Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DcC7XAlv1jhWUtwS-TnYSBmzg4s.roa
File:                     DcC7XAlv1jhWUtwS-TnYSBmzg4s.roa (raw, json)
Hash identifier:          5fp0eMiL8+lGdaAk0xUJD8QMePv1DdyZQv4+ks5wdvg=
Subject key identifier:   0D:C0:BB:5C:09:6F:D6:38:56:52:DC:12:F9:39:D8:48:19:B3:83:8B
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0186CAD886AC398CEFEC455118501A7F0471
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DcC7XAlv1jhWUtwS-TnYSBmzg4s.roa
Signing time:             Fri 10 Mar 2023 09:27:13 +0000
ROA not before:           Fri 10 Mar 2023 09:27:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        193.124.3.0/24 maxlen: 24
                          193.124.9.0/24 maxlen: 24
                          62.76.225.0/24 maxlen: 24
                          193.124.6.0/24 maxlen: 24
                          193.124.8.0/24 maxlen: 24
                          194.87.1.0/24 maxlen: 24
                          194.87.3.0/24 maxlen: 24
                          62.76.233.0/24 maxlen: 24
                          194.87.2.0/24 maxlen: 24
                          62.76.230.0/23 maxlen: 23
                          193.124.16.0/24 maxlen: 24
                          194.87.7.0/24 maxlen: 24
                          194.87.11.0/24 maxlen: 24
                          194.87.12.0/24 maxlen: 24
                          194.87.16.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          193.124.44.0/24 maxlen: 24
                          194.87.26.0/23 maxlen: 23
                          194.87.37.0/24 maxlen: 24
                          194.87.36.0/24 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.114.0/23 maxlen: 23
                          194.87.122.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          194.87.138.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          193.124.80.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          193.124.93.0/24 maxlen: 24
                          195.133.26.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          195.133.35.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24
                          195.58.36.0/24 maxlen: 24
                          195.58.35.0/24 maxlen: 24
                          194.58.38.0/24 maxlen: 24
                          194.58.39.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          195.58.56.0/24 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          194.58.67.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          194.87.202.0/24 maxlen: 24
                          194.87.222.0/24 maxlen: 24
                          194.135.18.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          194.87.240.0/24 maxlen: 24
                          212.192.1.0/24 maxlen: 24
                          194.87.149.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          194.87.166.0/24 maxlen: 24
                          194.87.170.0/23 maxlen: 23
                          192.124.180.0/22 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          194.87.172.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          194.87.177.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          194.87.176.0/24 maxlen: 24
                          194.87.178.0/24 maxlen: 24
