Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0Gq5LUMw10fvxc2sEHyDSB88daQ.roa
File:                     0Gq5LUMw10fvxc2sEHyDSB88daQ.roa (raw, json)
Hash identifier:          hXdMRotc3gL71QfGoMmZ06gewKeDw9IuAg6luLyEdQs=
Subject key identifier:   D0:6A:B9:2D:43:30:D7:47:EF:C5:CD:AC:10:7C:83:48:1F:3C:75:A4
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018CCA2A977EA47A9839A96925B8A4573E2C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0Gq5LUMw10fvxc2sEHyDSB88daQ.roa
Signing time:             Tue 02 Jan 2024 12:33:58 +0000
ROA not before:           Tue 02 Jan 2024 12:33:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     399045
IP address blocks:        194.87.201.0/24 maxlen: 24
                          195.133.72.0/24 maxlen: 24
                          194.87.245.0/24 maxlen: 24
                          194.87.151.0/24 maxlen: 24
                          194.87.88.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 Jan 2024 10:43:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2a:97:7e:a4:7a:98:39:a9:69:25:b8:a4:57:3e:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  2 12:33:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d06ab92d4330d747efc5cdac107c83481f3c75a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:95:07:83:6e:95:25:a8:40:68:5e:94:37:47:
                    ca:cb:14:7e:87:b9:e3:3a:11:af:b7:64:65:5d:62:
                    bf:d0:e0:4c:56:fa:5c:82:f6:43:e0:16:cc:63:84:
                    24:1b:52:e4:8c:8e:4e:9a:5f:f4:41:a7:32:df:43:
                    67:53:a0:46:68:c8:f8:a9:b4:5d:89:b1:b2:3b:9c:
                    be:8f:f5:8f:86:d2:a1:60:1d:99:0c:9a:87:19:23:
                    74:19:92:36:c2:32:2c:3c:45:e6:1c:4b:27:fd:ad:
                    03:95:54:84:c7:ba:01:da:90:f2:cd:ed:3f:24:05:
                    3d:07:c4:46:ad:f5:07:6e:78:f0:2b:ae:88:04:8e:
                    78:31:f8:ec:11:1f:e2:b0:44:c6:dd:c9:cf:f3:52:
                    67:12:b7:5a:aa:aa:8e:02:a2:b0:b6:bf:85:7c:ea:
                    63:b5:e6:10:97:74:84:d2:91:68:9d:b4:77:74:68:
                    ee:af:84:af:2f:ce:d9:74:f8:f1:d2:2f:94:95:2c:
                    60:02:30:95:30:fd:df:a9:54:64:51:7e:cc:cc:1e:
                    6a:34:94:e1:12:8f:07:61:4b:66:e4:5e:31:3d:7a:
                    83:7a:bc:b9:20:84:9e:aa:bb:f0:ba:18:28:1a:f0:
                    99:dd:70:c3:0f:83:1e:12:85:bb:26:ce:9e:06:01:
                    83:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:6A:B9:2D:43:30:D7:47:EF:C5:CD:AC:10:7C:83:48:1F:3C:75:A4
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0Gq5LUMw10fvxc2sEHyDSB88daQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.88.0/24
                  194.87.151.0/24
                  194.87.201.0/24
                  194.87.245.0/24
                  195.133.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:28:f6:de:5a:f2:3e:c1:d8:e1:b8:64:30:7b:48:a9:4c:f6:
         72:67:33:5b:33:09:b9:65:34:2f:b4:2d:eb:30:0a:8b:44:ad:
         78:33:20:01:c8:18:bb:12:4e:38:0d:c7:91:04:52:28:7b:89:
         4c:5a:80:c1:78:bd:ac:03:b2:f9:90:c9:1e:ee:a9:07:f2:d2:
         2f:5b:55:e5:3e:99:21:e5:06:64:74:ce:f2:0b:d0:1b:7c:b9:
         23:e1:a2:c7:28:c1:96:4c:bc:0b:80:94:7b:e9:d4:f7:5c:ca:
         ec:2d:f8:cb:d7:12:95:e4:55:35:74:35:58:5a:86:e6:5d:3d:
         ab:e4:79:f3:4d:72:0a:52:88:40:7c:c8:37:1a:f7:d7:5c:7f:
         99:e3:50:f1:eb:6f:1c:93:14:92:5b:07:5b:41:7f:e5:87:ae:
         10:43:7b:e5:2c:2b:5b:c8:32:e2:e4:ec:54:fb:17:05:a3:ab:
         ea:b0:7c:3e:03:22:61:f1:46:8c:5c:00:37:67:1d:8f:b9:8b:
         85:dd:e3:b9:d2:00:46:f2:03:51:74:cb:25:53:ce:07:e7:62:
         e8:de:fe:d1:e1:ef:9f:05:5d:a3:29:ff:55:ff:13:59:c8:20:
         60:35:4f:8d:13:20:0c:3a:6d:64:cf:77:6d:8e:1a:35:7e:fb:
         9c:10:52:8b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzKKpd+pHqYOalpJbikVz4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDZhYjkyZDQzMzBkNzQ3ZWZjNWNkYWMxMDdjODM0ODFmM2M3NWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJUHg26VJahAaF6UN0fKyxR+h7nj
OhGvt2RlXWK/0OBMVvpcgvZD4BbMY4QkG1LkjI5Oml/0Qacy30NnU6BGaMj4qbRd
ibGyO5y+j/WPhtKhYB2ZDJqHGSN0GZI2wjIsPEXmHEsn/a0DlVSEx7oB2pDyze0/
JAU9B8RGrfUHbnjwK66IBI54MfjsER/isETG3cnP81JnErdaqqqOAqKwtr+FfOpj
teYQl3SE0pFonbR3dGjur4SvL87ZdPjx0i+UlSxgAjCVMP3fqVRkUX7MzB5qNJTh
Eo8HYUtm5F4xPXqDery5IISeqrvwuhgoGvCZ3XDDD4MeEoW7Js6eBgGDSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNBquS1DMNdH78XNrBB8g0gfPHWkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMEdxNUxVTXcxMGZ2eGMyc0VIeURTQjg4ZGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwldYAwQA
wleXAwQAwlfJAwQAwlf1AwQAw4VIMA0GCSqGSIb3DQEBCwUAA4IBAQBuKPbeWvI+
wdjhuGQwe0ipTPZyZzNbMwm5ZTQvtC3rMAqLRK14MyAByBi7Ek44DceRBFIoe4lM
WoDBeL2sA7L5kMke7qkH8tIvW1XlPpkh5QZkdM7yC9AbfLkj4aLHKMGWTLwLgJR7
6dT3XMrsLfjL1xKV5FU1dDVYWobmXT2r5HnzTXIKUohAfMg3GvfXXH+Z41Dx628c
kxSSWwdbQX/lh64QQ3vlLCtbyDLi5OxU+xcFo6vqsHw+AyJh8UaMXAA3Zx2PuYuF
3eO50gBG8gNRdMslU84H52Lo3v7R4e+fBV2jKf9V/xNZyCBgNU+NEyAMOm1kz3dt
jho1fvucEFKL
-----END CERTIFICATE-----
Generated at Mon Jan 15 14:19:03 2024 by rpki-client on console-fra.rpki-client.org