Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/pSLZn8gOluQQ1xtSrBoPYJTkgYU.roa
File:                     pSLZn8gOluQQ1xtSrBoPYJTkgYU.roa (raw, json)
Hash identifier:          13sr253M/lesZLsMZNlW58r/iF8Mm+3syjAprTdVQAw=
Subject key identifier:   A5:22:D9:9F:C8:0E:96:E4:10:D7:1B:52:AC:1A:0F:60:94:E4:81:85
Certificate issuer:       /CN=69507f066f2bb0389dd88436074e1426114f2d92
Certificate serial:       018B6050E5196699F0B42009E773EFB9CE26
Authority key identifier: 69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/pSLZn8gOluQQ1xtSrBoPYJTkgYU.roa
Signing time:             Tue 24 Oct 2023 06:13:16 +0000
ROA not before:           Tue 24 Oct 2023 06:13:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210079
IP address blocks:        178.208.68.0/24 maxlen: 24
                          178.208.71.0/24 maxlen: 24
                          178.208.70.0/24 maxlen: 24
                          178.208.69.0/24 maxlen: 24
                          178.208.95.0/24 maxlen: 24
                          178.208.94.0/24 maxlen: 24
                          178.208.92.0/24 maxlen: 24
                          185.105.111.0/24 maxlen: 24
                          185.105.110.0/24 maxlen: 24
                          185.105.109.0/24 maxlen: 24
                          95.142.38.0/24 maxlen: 24
                          95.142.37.0/24 maxlen: 24
                          95.142.36.0/24 maxlen: 24
                          95.142.35.0/24 maxlen: 24
                          95.142.43.0/24 maxlen: 24
                          95.142.42.0/24 maxlen: 24
                          95.142.40.0/24 maxlen: 24
                          95.142.39.0/24 maxlen: 24
                          2.56.88.0/24 maxlen: 24
                          2a09:c140:3::/48 maxlen: 48
                          2a09:c140:db::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:60:50:e5:19:66:99:f0:b4:20:09:e7:73:ef:b9:ce:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69507f066f2bb0389dd88436074e1426114f2d92
        Validity
            Not Before: Oct 24 06:13:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a522d99fc80e96e410d71b52ac1a0f6094e48185
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:f3:c8:aa:e2:56:9b:e7:fa:4a:a6:ce:2b:ff:
                    61:c1:e9:57:82:85:d1:93:b7:19:4a:93:c4:5d:ce:
                    6d:66:e9:df:0c:4b:6b:82:a9:12:7b:8e:07:02:a6:
                    f6:11:10:34:ae:6b:2c:21:2b:1d:bf:cb:f1:93:a7:
                    2f:e9:2a:26:a2:b6:9e:bd:5e:39:7c:0c:7c:0e:28:
                    14:00:54:05:6c:53:88:e3:e3:f4:2f:7c:bb:8c:89:
                    ba:ff:40:10:ae:d8:df:02:7e:96:3f:ff:73:31:f9:
                    0c:a2:19:b9:34:25:9e:4c:6d:eb:8a:21:9b:27:62:
                    dd:3a:03:71:aa:64:a5:4f:4e:c8:6c:d9:68:90:2e:
                    00:40:2e:02:f5:e0:cb:b3:dc:07:9d:c8:85:19:e8:
                    84:ff:36:1a:91:65:30:f0:f9:fa:fc:00:9a:c2:eb:
                    d7:32:a1:cb:9f:6c:53:36:6b:cd:c5:c0:a0:21:cc:
                    c5:87:2e:f3:3e:7f:23:63:61:54:1b:eb:81:10:b3:
                    f0:08:6e:fd:fe:fe:84:06:ca:cf:7d:b9:64:d3:a9:
                    52:7a:1d:b9:83:cb:5a:f0:7f:aa:9f:92:8e:61:7a:
                    4a:48:50:a2:b3:75:85:f3:1c:a5:b9:f8:02:da:02:
                    75:76:8a:9c:3d:7d:03:50:bb:fc:0f:ba:71:ea:34:
