Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/CYnPwOenS98hiOP2f6fAT_xX6wc.roa
File:                     CYnPwOenS98hiOP2f6fAT_xX6wc.roa (raw, json)
Hash identifier:          YYSJWukHCMh5VO9zwCGebRyqBudkffM/zbEWIsimxlw=
Subject key identifier:   09:89:CF:C0:E7:A7:4B:DF:21:88:E3:F6:7F:A7:C0:4F:FC:57:EB:07
Certificate issuer:       /CN=602be661e57c14659a608e9f6be605d6250047fc
Certificate serial:       018B4D5AEC261875C1CCD0D869A4F3B47FF6
Authority key identifier: 60:2B:E6:61:E5:7C:14:65:9A:60:8E:9F:6B:E6:05:D6:25:00:47:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YCvmYeV8FGWaYI6fa-YF1iUAR_w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/CYnPwOenS98hiOP2f6fAT_xX6wc.roa
Signing time:             Fri 20 Oct 2023 13:51:26 +0000
ROA not before:           Fri 20 Oct 2023 13:51:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6876
IP address blocks:        31.31.96.0/19 maxlen: 19
                          185.184.168.0/22 maxlen: 22
                          185.177.240.0/22 maxlen: 22
                          212.178.0.0/19 maxlen: 19
                          45.156.36.0/22 maxlen: 22
                          185.247.20.0/22 maxlen: 22
                          212.90.124.0/22 maxlen: 22
                          212.24.112.0/24 maxlen: 24
                          62.16.0.0/19 maxlen: 19
                          37.203.0.0/19 maxlen: 19
                          85.238.96.0/19 maxlen: 19
                          188.115.128.0/18 maxlen: 18
                          185.228.104.0/22 maxlen: 22
                          185.23.104.0/22 maxlen: 22
                          193.178.48.0/22 maxlen: 22
                          176.119.64.0/18 maxlen: 18
                          79.140.0.0/20 maxlen: 20
                          95.214.40.0/22 maxlen: 22
                          45.130.0.0/22 maxlen: 22
                          130.0.32.0/19 maxlen: 19
                          185.166.220.0/22 maxlen: 22
                          195.138.64.0/19 maxlen: 19
                          88.214.8.0/22 maxlen: 22
                          185.206.36.0/22 maxlen: 22
                          45.140.120.0/22 maxlen: 22
                          185.226.112.0/22 maxlen: 22
                          185.145.104.0/22 maxlen: 22
                          2a04:2c00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sat 28 Oct 2023 16:21:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:4d:5a:ec:26:18:75:c1:cc:d0:d8:69:a4:f3:b4:7f:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=602be661e57c14659a608e9f6be605d6250047fc
        Validity
            Not Before: Oct 20 13:51:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0989cfc0e7a74bdf2188e3f67fa7c04ffc57eb07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:b9:90:f1:8a:85:36:be:38:3c:2c:e7:57:4e:
                    d5:0f:18:66:0e:4b:9c:2e:ae:cc:a6:d4:76:ee:9b:
                    e3:9f:52:e3:c4:36:1e:b6:d6:d0:8c:9a:7a:0d:78:
                    32:e7:dc:6d:65:33:2b:32:6d:e5:fd:69:9a:5d:91:
                    f9:e1:87:01:52:ba:53:44:92:a9:3c:47:5b:59:d6:
                    b0:46:2b:2d:af:3c:0f:12:58:6b:f3:5e:f4:6e:2f:
                    a6:fc:97:d0:f5:dd:11:91:15:e7:ab:66:59:0d:42:
                    1a:97:41:82:9e:20:b9:db:52:7e:48:c0:7f:58:52:
                    7f:b8:03:4d:5e:47:45:07:a9:0d:a7:f3:97:87:5a:
                    cf:86:d1:2f:61:35:4f:9a:4b:68:cb:89:2d:15:90:
                    f9:79:71:6f:5c:2e:47:b5:6f:bd:13:fc:bb:09:55:
                    f3:e9:27:d0:ed:7d:c1:0d:cc:2b:83:c7:6e:a9:af:
                    6e:72:09:36:b4:5e:a4:bd:a8:5b:6a:ac:44:e9:13:
                    42:d3:3a:0a:52:84:73:37:dc:24:f5:3e:71:9a:8c:
                    85:f9:30:6b:ff:3f:fe:1e:41:3b:ae:46:2a:d9:0e:
                    b2:c3:a0:ed:c0:63:13:e1:8c:c6:da:48:3e:77:91:
                    55:ff:ce:df:c7:07:9e:2d:d2:c6:d7:8f:cc:41:3d:
                    c8:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:89:CF:C0:E7:A7:4B:DF:21:88:E3:F6:7F:A7:C0:4F:FC:57:EB:07
            X509v3 Authority Key Identifier:
