Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/yGnOmhYl8E-rAbi_EHfuMSKX92o.roa
File:                     yGnOmhYl8E-rAbi_EHfuMSKX92o.roa (raw, json)
Hash identifier:          sKUQ5oIsiSFzEYm9SoKqvfMcFgYbd9dorl1tsAxOtME=
Subject key identifier:   C8:69:CE:9A:16:25:F0:4F:AB:01:B8:BF:10:77:EE:31:22:97:F7:6A
Certificate issuer:       /CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Certificate serial:       01856FC25E36F8BE419CEE0DC19602E15F78
Authority key identifier: 4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/yGnOmhYl8E-rAbi_EHfuMSKX92o.roa
Signing time:             Sun 01 Jan 2023 23:54:47 +0000
ROA not before:           Sun 01 Jan 2023 23:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5617
IP address blocks:        79.188.0.0/16 maxlen: 24
                          31.60.0.0/14 maxlen: 25
                          83.13.0.0/16 maxlen: 24
                          83.6.0.0/16 maxlen: 24
                          46.134.0.0/16 maxlen: 25
                          83.20.0.0/16 maxlen: 24
                          188.47.0.0/16 maxlen: 24
                          37.47.0.0/16 maxlen: 16
                          91.94.0.0/16 maxlen: 16
                          213.25.125.0/24 maxlen: 24
                          83.12.0.0/16 maxlen: 24
                          213.25.166.0/24 maxlen: 24
                          212.160.0.0/16 maxlen: 16
                          79.187.0.0/16 maxlen: 24
                          213.25.92.0/24 maxlen: 24
                          37.228.0.0/18 maxlen: 18
                          212.160.172.0/24 maxlen: 24
                          83.26.0.0/16 maxlen: 24
                          80.53.0.0/16 maxlen: 24
                          83.19.0.0/16 maxlen: 24
                          83.18.0.0/16 maxlen: 24
                          83.11.0.0/16 maxlen: 24
                          80.52.0.0/16 maxlen: 24
                          83.5.0.0/16 maxlen: 24
                          217.99.0.0/16 maxlen: 24
                          213.25.0.0/16 maxlen: 16
                          83.25.0.0/16 maxlen: 24
                          217.98.0.0/16 maxlen: 24
                          195.205.147.0/24 maxlen: 24
                          83.17.0.0/16 maxlen: 24
                          83.24.0.0/13 maxlen: 13
                          83.4.0.0/16 maxlen: 24
                          83.31.0.0/16 maxlen: 24
                          79.186.0.0/16 maxlen: 24
                          83.24.0.0/16 maxlen: 24
                          195.205.239.0/24 maxlen: 24
                          95.51.0.0/16 maxlen: 24
                          80.51.0.0/16 maxlen: 24
                          83.16.0.0/13 maxlen: 13
                          83.23.0.0/16 maxlen: 24
                          80.50.0.0/16 maxlen: 24
                          95.50.0.0/16 maxlen: 24
                          213.77.0.0/17 maxlen: 17
                          213.77.0.0/16 maxlen: 24
                          213.77.5.0/24 maxlen: 24
                          195.205.0.0/16 maxlen: 16
                          83.16.0.0/16 maxlen: 24
                          193.110.120.0/22 maxlen: 22
                          217.97.0.0/16 maxlen: 24
                          37.225.0.0/16 maxlen: 25