                    89:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:22:D9:9F:C8:0E:96:E4:10:D7:1B:52:AC:1A:0F:60:94:E4:81:85
            X509v3 Authority Key Identifier:
                keyid:69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/pSLZn8gOluQQ1xtSrBoPYJTkgYU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.56.88.0/24
                  95.142.35.0-95.142.40.255
                  95.142.42.0/23
                  178.208.68.0/22
                  178.208.92.0/24
                  178.208.94.0/23
                  185.105.109.0-185.105.111.255
                IPv6:
                  2a09:c140:3::/48
                  2a09:c140:db::/48

    Signature Algorithm: sha256WithRSAEncryption
         8c:ce:76:30:da:bb:3c:88:63:8a:8e:63:27:0f:1f:6c:5d:00:
         2b:cf:02:7a:23:17:79:1a:19:00:97:5e:e9:a2:b3:36:08:c0:
         97:72:62:10:1f:31:a7:b7:bb:61:f0:24:42:59:b2:4c:70:0a:
         8a:0b:7f:b9:c4:db:6b:58:57:2a:b4:38:20:9f:71:0a:d6:9c:
         53:7d:43:1e:ad:e3:50:59:22:70:5d:f9:fe:14:df:1d:a2:92:
         c5:47:bc:43:8c:1e:dc:7b:52:9a:7b:96:81:00:93:90:e4:f4:
         67:e1:4b:3c:38:c2:2e:7a:2a:fe:98:b0:92:d4:51:d5:3f:d0:
         ae:72:25:61:8c:65:2e:3d:1b:dc:34:f5:3d:d8:1a:c2:60:46:
         7a:14:97:03:48:f6:f5:a5:18:43:6c:02:3a:13:77:bb:4d:c1:
         28:dc:76:a4:b0:ed:8f:dc:52:a6:ae:8f:d7:de:e6:0e:9c:f4:
         4a:55:8f:ac:3a:a1:76:1e:78:5f:1d:e7:b5:65:37:3b:07:ac:
         39:87:d0:a8:4c:de:79:f5:a7:d2:2c:50:66:f5:2e:f9:9d:d3:
         44:14:32:e1:86:46:ce:a4:94:c7:7f:16:0a:ec:62:41:7e:7e:
         78:8b:93:2b:09:2a:6d:bf:85:e8:19:9a:4b:d7:40:52:c0:fc:
         eb:3b:04:7f
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYtgUOUZZpnwtCAJ53Pvuc4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTA3ZjA2NmYyYmIwMzg5ZGQ4ODQzNjA3NGUxNDI2MTE0
ZjJkOTIwHhcNMjMxMDI0MDYxMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTIyZDk5ZmM4MGU5NmU0MTBkNzFiNTJhYzFhMGY2MDk0ZTQ4MTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfPIquJWm+f6SqbOK/9hwelXgoXR
k7cZSpPEXc5tZunfDEtrgqkSe44HAqb2ERA0rmssISsdv8vxk6cv6SomoraevV45
fAx8DigUAFQFbFOI4+P0L3y7jIm6/0AQrtjfAn6WP/9zMfkMohm5NCWeTG3riiGb
J2LdOgNxqmSlT07IbNlokC4AQC4C9eDLs9wHnciFGeiE/zYakWUw8Pn6/ACawuvX
MqHLn2xTNmvNxcCgIczFhy7zPn8jY2FUG+uBELPwCG79/v6EBsrPfblk06lSeh25
g8ta8H+qn5KOYXpKSFCis3WF8xylufgC2gJ1doqcPX0DULv8D7px6jSJFQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFKUi2Z/IDpbkENcbUqwaD2CU5IGFMB8GA1UdIwQY
MBaAFGlQfwZvK7A4ndiENgdOFCYRTy2SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEt
MGUxYjhmZWE4OTEzLzEvcFNMWm44Z09sdVFRMXh0U3JCb1BZSlRrZ1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEtMGUxYjhmZWE4OTEz
LzEvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBABAIAATA6AwQAAjhYMAwD
BABfjiMDBABfjigDBAFfjioDBAKy0EQDBACy0FwDBAGy0F4wDAMEALlpbQMEBLlp
YDAYBAIAAjASAwcAKgnBQAADAwcAKgnBQADbMA0GCSqGSIb3DQEBCwUAA4IBAQCM
znYw2rs8iGOKjmMnDx9sXQArzwJ6Ixd5GhkAl17porM2CMCXcmIQHzGnt7th8CRC
WbJMcAqKC3+5xNtrWFcqtDggn3EK1pxTfUMereNQWSJwXfn+FN8dopLFR7xDjB7c
e1Kae5aBAJOQ5PRn4Us8OMIueir+mLCS1FHVP9CuciVhjGUuPRvcNPU92BrCYEZ6
FJcDSPb1pRhDbAI6E3e7TcEo3HaksO2P3FKmro/X3uYOnPRKVY+sOqF2HnhfHee1
ZTc7B6w5h9CoTN559afSLFBm9S75ndNEFDLhhkbOpJTHfxYK7GJBfn54i5MrCSpt
v4XoGZpL10BSwPzrOwR/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:20 2024 by rpki-client on console-ams.rpki-client.org