Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/LAQQKBnpZzDKnV9lC3B7GI0NLIE.roa
File:                     LAQQKBnpZzDKnV9lC3B7GI0NLIE.roa (raw, json)
Hash identifier:          OA9FsJln1UtrKh7Y5COez790+aoKVmptkYMFpKnsvZc=
Subject key identifier:   2C:04:10:28:19:E9:67:30:CA:9D:5F:65:0B:70:7B:18:8D:0D:2C:81
Certificate issuer:       /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial:       018BA28E4A83A093B3089E9E686D03D6C744
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/LAQQKBnpZzDKnV9lC3B7GI0NLIE.roa
Signing time:             Mon 06 Nov 2023 02:55:16 +0000
ROA not before:           Mon 06 Nov 2023 02:55:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203020
IP address blocks:        45.144.88.0/22 maxlen: 24
                          193.36.89.0/24 maxlen: 32
                          185.147.140.0/22 maxlen: 32
                          91.228.216.0/24 maxlen: 24
                          185.36.254.0/24 maxlen: 32
                          185.188.61.0/24 maxlen: 24
                          185.201.188.0/24 maxlen: 24
                          94.46.206.0/24 maxlen: 32
                          185.184.228.0/24 maxlen: 32
                          89.40.24.0/24 maxlen: 32
                          5.154.174.0/24 maxlen: 24
                          45.156.224.0/22 maxlen: 32
                          185.153.151.0/24 maxlen: 32
                          188.119.154.0/24 maxlen: 32
                          185.160.44.0/22 maxlen: 32
                          185.96.162.0/24 maxlen: 32
                          89.35.249.0/24 maxlen: 32
                          87.239.254.0/24 maxlen: 32
                          45.149.28.0/22 maxlen: 24
                          89.44.205.0/24 maxlen: 32
                          185.217.64.0/22 maxlen: 22
                          185.166.84.0/24 maxlen: 32
                          86.105.183.0/24 maxlen: 32
                          185.152.248.0/22 maxlen: 32
                          80.246.30.0/24 maxlen: 32
                          185.242.217.0/24 maxlen: 24
                          45.95.24.0/22 maxlen: 32
                          185.152.36.0/22 maxlen: 32
                          185.108.104.0/24 maxlen: 32
                          185.108.105.0/24 maxlen: 32
                          195.47.194.0/24 maxlen: 32
                          2a12:adc0::/29 maxlen: 29
                          2a0c:ec40::/29 maxlen: 29
                          2a06:e480::/29 maxlen: 29
                          2a0b:3f40::/29 maxlen: 29
                          2a05:6700::/29 maxlen: 29
                          2a06:46c0::/29 maxlen: 32
                          2a06:5000::/29 maxlen: 32
                          2a06:3040::/29 maxlen: 48
                          2a07:9c80::/29 maxlen: 29
                          2a06:4a00::/29 maxlen: 32
                          2a05:28c0::/29 maxlen: 32
                          2a06:5700::/29 maxlen: 32
                          2a07:f2c0::/29 maxlen: 29
                          2a01:4740::/32 maxlen: 32
                          2a05:f4c0::/29 maxlen: 29
                          2a07:4780::/29 maxlen: 29
