Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5i6SsNt1us4t9DvDX5walqVLkQ8.roa
File:                     5i6SsNt1us4t9DvDX5walqVLkQ8.roa (raw, json)
Hash identifier:          8G4zaQ4uWWH4ujHGm1tjVuGxnQ1oSUM+WMfcRLkr7Ro=
Subject key identifier:   E6:2E:92:B0:DB:75:BA:CE:2D:F4:3B:C3:5F:9C:1A:96:A5:4B:91:0F
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0189CF9249154B8B0A863498F8123EB7B60C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5i6SsNt1us4t9DvDX5walqVLkQ8.roa
Signing time:             Mon 07 Aug 2023 10:36:57 +0000
ROA not before:           Mon 07 Aug 2023 10:36:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399471
IP address blocks:        194.87.52.0/24 maxlen: 24
                          194.85.250.0/24 maxlen: 24
                          212.192.246.0/24 maxlen: 24
                          195.133.39.0/24 maxlen: 24
                          212.192.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 10:43:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:cf:92:49:15:4b:8b:0a:86:34:98:f8:12:3e:b7:b6:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug  7 10:36:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e62e92b0db75bace2df43bc35f9c1a96a54b910f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:5c:2e:cb:7b:50:55:64:4c:ac:e0:f5:50:09:
                    ea:e6:6d:ec:e1:25:a7:c4:9a:6a:61:e1:17:61:ef:
                    53:84:76:92:37:64:4e:9e:85:2d:54:af:ba:80:11:
                    d9:76:e6:4e:57:a8:d8:4a:69:8e:dd:38:c7:c5:a1:
                    d5:0e:b1:a0:3d:49:93:9e:72:97:82:2b:d5:55:36:
                    a5:51:07:e6:32:fd:98:17:19:24:02:b5:83:dc:5c:
                    7b:4e:bc:f4:69:fe:0e:31:c7:a7:34:62:9d:df:53:
                    e0:00:c6:04:b1:1f:4e:87:13:aa:e4:14:d5:1e:cf:
                    d6:e8:ff:47:aa:0d:a8:18:13:e1:04:78:4d:7f:49:
                    f6:22:12:61:b1:6d:88:8c:a8:c2:ad:8f:71:bc:be:
                    b4:81:1b:b4:6a:47:93:af:a5:df:fd:eb:31:02:32:
                    bb:ba:cd:b7:a5:37:fa:99:57:11:4e:89:22:83:a1:
                    c9:d7:f1:75:72:c1:03:ec:09:e3:71:e1:bb:49:42:
                    82:ed:12:92:2f:4f:be:8a:6a:bf:98:69:0a:7e:bb:
                    b6:17:0b:34:dc:c0:87:9d:91:1e:9a:1c:3c:a4:0c:
                    cf:90:9f:9d:66:74:67:19:10:06:9d:ed:7e:fe:1d:
                    07:9e:87:84:01:46:a7:47:89:b9:ef:65:e1:62:76:
                    4c:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:2E:92:B0:DB:75:BA:CE:2D:F4:3B:C3:5F:9C:1A:96:A5:4B:91:0F
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5i6SsNt1us4t9DvDX5walqVLkQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.85.250.0/24
                  194.87.52.0/24
                  195.133.39.0/24
                  212.192.245.0-212.192.246.255

    Signature Algorithm: sha256WithRSAEncryption
         78:9d:30:28:56:8d:95:5d:c7:d8:d1:a9:f6:03:f1:01:48:f9:
         5d:ed:ad:18:da:c4:46:1c:f8:61:52:e3:c6:ea:96:f6:9c:ed:
         9c:66:fc:02:3a:7f:20:34:1c:5d:52:d0:a7:23:60:99:c2:86:
         d2:5a:46:83:b1:19:d4:28:d2:c0:28:a1:93:d1:d7:71:49:3d:
         3c:c2:32:20:0f:1b:40:26:3a:80:ce:8f:70:0e:b5:b0:60:a3:
         b1:25:e6:be:71:eb:df:aa:51:f1:17:11:47:35:73:f0:19:6f:
         1b:b6:3a:8f:0d:47:73:7a:35:98:b8:63:06:79:b6:82:f5:cf:
         12:65:14:97:a2:95:68:bf:b6:45:a2:b4:f0:0a:6d:c0:a9:6c:
         74:1d:c7:04:eb:8b:37:cd:d0:32:eb:71:e1:11:1a:fa:31:35:
         65:81:d4:cd:a0:94:01:b2:ca:09:e5:6a:58:4a:a5:63:b7:0c:
         f9:40:91:fd:7e:9e:a7:1e:40:59:6d:d5:26:40:2f:89:cf:48:
         c8:48:a6:d6:3b:98:06:9b:c6:ac:aa:56:35:32:ab:43:3a:53:
         ad:3f:42:24:b4:9d:cc:f0:f8:87:07:13:34:b2:0d:99:1b:d6:
         f8:d4:29:d1:30:78:59:0a:ad:6f:d8:dc:ad:2c:5d:73:16:4a:
         d0:0e:8b:12
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYnPkkkVS4sKhjSY+BI+t7YMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA3MTAzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjJlOTJiMGRiNzViYWNlMmRmNDNiYzM1ZjljMWE5NmE1NGI5MTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVwuy3tQVWRMrOD1UAnq5m3s4SWn
xJpqYeEXYe9ThHaSN2ROnoUtVK+6gBHZduZOV6jYSmmO3TjHxaHVDrGgPUmTnnKX
givVVTalUQfmMv2YFxkkArWD3Fx7Trz0af4OMcenNGKd31PgAMYEsR9OhxOq5BTV
Hs/W6P9Hqg2oGBPhBHhNf0n2IhJhsW2IjKjCrY9xvL60gRu0akeTr6Xf/esxAjK7
us23pTf6mVcRTokig6HJ1/F1csED7AnjceG7SUKC7RKSL0++imq/mGkKfru2Fws0
3MCHnZEemhw8pAzPkJ+dZnRnGRAGne1+/h0HnoeEAUanR4m572XhYnZM0wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOYukrDbdbrOLfQ7w1+cGpalS5EPMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNWk2U3NOdDF1czR0OUR2RFg1d2FscVZMa1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAwlX6AwQA
wlc0AwQAw4UnMAwDBADUwPUDBADUwPYwDQYJKoZIhvcNAQELBQADggEBAHidMChW
jZVdx9jRqfYD8QFI+V3trRjaxEYc+GFS48bqlvac7Zxm/AI6fyA0HF1S0KcjYJnC
htJaRoOxGdQo0sAooZPR13FJPTzCMiAPG0AmOoDOj3AOtbBgo7El5r5x69+qUfEX
EUc1c/AZbxu2Oo8NR3N6NZi4YwZ5toL1zxJlFJeilWi/tkWitPAKbcCpbHQdxwTr
izfN0DLrceERGvoxNWWB1M2glAGyygnlalhKpWO3DPlAkf1+nqceQFlt1SZAL4nP
SMhIptY7mAabxqyqVjUyq0M6U60/QiS0nczw+IcHEzSyDZkb1vjUKdEweFkKrW/Y
3K0sXXMWStAOixI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:06 2024 by rpki-client on console-fra.rpki-client.org