Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/z-OcX9Rijjoq7wsLfTFeC68vH6s.roa
File:                     z-OcX9Rijjoq7wsLfTFeC68vH6s.roa (raw, json)
Hash identifier:          krXtLPtx1hfBOAQQg3t6FFzb8EI4Tt/Q/6T116I61eg=
Subject key identifier:   CF:E3:9C:5F:D4:62:8E:3A:2A:EF:0B:0B:7D:31:5E:0B:AF:2F:1F:AB
Certificate issuer:       /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial:       0191E670A9E8CC66402A225C6378C74F9506
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/z-OcX9Rijjoq7wsLfTFeC68vH6s.roa
Signing time:             Thu 12 Sep 2024 13:33:48 +0000
ROA not before:           Thu 12 Sep 2024 13:33:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     208677
IP address blocks:        31.40.248.0/23 maxlen: 23
                          37.18.8.0/23 maxlen: 23
                          37.18.10.0/24 maxlen: 24
                          37.18.22.0/24 maxlen: 24
                          37.18.72.0/23 maxlen: 23
                          37.18.100.0/23 maxlen: 23
                          37.18.102.0/24 maxlen: 24
                          37.18.107.0/24 maxlen: 24
                          37.18.108.0/22 maxlen: 22
                          37.18.112.0/23 maxlen: 23
                          37.18.114.0/24 maxlen: 24
                          37.18.115.0/24 maxlen: 24
                          37.18.116.0/22 maxlen: 22
                          37.18.120.0/23 maxlen: 23
                          37.18.122.0/24 maxlen: 24
                          37.44.196.0/23 maxlen: 23
                          37.44.198.0/24 maxlen: 24
                          37.230.139.0/24 maxlen: 24
                          37.230.179.0/24 maxlen: 24
                          37.230.180.0/23 maxlen: 23
                          37.230.180.0/24 maxlen: 24
                          37.230.184.0/23 maxlen: 23
                          37.230.186.0/24 maxlen: 24
                          37.230.192.0/21 maxlen: 21
                          37.230.224.0/24 maxlen: 24
                          37.230.233.0/24 maxlen: 24
                          45.9.24.0/22 maxlen: 22
                          45.89.224.0/22 maxlen: 22
                          45.136.146.0/23 maxlen: 23
                          45.151.30.0/23 maxlen: 23
                          45.155.204.0/23 maxlen: 23
                          46.16.36.0/24 maxlen: 24
                          46.243.141.0/24 maxlen: 24
                          46.243.142.0/23 maxlen: 23
                          46.243.172.0/24 maxlen: 24
                          46.243.201.0/24 maxlen: 24
                          46.243.205.0/24 maxlen: 24
                          46.243.206.0/24 maxlen: 24
                          46.243.226.0/23 maxlen: 23
                          46.243.244.0/23 maxlen: 23
                          46.253.132.0/24 maxlen: 24
                          62.233.43.0/24 maxlen: 24
                          82.202.156.0/22 maxlen: 22
                          84.54.56.0/22 maxlen: 22
                          85.208.85.0/24 maxlen: 24
                          85.208.86.0/23 maxlen: 23
                          85.208.209.0/24 maxlen: 24
                          85.208.210.0/23 maxlen: 23
                          85.235.82.0/23 maxlen: 23