                          2a0a:3080::/29 maxlen: 29
                          2a06:df80::/29 maxlen: 29
                          2a0c:d8c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a2:8e:4a:83:a0:93:b3:08:9e:9e:68:6d:03:d6:c7:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
        Validity
            Not Before: Nov  6 02:55:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2c04102819e96730ca9d5f650b707b188d0d2c81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:14:bc:92:80:92:18:de:aa:a7:c3:62:ed:cb:
                    ac:33:d2:a3:52:7b:d3:10:a7:36:81:d1:e5:c7:68:
                    9a:e0:19:a9:1f:89:93:f7:eb:4f:d6:2d:ba:a2:bc:
                    1a:0d:ef:49:54:6c:8b:b0:07:3d:18:66:38:e9:57:
                    cb:ce:ff:05:37:50:d3:1a:07:c7:49:14:6f:02:32:
                    af:44:e1:a7:37:59:2a:c3:d8:8f:e5:a8:1b:ee:e9:
                    e0:6b:bc:96:41:93:ca:5b:89:66:45:0a:60:c2:e3:
                    c2:d3:49:76:b5:1f:53:42:80:10:4f:9a:35:96:36:
                    21:be:33:84:3f:3a:54:01:76:d1:2b:d3:ea:ee:6d:
                    10:a1:b2:28:82:c9:cc:31:f6:7c:ce:b0:15:97:e9:
                    b6:8b:b9:a8:e6:9e:c1:ce:21:df:b3:52:0d:f6:7a:
                    88:1e:87:05:53:a9:7e:8c:23:53:0e:d2:f2:e5:40:
                    eb:c6:0e:7e:e8:c3:16:99:76:52:04:ed:f2:85:7d:
                    bc:60:72:f1:ba:0c:d9:d2:93:00:d9:c4:06:53:ae:
                    c1:ba:dc:69:2f:f5:d3:79:48:02:24:6c:0f:19:e5:
                    f4:57:79:6c:c4:65:ca:e7:cc:f7:63:d9:40:4c:a1:
                    4c:93:bb:27:3f:cd:57:57:53:77:2d:e3:14:90:aa:
                    07:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:04:10:28:19:E9:67:30:CA:9D:5F:65:0B:70:7B:18:8D:0D:2C:81
            X509v3 Authority Key Identifier:
                keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/LAQQKBnpZzDKnV9lC3B7GI0NLIE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.154.174.0/24
                  45.95.24.0/22
                  45.144.88.0/22
                  45.149.28.0/22
                  45.156.224.0/22
                  80.246.30.0/24
                  86.105.183.0/24
                  87.239.254.0/24
                  89.35.249.0/24
                  89.40.24.0/24
                  89.44.205.0/24
                  91.228.216.0/24
                  94.46.206.0/24
                  185.36.254.0/24
                  185.96.162.0/24
                  185.108.104.0/23
                  185.147.140.0/22
                  185.152.36.0/22
                  185.152.248.0/22
                  185.153.151.0/24
                  185.160.44.0/22
                  185.166.84.0/24
                  185.184.228.0/24
                  185.188.61.0/24
                  185.201.188.0/24
                  185.217.64.0/22
                  185.242.217.0/24
                  188.119.154.0/24
                  193.36.89.0/24
                  195.47.194.0/24
                IPv6:
                  2a01:4740::/32
                  2a05:28c0::/29
                  2a05:6700::/29
                  2a05:f4c0::/29
                  2a06:3040::/29
                  2a06:46c0::/29
                  2a06:4a00::/29
