Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6SXs03qf0ckOTzicN-lWkCf750I.roa
File:                     6SXs03qf0ckOTzicN-lWkCf750I.roa (raw, json)
Hash identifier:          63LTFGhehOPXWRiHWd6FlhrUqCKGOOQo4gEnaR85VFA=
Subject key identifier:   E9:25:EC:D3:7A:9F:D1:C9:0E:4F:38:9C:37:E9:56:90:27:FB:E7:42
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0186A2F1523A870987A69AE8D38BB1F7DCDB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6SXs03qf0ckOTzicN-lWkCf750I.roa
Signing time:             Thu 02 Mar 2023 15:29:29 +0000
ROA not before:           Thu 02 Mar 2023 15:29:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213035
IP address blocks:        212.193.31.0/24 maxlen: 24
                          193.124.227.0/24 maxlen: 24
                          212.193.28.0/24 maxlen: 24
                          195.133.13.0/24 maxlen: 24
                          212.192.4.0/24 maxlen: 24
                          195.133.37.0/24 maxlen: 24
                          212.192.240.0/24 maxlen: 24
                          194.85.251.0/24 maxlen: 24
                          194.85.249.0/24 maxlen: 24
                          195.133.39.0/24 maxlen: 24
                          192.124.188.0/24 maxlen: 24
                          195.133.40.0/22 maxlen: 24
                          194.87.187.0/24 maxlen: 24
                          194.87.84.0/24 maxlen: 24
                          194.87.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 Mar 2023 12:35:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a2:f1:52:3a:87:09:87:a6:9a:e8:d3:8b:b1:f7:dc:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Mar  2 15:29:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e925ecd37a9fd1c90e4f389c37e9569027fbe742
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:bd:f8:6f:51:60:9f:4e:01:0b:c6:b5:4a:4f:
                    5e:3d:c1:65:b2:d1:85:94:bb:df:ab:db:87:ae:fe:
                    74:35:c6:cd:75:2f:3c:5d:d1:07:d4:85:d6:db:68:
                    1b:aa:24:7d:69:1b:a6:b6:3b:bc:89:5f:4d:6d:07:
                    7e:cf:c2:a2:4c:df:d1:b4:61:f2:1f:cb:f2:53:59:
                    62:c6:f1:75:16:40:5a:a1:a6:29:ff:74:07:85:c3:
                    16:72:19:91:c5:1c:74:50:e9:99:b4:72:de:45:54:
                    19:4d:18:33:b0:4c:b8:d9:ad:33:3b:7a:14:9b:00:
                    b5:02:61:84:d7:c4:90:4c:b7:da:d6:3b:b1:60:76:
                    1e:d0:f7:c1:06:37:3c:45:25:38:e8:e5:97:17:22:
                    d8:cc:b4:38:28:f4:91:d5:28:0e:d7:a3:2d:ac:53:
                    c5:60:21:ea:5e:52:05:cf:64:79:56:24:9d:a6:03:
                    91:44:20:62:9c:0a:88:f3:5e:b0:52:ba:76:fc:d8:
                    29:9e:77:58:56:4a:70:05:b4:e0:e4:41:c7:7e:d1:
                    47:b5:c6:c4:d2:eb:b5:80:60:de:e8:6d:ee:c8:06:
                    35:32:11:39:46:d2:9b:3b:cf:a4:d0:e9:70:2a:b6:
                    46:73:5d:94:3f:7e:8a:8e:9a:ba:fd:42:3f:2b:ca:
                    f3:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:25:EC:D3:7A:9F:D1:C9:0E:4F:38:9C:37:E9:56:90:27:FB:E7:42
