Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-5rpKVDB8ZQ7IS2QCwJ_5hpZLeE.roa
File:                     1-5rpKVDB8ZQ7IS2QCwJ_5hpZLeE.roa (raw, json)
Hash identifier:          1A4lHCwAPRSFlufrP0gEOfuVUZBICtXFADPCf29w6go=
Subject key identifier:   FB:9A:E9:29:50:C1:F1:94:3B:21:2D:90:0B:02:7F:E6:1A:59:2D:E1
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018EE10D94093D162DFEC900CF8B07B6DB4F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-5rpKVDB8ZQ7IS2QCwJ_5hpZLeE.roa
Signing time:             Mon 15 Apr 2024 09:19:07 +0000
ROA not before:           Mon 15 Apr 2024 09:19:07 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        192.124.172.0/24 maxlen: 24
                          193.124.7.0/24 maxlen: 24
                          193.124.90.0/24 maxlen: 24
                          194.87.141.0/24 maxlen: 24
                          194.87.169.0/24 maxlen: 24
                          194.87.245.0/24 maxlen: 24
                          195.133.25.0/24 maxlen: 24
                          212.192.1.0/24 maxlen: 24
                          212.192.208.0/24 maxlen: 24
                          212.193.4.0/24 maxlen: 24
                          2a01:57c0::/29 maxlen: 29
                          2a0c:ff40::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 16 Apr 2024 12:27:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:e1:0d:94:09:3d:16:2d:fe:c9:00:cf:8b:07:b6:db:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Apr 15 09:19:07 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fb9ae92950c1f1943b212d900b027fe61a592de1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:82:b7:8d:4f:a3:fd:86:93:ae:cf:ef:52:bf:
                    70:c2:39:0a:09:c1:c2:b8:08:57:2e:c2:3d:3f:16:
                    16:e1:e6:01:86:62:45:56:4b:25:d1:c4:b7:88:c0:
                    99:12:9a:55:a9:c7:a9:9e:0a:83:eb:a4:eb:d7:e0:
                    a3:dd:f1:37:88:f1:97:c6:db:3d:01:17:70:2b:de:
                    3b:08:c9:b9:2d:2f:7b:c8:45:2f:fa:3d:41:90:7e:
                    47:38:b6:0c:91:f4:fb:b4:9e:39:63:e6:f3:c5:96:
                    68:7c:bc:d5:55:65:ac:45:80:82:31:61:47:08:a3:
                    85:d7:5a:d7:1d:b8:f9:08:f1:1e:0e:11:c7:1c:56:
                    0a:db:0c:0e:11:ea:d3:52:c3:fe:69:f7:b7:f9:7f:
                    ef:ad:c2:0e:59:25:b0:ac:15:cd:f3:b4:0a:af:c2:
                    5d:54:79:93:78:62:96:45:d2:9c:4d:a8:12:b3:e0:
                    a9:ef:6f:d5:b6:0f:78:81:7d:b0:a1:e7:0d:00:d3:
                    71:94:10:9d:6c:5b:b8:e3:f8:ff:14:aa:a7:c8:85:
                    ab:fd:23:b4:1b:42:3e:42:65:41:71:75:a3:37:93:
                    6c:2b:68:56:51:c2:47:b2:24:1b:6a:76:1a:b7:7c:
                    e2:c1:30:02:8a:22:23:fc:d3:86:84:93:a8:28:3c:
                    cd:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:9A:E9:29:50:C1:F1:94:3B:21:2D:90:0B:02:7F:E6:1A:59:2D:E1
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/1-5rpKVDB8ZQ7IS2QCwJ_5hpZLeE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.172.0/24
