:8f:18:e7:ad:58:96:6f:
                    93:ae:bd:38:f8:2d:c8:cb:e2:68:ea:fa:45:fe:33:
                    3f:04:1f:bf:1e:8e:bf:9c:3a:c1:f1:7c:77:c9:55:
                    24:d7:46:67:94:1f:6a:6d:4d:7a:87:ba:57:2c:19:
                    0a:87:c2:42:5a:36:29:bf:89:93:b9:ff:66:e8:32:
                    84:09:4d:ac:91:f2:f1:7b:1a:24:18:3b:37:fd:00:
                    59:3e:3b:0a:67:f6:0a:05:ab:75:58:a0:b4:4f:a4:
                    09:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:B0:6D:F8:FB:04:37:A8:AB:0C:25:75:CF:AA:C5:37:61:18:DD:94
            X509v3 Authority Key Identifier:
                keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ErBt-PsEN6irDCV1z6rFN2EY3ZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.232.0/23
                  45.141.235.0/24
                  78.159.128.0/23
                  78.159.131.0/24
                  78.159.136.0/22
                  78.159.149.0-78.159.150.255
                  78.159.152.0/21
                  91.92.33.0-91.92.35.255
                  91.92.40.0/21
                  91.92.49.0-91.92.53.255
                  93.152.205.0-93.152.227.255
                  94.26.28.0/23
                  94.26.76.0/22
                  94.26.89.0-94.26.90.255
                  185.96.252.0/23
                  185.96.255.0/24
                  212.102.105.0/24
                  212.102.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:e8:48:c8:19:20:e2:64:61:ba:a8:a5:a2:f7:17:0c:5a:e7:
         92:cf:0e:99:bb:11:07:0f:53:18:b6:c3:04:85:eb:ab:9e:61:
         05:5d:ee:00:5d:90:80:bb:43:39:cb:58:e8:24:28:43:10:5c:
         e5:8a:e6:d8:75:9d:ee:90:45:16:72:23:ae:df:dc:2c:dc:59:
         b9:b9:18:97:f1:02:31:97:d1:85:1b:4b:8e:32:67:fd:d2:5c:
         74:00:73:59:79:72:37:f2:b0:f9:80:11:3c:0e:fe:a8:46:ad:
         e2:05:a3:77:40:0b:e7:b8:06:63:1e:3e:2a:b1:9e:c4:ae:a4:
         af:76:ef:2f:22:1a:6a:e7:73:2d:35:72:06:11:04:00:d8:d0:
         1a:45:63:36:e5:0a:f9:ad:cb:03:1e:c9:13:00:63:94:6d:df:
         94:0d:1d:19:fe:48:25:f9:ca:c5:39:82:dc:16:2b:bf:4d:c2:
         9e:40:35:3c:4a:74:31:56:c3:a6:1e:01:cb:f8:35:24:67:9a:
         ab:39:62:a6:5b:35:00:dc:e3:f5:d2:4a:33:ca:ba:6d:95:eb:
         2f:ca:c4:b0:14:89:07:60:26:9e:a2:2b:a5:05:5d:b0:84:ba:
         7c:3d:60:eb:08:03:04:97:1b:83:cd:2b:ed:f6:1f:48:ed:00:
         2d:4d:92:9b
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYuQHACG0miuTJFzFUMb8NC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMxMTAyMTI1NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmIwNmRmOGZiMDQzN2E4YWIwYzI1NzVjZmFhYzUzNzYxMThkZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLeGJ7YJ2pgs12nXnrQyh6tvTUuG
zZRuJp34m3JAnjakdRdSmpmCTfu3+7eHKBqPJoR+ilm0PzG1poNEwe/lX3QSSxcB
geOjAoqh4jvK1rSUXDZFGVl5gJhNl1AL64IQwYHcOSYNck2iP3QBU5eyC9XtO/lW
rYv9ja4jQChXLqmtE3b5bNAAJnrq8h8kcwSi/XKOH7HEKNwyt6McD48Y561Ylm+T
rr04+C3Iy+Jo6vpF/jM/BB+/Ho6/nDrB8Xx3yVUk10ZnlB9qbU16h7pXLBkKh8JC
WjYpv4mTuf9m6DKECU2skfLxexokGDs3/QBZPjsKZ/YKBat1WKC0T6QJfQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFBKwbfj7BDeoqwwldc+qxTdhGN2UMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvRXJCdC1Qc0VONmlyRENWMXo2ckZOMkVZM1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAEt
jegDBAAtjesDBAFOn4ADBABOn4MDBAJOn4gwDAMEAE6flQMEAE6flgMEA06fmDAM
AwQAW1whAwQCW1wgAwQDW1woMAwDBABbXDEDBAFbXDQwDAMEAF2YzQMEAl2Y4AME
AV4aHAMEAl4aTDAMAwQAXhpZAwQAXhpaAwQBuWD8AwQAuWD/AwQA1GZpAwQA1GZr
MA0GCSqGSIb3DQEBCwUAA4IBAQCF6EjIGSDiZGG6qKWi9xcMWueSzw6ZuxEHD1MY
tsMEheurnmEFXe4AXZCAu0M5y1joJChDEFzliubYdZ3ukEUWciOu39ws3Fm5uRiX
8QIxl9GFG0uOMmf90lx0AHNZeXI38rD5gBE8Dv6oRq3iBaN3QAvnuAZjHj4qsZ7E
rqSvdu8vIhpq53MtNXIGEQQA2NAaRWM25Qr5rcsDHskTAGOUbd+UDR0Z/kgl+crF
OYLcFiu/TcKeQDU8SnQxVsOmHgHL+DUkZ5qrOWKmWzUA3OP10kozyrptlesvysSw
FIkHYCaeoiulBV2whLp8PWDrCAMElxuDzSvt9h9I7QAtTZKb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:26 2024 by rpki-client on console-ams.rpki-client.org