                  2a06:5000::/29
                  2a06:5700::/29
                  2a06:df80::/29
                  2a06:e480::/29
                  2a07:4780::/29
                  2a07:9c80::/29
                  2a07:f2c0::/29
                  2a0a:3080::/29
                  2a0b:3f40::/29
                  2a0c:d8c0::/29
                  2a0c:ec40::/29
                  2a12:adc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         4f:00:11:ce:b1:7a:b0:70:e6:cc:64:79:1d:e7:5b:8f:ce:45:
         40:7d:18:ed:8c:a3:ba:9d:5c:cb:51:ee:b7:d2:6c:28:7f:c9:
         29:5b:dc:1c:a5:97:9a:da:92:d5:8b:22:7a:73:17:ef:22:8c:
         44:f5:46:69:45:70:d2:7d:93:a6:01:a9:52:30:4c:87:dd:e3:
         bd:f9:26:be:7f:cd:d7:d6:93:04:79:df:ac:e3:ce:e4:73:40:
         1c:c8:fd:7f:1a:fe:9b:63:ca:2a:aa:e9:db:75:35:04:bf:32:
         5f:ad:b5:18:65:57:de:7f:7b:75:31:ef:bc:ea:5a:69:8c:de:
         dd:d9:91:8e:37:43:0c:5a:cb:fa:4a:b0:c8:5a:1c:4e:fc:42:
         27:64:13:9f:9f:1d:e1:55:7d:7f:ed:14:6c:56:dc:9b:35:92:
         63:04:4a:35:9e:34:2e:4b:75:41:b4:85:ca:94:9b:26:6c:a8:
         98:c2:25:94:0d:5e:b6:21:e6:e4:e0:fd:ed:80:04:b2:69:f4:
         66:c1:4e:15:f5:46:67:4c:e7:58:2b:ce:03:fc:5c:42:41:49:
         06:6e:52:91:bd:59:5f:f5:35:e2:f1:ae:8f:a6:51:f7:94:e1:
         58:8d:9a:fb:f6:ea:8a:f0:fb:e3:36:67:87:8b:b8:69:7f:f3:
         ca:31:ca:93
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgISAYuijkqDoJOzCJ6eaG0D1sdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMxMTA2MDI1NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA0MTAyODE5ZTk2NzMwY2E5ZDVmNjUwYjcwN2IxODhkMGQyYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhS8koCSGN6qp8Ni7cusM9KjUnvT
EKc2gdHlx2ia4BmpH4mT9+tP1i26orwaDe9JVGyLsAc9GGY46VfLzv8FN1DTGgfH
SRRvAjKvROGnN1kqw9iP5agb7unga7yWQZPKW4lmRQpgwuPC00l2tR9TQoAQT5o1
ljYhvjOEPzpUAXbRK9Pq7m0QobIogsnMMfZ8zrAVl+m2i7mo5p7BziHfs1IN9nqI
HocFU6l+jCNTDtLy5UDrxg5+6MMWmXZSBO3yhX28YHLxugzZ0pMA2cQGU67Butxp
L/XTeUgCJGwPGeX0V3lsxGXK58z3Y9lATKFMk7snP81XV1N3LeMUkKoHJwIDAQAB
o4IDTjCCA0owHQYDVR0OBBYEFCwEECgZ6Wcwyp1fZQtwexiNDSyBMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvTEFRUUtCbnBaekRLblY5bEMzQjdHSTBOTElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYgYIKwYBBQUHAQcBAf8EggFRMIIBTTCBuwQCAAEwgbQD
BAAFmq4DBAItXxgDBAItkFgDBAItlRwDBAItnOADBABQ9h4DBABWabcDBABX7/4D
BABZI/kDBABZKBgDBABZLM0DBABb5NgDBABeLs4DBAC5JP4DBAC5YKIDBAG5bGgD
BAK5k4wDBAK5mCQDBAK5mPgDBAC5mZcDBAK5oCwDBAC5plQDBAC5uOQDBAC5vD0D
BAC5ybwDBAK52UADBAC58tkDBAC8d5oDBADBJFkDBADDL8IwgYwEAgACMIGFAwUA
KgFHQAMFAyoFKMADBQMqBWcAAwUDKgX0wAMFAyoGMEADBQMqBkbAAwUDKgZKAAMF
AyoGUAADBQMqBlcAAwUDKgbfgAMFAyoG5IADBQMqB0eAAwUDKgecgAMFAyoH8sAD
BQMqCjCAAwUDKgs/QAMFAyoM2MADBQMqDOxAAwUDKhKtwDANBgkqhkiG9w0BAQsF
AAOCAQEATwARzrF6sHDmzGR5Hedbj85FQH0Y7Yyjup1cy1Hut9JsKH/JKVvcHKWX
mtqS1YsienMX7yKMRPVGaUVw0n2TpgGpUjBMh93jvfkmvn/N19aTBHnfrOPO5HNA
HMj9fxr+m2PKKqrp23U1BL8yX621GGVX3n97dTHvvOpaaYze3dmRjjdDDFrL+kqw
yFocTvxCJ2QTn58d4VV9f+0UbFbcmzWSYwRKNZ40Lkt1QbSFypSbJmyomMIllA1e
tiHm5OD97YAEsmn0ZsFOFfVGZ0znWCvOA/xcQkFJBm5Skb1ZX/U14vGuj6ZR95Th
WI2a+/bqivD74zZnh4u4aX/zyjHKkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:46 2024 by rpki-client on console-fra.rpki-client.org