Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/svFmIpWkjSfz7SfTzezD5iLw6kk.roa
File:                     svFmIpWkjSfz7SfTzezD5iLw6kk.roa (raw, json)
Hash identifier:          fSvaJQVtpzMxPapdmGNEkce0pU6Y7pazLwR8BJuR4qs=
Subject key identifier:   B2:F1:66:22:95:A4:8D:27:F3:ED:27:D3:CD:EC:C3:E6:22:F0:EA:49
Certificate issuer:       /CN=da6525de4aa6d0ca1ae7bd8ee1e35bfd269649bb
Certificate serial:       018C66CBDF94828BD49B965788AF66733D1F
Authority key identifier: DA:65:25:DE:4A:A6:D0:CA:1A:E7:BD:8E:E1:E3:5B:FD:26:96:49:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2mUl3kqm0Moa572O4eNb_SaWSbs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/svFmIpWkjSfz7SfTzezD5iLw6kk.roa
Signing time:             Thu 14 Dec 2023 05:28:06 +0000
ROA not before:           Thu 14 Dec 2023 05:28:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49273
IP address blocks:        188.113.227.0/24 maxlen: 24
                          188.113.230.0/24 maxlen: 24
                          188.113.231.0/24 maxlen: 24
                          188.113.228.0/24 maxlen: 24
                          188.113.229.0/24 maxlen: 24
                          188.113.233.0/24 maxlen: 24
                          188.113.232.0/24 maxlen: 24
                          188.113.234.0/24 maxlen: 24
                          188.113.237.0/24 maxlen: 24
                          188.113.238.0/24 maxlen: 24
                          188.113.235.0/24 maxlen: 24
                          188.113.236.0/24 maxlen: 24
                          188.113.240.0/24 maxlen: 24
                          188.113.239.0/24 maxlen: 24
                          188.113.246.0/24 maxlen: 24
                          188.113.241.0/24 maxlen: 24
                          188.113.244.0/24 maxlen: 24
                          188.113.245.0/24 maxlen: 24
                          188.113.242.0/24 maxlen: 24
                          188.113.243.0/24 maxlen: 24
                          188.113.247.0/24 maxlen: 24
                          188.113.248.0/24 maxlen: 24
                          188.113.251.0/24 maxlen: 24
                          188.113.252.0/24 maxlen: 24
                          188.113.249.0/24 maxlen: 24
                          188.113.250.0/24 maxlen: 24
                          188.113.253.0/24 maxlen: 24
                          188.113.254.0/24 maxlen: 24
                          188.113.255.0/24 maxlen: 24
                          188.113.192.0/24 maxlen: 24
                          188.113.195.0/24 maxlen: 24
                          188.113.196.0/24 maxlen: 24
                          188.113.193.0/24 maxlen: 24
                          188.113.194.0/24 maxlen: 24
                          188.113.199.0/24 maxlen: 24
                          188.113.197.0/24 maxlen: 24
                          188.113.198.0/24 maxlen: 24
                          188.113.202.0/24 maxlen: 24
                          188.113.203.0/24 maxlen: 24
                          188.113.200.0/24 maxlen: 24
                          188.113.201.0/24 maxlen: 24
                          188.113.206.0/24 maxlen: 24
                          188.113.204.0/24 maxlen: 24
                          188.113.205.0/24 maxlen: 24
                          188.113.209.0/24 maxlen: 24
                          188.113.210.0/24 maxlen: 24