                          87.242.84.0/22 maxlen: 22
                          87.242.88.0/21 maxlen: 21
                          87.242.100.0/22 maxlen: 22
                          87.242.116.0/22 maxlen: 22
                          87.242.120.0/21 maxlen: 21
                          88.218.65.0/24 maxlen: 24
                          88.218.66.0/23 maxlen: 23
                          89.232.160.0/21 maxlen: 21
                          89.232.168.0/22 maxlen: 22
                          89.232.176.0/22 maxlen: 22
                          91.224.86.0/23 maxlen: 23
                          94.139.252.0/22 maxlen: 22
                          94.158.22.0/23 maxlen: 23
                          95.174.88.0/21 maxlen: 21
                          141.101.151.0/24 maxlen: 24
                          141.101.152.0/24 maxlen: 24
                          141.101.201.0/24 maxlen: 24
                          176.108.240.0/20 maxlen: 20
                          176.109.96.0/20 maxlen: 20
                          176.123.160.0/21 maxlen: 21
                          178.170.191.0/24 maxlen: 24
                          178.170.192.0/22 maxlen: 22
                          178.170.196.0/23 maxlen: 23
                          178.170.242.0/24 maxlen: 24
                          185.50.200.0/22 maxlen: 22
                          185.234.11.0/24 maxlen: 24
                          185.241.57.0/24 maxlen: 24
                          188.72.96.0/24 maxlen: 24
                          188.72.106.0/23 maxlen: 23
                          188.72.108.0/23 maxlen: 23
                          188.72.117.0/24 maxlen: 24
                          188.72.118.0/24 maxlen: 24
                          192.144.12.0/22 maxlen: 22
                          193.42.116.0/23 maxlen: 23
                          193.105.4.0/24 maxlen: 24
                          193.163.94.0/24 maxlen: 24
                          194.5.92.0/23 maxlen: 23
                          194.26.228.0/24 maxlen: 24
                          194.50.72.0/24 maxlen: 24
                          194.113.34.0/23 maxlen: 23
                          195.128.152.0/24 maxlen: 24
                          213.171.24.0/21 maxlen: 21
                          213.178.153.0/24 maxlen: 24
                          2a0c:2b80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 07 Nov 2024 19:52:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:e6:70:a9:e8:cc:66:40:2a:22:5c:63:78:c7:4f:95:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
        Validity
            Not Before: Sep 12 13:33:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cfe39c5fd4628e3a2aef0b0b7d315e0baf2f1fab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:da:3f:7c:23:80:df:1b:b5:6e:05:a5:18:97:
                    91:41:7c:b0:ea:cb:5b:66:a9:6b:3b:70:f5:5c:a2:
                    e9:4b:3b:05:07:bb:d7:4a:57:b9:a7:75:8b:a2:87:
                    18:b1:0f:88:21:c3:2c:81:1d:41:5e:8c:b0:e4:08:
                    2a:ec:66:c9:b9:7e:85:34:02:d1:95:42:26:3a:e4:
                    f4:cd:9a:c7:c1:30:a5:b8:99:62:da:eb:ab:05:2d:
                    1e:6f:18:d6:b4:44:83:e4:b7:13:be:08:52:23:61:
                    cd:e3:c5:38:7a:30:1a:70:33:b7:90:cc:10:37:94:
