Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EEcqNIwaDSCBPpYyXlbwc-sh53k.roa
File:                     EEcqNIwaDSCBPpYyXlbwc-sh53k.roa (raw, json)
Hash identifier:          YVHOw38NGuCnQEDfHAYeTyvlF2Q3SXY2gDO16o4wt2k=
Subject key identifier:   10:47:2A:34:8C:1A:0D:20:81:3E:96:32:5E:56:F0:73:EB:21:E7:79
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0189BBED4CE892725BE279906F5A5C71890A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EEcqNIwaDSCBPpYyXlbwc-sh53k.roa
Signing time:             Thu 03 Aug 2023 15:03:58 +0000
ROA not before:           Thu 03 Aug 2023 15:03:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200385
IP address blocks:        193.124.227.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          62.76.235.0/24 maxlen: 24
                          194.87.230.0/24 maxlen: 24
                          194.87.240.0/24 maxlen: 24
                          194.87.23.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          194.87.243.0/24 maxlen: 24
                          193.124.49.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          194.87.160.0/24 maxlen: 24
                          195.133.37.0/24 maxlen: 24
                          212.192.249.0/24 maxlen: 24
                          194.87.53.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 04 Aug 2023 12:48:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:bb:ed:4c:e8:92:72:5b:e2:79:90:6f:5a:5c:71:89:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug  3 15:03:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=10472a348c1a0d20813e96325e56f073eb21e779
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ed:47:2a:55:e5:8d:b3:30:bb:84:a3:d0:6b:
                    d7:49:09:ed:fc:c4:99:21:7e:aa:1c:6e:cb:61:e3:
                    d6:2e:c7:0c:c6:c0:8d:fb:87:cf:20:36:6d:ba:b7:
                    26:48:b0:6f:47:a0:b3:3d:75:c7:0a:c1:42:18:04:
                    2d:da:e9:c9:c3:c6:c6:2f:7e:9a:26:fa:cd:56:aa:
                    19:5a:d0:e2:1f:25:f2:ce:7a:7a:76:c5:6a:65:52:
                    ed:9c:1e:7c:9a:77:69:8f:1e:f4:05:85:ff:11:b7:
                    99:77:76:b3:17:50:9a:30:43:f4:7b:da:76:40:75:
                    95:c6:35:15:d2:44:91:8f:76:02:24:a8:01:03:0e:
                    86:92:fc:bf:34:6d:68:1b:29:48:63:d3:53:e3:ab:
                    b2:7e:f2:17:10:b6:ad:37:fa:d9:2d:98:59:21:e4:
                    ef:19:42:c5:6c:79:58:06:77:aa:cb:18:85:77:75:
                    13:f6:df:36:c7:4e:08:c6:e5:09:20:20:f0:d7:7b:
                    cb:33:60:48:b4:2a:be:ea:89:fa:c9:eb:b2:06:eb:
                    cb:7b:06:c0:26:21:3d:c1:6d:f7:4f:39:96:37:c4:
                    8c:ea:e5:99:e6:83:d6:21:ba:64:93:16:02:af:dc:
                    8d:b3:ed:23:2e:4b:db:96:0a:2a:b8:6c:80:a2:c3:
                    88:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:47:2A:34:8C:1A:0D:20:81:3E:96:32:5E:56:F0:73:EB:21:E7:79