                          188.113.207.0/24 maxlen: 24
                          188.113.208.0/24 maxlen: 24
                          188.113.213.0/24 maxlen: 24
                          188.113.211.0/24 maxlen: 24
                          188.113.212.0/24 maxlen: 24
                          188.113.218.0/24 maxlen: 24
                          188.113.219.0/24 maxlen: 24
                          188.113.216.0/24 maxlen: 24
                          188.113.217.0/24 maxlen: 24
                          188.113.214.0/24 maxlen: 24
                          188.113.215.0/24 maxlen: 24
                          188.113.224.0/24 maxlen: 24
                          188.113.221.0/24 maxlen: 24
                          188.113.222.0/24 maxlen: 24
                          188.113.226.0/24 maxlen: 24
                          188.113.225.0/24 maxlen: 24
                          185.208.177.0/24 maxlen: 24
                          185.208.176.0/24 maxlen: 24
                          185.208.178.0/24 maxlen: 24
                          185.208.179.0/24 maxlen: 24
                          45.153.67.0/24 maxlen: 24
                          45.153.65.0/24 maxlen: 24
                          45.153.66.0/24 maxlen: 24
                          45.153.60.0/24 maxlen: 24
                          45.153.63.0/24 maxlen: 24
                          45.153.64.0/24 maxlen: 24
                          45.153.61.0/24 maxlen: 24
                          45.153.62.0/24 maxlen: 24
                          2a02:f7c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:66:cb:df:94:82:8b:d4:9b:96:57:88:af:66:73:3d:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da6525de4aa6d0ca1ae7bd8ee1e35bfd269649bb
        Validity
            Not Before: Dec 14 05:28:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b2f1662295a48d27f3ed27d3cdecc3e622f0ea49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c3:0d:63:ba:d3:ce:8a:e7:82:eb:98:58:6e:
                    10:02:84:fe:16:35:c5:84:44:7b:b9:88:5c:be:43:
                    88:6d:4a:42:46:f0:3a:2a:0a:47:d9:cd:61:5c:0c:
                    56:72:ad:d3:21:d3:01:8e:5f:97:04:a7:7d:3c:a7:
                    24:24:b8:f9:d3:10:33:12:d6:d5:1f:0a:5a:6e:ba:
                    63:75:99:10:52:d2:0a:c5:aa:20:d4:fd:f8:9f:f9:
                    cc:11:21:5e:fc:bd:29:aa:0f:d0:c4:a4:cc:43:97:
                    dd:8c:3f:79:fc:70:05:d0:ec:91:22:e3:d1:7b:29:
                    36:f6:fb:72:fb:f2:5e:83:a2:54:38:8f:0c:b2:80:
                    18:0a:34:08:89:51:50:ba:62:08:44:48:cf:42:cb:
                    9d:b0:41:62:08:98:30:77:e8:73:0a:99:30:fb:11:
                    5c:cc:29:a2:fa:60:29:ef:29:11:72:4f:df:ac:cc:
                    46:8f:7b:94:0b:74:1b:04:fc:e8:a1:65:9d:44:9e:
                    cc:07:0b:c5:e7:0a:61:e7:77:62:02:6d:d6:00:e1:
                    c9:fd:0d:0f:b9:cd:72:93:62:bb:54:40:52:5f:ab:
                    95:74:23:b3:6c:58:69:5c:6c:de:3b:4d:d5:d0:6f:
                    50:50:f4:6f:b4:d9:06:f4:76:70:ca:63:7c:5a:35:
                    f1:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:F1:66:22:95:A4:8D:27:F3:ED:27:D3:CD:EC:C3:E6:22:F0:EA:49
            X509v3 Authority Key Identifier:
                keyid:DA:65:25:DE:4A:A6:D0:CA:1A:E7:BD:8E:E1:E3:5B:FD:26:96:49:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2mUl3kqm0Moa572O4eNb_SaWSbs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/svFmIpWkjSfz7SfTzezD5iLw6kk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/ac567d-46d2-4081-94ef-eedf76077f09/1/2mUl3kqm0Moa572O4eNb_SaWSbs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.60.0-45.153.67.255
                  185.208.176.0/22
                  188.113.192.0-188.113.219.255
                  188.113.221.0-188.113.222.255
                  188.113.224.0/19
                IPv6:
                  2a02:f7c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         1e:7c:f2:a7:74:8b:2c:18:c9:f2:e9:76:fa:a3:2e:2a:8a:9a:
         81:4c:c0:d0:02:e0:1a:48:e6:9a:49:95:18:cb:4f:89:a4:66:
         96:35:cc:73:0b:33:3d:ae:b9:49:1c:ae:43:58:b9:be:9b:72:
         98:5f:d6:d2:ad:50:39:d4:9a:5d:17:40:70:f4:1e:21:cc:2e:
         d5:c3:b1:30:e3:ad:8d:bc:80:24:92:2c:92:6f:79:02:bf:1e:
         b5:43:e7:84:7d:c6:80:b0:f0:79:d8:f9:2a:fb:d6:a7:90:10:
         61:b6:5d:e4:f8:7e:d7:db:3b:0a:6f:3f:cc:86:d9:35:f3:5d:
         02:1a:3d:c7:fc:55:68:ec:79:bd:08:5d:60:ad:95:cc:2b:c6:
         d9:3b:a1:2c:77:ba:ae:e1:8c:40:c4:cd:8b:35:98:f7:c7:4b:
         3b:0e:f7:e6:dc:b3:d7:fb:61:1e:8d:77:01:42:a7:9f:0d:b3:
         0e:a7:d6:d4:b2:00:63:af:c9:00:eb:3a:90:a4:c5:4d:55:d5:
         35:a7:e5:d6:da:9d:6d:9d:11:76:ed:b2:19:6a:37:07:c6:a8:
         f4:be:31:3b:e6:05:a5:93:12:46:9b:12:59:49:d4:89:80:b4:
         e8:31:e3:1d:54:24:fa:a8:f9:fd:3f:6c:f1:50:99:d1:8c:94:
         42:c0:36:3b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYxmy9+UgovUm5ZXiK9mcz0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjUyNWRlNGFhNmQwY2ExYWU3YmQ4ZWUxZTM1YmZkMjY5
NjQ5YmIwHhcNMjMxMjE0MDUyODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmYxNjYyMjk1YTQ4ZDI3ZjNlZDI3ZDNjZGVjYzNlNjIyZjBlYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMMNY7rTzornguuYWG4QAoT+FjXF
hER7uYhcvkOIbUpCRvA6KgpH2c1hXAxWcq3TIdMBjl+XBKd9PKckJLj50xAzEtbV
HwpabrpjdZkQUtIKxaog1P34n/nMESFe/L0pqg/QxKTMQ5fdjD95/HAF0OyRIuPR
eyk29vty+/Jeg6JUOI8MsoAYCjQIiVFQumIIREjPQsudsEFiCJgwd+hzCpkw+xFc
zCmi+mAp7ykRck/frMxGj3uUC3QbBPzooWWdRJ7MBwvF5wph53diAm3WAOHJ/Q0P
uc1yk2K7VEBSX6uVdCOzbFhpXGzeO03V0G9QUPRvtNkG9HZwymN8WjXxbwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFLLxZiKVpI0n8+0n083sw+Yi8OpJMB8GA1UdIwQY
MBaAFNplJd5KptDKGue9juHjW/0mlkm7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1VbDNrcW0wTW9hNTcyTzRlTmJfU2FXU2JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9hYzU2N2QtNDZkMi00MDgxLTk0ZWYt
ZWVkZjc2MDc3ZjA5LzEvc3ZGbUlwV2tqU2Z6N1NmVHplekQ1aUx3NmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9hYzU2N2QtNDZkMi00MDgxLTk0ZWYtZWVkZjc2MDc3ZjA5
LzEvMm1VbDNrcW0wTW9hNTcyTzRlTmJfU2FXU2JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2MAwDBAItmTwD
BAItmUADBAK50LAwDAMEBrxxwAMEArxx2DAMAwQAvHHdAwQAvHHeAwQFvHHgMA0E
AgACMAcDBQAqAvfAMA0GCSqGSIb3DQEBCwUAA4IBAQAefPKndIssGMny6Xb6oy4q
ipqBTMDQAuAaSOaaSZUYy0+JpGaWNcxzCzM9rrlJHK5DWLm+m3KYX9bSrVA51Jpd
F0Bw9B4hzC7Vw7Ew462NvIAkkiySb3kCvx61Q+eEfcaAsPB52Pkq+9ankBBhtl3k
+H7X2zsKbz/Mhtk1810CGj3H/FVo7Hm9CF1grZXMK8bZO6Esd7qu4YxAxM2LNZj3
x0s7Dvfm3LPX+2EejXcBQqefDbMOp9bUsgBjr8kA6zqQpMVNVdU1p+XW2p1tnRF2
7bIZajcHxqj0vjE75gWlkxJGmxJZSdSJgLToMeMdVCT6qPn9P2zxUJnRjJRCwDY7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:14 2024 by rpki-client on console-ams.rpki-client.org