                  193.124.7.0/24
                  193.124.90.0/24
                  194.87.141.0/24
                  194.87.169.0/24
                  194.87.245.0/24
                  195.133.25.0/24
                  212.192.1.0/24
                  212.192.208.0/24
                  212.193.4.0/24
                IPv6:
                  2a01:57c0::/29
                  2a0c:ff40::/29

    Signature Algorithm: sha256WithRSAEncryption
         30:4d:b3:14:d8:b7:bd:a7:a1:bc:3c:93:b3:0a:2b:6f:44:a4:
         5f:d2:36:0e:46:21:e5:b3:e5:43:bf:72:53:91:66:81:40:e2:
         4a:fe:ba:a4:ad:20:ba:2d:fd:78:28:ad:ea:a4:52:10:37:97:
         de:10:69:d7:a1:ec:57:38:bd:48:b9:f7:54:4e:bf:f9:cd:1c:
         1b:15:07:56:40:d3:50:01:c4:5f:d5:6b:80:b8:39:de:f7:d4:
         05:91:7c:3e:56:57:5b:42:b4:3c:64:7a:34:ca:70:1b:dd:b1:
         57:16:2f:e2:5e:dc:8e:00:09:03:22:0e:1e:05:19:de:2f:8b:
         7a:9b:e2:9b:bb:de:3d:8d:ba:85:1b:c6:d5:c3:45:b7:a3:a0:
         dd:83:d8:5b:3d:b3:72:b3:a4:c4:a5:c9:1e:9d:9a:4e:9b:54:
         47:8d:24:71:98:92:94:e7:d2:a3:5c:22:22:a9:81:19:65:75:
         78:9f:46:81:8d:82:ee:45:e1:17:7d:39:05:71:f6:a5:ba:47:
         a4:34:a2:86:38:65:4f:d0:9b:71:e7:3b:7f:4a:43:8c:8e:e8:
         44:50:fe:e0:b4:f0:db:13:b1:f7:6e:78:90:0d:37:7f:48:05:
         a5:91:9c:c0:5f:be:9d:ad:d9:df:f6:3a:b3:21:64:8a:ce:4e:
         f5:3c:16:c6
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAY7hDZQJPRYt/skAz4sHtttPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNDE1MDkxOTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjlhZTkyOTUwYzFmMTk0M2IyMTJkOTAwYjAyN2ZlNjFhNTkyZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1oK3jU+j/YaTrs/vUr9wwjkKCcHC
uAhXLsI9PxYW4eYBhmJFVksl0cS3iMCZEppVqcepngqD66Tr1+Cj3fE3iPGXxts9
ARdwK947CMm5LS97yEUv+j1BkH5HOLYMkfT7tJ45Y+bzxZZofLzVVWWsRYCCMWFH
CKOF11rXHbj5CPEeDhHHHFYK2wwOEerTUsP+afe3+X/vrcIOWSWwrBXN87QKr8Jd
VHmTeGKWRdKcTagSs+Cp72/Vtg94gX2woecNANNxlBCdbFu44/j/FKqnyIWr/SO0
G0I+QmVBcXWjN5NsK2hWUcJHsiQbanYat3ziwTACiiIj/NOGhJOoKDzNhQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFPua6SlQwfGUOyEtkAsCf+YaWS3hMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMS01cnBLVkRCOFpRN0lTMlFDd0pfNWhwWkxlRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0
My8xL05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBrBggrBgEFBQcBBwEB/wRcMFowQgQCAAEwPAMEAMB8rAME
AMF8BwMEAMF8WgMEAMJXjQMEAMJXqQMEAMJX9QMEAMOFGQMEANTAAQMEANTA0AME
ANTBBDAUBAIAAjAOAwUDKgFXwAMFAyoM/0AwDQYJKoZIhvcNAQELBQADggEBADBN
sxTYt72nobw8k7MKK29EpF/SNg5GIeWz5UO/clORZoFA4kr+uqStILot/Xgoreqk
UhA3l94Qadeh7Fc4vUi591ROv/nNHBsVB1ZA01ABxF/Va4C4Od731AWRfD5WV1tC
tDxkejTKcBvdsVcWL+Je3I4ACQMiDh4FGd4vi3qb4pu73j2NuoUbxtXDRbejoN2D
2Fs9s3KzpMSlyR6dmk6bVEeNJHGYkpTn0qNcIiKpgRlldXifRoGNgu5F4Rd9OQVx
9qW6R6Q0ooY4ZU/Qm3HnO39KQ4yO6ERQ/uC08NsTsfdueJANN39IBaWRnMBfvp2t
2d/2OrMhZIrOTvU8FsY=
-----END CERTIFICATE-----
Generated at Tue Apr 16 15:47:07 2024 by rpki-client on console-fra.rpki-client.org