Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/1KuF6SOxh-H2b3KHhkbHyOgCmKc.roa
File:                     1KuF6SOxh-H2b3KHhkbHyOgCmKc.roa (raw, json)
Hash identifier:          dUph4zBH2p+ZbqO+ti3sgh3n2h4W4xGlRilJON0unWo=
Subject key identifier:   D4:AB:85:E9:23:B1:87:E1:F6:6F:72:87:86:46:C7:C8:E8:02:98:A7
Certificate issuer:       /CN=b7cc2da2bdb97be912a2d942ebe7eafa4651e885
Certificate serial:       01856E5D73CD53DF1648173D7B00388B53C6
Authority key identifier: B7:CC:2D:A2:BD:B9:7B:E9:12:A2:D9:42:EB:E7:EA:FA:46:51:E8:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t8wtor25e-kSotlC6-fq-kZR6IU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/1KuF6SOxh-H2b3KHhkbHyOgCmKc.roa
Signing time:             Sun 01 Jan 2023 17:24:56 +0000
ROA not before:           Sun 01 Jan 2023 17:24:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44314
IP address blocks:        185.83.55.0/24 maxlen: 24
                          185.83.54.0/24 maxlen: 24
                          185.83.54.0/23 maxlen: 23
                          185.83.52.0/22 maxlen: 22
                          185.83.52.0/23 maxlen: 23
                          185.83.52.0/24 maxlen: 24
                          185.83.53.0/24 maxlen: 24
                          79.170.176.0/21 maxlen: 21
                          79.170.176.0/22 maxlen: 22
                          79.170.178.0/23 maxlen: 23
                          79.170.178.0/24 maxlen: 24
                          79.170.176.0/24 maxlen: 24
                          79.170.176.0/23 maxlen: 23
                          79.170.177.0/24 maxlen: 24
                          79.170.179.0/24 maxlen: 24
                          79.170.183.0/24 maxlen: 24
                          79.170.180.0/22 maxlen: 22
                          79.170.181.0/24 maxlen: 24
                          79.170.182.0/23 maxlen: 23
                          79.170.182.0/24 maxlen: 24
                          79.170.180.0/24 maxlen: 24
                          79.170.180.0/23 maxlen: 23
                          2a01:4e8:c0c0::/48 maxlen: 48
                          2a01:4e8:3a4d::/48 maxlen: 48
                          2a01:4e8:cda8::/48 maxlen: 48
                          2a01:4ef::/32 maxlen: 32
                          2a01:4ec::/32 maxlen: 32
                          2a01:4ed::/32 maxlen: 32
                          2a01:4e8::/31 maxlen: 31
                          2a01:4ea::/32 maxlen: 32
                          2a01:4e8:c22c::/48 maxlen: 48
                          2a01:4ec::/30 maxlen: 30
                          2a01:4ec::/31 maxlen: 31
                          2a01:4e8::/32 maxlen: 32
                          2a01:4e8:8000::/33 maxlen: 33
                          2a01:4e8::/33 maxlen: 33
                          2a01:4e8::/34 maxlen: 34
                          2a01:4e8:4000::/34 maxlen: 34
                          2a01:4e8:8000::/34 maxlen: 34
                          2a01:4e8:c000::/34 maxlen: 34
                          2a01:4ee::/31 maxlen: 31
                          2a01:4e8:feed::/48 maxlen: 48
                          2a01:4ea::/31 maxlen: 31
                          2a01:4e8:cafe::/48 maxlen: 48
                          2a01:4e9::/32 maxlen: 32
                          2a01:4eb::/32 maxlen: 32
                          2a01:4e8::/29 maxlen: 29
                          2a01:4e8:ffff::/48 maxlen: 48
                          2a01:4e8::/30 maxlen: 30
                          2a01:4e8:f1d::/48 maxlen: 48
                          2a01:4ee::/32 maxlen: 32
                          2a01:4e8:cccc::/48 maxlen: 48
                          2a01:4e8:127::/48 maxlen: 48
                          2a01:4e8:182::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:5d:73:cd:53:df:16:48:17:3d:7b:00:38:8b:53:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b7cc2da2bdb97be912a2d942ebe7eafa4651e885
        Validity
            Not Before: Jan  1 17:24:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4ab85e923b187e1f66f72878646c7c8e80298a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:f5:f9:1a:dc:b5:74:f4:22:14:ae:49:07:9b:
                    d0:d0:bd:62:6e:43:31:cb:95:cd:e5:9b:2d:49:ce:
                    2b:a5:05:00:8b:ab:f2:05:98:84:31:d8:cf:8f:61:
                    18:9a:8e:3e:cb:91:29:fc:74:37:97:c4:5c:c1:79:
                    74:dc:e6:5c:35:5f:1b:9c:2f:56:87:71:fc:b1:4d:
                    38:67:d8:e8:53:1c:7e:8c:06:fe:53:4e:3c:4a:38:
                    a1:d9:a3:e6:c2:21:6a:2f:41:4f:5a:92:0c:31:ad:
                    db:04:13:f3:6a:5d:a5:14:a6:e5:55:38:8a:6c:89:
                    e8:12:49:0d:af:00:b8:ff:42:ba:75:84:89:4e:93:
                    b4:44:b9:0c:ad:6a:57:4e:cf:79:52:6e:eb:7d:0e:
                    0b:41:2b:0f:f0:43:51:a5:56:69:10:6c:0b:ac:8a:
                    ac:0e:11:6d:e6:42:61:0b:3d:31:43:79:13:c7:a6:
                    1f:6f:53:8b:a7:a9:98:50:34:e1:d4:4d:b6:92:aa:
                    a8:f4:ab:9a:62:ff:fc:6c:ca:8f:65:37:37:bb:2a:
                    3d:81:4d:64:fe:45:5e:f3:ea:97:f3:30:78:51:f1:
                    b9:3d:b6:e0:63:17:87:88:12:1c:88:08:97:2f:0c:
                    4e:fd:6f:57:a6:2b:12:fc:13:2b:31:21:75:32:de:
                    5e:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:AB:85:E9:23:B1:87:E1:F6:6F:72:87:86:46:C7:C8:E8:02:98:A7
            X509v3 Authority Key Identifier:
                keyid:B7:CC:2D:A2:BD:B9:7B:E9:12:A2:D9:42:EB:E7:EA:FA:46:51:E8:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t8wtor25e-kSotlC6-fq-kZR6IU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/1KuF6SOxh-H2b3KHhkbHyOgCmKc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ee6c6a-fb55-4dc8-9dcf-22e7a37e8e38/1/t8wtor25e-kSotlC6-fq-kZR6IU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.170.176.0/21
                  185.83.52.0/22
                IPv6:
                  2a01:4e8::/29

    Signature Algorithm: sha256WithRSAEncryption
         7d:a6:bf:1b:18:09:48:7e:d5:3b:87:27:ea:7c:b7:1c:76:0a:
         1f:88:8c:a4:f2:1a:36:39:f2:ca:ec:67:6b:7a:8b:d9:71:a1:
         87:ce:ff:4f:61:92:6c:2c:5d:d4:a4:2f:5d:08:0a:82:14:33:
         1d:42:3a:fb:38:72:65:58:2c:cb:0d:6b:3b:e6:c2:b5:b4:d6:
         10:a2:5e:3d:3d:f6:f1:3a:79:55:a2:88:90:ce:46:88:c7:6f:
         12:30:ba:6b:e6:95:3f:47:ac:dd:74:07:78:37:0e:9d:f7:21:
         1b:44:1a:fd:20:cc:cb:a9:e6:2a:78:c2:1d:db:b5:38:73:25:
         ed:7d:c8:62:6d:bf:01:58:2e:4a:49:cd:00:30:c8:6f:66:20:
         fe:8c:09:91:17:85:88:e8:29:60:c5:30:bc:a1:b8:fc:95:0f:
         e4:ee:fb:5a:b5:e5:e5:5c:0f:2f:29:66:89:b7:7b:26:a7:b8:
         a6:41:b8:e8:e7:70:55:c9:4f:b4:67:c2:4c:1c:1b:30:71:d7:
         a6:6e:bc:f1:ac:7c:eb:7d:8f:46:eb:dd:f2:83:5e:15:87:c7:
         da:93:a3:ae:cc:76:b1:d8:25:d6:03:91:4e:b3:23:8f:3f:92:
         1e:89:da:01:08:7c:db:12:08:0b:6b:ad:3d:00:11:28:3c:50:
         24:03:8b:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuXXPNU98WSBc9ewA4i1PGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Y2MyZGEyYmRiOTdiZTkxMmEyZDk0MmViZTdlYWZhNDY1
MWU4ODUwHhcNMjMwMTAxMTcyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGFiODVlOTIzYjE4N2UxZjY2ZjcyODc4NjQ2YzdjOGU4MDI5OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifX5Gty1dPQiFK5JB5vQ0L1ibkMx
y5XN5ZstSc4rpQUAi6vyBZiEMdjPj2EYmo4+y5Ep/HQ3l8RcwXl03OZcNV8bnC9W
h3H8sU04Z9joUxx+jAb+U048Sjih2aPmwiFqL0FPWpIMMa3bBBPzal2lFKblVTiK
bInoEkkNrwC4/0K6dYSJTpO0RLkMrWpXTs95Um7rfQ4LQSsP8ENRpVZpEGwLrIqs
DhFt5kJhCz0xQ3kTx6Yfb1OLp6mYUDTh1E22kqqo9KuaYv/8bMqPZTc3uyo9gU1k
/kVe8+qX8zB4UfG5PbbgYxeHiBIciAiXLwxO/W9XpisS/BMrMSF1Mt5eiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNSrhekjsYfh9m9yh4ZGx8joApinMB8GA1UdIwQY
MBaAFLfMLaK9uXvpEqLZQuvn6vpGUeiFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDh3dG9yMjVlLWtTb3RsQzYtZnEta1pSNklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9lZTZjNmEtZmI1NS00ZGM4LTlkY2Yt
MjJlN2EzN2U4ZTM4LzEvMUt1RjZTT3hoLUgyYjNLSGhrYkh5T2dDbUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9lZTZjNmEtZmI1NS00ZGM4LTlkY2YtMjJlN2EzN2U4ZTM4
LzEvdDh3dG9yMjVlLWtTb3RsQzYtZnEta1pSNklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT6qwAwQC
uVM0MA0EAgACMAcDBQMqAQToMA0GCSqGSIb3DQEBCwUAA4IBAQB9pr8bGAlIftU7
hyfqfLccdgofiIyk8ho2OfLK7GdreovZcaGHzv9PYZJsLF3UpC9dCAqCFDMdQjr7
OHJlWCzLDWs75sK1tNYQol49PfbxOnlVooiQzkaIx28SMLpr5pU/R6zddAd4Nw6d
9yEbRBr9IMzLqeYqeMId27U4cyXtfchibb8BWC5KSc0AMMhvZiD+jAmRF4WI6Clg
xTC8obj8lQ/k7vtateXlXA8vKWaJt3smp7imQbjo53BVyU+0Z8JMHBswcdembrzx
rHzrfY9G693yg14Vh8fak6OuzHax2CXWA5FOsyOPP5IeidoBCHzbEggLa609ABEo
PFAkA4t5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:03 2024 by rpki-client on console-fra.rpki-client.org