                    93:83:69:5b:70:51:22:54:a2:34:3f:fa:6b:56:27:
                    c3:cb:d0:a6:13:89:0f:e0:9d:fa:a1:9a:6f:05:cc:
                    a0:79:df:cd:3f:79:fc:41:61:9f:02:6a:be:74:d4:
                    ff:3c:cc:80:44:5e:0f:d6:29:e8:67:a3:a3:a6:de:
                    22:86:95:3a:05:f2:4e:37:94:2c:de:8f:89:8f:d6:
                    ad:5b:76:eb:f2:d9:9c:1a:5d:40:cc:e9:77:25:30:
                    de:9b:be:ff:fc:e9:c5:4b:fc:b8:22:26:24:c3:82:
                    f6:9a:6c:94:b9:cf:e5:a7:bf:8b:a6:a0:11:63:e5:
                    c7:db:fc:9b:77:2c:48:6a:a0:7c:7e:b3:80:31:50:
                    73:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:E3:9C:5F:D4:62:8E:3A:2A:EF:0B:0B:7D:31:5E:0B:AF:2F:1F:AB
            X509v3 Authority Key Identifier:
                keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/z-OcX9Rijjoq7wsLfTFeC68vH6s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.40.248.0/23
                  37.18.8.0-37.18.10.255
                  37.18.22.0/24
                  37.18.72.0/23
                  37.18.100.0-37.18.102.255
                  37.18.107.0-37.18.122.255
                  37.44.196.0-37.44.198.255
                  37.230.139.0/24
                  37.230.179.0-37.230.181.255
                  37.230.184.0-37.230.186.255
                  37.230.192.0/21
                  37.230.224.0/24
                  37.230.233.0/24
                  45.9.24.0/22
                  45.89.224.0/22
                  45.136.146.0/23
                  45.151.30.0/23
                  45.155.204.0/23
                  46.16.36.0/24
                  46.243.141.0-46.243.143.255
                  46.243.172.0/24
                  46.243.201.0/24
                  46.243.205.0-46.243.206.255
                  46.243.226.0/23
                  46.243.244.0/23
                  46.253.132.0/24
                  62.233.43.0/24
                  82.202.156.0/22
                  84.54.56.0/22
                  85.208.85.0-85.208.87.255
                  85.208.209.0-85.208.211.255
                  85.235.82.0/23
                  87.242.84.0-87.242.95.255
                  87.242.100.0/22
                  87.242.116.0-87.242.127.255
                  88.218.65.0-88.218.67.255
                  89.232.160.0-89.232.171.255
                  89.232.176.0/22
                  91.224.86.0/23
                  94.139.252.0/22
                  94.158.22.0/23
                  95.174.88.0/21
                  141.101.151.0-141.101.152.255
                  141.101.201.0/24
                  176.108.240.0/20
                  176.109.96.0/20
                  176.123.160.0/21
                  178.170.191.0-178.170.197.255
                  178.170.242.0/24
                  185.50.200.0/22
                  185.234.11.0/24
                  185.241.57.0/24
                  188.72.96.0/24
                  188.72.106.0-188.72.109.255
                  188.72.117.0-188.72.118.255
                  192.144.12.0/22
                  193.42.116.0/23
                  193.105.4.0/24
                  193.163.94.0/24
                  194.5.92.0/23
                  194.26.228.0/24
                  194.50.72.0/24
                  194.113.34.0/23