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/EEcqNIwaDSCBPpYyXlbwc-sh53k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.235.0/24
                  193.124.18.0/24
                  193.124.49.0/24
                  193.124.227.0/24
                  194.87.23.0/24
                  194.87.53.0/24
                  194.87.160.0/24
                  194.87.230.0/24
                  194.87.240.0/24
                  194.87.243.0/24
                  194.135.23.0/24
                  195.133.37.0/24
                  212.192.10.0/24
                  212.192.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:75:07:43:22:12:03:9d:b6:99:c8:45:4c:c1:44:d5:36:28:
         1a:d9:fb:41:ee:25:86:f4:e9:fe:43:ec:36:80:e0:f3:1c:a5:
         d6:b6:7b:4a:28:b5:56:e8:a4:dc:0f:74:89:a1:e5:65:70:ae:
         ec:cb:46:20:10:80:93:79:4f:f8:70:08:84:53:06:88:29:ea:
         0b:af:06:c5:48:78:ff:68:bc:22:6d:ed:2d:4b:97:a5:a5:08:
         69:ec:ec:71:22:14:2c:3e:a6:86:48:f9:2c:45:75:1f:49:fa:
         c8:a2:65:92:b0:47:c9:ba:77:b3:42:6e:46:77:4f:8a:3a:d3:
         16:83:06:96:a2:99:8d:34:11:cd:f9:99:6c:9f:89:25:77:5f:
         b9:72:dd:97:e7:b5:47:0e:1f:31:7a:9a:0d:c7:a2:a7:12:33:
         31:96:1f:bd:43:ec:84:84:56:8f:31:e2:69:d1:d3:30:80:24:
         7f:d6:b5:de:a7:20:1e:e9:c6:62:ae:4c:d3:03:04:2c:b7:4c:
         c7:6c:de:a7:e1:d5:20:32:14:6b:ba:05:8a:6f:2d:57:d9:7a:
         cb:e0:2c:30:1e:e2:74:87:9a:2c:a7:46:76:ca:fb:d4:63:74:
         21:06:dd:59:17:2b:4c:ff:78:67:fd:93:b8:56:b1:4b:77:86:
         82:80:91:04
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYm77UzoknJb4nmQb1pccYkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODAzMTUwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDQ3MmEzNDhjMWEwZDIwODEzZTk2MzI1ZTU2ZjA3M2ViMjFlNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO1HKlXljbMwu4Sj0GvXSQnt/MSZ
IX6qHG7LYePWLscMxsCN+4fPIDZturcmSLBvR6CzPXXHCsFCGAQt2unJw8bGL36a
JvrNVqoZWtDiHyXyznp6dsVqZVLtnB58mndpjx70BYX/EbeZd3azF1CaMEP0e9p2
QHWVxjUV0kSRj3YCJKgBAw6Gkvy/NG1oGylIY9NT46uyfvIXELatN/rZLZhZIeTv
GULFbHlYBneqyxiFd3UT9t82x04IxuUJICDw13vLM2BItCq+6on6yeuyBuvLewbA
JiE9wW33TzmWN8SM6uWZ5oPWIbpkkxYCr9yNs+0jLkvblgoquGyAosOIywIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFBBHKjSMGg0ggT6WMl5W8HPrIed5MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRUVjcU5Jd2FEU0NCUHBZeVhsYndjLXNoNTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAPkzrAwQA
wXwSAwQAwXwxAwQAwXzjAwQAwlcXAwQAwlc1AwQAwlegAwQAwlfmAwQAwlfwAwQA
wlfzAwQAwocXAwQAw4UlAwQA1MAKAwQA1MD5MA0GCSqGSIb3DQEBCwUAA4IBAQBj
dQdDIhIDnbaZyEVMwUTVNiga2ftB7iWG9On+Q+w2gODzHKXWtntKKLVW6KTcD3SJ
oeVlcK7sy0YgEICTeU/4cAiEUwaIKeoLrwbFSHj/aLwibe0tS5elpQhp7OxxIhQs
PqaGSPksRXUfSfrIomWSsEfJunezQm5Gd0+KOtMWgwaWopmNNBHN+Zlsn4kld1+5
ct2X57VHDh8xepoNx6KnEjMxlh+9Q+yEhFaPMeJp0dMwgCR/1rXepyAe6cZirkzT
AwQst0zHbN6n4dUgMhRrugWKby1X2XrL4CwwHuJ0h5osp0Z2yvvUY3QhBt1ZFytM
/3hn/ZO4VrFLd4aCgJEE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:10 2024 by rpki-client on console-fra.rpki-client.org