                          213.77.68.0/24 maxlen: 24
                          83.10.0.0/16 maxlen: 24
                          213.77.20.0/24 maxlen: 24
                          83.3.0.0/16 maxlen: 24
                          213.77.34.0/24 maxlen: 24
                          83.30.0.0/16 maxlen: 24
                          79.185.0.0/16 maxlen: 24
                          213.76.0.0/16 maxlen: 24
                          83.2.0.0/16 maxlen: 24
                          83.29.0.0/16 maxlen: 24
                          87.96.0.0/17 maxlen: 17
                          217.96.0.0/16 maxlen: 24
                          217.96.0.0/14 maxlen: 14
                          79.163.128.0/17 maxlen: 25
                          83.22.0.0/16 maxlen: 24
                          217.116.96.0/20 maxlen: 20
                          80.49.0.0/16 maxlen: 24
                          95.49.0.0/16 maxlen: 24
                          217.116.100.0/22 maxlen: 22
                          79.184.0.0/13 maxlen: 13
                          212.244.226.0/24 maxlen: 24
                          79.191.0.0/16 maxlen: 24
                          213.76.129.0/24 maxlen: 24
                          194.204.128.0/18 maxlen: 18
                          213.76.135.0/24 maxlen: 24
                          213.76.140.0/24 maxlen: 24
                          213.76.143.0/24 maxlen: 24
                          194.204.152.0/24 maxlen: 24
                          213.76.146.0/24 maxlen: 24
                          194.204.159.0/24 maxlen: 24
                          195.117.0.0/16 maxlen: 16
                          178.56.0.0/16 maxlen: 16
                          5.184.0.0/16 maxlen: 16
                          79.184.0.0/16 maxlen: 24
                          5.184.0.0/15 maxlen: 15
                          83.9.0.0/16 maxlen: 24
                          80.48.0.0/13 maxlen: 13
                          83.28.0.0/16 maxlen: 24
                          80.55.0.0/16 maxlen: 24
                          83.0.0.0/11 maxlen: 11
                          95.48.0.0/16 maxlen: 24
                          80.48.0.0/16 maxlen: 24
                          80.48.0.0/14 maxlen: 14
                          95.48.0.0/14 maxlen: 14
                          83.1.0.0/16 maxlen: 24
                          83.8.0.0/13 maxlen: 13
                          213.77.68.192/26 maxlen: 26
                          195.116.0.0/16 maxlen: 16
                          212.244.0.0/16 maxlen: 16
                          83.15.0.0/16 maxlen: 24
                          46.170.0.0/15 maxlen: 24
                          178.42.0.0/15 maxlen: 24
                          83.8.0.0/16 maxlen: 24
                          79.163.0.0/16 maxlen: 25
                          79.190.0.0/16 maxlen: 24
                          83.0.0.0/13 maxlen: 13
                          37.108.0.0/16 maxlen: 25
                          83.7.0.0/16 maxlen: 24
                          79.162.0.0/15 maxlen: 24
                          79.189.0.0/16 maxlen: 24
                          83.0.0.0/16 maxlen: 24
                          83.27.0.0/16 maxlen: 24
                          80.54.0.0/16 maxlen: 24
                          83.21.0.0/16 maxlen: 24
