Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/_-y86VYYA0rqM9IMs9VvLVWrFgU.roa
File:                     _-y86VYYA0rqM9IMs9VvLVWrFgU.roa (raw, json)
Hash identifier:          DaYa9imwmqDkpNwhRTYOKnXuUybkvl8wbZotLSZJ33c=
Subject key identifier:   FF:EC:BC:E9:56:18:03:4A:EA:33:D2:0C:B3:D5:6F:2D:55:AB:16:05
Certificate issuer:       /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial:       018EA30E7BFC084AE10C56CD96C8D9E80CDC
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/_-y86VYYA0rqM9IMs9VvLVWrFgU.roa
Signing time:             Wed 03 Apr 2024 08:23:39 +0000
ROA not before:           Wed 03 Apr 2024 08:23:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34758
IP address blocks:        31.6.80.0/20 maxlen: 20
                          31.6.80.0/24 maxlen: 24
                          31.6.81.0/24 maxlen: 24
                          31.6.82.0/24 maxlen: 24
                          31.6.83.0/24 maxlen: 24
                          31.6.84.0/24 maxlen: 24
                          31.6.85.0/24 maxlen: 24
                          31.6.86.0/24 maxlen: 24
                          31.6.87.0/24 maxlen: 24
                          31.6.88.0/24 maxlen: 24
                          31.6.89.0/24 maxlen: 24
                          31.6.90.0/24 maxlen: 24
                          31.6.91.0/24 maxlen: 24
                          31.6.92.0/24 maxlen: 24
                          31.6.93.0/24 maxlen: 24
                          31.6.94.0/24 maxlen: 24
                          31.6.95.0/24 maxlen: 24
                          45.13.88.0/22 maxlen: 22
                          45.13.88.0/24 maxlen: 24
                          45.13.89.0/24 maxlen: 24
                          45.13.90.0/24 maxlen: 24
                          45.13.91.0/24 maxlen: 24
                          45.93.36.0/22 maxlen: 22
                          45.93.36.0/24 maxlen: 24
                          45.93.37.0/24 maxlen: 24
                          45.93.38.0/24 maxlen: 24
                          45.93.39.0/24 maxlen: 24
                          92.246.96.0/21 maxlen: 21
                          92.246.96.0/24 maxlen: 24
                          92.246.97.0/24 maxlen: 24
                          92.246.98.0/24 maxlen: 24
                          92.246.99.0/24 maxlen: 24
                          92.246.100.0/24 maxlen: 24
                          92.246.101.0/24 maxlen: 24
                          92.246.102.0/24 maxlen: 24
                          92.246.103.0/24 maxlen: 24
                          92.246.112.0/20 maxlen: 20
                          92.246.112.0/24 maxlen: 24
                          92.246.113.0/24 maxlen: 24
                          92.246.114.0/24 maxlen: 24
                          92.246.115.0/24 maxlen: 24
                          92.246.116.0/24 maxlen: 24
                          92.246.117.0/24 maxlen: 24
                          92.246.118.0/24 maxlen: 24
                          92.246.119.0/24 maxlen: 24
                          92.246.120.0/24 maxlen: 24
                          92.246.121.0/24 maxlen: 24
                          92.246.122.0/24 maxlen: 24
                          92.246.123.0/24 maxlen: 24
                          92.246.124.0/24 maxlen: 24
                          92.246.125.0/24 maxlen: 24
                          92.246.126.0/24 maxlen: 24
                          92.246.127.0/24 maxlen: 24
                          93.93.16.0/21 maxlen: 21
                          93.93.16.0/24 maxlen: 24
                          93.93.18.0/24 maxlen: 24
                          93.93.19.0/24 maxlen: 24
                          93.93.20.0/24 maxlen: 24
                          93.93.21.0/24 maxlen: 24
                          93.93.22.0/24 maxlen: 24
                          93.93.23.0/24 maxlen: 24
                          109.234.136.0/21 maxlen: 21
                          109.234.136.0/24 maxlen: 24
                          109.234.137.0/24 maxlen: 24
                          109.234.138.0/24 maxlen: 24
                          109.234.139.0/24 maxlen: 24
                          109.234.140.0/24 maxlen: 24
                          109.234.141.0/24 maxlen: 24
