Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/5bNkkg7MeN_DDEI7iOwtc_RDBVo.roa
File:                     5bNkkg7MeN_DDEI7iOwtc_RDBVo.roa (raw, json)
Hash identifier:          9Xl/99d1iOtQ52d+pCvBSWaSb7YSMXzLjCHmqG7raug=
Subject key identifier:   E5:B3:64:92:0E:CC:78:DF:C3:0C:42:3B:88:EC:2D:73:F4:43:05:5A
Certificate issuer:       /CN=c101c5bc0915a2f7cb165b0b7d713212fa57332d
Certificate serial:       0188426ACD7AC84C2E526B29D2200A6D7FBA
Authority key identifier: C1:01:C5:BC:09:15:A2:F7:CB:16:5B:0B:7D:71:32:12:FA:57:33:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wQHFvAkVovfLFlsLfXEyEvpXMy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/5bNkkg7MeN_DDEI7iOwtc_RDBVo.roa
Signing time:             Mon 22 May 2023 07:44:35 +0000
ROA not before:           Mon 22 May 2023 07:44:35 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21246
IP address blocks:        80.80.162.0/24 maxlen: 24
                          80.80.161.0/24 maxlen: 24
                          80.80.160.0/20 maxlen: 20
                          80.80.160.0/24 maxlen: 24
                          80.80.166.0/24 maxlen: 24
                          80.80.164.0/23 maxlen: 23
                          80.80.163.0/24 maxlen: 24
                          80.80.169.0/24 maxlen: 24
                          80.80.168.0/24 maxlen: 24
                          80.80.167.0/24 maxlen: 24
                          80.80.172.0/24 maxlen: 24
                          80.80.171.0/24 maxlen: 24
                          80.80.170.0/24 maxlen: 24
                          80.80.173.0/24 maxlen: 24
                          80.80.175.0/24 maxlen: 24
                          80.80.174.0/24 maxlen: 24
                          46.99.149.0/24 maxlen: 24
                          46.99.148.0/24 maxlen: 24
                          46.99.147.0/24 maxlen: 24
                          46.99.146.0/24 maxlen: 24
                          46.99.152.0/22 maxlen: 22
                          46.99.151.0/24 maxlen: 24
                          46.99.150.0/24 maxlen: 24
                          46.99.156.0/23 maxlen: 23
                          46.99.159.0/24 maxlen: 24
                          46.99.158.0/24 maxlen: 24
                          46.99.163.0/24 maxlen: 24
                          46.99.162.0/24 maxlen: 24
                          46.99.161.0/24 maxlen: 24
                          46.99.160.0/24 maxlen: 24
                          46.99.166.0/24 maxlen: 24
                          46.99.165.0/24 maxlen: 24
                          46.99.164.0/24 maxlen: 24
                          46.99.170.0/24 maxlen: 24
                          46.99.169.0/24 maxlen: 24
                          46.99.168.0/24 maxlen: 24
                          46.99.167.0/24 maxlen: 24
                          46.99.171.0/24 maxlen: 24
                          46.99.179.0/24 maxlen: 24
                          46.99.178.0/24 maxlen: 24
                          46.99.173.0/24 maxlen: 24
                          46.99.177.0/24 maxlen: 24
                          46.99.176.0/24 maxlen: 24
                          46.99.175.0/24 maxlen: 24
                          46.99.174.0/24 maxlen: 24
                          46.99.180.0/24 maxlen: 24
                          46.99.184.0/24 maxlen: 24
                          46.99.183.0/24 maxlen: 24
                          46.99.182.0/24 maxlen: 24
                          46.99.181.0/24 maxlen: 24
                          46.99.186.0/24 maxlen: 24
                          46.99.185.0/24 maxlen: 24
                          46.99.187.0/24 maxlen: 24
                          46.99.190.0/24 maxlen: 24
                          46.99.189.0/24 maxlen: 24
                          46.99.188.0/24 maxlen: 24
                          46.99.192.0/24 maxlen: 24
                          46.99.196.0/24 maxlen: 24
                          46.99.199.0/24 maxlen: 24
                          46.99.128.0/24 maxlen: 24
                          46.99.131.0/24 maxlen: 24
                          46.99.130.0/24 maxlen: 24
                          46.99.129.0/24 maxlen: 24