                keyid:60:2B:E6:61:E5:7C:14:65:9A:60:8E:9F:6B:E6:05:D6:25:00:47:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YCvmYeV8FGWaYI6fa-YF1iUAR_w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/CYnPwOenS98hiOP2f6fAT_xX6wc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/974213-49fd-4c5c-8014-bd3a630ee5cc/1/YCvmYeV8FGWaYI6fa-YF1iUAR_w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.31.96.0/19
                  37.203.0.0/19
                  45.130.0.0/22
                  45.140.120.0/22
                  45.156.36.0/22
                  62.16.0.0/19
                  79.140.0.0/20
                  85.238.96.0/19
                  88.214.8.0/22
                  95.214.40.0/22
                  130.0.32.0/19
                  176.119.64.0/18
                  185.23.104.0/22
                  185.145.104.0/22
                  185.166.220.0/22
                  185.177.240.0/22
                  185.184.168.0/22
                  185.206.36.0/22
                  185.226.112.0/22
                  185.228.104.0/22
                  185.247.20.0/22
                  188.115.128.0/18
                  193.178.48.0/22
                  195.138.64.0/19
                  212.24.112.0/24
                  212.90.124.0/22
                  212.178.0.0/19
                IPv6:
                  2a04:2c00::/29

    Signature Algorithm: sha256WithRSAEncryption
         b1:d8:89:c4:fb:07:86:ff:3a:80:63:d6:78:e2:96:97:62:2b:
         d5:05:8d:3c:43:71:71:0e:a3:5c:f9:d9:53:c9:b6:97:06:4f:
         f2:3a:7d:aa:3e:8a:51:a4:a7:c0:78:96:da:53:9c:62:e2:6e:
         5f:92:0a:49:68:99:85:6e:ea:64:3f:a4:a0:d5:09:cd:9e:5b:
         15:82:d1:e3:8f:7e:49:6c:c4:ed:80:03:ee:d6:14:00:32:d0:
         23:21:4d:4a:8c:89:35:14:df:93:a2:5c:41:1f:01:41:1a:df:
         23:6a:2e:7c:45:69:57:fe:3e:66:79:e9:93:c4:09:b5:10:16:
         6d:e5:4c:93:d8:23:db:61:f3:cc:65:d2:77:ca:68:9e:7e:a6:
         f7:3e:52:d9:68:74:f3:38:cc:3a:e0:86:4e:fa:14:f7:58:a9:
         3e:1a:e8:98:9e:9a:ce:9d:9f:66:82:21:1e:0c:2d:2e:df:47:
         20:19:38:4e:e4:e2:5e:07:e4:5b:e7:bb:0e:db:09:88:5e:65:
         33:f9:eb:bb:9d:26:d3:7f:7f:21:0a:64:cf:6e:4a:ab:77:33:
         c2:3b:37:3a:8a:51:f0:5b:e5:03:16:9c:c5:5e:1a:63:ae:99:
         cc:50:32:62:96:32:a3:e1:0a:d0:a8:b4:4c:84:d6:8a:bf:ab:
         a3:5c:66:d5
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYtNWuwmGHXBzNDYaaTztH/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMmJlNjYxZTU3YzE0NjU5YTYwOGU5ZjZiZTYwNWQ2MjUw
MDQ3ZmMwHhcNMjMxMDIwMTM1MTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTg5Y2ZjMGU3YTc0YmRmMjE4OGUzZjY3ZmE3YzA0ZmZjNTdlYjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7mQ8YqFNr44PCznV07VDxhmDkuc
Lq7MptR27pvjn1LjxDYettbQjJp6DXgy59xtZTMrMm3l/WmaXZH54YcBUrpTRJKp
PEdbWdawRistrzwPElhr8170bi+m/JfQ9d0RkRXnq2ZZDUIal0GCniC521J+SMB/
WFJ/uANNXkdFB6kNp/OXh1rPhtEvYTVPmktoy4ktFZD5eXFvXC5HtW+9E/y7CVXz
6SfQ7X3BDcwrg8duqa9ucgk2tF6kvahbaqxE6RNC0zoKUoRzN9wk9T5xmoyF+TBr
/z/+HkE7rkYq2Q6yw6DtwGMT4YzG2kg+d5FV/87fxweeLdLG14/MQT3IUQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFAmJz8Dnp0vfIYjj9n+nwE/8V+sHMB8GA1UdIwQY
MBaAFGAr5mHlfBRlmmCOn2vmBdYlAEf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUN2bVllVjhGR1dhWUk2ZmEtWUYxaVVBUl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85NzQyMTMtNDlmZC00YzVjLTgwMTQt
YmQzYTYzMGVlNWNjLzEvQ1luUHdPZW5TOThoaU9QMmY2ZkFUX3hYNndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85NzQyMTMtNDlmZC00YzVjLTgwMTQtYmQzYTYzMGVlNWNj
LzEvWUN2bVllVjhGR1dhWUk2ZmEtWUYxaVVBUl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAUf
H2ADBAUlywADBAItggADBAItjHgDBAItnCQDBAU+EAADBARPjAADBAVV7mADBAJY
1ggDBAJf1igDBAWCACADBAawd0ADBAK5F2gDBAK5kWgDBAK5ptwDBAK5sfADBAK5
uKgDBAK5ziQDBAK54nADBAK55GgDBAK59xQDBAa8c4ADBALBsjADBAXDikADBADU
GHADBALUWnwDBAXUsgAwDQQCAAIwBwMFAyoELAAwDQYJKoZIhvcNAQELBQADggEB
ALHYicT7B4b/OoBj1njilpdiK9UFjTxDcXEOo1z52VPJtpcGT/I6fao+ilGkp8B4
ltpTnGLibl+SCklomYVu6mQ/pKDVCc2eWxWC0eOPfklsxO2AA+7WFAAy0CMhTUqM
iTUU35OiXEEfAUEa3yNqLnxFaVf+PmZ56ZPECbUQFm3lTJPYI9th88xl0nfKaJ5+
pvc+UtlodPM4zDrghk76FPdYqT4a6Jiems6dn2aCIR4MLS7fRyAZOE7k4l4H5Fvn
uw7bCYheZTP567udJtN/fyEKZM9uSqt3M8I7NzqKUfBb5QMWnMVeGmOumcxQMmKW
MqPhCtCotEyE1oq/q6NcZtU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:56 2024 by rpki-client on console-ams.rpki-client.org