                          83.14.0.0/16 maxlen: 24
                          2a01:1140::/28 maxlen: 28
                          2a01:1700:3::/48 maxlen: 48
                          2a01:1160::/28 maxlen: 28
                          2a01:1120::/28 maxlen: 28
                          2a01:11a0::/28 maxlen: 28
                          2a00:f40::/29 maxlen: 29
                          2a01:1100::/28 maxlen: 28
                          2a01:11d0::/28 maxlen: 28
                          2a01:1700:2::/48 maxlen: 48
                          2a01:1130::/28 maxlen: 28
                          2a01:1150::/28 maxlen: 28
                          2a01:11c0::/28 maxlen: 28
                          2a01:1170::/28 maxlen: 28
                          2a01:1000::/21 maxlen: 21
                          2a01:1190::/28 maxlen: 28
                          2a01:11b0::/28 maxlen: 28
                          2a01:1110::/28 maxlen: 28
                          2a01:1180::/28 maxlen: 28

Validation:               Failed, certificate revoked on Mon 16 Jan 2023 13:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:5e:36:f8:be:41:9c:ee:0d:c1:96:02:e1:5f:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
        Validity
            Not Before: Jan  1 23:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c869ce9a1625f04fab01b8bf1077ee312297f76a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:0d:d0:1b:4e:2b:0b:bf:9f:bd:6d:fa:35:75:
                    63:68:74:bd:af:18:39:b8:6e:b0:d1:ff:7a:bd:62:
                    35:f9:59:d7:99:04:8d:20:96:50:64:45:7c:b3:20:
                    83:04:a3:6f:5d:d0:0b:76:25:5d:0d:ee:e5:ba:f0:
                    d7:0f:ef:56:10:2e:70:10:69:d0:db:6b:8b:40:b4:
                    b3:4b:03:b2:90:cb:6a:3a:84:71:66:25:c0:f8:3c:
                    c2:4d:23:c1:2d:f6:4e:57:a1:ec:e9:ff:18:9e:f3:
                    2c:3c:01:01:38:59:cc:5a:be:08:f1:cc:90:a9:8c:
                    54:ad:2f:ee:72:42:50:3b:08:d7:6d:aa:a3:4e:05:
                    9b:4c:99:da:3f:65:cc:50:6a:b4:0c:6b:98:14:11:
                    77:cb:7b:93:54:95:66:ed:c9:a6:22:91:10:48:8b:
                    ad:25:34:34:a0:28:98:4f:77:7a:19:2a:c9:ed:a5:
                    41:55:bf:2b:b5:02:40:0b:63:a4:fe:eb:55:68:93:
                    b1:54:c4:e8:bb:a5:ce:97:17:37:15:6f:19:9e:6d:
                    fd:bb:8a:5b:d8:9f:1c:9d:02:5b:49:46:b2:d9:fa:
                    78:48:b0:3c:fa:7e:23:8e:3c:da:15:a7:73:00:2d:
                    a8:4a:5c:65:19:2d:5c:85:17:3c:39:5b:87:d0:72:
                    06:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:69:CE:9A:16:25:F0:4F:AB:01:B8:BF:10:77:EE:31:22:97:F7:6A
            X509v3 Authority Key Identifier:
                keyid:4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/yGnOmhYl8E-rAbi_EHfuMSKX92o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.184.0.0/15
                  31.60.0.0/14
                  37.47.0.0/16
                  37.108.0.0/16
                  37.225.0.0/16
                  37.228.0.0/18
                  46.134.0.0/16
                  46.170.0.0/15
                  79.162.0.0/15
                  79.184.0.0/13
                  80.48.0.0/13
                  83.0.0.0/11
                  87.96.0.0/17
                  91.94.0.0/16
                  95.48.0.0/14