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6SXs03qf0ckOTzicN-lWkCf750I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.188.0/24
                  193.124.227.0/24
                  194.85.249.0/24
                  194.85.251.0/24
                  194.87.84.0/24
                  194.87.86.0/24
                  194.87.187.0/24
                  195.133.13.0/24
                  195.133.37.0/24
                  195.133.39.0-195.133.43.255
                  212.192.4.0/24
                  212.192.240.0/24
                  212.193.28.0/24
                  212.193.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:3f:e4:cc:63:ed:f5:24:0a:ff:69:ff:0f:36:f1:b0:07:50:
         4e:42:19:d8:88:d4:d7:d8:ea:6f:d0:78:cd:a0:a9:cc:66:a1:
         31:f4:c5:30:98:3f:4c:54:a9:52:ea:bf:dc:35:08:77:d0:c9:
         b1:10:90:5f:bf:6c:8c:1c:bb:f1:59:6e:4b:ca:94:ec:52:5d:
         84:69:b6:5e:e8:3f:71:55:aa:32:20:0d:e2:28:9f:bc:17:b0:
         7f:15:da:66:d5:15:fc:ca:1a:20:19:b1:ff:f9:61:29:07:be:
         c7:7f:b2:43:cf:00:fd:87:f6:35:bf:97:44:fe:ac:2f:f3:54:
         cf:10:66:11:56:f2:40:d9:10:78:77:a0:39:61:28:06:30:ae:
         ba:ba:8e:9a:8d:5c:46:e8:93:79:3e:00:18:7d:59:2f:6f:73:
         7f:47:cb:58:f9:38:b2:e0:77:af:5d:54:1f:55:82:1e:5b:33:
         f5:74:57:33:56:fa:64:8b:db:0f:bd:7f:01:81:7b:75:37:d1:
         e0:9f:44:58:59:3e:d0:50:65:58:16:fa:80:c2:c2:1b:7e:6d:
         8d:58:ba:a5:80:d8:f4:8c:8b:0d:08:f3:99:31:0a:86:54:cd:
         93:f1:d8:85:f3:92:60:f1:51:59:57:12:b3:22:a5:13:e3:06:
         ef:2b:5b:15
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYai8VI6hwmHppro04ux99zbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzAyMTUyOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTI1ZWNkMzdhOWZkMWM5MGU0ZjM4OWMzN2U5NTY5MDI3ZmJlNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb34b1Fgn04BC8a1Sk9ePcFlstGF
lLvfq9uHrv50NcbNdS88XdEH1IXW22gbqiR9aRumtju8iV9NbQd+z8KiTN/RtGHy
H8vyU1lixvF1FkBaoaYp/3QHhcMWchmRxRx0UOmZtHLeRVQZTRgzsEy42a0zO3oU
mwC1AmGE18SQTLfa1juxYHYe0PfBBjc8RSU46OWXFyLYzLQ4KPSR1SgO16MtrFPF
YCHqXlIFz2R5ViSdpgORRCBinAqI816wUrp2/NgpnndYVkpwBbTg5EHHftFHtcbE
0uu1gGDe6G3uyAY1MhE5RtKbO8+k0OlwKrZGc12UP36Kjpq6/UI/K8rz4wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFOkl7NN6n9HJDk84nDfpVpAn++dCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNlNYczAzcWYwY2tPVHppY04tbFdrQ2Y3NTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAwHy8AwQA
wXzjAwQAwlX5AwQAwlX7AwQAwldUAwQAwldWAwQAwle7AwQAw4UNAwQAw4UlMAwD
BADDhScDBALDhSgDBADUwAQDBADUwPADBADUwRwDBADUwR8wDQYJKoZIhvcNAQEL
BQADggEBAFM/5Mxj7fUkCv9p/w828bAHUE5CGdiI1NfY6m/QeM2gqcxmoTH0xTCY
P0xUqVLqv9w1CHfQybEQkF+/bIwcu/FZbkvKlOxSXYRptl7oP3FVqjIgDeIon7wX
sH8V2mbVFfzKGiAZsf/5YSkHvsd/skPPAP2H9jW/l0T+rC/zVM8QZhFW8kDZEHh3
oDlhKAYwrrq6jpqNXEbok3k+ABh9WS9vc39Hy1j5OLLgd69dVB9Vgh5bM/V0VzNW
+mSL2w+9fwGBe3U30eCfRFhZPtBQZVgW+oDCwht+bY1YuqWA2PSMiw0I85kxCoZU
zZPx2IXzkmDxUVlXErMipRPjBu8rWxU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:06 2024 by rpki-client on console-fra.rpki-client.org