                          194.87.182.0/24 maxlen: 24
                          194.87.187.0/24 maxlen: 24
                          193.124.201.0/24 maxlen: 24
                          194.87.190.0/24 maxlen: 24
                          193.124.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Mar 2023 04:55:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ca:d8:86:ac:39:8c:ef:ec:45:51:18:50:1a:7f:04:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Mar 10 09:27:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0dc0bb5c096fd6385652dc12f939d84819b3838b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:f6:32:8d:1d:cc:9d:7f:84:bc:dd:d4:29:84:
                    bf:6e:80:f4:6a:e0:95:f3:87:91:f6:3a:3e:75:8f:
                    fe:22:22:1b:2c:1a:a1:58:0f:f6:9a:30:e8:67:7b:
                    a2:7b:59:77:e7:2d:cc:96:c2:50:d0:96:0b:98:86:
                    84:b8:9a:80:89:38:d1:61:d0:57:68:af:46:2a:d5:
                    4b:3f:47:a3:48:e8:7e:86:22:9c:0c:7f:fc:e1:e8:
                    68:5e:9a:c9:ed:a4:86:5f:9a:63:82:a8:f9:32:0d:
                    02:2a:69:96:89:45:50:71:99:48:03:32:6f:82:8d:
                    6e:86:2d:68:5c:b5:10:96:38:b5:b3:85:11:90:05:
                    78:ea:12:ad:8a:32:0c:52:42:ca:b9:db:73:19:eb:
                    8a:59:9f:0b:e5:54:04:12:4f:c8:5f:3f:ed:f2:e3:
                    7b:56:7b:c5:36:05:ad:4e:11:29:c1:f2:ad:59:d7:
                    92:16:7e:41:1c:b9:ef:ec:68:1a:7c:86:31:8d:03:
                    ba:39:4b:2a:85:a5:89:09:f7:69:72:0e:9c:58:53:
                    47:1d:a7:6c:a9:c2:81:32:38:92:de:32:d2:0a:7f:
                    7f:d5:bb:cb:a6:ed:49:1b:bc:92:72:a6:5a:78:d2:
                    6b:e8:a3:98:8d:a4:b1:c4:88:f9:f5:c2:38:55:48:
                    4d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:C0:BB:5C:09:6F:D6:38:56:52:DC:12:F9:39:D8:48:19:B3:83:8B
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DcC7XAlv1jhWUtwS-TnYSBmzg4s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.225.0/24
                  62.76.230.0/23
                  62.76.233.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  193.124.3.0/24
                  193.124.6.0/24
                  193.124.8.0/23
                  193.124.16.0/24
                  193.124.44.0/24
                  193.124.80.0/24
                  193.124.93.0/24
                  193.124.201.0/24
                  193.124.207.0/24
                  194.58.38.0/23
                  194.58.47.0/24
                  194.58.59.0/24
                  194.58.67.0/24
                  194.87.1.0-194.87.3.255
                  194.87.7.0/24
                  194.87.11.0-194.87.12.255
                  194.87.16.0/24
                  194.87.24.0/22
                  194.87.36.0/23
                  194.87.56.0/24
                  194.87.73.0/24
                  194.87.83.0/24
                  194.87.104.0/24
                  194.87.114.0/23
                  194.87.122.0/24
                  194.87.130.0/23
                  194.87.138.0/24
                  194.87.149.0/24
                  194.87.166.0/24
                  194.87.168.0/24
                  194.87.170.0-194.87.172.255
                  194.87.176.0/22
                  194.87.182.0/24
                  194.87.187.0/24
                  194.87.190.0/24
                  194.87.200.0/24