                  178.42.0.0/15
                  178.56.0.0/16
                  188.47.0.0/16
                  193.110.120.0/22
                  194.204.128.0/18
                  195.116.0.0/15
                  195.205.0.0/16
                  212.160.0.0/16
                  212.244.0.0/16
                  213.25.0.0/16
                  213.76.0.0/15
                  217.96.0.0/14
                  217.116.96.0/20
                IPv6:
                  2a00:f40::/29
                  2a01:1000::/21

    Signature Algorithm: sha256WithRSAEncryption
         8e:27:43:12:74:b5:9e:f6:c6:50:1b:75:12:dc:36:a4:e8:30:
         b9:2e:f0:86:86:bd:df:cb:0c:48:93:3c:41:75:ea:8b:84:64:
         d8:c5:94:0c:37:e4:44:0a:e0:3e:77:63:57:dd:d3:ac:49:8c:
         24:80:f7:49:d1:e9:d8:bf:d6:3a:72:11:7b:46:a3:ff:5e:96:
         15:17:c5:d8:70:64:ce:fd:38:17:04:6d:4f:82:c8:ff:4a:50:
         5f:ab:c3:ab:66:12:05:d9:1a:de:22:1f:32:b0:e4:a8:bf:db:
         57:1c:33:83:5b:27:e5:60:2a:0b:48:d6:66:ff:b5:d7:b8:45:
         16:15:20:df:54:76:30:af:47:28:9e:77:56:62:f1:ee:e9:49:
         91:6d:8b:eb:b4:ed:00:08:40:24:67:cc:de:4b:8d:52:7d:fe:
         7c:88:66:e7:df:7f:16:b9:76:76:40:2d:b5:79:4e:c9:5e:7b:
         4c:47:17:5f:a8:94:a9:67:c4:cd:97:c6:20:36:9a:15:5e:8a:
         b0:f9:24:e4:47:22:6e:34:bf:55:f2:8a:03:a7:98:fc:1d:b2:
         6d:19:98:d5:c0:44:d8:be:8b:c0:df:78:82:70:c9:8b:f0:47:
         b7:94:24:73:74:25:72:04:43:03:07:44:55:10:92:30:5a:46:
         ed:2e:50:b5
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYVvwl42+L5BnO4NwZYC4V94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Y1MzAwN2M3OWNjNWUyZjJkNzM1NmJhOTEyMWE3OGMw
Yzc3MTQwHhcNMjMwMTAxMjM1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY5Y2U5YTE2MjVmMDRmYWIwMWI4YmYxMDc3ZWUzMTIyOTdmNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA3QG04rC7+fvW36NXVjaHS9rxg5
uG6w0f96vWI1+VnXmQSNIJZQZEV8syCDBKNvXdALdiVdDe7luvDXD+9WEC5wEGnQ
22uLQLSzSwOykMtqOoRxZiXA+DzCTSPBLfZOV6Hs6f8YnvMsPAEBOFnMWr4I8cyQ
qYxUrS/uckJQOwjXbaqjTgWbTJnaP2XMUGq0DGuYFBF3y3uTVJVm7cmmIpEQSIut
JTQ0oCiYT3d6GSrJ7aVBVb8rtQJAC2Ok/utVaJOxVMTou6XOlxc3FW8Znm39u4pb
2J8cnQJbSUay2fp4SLA8+n4jjjzaFadzAC2oSlxlGS1chRc8OVuH0HIGHwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFMhpzpoWJfBPqwG4vxB37jEil/dqMB8GA1UdIwQY
MBaAFE7PUwB8ecxeLy1zVrqRIaeMDHcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEt
Y2I4YjNhMDk0MjA5LzEveUduT21oWWw4RS1yQWJpX0VIZnVNU0tYOTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEtY2I4YjNhMDk0MjA5
LzEvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBmAQCAAEwgZEDAwEF
uAMDAh88AwMAJS8DAwAlbAMDACXhAwQGJeQAAwMALoYDAwEuqgMDAU+iAwMDT7gD
AwNQMAMDBVMAAwQHV2AAAwMAW14DAwJfMAMDAbIqAwMAsjgDAwC8LwMEAsFueAME
BsLMgAMDAcN0AwMAw80DAwDUoAMDANT0AwMA1RkDAwHVTAMDAtlgAwQE2XRgMBME
AgACMA0DBQMqAA9AAwQDKgEQMA0GCSqGSIb3DQEBCwUAA4IBAQCOJ0MSdLWe9sZQ
G3US3Dak6DC5LvCGhr3fywxIkzxBdeqLhGTYxZQMN+RECuA+d2NX3dOsSYwkgPdJ
0enYv9Y6chF7RqP/XpYVF8XYcGTO/TgXBG1Pgsj/SlBfq8OrZhIF2RreIh8ysOSo
v9tXHDODWyflYCoLSNZm/7XXuEUWFSDfVHYwr0conndWYvHu6UmRbYvrtO0ACEAk
Z8zeS41Sff58iGbn338WuXZ2QC21eU7JXntMRxdfqJSpZ8TNl8YgNpoVXoqw+STk
RyJuNL9V8ooDp5j8HbJtGZjVwETYvovA33iCcMmL8Ee3lCRzdCVyBEMDB0RVEJIw
WkbtLlC1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:16 2024 by rpki-client on console-ams.rpki-client.org