Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/91WqoLmQuRcH8aOBBxNzeQlNtl8.roa
File:                     91WqoLmQuRcH8aOBBxNzeQlNtl8.roa (raw, json)
Hash identifier:          STSS8xQRJvu87+4/2B0LoFk8o2sNl3WSkbxR59+OtLI=
Subject key identifier:   F7:55:AA:A0:B9:90:B9:17:07:F1:A3:81:07:13:73:79:09:4D:B6:5F
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0189DB566370761B38833422B6ADBE209052
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/91WqoLmQuRcH8aOBBxNzeQlNtl8.roa
Signing time:             Wed 09 Aug 2023 17:26:59 +0000
ROA not before:           Wed 09 Aug 2023 17:26:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        194.87.1.0/24 maxlen: 24
                          193.124.16.0/24 maxlen: 24
                          194.87.11.0/24 maxlen: 24
                          194.87.12.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          194.87.26.0/23 maxlen: 23
                          195.58.36.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          212.192.241.0/24 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          195.58.58.0/23 maxlen: 23
                          195.58.62.0/23 maxlen: 23
                          194.87.108.0/24 maxlen: 24
                          194.87.114.0/23 maxlen: 23
                          194.87.122.0/24 maxlen: 24
                          194.87.124.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.134.0/23 maxlen: 23
                          195.133.6.0/24 maxlen: 24
                          195.133.7.0/24 maxlen: 24
                          194.87.40.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.58.154.0/24 maxlen: 24
                          193.124.80.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          195.133.73.0/24 maxlen: 24
                          195.133.85.0/24 maxlen: 24
                          195.133.84.0/23 maxlen: 23
                          194.87.222.0/24 maxlen: 24
                          194.87.151.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          192.124.182.0/24 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          194.87.190.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 14 Aug 2023 14:52:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:db:56:63:70:76:1b:38:83:34:22:b6:ad:be:20:90:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug  9 17:26:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f755aaa0b990b91707f1a38107137379094db65f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:76:2a:05:78:8a:8e:5a:1b:a9:78:ff:49:85:
                    b4:54:05:66:02:62:b0:c9:b7:ab:9a:d6:97:78:47:
                    1d:46:dd:50:aa:6a:b0:5a:7f:ef:c4:9c:87:81:37:
                    45:7d:e3:00:32:54:73:23:87:d0:18:05:7b:b1:02:
                    96:ce:3b:e3:ad:f0:e7:81:ec:a4:a0:fe:8f:63:4f:
                    8c:b4:36:16:ff:af:13:9b:f2:1e:44:ec:02:3a:18:
                    16:d6:4a:d6:6c:55:e9:70:ee:12:9b:66:92:36:91:
                    2b:09:5d:e7:3c:3e:47:7c:9c:91:d2:2a:42:90:45:
                    d7:0e:ce:3a:89:45:91:01:82:43:27:43:ab:f6:a8:
                    98:1a:cf:12:1a:cb:c0:77:26:36:69:7a:46:ac:d1:
                    b4:64:de:d0:81:26:90:a4:6f:7f:c4:cd:e6:01:a5:
                    4e:a3:68:ec:47:d1:81:b9:51:5f:37:d2:d8:9c:7c:
                    25:21:9f:f1:88:eb:e0:18:06:26:72:c6:b3:8c:07:
                    53:b2:e9:d9:6b:aa:e1:d4:65:32:d5:e2:d9:7b:5f:
                    49:d9:92:26:9a:1c:e1:2e:dd:54:0b:fe:9b:0c:97:
                    78:c0:d9:d2:c0:3f:81:b3:3a:a7:da:97:6c:3e:87:
                    a1:62:0e:12:f4:a2:c8:6a:4a:3e:6f:7f:27:c6:56:
                    c2:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:55:AA:A0:B9:90:B9:17:07:F1:A3:81:07:13:73:79:09:4D:B6:5F
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/91WqoLmQuRcH8aOBBxNzeQlNtl8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.178.0/24