                  194.87.202.0/24
                  194.87.222.0/24
                  194.87.240.0/24
                  194.135.18.0/24
                  194.135.23.0/24
                  195.58.35.0-195.58.36.255
                  195.58.50.0/24
                  195.58.54.0/24
                  195.58.56.0/24
                  195.133.0.0/24
                  195.133.26.0/24
                  195.133.30.0/24
                  195.133.35.0/24
                  195.133.194.0/23
                  212.192.1.0/24
                  212.192.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:02:03:68:9d:de:e5:2b:39:e8:6b:6a:99:36:c8:66:6a:cf:
         4c:a9:d5:b0:84:bd:2c:8e:4d:3f:bd:f7:e4:ef:9b:fc:f0:95:
         df:e1:55:2f:43:67:e1:fa:c3:f1:8d:4e:c7:e7:ad:fe:b7:05:
         0c:cd:0e:65:65:22:40:ed:f4:d7:a9:2b:8a:43:30:44:b2:2a:
         fc:cd:a0:5a:15:f0:78:81:27:4c:4d:e2:fa:3d:f4:f3:74:16:
         cd:3e:3a:38:eb:48:59:c0:d1:b5:dd:5c:5b:04:62:16:17:ae:
         c3:43:7d:10:56:c4:d7:6f:3d:7d:5b:a4:35:f2:fe:0f:ab:d3:
         ed:d7:ac:11:8c:52:bc:1e:a3:10:1d:8d:e2:d4:24:e1:d7:c6:
         e2:c8:c3:71:70:9e:3b:b9:44:17:dc:aa:73:21:80:b4:b5:a4:
         54:c0:3c:68:ed:86:6c:c5:0b:0d:c9:82:81:c0:0b:ea:ea:f4:
         c1:b5:e7:32:e1:13:be:82:94:ac:21:89:12:a5:37:86:4b:4e:
         5e:4d:a2:89:ad:d1:28:74:9b:e7:9d:50:54:1b:46:4c:36:60:
         31:b8:62:13:b9:9f:13:f4:9f:8b:95:2f:52:b2:99:4e:54:21:
         b9:3c:4f:ce:0b:98:a1:eb:15:d3:60:e7:d1:70:74:4c:8f:f1:
         b4:d8:e4:f2
-----BEGIN CERTIFICATE-----
MIIGdzCCBV+gAwIBAgISAYbK2IasOYzv7EVRGFAafwRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzEwMDkyNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGMwYmI1YzA5NmZkNjM4NTY1MmRjMTJmOTM5ZDg0ODE5YjM4MzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/YyjR3MnX+EvN3UKYS/boD0auCV
84eR9jo+dY/+IiIbLBqhWA/2mjDoZ3uie1l35y3MlsJQ0JYLmIaEuJqAiTjRYdBX
aK9GKtVLP0ejSOh+hiKcDH/84ehoXprJ7aSGX5pjgqj5Mg0CKmmWiUVQcZlIAzJv
go1uhi1oXLUQlji1s4URkAV46hKtijIMUkLKudtzGeuKWZ8L5VQEEk/IXz/t8uN7
VnvFNgWtThEpwfKtWdeSFn5BHLnv7GgafIYxjQO6OUsqhaWJCfdpcg6cWFNHHads
qcKBMjiS3jLSCn9/1bvLpu1JG7yScqZaeNJr6KOYjaSxxIj59cI4VUhNSwIDAQAB
o4IDgzCCA38wHQYDVR0OBBYEFA3Au1wJb9Y4VlLcEvk52EgZs4OLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRGNDN1hBbHYxamhXVXR3Uy1UbllTQm16ZzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlwYIKwYBBQUHAQcBAf8EggGGMIIBgjCCAX4EAgABMIIB
dgMEAD5M4QMEAT5M5gMEAD5M6QMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAcF8
CAMEAMF8EAMEAMF8LAMEAMF8UAMEAMF8XQMEAMF8yQMEAMF8zwMEAcI6JgMEAMI6
LwMEAMI6OwMEAMI6QzAMAwQAwlcBAwQCwlcAAwQAwlcHMAwDBADCVwsDBADCVwwD
BADCVxADBALCVxgDBAHCVyQDBADCVzgDBADCV0kDBADCV1MDBADCV2gDBAHCV3ID
BADCV3oDBAHCV4IDBADCV4oDBADCV5UDBADCV6YDBADCV6gwDAMEAcJXqgMEAMJX
rAMEAsJXsAMEAMJXtgMEAMJXuwMEAMJXvgMEAMJXyAMEAMJXygMEAMJX3gMEAMJX
8AMEAMKHEgMEAMKHFzAMAwQAwzojAwQAwzokAwQAwzoyAwQAwzo2AwQAwzo4AwQA
w4UAAwQAw4UaAwQAw4UeAwQAw4UjAwQBw4XCAwQA1MABAwQA1MAKMA0GCSqGSIb3
DQEBCwUAA4IBAQBfAgNond7lKznoa2qZNshmas9MqdWwhL0sjk0/vffk75v88JXf
4VUvQ2fh+sPxjU7H563+twUMzQ5lZSJA7fTXqSuKQzBEsir8zaBaFfB4gSdMTeL6
PfTzdBbNPjo460hZwNG13VxbBGIWF67DQ30QVsTXbz19W6Q18v4Pq9Pt16wRjFK8
HqMQHY3i1CTh18biyMNxcJ47uUQX3KpzIYC0taRUwDxo7YZsxQsNyYKBwAvq6vTB
tecy4RO+gpSsIYkSpTeGS05eTaKJrdEodJvnnVBUG0ZMNmAxuGITuZ8T9J+LlS9S
splOVCG5PE/OC5ih6xXTYOfRcHRMj/G02OTy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org