                          109.234.142.0/24 maxlen: 24
                          109.234.143.0/24 maxlen: 24
                          146.255.160.0/21 maxlen: 21
                          146.255.160.0/24 maxlen: 24
                          146.255.161.0/24 maxlen: 24
                          146.255.162.0/24 maxlen: 24
                          146.255.163.0/24 maxlen: 24
                          146.255.164.0/24 maxlen: 24
                          146.255.165.0/24 maxlen: 24
                          146.255.166.0/24 maxlen: 24
                          146.255.167.0/24 maxlen: 24
                          159.255.156.0/22 maxlen: 22
                          159.255.156.0/24 maxlen: 24
                          159.255.157.0/24 maxlen: 24
                          159.255.158.0/24 maxlen: 24
                          159.255.159.0/24 maxlen: 24
                          185.23.84.0/22 maxlen: 22
                          185.23.84.0/24 maxlen: 24
                          185.23.85.0/24 maxlen: 24
                          185.23.86.0/24 maxlen: 24
                          185.23.87.0/24 maxlen: 24
                          185.103.80.0/22 maxlen: 22
                          185.103.80.0/24 maxlen: 24
                          185.103.81.0/24 maxlen: 24
                          185.103.82.0/24 maxlen: 24
                          185.103.83.0/24 maxlen: 24
                          185.126.140.0/22 maxlen: 22
                          185.126.140.0/24 maxlen: 24
                          185.126.141.0/24 maxlen: 24
                          185.126.142.0/24 maxlen: 24
                          185.126.143.0/24 maxlen: 24
                          185.158.28.0/22 maxlen: 22
                          185.158.30.0/23 maxlen: 23
                          185.158.30.0/24 maxlen: 24
                          185.158.31.0/24 maxlen: 24
                          185.171.36.0/22 maxlen: 22
                          185.171.36.0/24 maxlen: 24
                          185.171.37.0/24 maxlen: 24
                          185.171.38.0/24 maxlen: 24
                          185.171.39.0/24 maxlen: 24
                          193.238.136.0/22 maxlen: 22
                          193.238.136.0/24 maxlen: 24
                          193.238.137.0/24 maxlen: 24
                          193.238.138.0/24 maxlen: 24
                          193.238.139.0/24 maxlen: 24
                          195.225.224.0/22 maxlen: 22
                          195.225.224.0/24 maxlen: 24
                          195.225.225.0/24 maxlen: 24
                          195.225.226.0/24 maxlen: 24
                          195.225.227.0/24 maxlen: 24
                          217.72.32.0/21 maxlen: 21
                          217.72.32.0/24 maxlen: 24
                          217.72.33.0/24 maxlen: 24
                          217.72.34.0/24 maxlen: 24
                          217.72.35.0/24 maxlen: 24
                          217.72.36.0/24 maxlen: 24
                          217.72.37.0/24 maxlen: 24
                          217.72.38.0/24 maxlen: 24
                          217.72.39.0/24 maxlen: 24
                          2a04:2080::/29 maxlen: 48
                          2a06:c2c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 15:28:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a3:0e:7b:fc:08:4a:e1:0c:56:cd:96:c8:d9:e8:0c:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
        Validity
            Not Before: Apr  3 08:23:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ffecbce95618034aea33d20cb3d56f2d55ab1605
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:ff:dd:ca:17:45:ae:5d:b8:57:e2:0a:b0:2f:
                    fd:d7:de:37:85:91:d1:22:b4:f5:0b:01:db:58:97:
                    61:18:8a:0f:42:58:dc:05:51:cf:9c:3a:a9:e5:fb:
                    21:21:fd:7a:c5:03:24:7b:aa:01:56:27:61:fb:9f:
                    04:38:6b:b1:fb:96:67:ce:49:04:e4:8c:35:a4:e9:
                    bb:13:a8:a9:9a:17:ae:30:76:a1:ac:20:dd:11:d0:
                    50:3c:08:57:b2:03:71:55:30:3e:2d:7e:20:33:07:
                    56:a9:12:24:18:9a:15:65:66:77:a4:ca:21:f9:9c:
                    be:ad:09:c8:1f:45:d2:8d:f0:8d:72:88:34:a1:ea:
                    f8:7c:f9:03:7c:4c:c6:49:81:2a:eb:a4:63:8b:1f:
                    ab:dd:0a:6c:6f:99:fc:21:ab:23:09:32:cc:57:70:
                    df:d8:1b:d3:3e:49:3a:c6:b6:ed:ac:91:ea:66:20:
                    3c:09:51:6e:f5:86:29:83:96:f6:e1:85:13:14:0f:
                    2d:f3:34:21:77:72:5e:44:01:30:eb:cf:bf:f0:1d:
                    70:1c:f2:a7:c8:39:83:34:ab:d2:75:ff:14:3f:77:
                    5e:09:4b:53:ed:8a:85:4a:7a:18:0c:b6:db:59:f4:
                    21:f3:a3:f3:bb:53:07:c1:a7:9d:b1:a6:71:ec:0f:
                    1d:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:EC:BC:E9:56:18:03:4A:EA:33:D2:0C:B3:D5:6F:2D:55:AB:16:05
            X509v3 Authority Key Identifier:
                keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/_-y86VYYA0rqM9IMs9VvLVWrFgU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.6.80.0/20
                  45.13.88.0/22
                  45.93.36.0/22
                  92.246.96.0/21
                  92.246.112.0/20
                  93.93.16.0/21
                  109.234.136.0/21
                  146.255.160.0/21
                  159.255.156.0/22
                  185.23.84.0/22
                  185.103.80.0/22
                  185.126.140.0/22
                  185.158.28.0/22
                  185.171.36.0/22
                  193.238.136.0/22
                  195.225.224.0/22
                  217.72.32.0/21
                IPv6:
                  2a04:2080::/29
                  2a06:c2c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         0d:3e:e0:75:c8:d2:48:fb:4f:eb:44:c9:f9:e7:a1:1c:a6:16:
         bf:27:2d:d1:c0:67:e3:0c:38:b9:11:8f:6c:92:d8:b6:51:55:
         8b:de:6f:f3:3d:6b:9b:ed:b6:18:a4:87:4c:87:f7:a2:ac:b9:
         05:05:ad:41:29:af:45:14:a6:71:13:d9:0a:a5:d7:4f:1a:aa:
         af:a7:6c:33:b1:37:d0:6b:4f:d8:91:04:79:f6:a8:36:d7:b8:
         9d:be:1b:6b:0e:28:41:60:92:a3:d6:53:64:1b:f8:13:f2:94:
         88:49:3c:47:76:ec:5f:b5:06:c4:56:53:8b:c4:66:0c:13:28:
         b0:9a:cc:2c:51:d2:fb:85:66:c8:bb:a7:19:e7:50:ad:bb:2c:
         c3:33:0c:23:10:72:04:cc:b0:60:bc:e1:03:80:11:73:63:dd:
         bc:f2:69:9e:cf:1d:40:fb:65:e3:6c:b2:3f:02:15:1a:c2:9f:
         f2:38:9b:2d:ff:4e:12:3e:fa:17:10:66:b5:f3:77:0a:91:1b:
         bb:e8:bb:a6:1d:2a:64:98:91:75:ef:9b:08:a0:b8:1c:e6:29:
         6e:4d:0f:6e:29:d4:aa:54:60:49:ad:74:f9:89:ed:dd:23:95:
         28:af:a1:69:00:86:2f:57:05:db:9d:4d:ae:45:3f:1b:5a:64:
         80:2d:0a:7d
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAY6jDnv8CErhDFbNlsjZ6AzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTQ5YjQ3ZGYzMTNjYmFiOTQ1MmRhOThmY2M2Mzc2MDhh
OTA5YmQwHhcNMjQwNDAzMDgyMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmVjYmNlOTU2MTgwMzRhZWEzM2QyMGNiM2Q1NmYyZDU1YWIxNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiv/dyhdFrl24V+IKsC/91943hZHR
IrT1CwHbWJdhGIoPQljcBVHPnDqp5fshIf16xQMke6oBVidh+58EOGux+5ZnzkkE
5Iw1pOm7E6ipmheuMHahrCDdEdBQPAhXsgNxVTA+LX4gMwdWqRIkGJoVZWZ3pMoh
+Zy+rQnIH0XSjfCNcog0oer4fPkDfEzGSYEq66Rjix+r3Qpsb5n8IasjCTLMV3Df
2BvTPkk6xrbtrJHqZiA8CVFu9YYpg5b24YUTFA8t8zQhd3JeRAEw68+/8B1wHPKn
yDmDNKvSdf8UP3deCUtT7YqFSnoYDLbbWfQh86Pzu1MHwaedsaZx7A8d8QIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFP/svOlWGANK6jPSDLPVby1VqxYFMB8GA1UdIwQY
MBaAFHGUm0ffMTy6uUUtqY/MY3YIqQm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgt
MDA2NmY1NDFmYWVhLzEvXy15ODZWWVlBMHJxTTlJTXM5VnZMVldyRmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgtMDA2NmY1NDFmYWVh
LzEvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBsBAIAATBmAwQEHwZQ
AwQCLQ1YAwQCLV0kAwQDXPZgAwQEXPZwAwQDXV0QAwQDbeqIAwQDkv+gAwQCn/+c
AwQCuRdUAwQCuWdQAwQCuX6MAwQCuZ4cAwQCuaskAwQCwe6IAwQCw+HgAwQD2Ugg
MBQEAgACMA4DBQMqBCCAAwUDKgbCwDANBgkqhkiG9w0BAQsFAAOCAQEADT7gdcjS
SPtP60TJ+eehHKYWvyct0cBn4ww4uRGPbJLYtlFVi95v8z1rm+22GKSHTIf3oqy5
BQWtQSmvRRSmcRPZCqXXTxqqr6dsM7E30GtP2JEEefaoNte4nb4baw4oQWCSo9ZT
ZBv4E/KUiEk8R3bsX7UGxFZTi8RmDBMosJrMLFHS+4VmyLunGedQrbsswzMMIxBy
BMywYLzhA4ARc2PdvPJpns8dQPtl42yyPwIVGsKf8jibLf9OEj76FxBmtfN3CpEb
u+i7ph0qZJiRde+bCKC4HOYpbk0PbinUqlRgSa10+Ynt3SOVKK+haQCGL1cF251N
rkU/G1pkgC0KfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:40 2024 by rpki-client on console-ams.rpki-client.org