                  195.128.152.0/24
                  213.171.24.0/21
                  213.178.153.0/24
                IPv6:
                  2a0c:2b80::/29

    Signature Algorithm: sha256WithRSAEncryption
         49:22:9d:ae:fa:5f:3a:9c:1a:9f:ab:5a:bb:18:e3:d5:6a:95:
         04:d5:b7:d8:c7:01:82:f9:fe:a8:cd:20:1b:99:21:9b:08:bd:
         0b:2d:61:7d:71:3f:fb:2b:e7:69:aa:e0:8d:82:df:79:c2:c2:
         52:d9:d3:54:5e:fd:49:5d:12:32:3a:d7:91:fc:15:28:0f:00:
         e4:14:a4:eb:ce:11:7b:c7:c1:7f:19:b1:47:77:4c:a5:dc:dc:
         3c:20:bf:a1:ad:af:64:2e:83:8f:70:52:93:d1:42:70:ac:b4:
         c2:b1:b1:19:6e:c2:fa:62:24:c1:17:e7:07:d5:3d:da:15:ea:
         a8:11:0e:b1:a8:f3:6b:2c:63:ee:c3:87:00:ee:69:2b:14:3e:
         73:ea:f7:a5:be:16:dc:13:40:8e:85:64:9b:d0:c4:61:81:b4:
         e8:48:73:06:4e:8c:bc:98:c6:d7:c1:0a:78:d8:29:61:83:71:
         2b:2c:d7:a8:c3:35:34:37:7e:82:17:15:aa:07:38:2a:98:0b:
         98:2d:a4:fe:26:4a:07:2a:6d:c0:b2:87:29:b1:e4:be:a9:59:
         5b:f1:2c:1a:1d:b0:f9:f0:e4:68:47:e6:f8:ad:16:bb:b0:d5:
         51:b9:51:7a:bf:45:ee:25:fd:84:01:57:3f:d7:f0:28:18:74:
         d1:3e:f2:03
-----BEGIN CERTIFICATE-----
MIIHLjCCBhagAwIBAgISAZHmcKnozGZAKiJcY3jHT5UGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjQwOTEyMTMzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmUzOWM1ZmQ0NjI4ZTNhMmFlZjBiMGI3ZDMxNWUwYmFmMmYxZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8to/fCOA3xu1bgWlGJeRQXyw6stb
ZqlrO3D1XKLpSzsFB7vXSle5p3WLoocYsQ+IIcMsgR1BXoyw5Agq7GbJuX6FNALR
lUImOuT0zZrHwTCluJli2uurBS0ebxjWtESD5LcTvghSI2HN48U4ejAacDO3kMwQ
N5STg2lbcFEiVKI0P/prVifDy9CmE4kP4J36oZpvBcyged/NP3n8QWGfAmq+dNT/
PMyARF4P1inoZ6Ojpt4ihpU6BfJON5Qs3o+Jj9atW3br8tmcGl1AzOl3JTDem77/
/OnFS/y4IiYkw4L2mmyUuc/lp7+LpqARY+XH2/ybdyxIaqB8frOAMVBz3QIDAQAB
o4IEOjCCBDYwHQYDVR0OBBYEFM/jnF/UYo46Ku8LC30xXguvLx+rMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL3otT2NYOVJpampvcTd3c0xmVEZlQzY4dkg2cy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggJMBggrBgEFBQcBBwEB/wSCAjswggI3MIICJAQCAAEw
ggIcAwQBHyj4MAwDBAMlEggDBAAlEgoDBAAlEhYDBAElEkgwDAMEAiUSZAMEACUS
ZjAMAwQAJRJrAwQAJRJ6MAwDBAIlLMQDBAAlLMYDBAAl5oswDAMEACXmswMEASXm
tDAMAwQDJea4AwQAJea6AwQDJebAAwQAJebgAwQAJebpAwQCLQkYAwQCLVngAwQB
LYiSAwQBLZceAwQBLZvMAwQALhAkMAwDBAAu840DBAQu84ADBAAu86wDBAAu88kw
DAMEAC7zzQMEAC7zzgMEAS7z4gMEAS7z9AMEAC79hAMEAD7pKwMEAlLKnAMEAlQ2
ODAMAwQAVdBVAwQDVdBQMAwDBABV0NEDBAJV0NADBAFV61IwDAMEAlfyVAMEBVfy
QAMEAlfyZDAMAwQCV/J0AwQHV/IAMAwDBABY2kEDBAJY2kAwDAMEBVnooAMEAlno
qAMEAlnosAMEAVvgVgMEAl6L/AMEAV6eFgMEA1+uWDAMAwQAjWWXAwQAjWWYAwQA
jWXJAwQEsGzwAwQEsG1gAwQDsHugMAwDBACyqr8DBAGyqsQDBACyqvIDBAK5MsgD
BAC56gsDBAC58TkDBAC8SGAwDAMEAbxIagMEAbxIbDAMAwQAvEh1AwQAvEh2AwQC
wJAMAwQBwSp0AwQAwWkEAwQAwaNeAwQBwgVcAwQAwhrkAwQAwjJIAwQBwnEiAwQA
w4CYAwQD1asYAwQA1bKZMA0EAgACMAcDBQMqDCuAMA0GCSqGSIb3DQEBCwUAA4IB
AQBJIp2u+l86nBqfq1q7GOPVapUE1bfYxwGC+f6ozSAbmSGbCL0LLWF9cT/7K+dp
quCNgt95wsJS2dNUXv1JXRIyOteR/BUoDwDkFKTrzhF7x8F/GbFHd0yl3Nw8IL+h
ra9kLoOPcFKT0UJwrLTCsbEZbsL6YiTBF+cH1T3aFeqoEQ6xqPNrLGPuw4cA7mkr
FD5z6velvhbcE0COhWSb0MRhgbToSHMGToy8mMbXwQp42Clhg3ErLNeowzU0N36C
FxWqBzgqmAuYLaT+JkoHKm3AsocpseS+qVlb8SwaHbD58ORoR+b4rRa7sNVRuVF6
v0XuJf2EAVc/1/AoGHTRPvID
Generated at Thu Nov 7 21:39:20 2024 by rpki-client on console-ams.rpki-client.org