                  192.124.182.0/24
                  193.124.16.0/24
                  193.124.80.0/24
                  193.124.133.0/24
                  193.124.200.0/24
                  194.58.47.0/24
                  194.58.154.0/24
                  194.87.1.0/24
                  194.87.11.0-194.87.12.255
                  194.87.24.0/22
                  194.87.40.0/24
                  194.87.56.0/24
                  194.87.73.0/24
                  194.87.83.0/24
                  194.87.108.0/24
                  194.87.114.0/23
                  194.87.122.0/24
                  194.87.124.0/24
                  194.87.130.0/24
                  194.87.134.0/23
                  194.87.151.0/24
                  194.87.168.0/24
                  194.87.179.0/24
                  194.87.190.0/24
                  194.87.200.0/24
                  194.87.222.0/24
                  195.58.36.0/24
                  195.58.54.0/24
                  195.58.58.0/23
                  195.58.62.0/23
                  195.133.0.0/24
                  195.133.6.0/23
                  195.133.30.0/24
                  195.133.73.0/24
                  195.133.84.0/23
                  195.133.194.0/24
                  212.192.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:ac:eb:73:c8:df:39:18:f6:ac:aa:7b:8c:e2:b0:fb:a3:38:
         41:1a:7a:a4:28:7e:e5:9a:6c:0f:d6:b9:5e:c6:b1:86:a5:7a:
         0a:56:b2:f1:20:7e:9d:db:7b:be:e8:e5:12:22:d9:e4:c6:aa:
         69:53:35:bb:67:55:95:a4:03:b3:42:b4:e0:41:21:5d:0d:5f:
         b0:9f:3d:e5:35:3c:17:42:ae:62:a6:0b:7d:ef:21:11:83:eb:
         ac:26:e1:1d:3b:16:04:ae:04:8a:65:c8:e7:5f:9c:5e:df:54:
         7a:50:63:9a:e7:11:a6:06:d3:ea:e3:6d:38:68:db:a8:af:74:
         a9:2e:34:3a:5d:06:36:c4:6b:fc:e2:e7:af:07:b7:ab:15:32:
         44:ed:01:7e:6f:bf:41:83:78:16:98:14:eb:9c:97:de:e2:f2:
         83:5d:20:01:1e:ea:6f:3d:64:a5:cc:63:f4:17:99:8f:1d:89:
         e0:9d:4b:a0:89:d7:03:10:8b:54:be:82:8c:12:22:21:d3:99:
         e0:b2:d5:3c:d3:0e:c7:60:a2:f5:59:67:46:49:94:99:fc:e0:
         52:2c:66:62:0a:ce:d5:1c:7d:7e:e7:9e:95:f7:1f:81:ba:5b:
         4a:a5:4f:d3:4d:2a:51:fe:3b:fa:8c:ef:3f:27:b9:af:1c:38:
         50:00:f1:68
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAYnbVmNwdhs4gzQitq2+IJBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA5MTcyNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzU1YWFhMGI5OTBiOTE3MDdmMWEzODEwNzEzNzM3OTA5NGRiNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinYqBXiKjlobqXj/SYW0VAVmAmKw
ybermtaXeEcdRt1QqmqwWn/vxJyHgTdFfeMAMlRzI4fQGAV7sQKWzjvjrfDngeyk
oP6PY0+MtDYW/68Tm/IeROwCOhgW1krWbFXpcO4Sm2aSNpErCV3nPD5HfJyR0ipC
kEXXDs46iUWRAYJDJ0Or9qiYGs8SGsvAdyY2aXpGrNG0ZN7QgSaQpG9/xM3mAaVO
o2jsR9GBuVFfN9LYnHwlIZ/xiOvgGAYmcsazjAdTsunZa6rh1GUy1eLZe19J2ZIm
mhzhLt1UC/6bDJd4wNnSwD+Bszqn2pdsPoehYg4S9KLIako+b38nxlbCewIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFPdVqqC5kLkXB/GjgQcTc3kJTbZfMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvOTFXcW9MbVF1UmNIOGFPQkJ4TnplUWxOdGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQA
wHyyAwQAwHy2AwQAwXwQAwQAwXxQAwQAwXyFAwQAwXzIAwQAwjovAwQAwjqaAwQA
wlcBMAwDBADCVwsDBADCVwwDBALCVxgDBADCVygDBADCVzgDBADCV0kDBADCV1MD
BADCV2wDBAHCV3IDBADCV3oDBADCV3wDBADCV4IDBAHCV4YDBADCV5cDBADCV6gD
BADCV7MDBADCV74DBADCV8gDBADCV94DBADDOiQDBADDOjYDBAHDOjoDBAHDOj4D
BADDhQADBAHDhQYDBADDhR4DBADDhUkDBAHDhVQDBADDhcIDBADUwPEwDQYJKoZI
hvcNAQELBQADggEBAIis63PI3zkY9qyqe4zisPujOEEaeqQofuWabA/WuV7GsYal
egpWsvEgfp3be77o5RIi2eTGqmlTNbtnVZWkA7NCtOBBIV0NX7CfPeU1PBdCrmKm
C33vIRGD66wm4R07FgSuBIplyOdfnF7fVHpQY5rnEaYG0+rjbTho26ivdKkuNDpd
BjbEa/zi568Ht6sVMkTtAX5vv0GDeBaYFOucl97i8oNdIAEe6m89ZKXMY/QXmY8d
ieCdS6CJ1wMQi1S+gowSIiHTmeCy1TzTDsdgovVZZ0ZJlJn84FIsZmIKztUcfX7n
npX3H4G6W0qlT9NNKlH+O/qM7z8nua8cOFAA8Wg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:07 2024 by rpki-client on console-fra.rpki-client.org