                          46.99.132.0/24 maxlen: 24
                          46.99.135.0/24 maxlen: 24
                          46.99.134.0/24 maxlen: 24
                          46.99.133.0/24 maxlen: 24
                          46.99.138.0/24 maxlen: 24
                          46.99.137.0/24 maxlen: 24
                          46.99.136.0/24 maxlen: 24
                          46.99.139.0/24 maxlen: 24
                          46.99.142.0/24 maxlen: 24
                          46.99.141.0/24 maxlen: 24
                          46.99.140.0/24 maxlen: 24
                          46.99.145.0/24 maxlen: 24
                          46.99.144.0/24 maxlen: 24
                          46.99.143.0/24 maxlen: 24
                          46.99.254.0/23 maxlen: 23
                          91.187.97.0/24 maxlen: 24
                          91.187.96.0/19 maxlen: 19
                          91.187.96.0/24 maxlen: 24
                          46.99.203.0/24 maxlen: 24
                          46.99.202.0/23 maxlen: 23
                          46.99.202.0/24 maxlen: 24
                          91.187.98.0/24 maxlen: 24
                          91.187.100.0/24 maxlen: 24
                          91.187.99.0/24 maxlen: 24
                          91.187.104.0/24 maxlen: 24
                          91.187.104.0/23 maxlen: 23
                          91.187.103.0/24 maxlen: 24
                          91.187.102.0/24 maxlen: 24
                          91.187.101.0/24 maxlen: 24
                          91.187.107.0/24 maxlen: 24
                          91.187.106.0/24 maxlen: 24
                          91.187.111.0/24 maxlen: 24
                          91.187.110.0/24 maxlen: 24
                          91.187.109.0/24 maxlen: 24
                          91.187.108.0/24 maxlen: 24
                          91.187.112.0/24 maxlen: 24
                          91.187.114.0/24 maxlen: 24
                          91.187.113.0/24 maxlen: 24
                          46.99.224.0/20 maxlen: 20
                          91.187.117.0/24 maxlen: 24
                          91.187.116.0/24 maxlen: 24
                          91.187.115.0/24 maxlen: 24
                          91.187.118.0/24 maxlen: 24
                          91.187.125.0/24 maxlen: 24
                          91.187.121.0/24 maxlen: 24
                          91.187.120.0/24 maxlen: 24
                          91.187.119.0/24 maxlen: 24
                          91.187.124.0/24 maxlen: 24
                          91.187.123.0/24 maxlen: 24
                          91.187.122.0/24 maxlen: 24
                          91.187.127.0/24 maxlen: 24
                          91.187.126.0/24 maxlen: 24
                          46.99.250.0/24 maxlen: 24
                          46.99.249.0/24 maxlen: 24
                          46.99.252.0/23 maxlen: 23
                          46.99.251.0/24 maxlen: 24
                          46.99.64.0/19 maxlen: 19
                          46.99.64.0/18 maxlen: 18
                          46.99.0.0/18 maxlen: 18
                          46.99.0.0/16 maxlen: 16
                          185.78.224.0/22 maxlen: 22
                          46.99.32.0/19 maxlen: 19
                          2a03:4b80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 07 Dec 2023 13:49:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:42:6a:cd:7a:c8:4c:2e:52:6b:29:d2:20:0a:6d:7f:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c101c5bc0915a2f7cb165b0b7d713212fa57332d
        Validity
            Not Before: May 22 07:44:35 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e5b364920ecc78dfc30c423b88ec2d73f443055a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:a2:1c:30:b6:92:b2:2c:20:13:8d:48:4d:4e:
                    a6:e7:89:82:3e:e7:b7:5a:7b:34:1b:81:fe:60:a5:
                    8b:79:53:05:59:37:f7:df:6c:ba:84:ec:d9:6a:42:
                    3a:2a:96:81:1b:a5:2f:28:da:ab:54:bb:aa:d1:ae:
                    7f:30:b4:6e:09:ca:dd:17:69:f4:98:22:27:74:ce:
                    db:a0:95:04:2e:00:56:97:48:e2:47:8f:c2:6a:89:
                    d8:e9:16:78:95:ff:0d:2c:73:de:39:24:de:d6:01:
                    01:13:16:8b:59:10:03:a3:eb:14:7b:4b:75:6b:c2:
                    0e:2d:e0:e9:b2:91:3b:92:b9:d8:ed:41:73:21:0a:
                    21:e2:5f:51:80:83:31:59:10:44:13:24:bb:0c:02:
                    03:fe:f9:70:4c:dc:0e:8c:33:6d:b5:42:3f:12:cd:
                    5f:ab:55:f2:9c:75:90:a2:7a:c7:ab:2b:fd:5a:1d:
                    ca:d4:22:97:86:8d:6c:12:a0:c6:9f:a0:51:53:1b:
                    5f:35:e6:3d:4c:17:49:be:e7:86:12:0a:77:67:ef:
                    16:d1:02:75:d1:06:4a:97:92:3a:dc:79:a0:b5:cb:
                    f2:62:a7:6d:1c:e3:c5:30:1b:28:73:2c:b7:ce:e6:
                    1b:5d:36:ff:53:ee:f7:32:b7:a2:cf:27:7a:0f:62:
                    fd:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:B3:64:92:0E:CC:78:DF:C3:0C:42:3B:88:EC:2D:73:F4:43:05:5A
            X509v3 Authority Key Identifier:
                keyid:C1:01:C5:BC:09:15:A2:F7:CB:16:5B:0B:7D:71:32:12:FA:57:33:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQHFvAkVovfLFlsLfXEyEvpXMy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/5bNkkg7MeN_DDEI7iOwtc_RDBVo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/cfcde0-9aa3-4c2d-b8f7-928d91791907/1/wQHFvAkVovfLFlsLfXEyEvpXMy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.99.0.0/16
                  80.80.160.0/20
                  91.187.96.0/19
                  185.78.224.0/22
                IPv6:
                  2a03:4b80::/32

    Signature Algorithm: sha256WithRSAEncryption
         ca:65:2a:42:d9:a7:da:68:d0:56:9d:7b:fa:c2:99:e0:a0:e7:
         7e:b1:0d:d9:e2:c9:76:53:73:17:2e:63:69:4a:62:a2:b0:81:
         53:70:a9:07:b8:88:2d:03:c9:f9:7d:28:f8:9c:ac:ae:cd:a4:
         66:87:6d:af:8c:f8:5e:3c:93:26:bb:85:ba:fd:09:7b:04:65:
         b0:c6:4d:51:a1:a2:50:31:ab:20:9e:e7:64:ab:b1:97:04:47:
         a9:21:34:4b:cf:c7:a3:f8:c7:d2:64:1c:1a:de:37:f7:02:35:
         ab:51:95:7d:5a:ac:b9:3a:d8:3f:b3:45:7c:81:72:1d:d8:d2:
         60:73:26:3b:33:50:37:4a:6e:04:02:ef:dc:e5:4c:f4:d4:51:
         45:6e:a5:78:cd:1c:8f:c7:31:17:83:bf:56:16:26:82:c2:3b:
         d5:50:2f:0b:18:24:71:7e:c6:0e:1f:df:ae:f9:dc:f8:52:80:
         1b:7d:30:95:73:5b:c5:20:99:7a:11:b7:98:20:95:d6:f3:92:
         e1:17:43:2f:ec:37:86:99:38:7c:14:56:99:0a:22:f7:b5:c0:
         6f:61:24:73:51:9a:aa:73:02:36:01:19:fa:10:19:84:16:a9:
         f5:9a:ee:1a:4a:2a:60:45:f2:e4:b6:84:e0:81:58:f7:21:67:
         c7:bd:0f:02
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYhCas16yEwuUmsp0iAKbX+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDFjNWJjMDkxNWEyZjdjYjE2NWIwYjdkNzEzMjEyZmE1
NzMzMmQwHhcNMjMwNTIyMDc0NDM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWIzNjQ5MjBlY2M3OGRmYzMwYzQyM2I4OGVjMmQ3M2Y0NDMwNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqIcMLaSsiwgE41ITU6m54mCPue3
Wns0G4H+YKWLeVMFWTf332y6hOzZakI6KpaBG6UvKNqrVLuq0a5/MLRuCcrdF2n0
mCIndM7boJUELgBWl0jiR4/CaonY6RZ4lf8NLHPeOSTe1gEBExaLWRADo+sUe0t1
a8IOLeDpspE7krnY7UFzIQoh4l9RgIMxWRBEEyS7DAID/vlwTNwOjDNttUI/Es1f
q1XynHWQonrHqyv9Wh3K1CKXho1sEqDGn6BRUxtfNeY9TBdJvueGEgp3Z+8W0QJ1
0QZKl5I63HmgtcvyYqdtHOPFMBsocyy3zuYbXTb/U+73Mreizyd6D2L9kQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOWzZJIOzHjfwwxCO4jsLXP0QwVaMB8GA1UdIwQY
MBaAFMEBxbwJFaL3yxZbC31xMhL6VzMtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FIRnZBa1ZvdmZMRmxzTGZYRXlFdnBYTXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9jZmNkZTAtOWFhMy00YzJkLWI4Zjct
OTI4ZDkxNzkxOTA3LzEvNWJOa2tnN01lTl9EREVJN2lPd3RjX1JEQlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9jZmNkZTAtOWFhMy00YzJkLWI4ZjctOTI4ZDkxNzkxOTA3
LzEvd1FIRnZBa1ZvdmZMRmxzTGZYRXlFdnBYTXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMALmMDBARQ
UKADBAVbu2ADBAK5TuAwDQQCAAIwBwMFACoDS4AwDQYJKoZIhvcNAQELBQADggEB
AMplKkLZp9po0Fade/rCmeCg536xDdniyXZTcxcuY2lKYqKwgVNwqQe4iC0Dyfl9
KPicrK7NpGaHba+M+F48kya7hbr9CXsEZbDGTVGholAxqyCe52SrsZcER6khNEvP
x6P4x9JkHBreN/cCNatRlX1arLk62D+zRXyBch3Y0mBzJjszUDdKbgQC79zlTPTU
UUVupXjNHI/HMReDv1YWJoLCO9VQLwsYJHF+xg4f36753PhSgBt9MJVzW8UgmXoR
t5ggldbzkuEXQy/sN4aZOHwUVpkKIve1wG9hJHNRmqpzAjYBGfoQGYQWqfWa7hpK
KmBF8uS2hOCBWPchZ8e9DwI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:21 2024 by rpki-client on console-fra.rpki-client.org