Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/D57nDWAfqNJcBGfMLKxAds9gIPc.roa
File:                     D57nDWAfqNJcBGfMLKxAds9gIPc.roa (raw, json)
Hash identifier:          mTLA+/kaMRs++NFhrJ6Cf44jX59Z+BBxG44twMqGWV4=
Subject key identifier:   0F:9E:E7:0D:60:1F:A8:D2:5C:04:67:CC:2C:AC:40:76:CF:60:20:F7
Certificate issuer:       /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial:       018D0B14FC57DA2273C1820BB4FE3CFB626C
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/D57nDWAfqNJcBGfMLKxAds9gIPc.roa
Signing time:             Mon 15 Jan 2024 03:05:41 +0000
ROA not before:           Mon 15 Jan 2024 03:05:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29555
IP address blocks:        85.117.96.0/24 maxlen: 24
                          85.117.97.0/24 maxlen: 24
                          85.117.98.0/24 maxlen: 24
                          85.117.99.0/24 maxlen: 24
                          85.117.100.0/24 maxlen: 24
                          85.117.101.0/24 maxlen: 24
                          85.117.102.0/24 maxlen: 24
                          85.117.103.0/24 maxlen: 24
                          85.117.104.0/24 maxlen: 24
                          85.117.105.0/24 maxlen: 24
                          85.117.106.0/24 maxlen: 24
                          85.117.107.0/24 maxlen: 24
                          85.117.108.0/24 maxlen: 24
                          85.117.109.0/24 maxlen: 24
                          85.117.110.0/24 maxlen: 24
                          85.117.111.0/24 maxlen: 24
                          85.117.112.0/24 maxlen: 24
                          85.117.113.0/24 maxlen: 24
                          185.57.72.0/24 maxlen: 24
                          185.57.73.0/24 maxlen: 24
                          185.57.74.0/24 maxlen: 24
                          185.57.75.0/24 maxlen: 24
                          217.76.68.0/24 maxlen: 24
                          217.76.71.0/24 maxlen: 24
                          217.76.72.0/24 maxlen: 24
                          217.76.74.0/24 maxlen: 24
                          217.76.75.0/24 maxlen: 24
                          217.76.76.0/24 maxlen: 24
                          217.76.77.0/24 maxlen: 24
                          217.76.78.0/24 maxlen: 24
                          217.76.79.0/24 maxlen: 24
                          2a03:32c0:300e::/48 maxlen: 48
                          2a03:32c0:18::/48 maxlen: 48
                          2a03:32c0:17::/48 maxlen: 48
                          2a03:32c0:b::/48 maxlen: 48
                          2a03:32c0:d::/48 maxlen: 48
                          2a03:32c0:16::/48 maxlen: 48
                          2a03:32c0:c::/48 maxlen: 48
                          2a03:32c0:a::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 16 Jan 2024 04:41:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:0b:14:fc:57:da:22:73:c1:82:0b:b4:fe:3c:fb:62:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
        Validity
            Not Before: Jan 15 03:05:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0f9ee70d601fa8d25c0467cc2cac4076cf6020f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:da:fd:be:58:2b:d2:02:71:50:3b:22:90:8f:
                    91:19:82:44:72:7c:84:3d:2d:e6:b9:d9:58:7a:b5:
                    bc:52:4b:db:2f:3e:e2:ba:2c:ed:31:32:22:b2:d8:
                    3c:7d:ec:dd:59:4c:e8:5d:10:c5:df:01:9e:fc:a5:
                    2c:a0:02:81:f9:f9:ee:67:16:d4:99:b2:d3:54:c7:
                    79:5f:1b:07:62:cc:16:dd:c1:e2:c4:03:2c:6e:01:
                    58:86:87:65:d6:e7:f8:c1:2f:44:5a:ae:e5:a5:50:
                    ff:58:e0:71:41:9a:53:b0:ff:d1:2a:a8:42:80:2e:
                    cd:3c:3e:27:f0:d5:b0:91:c5:df:c4:b8:b2:e2:b6:
                    18:c2:c5:10:79:30:0b:bf:e9:a8:07:c5:ef:ea:8b:
                    45:4e:cf:e9:1a:4f:d9:42:79:e2:ff:d9:eb:b7:fb:
                    e6:82:53:da:a9:df:0d:56:8a:ba:e5:35:dd:1f:dd:
                    5f:8d:6a:ac:9c:0f:9c:dc:f9:a9:71:88:24:77:05:
                    6f:42:8d:15:f3:93:cf:3d:cf:82:4e:b1:46:83:cd:
                    e0:12:a8:45:43:d6:7a:bc:32:2b:56:c9:4e:65:91:
                    5e:b7:c8:65:90:dc:38:e7:8c:c4:4d:84:9b:ca:79:
                    47:2d:53:36:f2:43:08:d9:24:1f:f9:7c:fa:15:52:
                    37:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:9E:E7:0D:60:1F:A8:D2:5C:04:67:CC:2C:AC:40:76:CF:60:20:F7
            X509v3 Authority Key Identifier:
                keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/D57nDWAfqNJcBGfMLKxAds9gIPc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.117.96.0-85.117.113.255
                  185.57.72.0/22
                  217.76.68.0/24
                  217.76.71.0-217.76.72.255
                  217.76.74.0-217.76.79.255
                IPv6:
                  2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
                  2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
                  2a03:32c0:300e::/48

    Signature Algorithm: sha256WithRSAEncryption
         58:37:71:42:2e:68:51:fa:4b:31:c0:41:06:c5:07:55:66:fc:
         46:6f:28:b3:93:79:50:4d:52:26:46:42:2c:9e:45:3f:a0:fa:
         aa:8c:5b:bd:32:f5:97:0f:db:ae:de:1e:1f:d3:5d:b9:c9:d6:
         fb:b4:f5:47:fb:5b:1e:dc:80:c0:08:5b:13:05:cc:24:cb:34:
         51:8e:00:16:46:3e:0b:c6:59:6b:de:5d:d7:58:a0:c0:b0:0c:
         b0:3b:c1:32:26:c4:8d:04:28:3a:33:bf:d3:e8:0b:91:f5:20:
         ff:8e:5e:62:56:83:07:15:aa:ff:94:8a:b8:b5:5d:bc:40:92:
         03:d6:20:20:d7:59:3e:e7:a8:f3:54:51:5f:d7:65:4f:a8:84:
         41:35:80:79:d3:94:d4:fe:8d:ba:32:5c:22:62:c0:fc:77:69:
         52:ae:e3:8e:1f:54:c3:ab:0f:c9:36:fa:17:0b:d8:0e:07:34:
         15:21:1b:cf:7d:5f:f7:93:92:96:4e:1a:7c:63:92:72:6f:4b:
         a6:ea:8d:c9:ea:56:35:b4:68:cd:dc:99:5b:da:b0:1a:b9:f5:
         c2:21:88:12:00:02:6d:44:98:c9:80:b1:90:b2:a8:5c:7c:93:
         26:a4:88:05:8f:72:f7:67:0a:cb:a1:78:16:25:ae:43:d7:e3:
         28:29:03:26
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAY0LFPxX2iJzwYILtP48+2JsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTE1MDMwNTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjllZTcwZDYwMWZhOGQyNWMwNDY3Y2MyY2FjNDA3NmNmNjAyMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9r9vlgr0gJxUDsikI+RGYJEcnyE
PS3mudlYerW8UkvbLz7iuiztMTIistg8fezdWUzoXRDF3wGe/KUsoAKB+fnuZxbU
mbLTVMd5XxsHYswW3cHixAMsbgFYhodl1uf4wS9EWq7lpVD/WOBxQZpTsP/RKqhC
gC7NPD4n8NWwkcXfxLiy4rYYwsUQeTALv+moB8Xv6otFTs/pGk/ZQnni/9nrt/vm
glPaqd8NVoq65TXdH91fjWqsnA+c3PmpcYgkdwVvQo0V85PPPc+CTrFGg83gEqhF
Q9Z6vDIrVslOZZFet8hlkNw454zETYSbynlHLVM28kMI2SQf+Xz6FVI3PQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFA+e5w1gH6jSXARnzCysQHbPYCD3MB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvRDU3bkRXQWZxTkpjQkdmTUxLeEFkczlnSVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwPAQCAAEwNjAMAwQFVXVg
AwQBVXVwAwQCuTlIAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDA3
BAIAAjAxMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGAMH
ACoDMsAwDjANBgkqhkiG9w0BAQsFAAOCAQEAWDdxQi5oUfpLMcBBBsUHVWb8Rm8o
s5N5UE1SJkZCLJ5FP6D6qoxbvTL1lw/brt4eH9NducnW+7T1R/tbHtyAwAhbEwXM
JMs0UY4AFkY+C8ZZa95d11igwLAMsDvBMibEjQQoOjO/0+gLkfUg/45eYlaDBxWq
/5SKuLVdvECSA9YgINdZPueo81RRX9dlT6iEQTWAedOU1P6NujJcImLA/HdpUq7j
jh9Uw6sPyTb6FwvYDgc0FSEbz31f95OSlk4afGOScm9LpuqNyepWNbRozdyZW9qw
Grn1wiGIEgACbUSYyYCxkLKoXHyTJqSIBY9y92cKy6F4FiWuQ9fjKCkDJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:54 2024 by rpki-client on console-ams.rpki-client.org