Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JWuQdcPDOcjyXwaPV1mjcvgd2iw.roa
File:                     JWuQdcPDOcjyXwaPV1mjcvgd2iw.roa (raw, json)
Hash identifier:          rQxdv6tATsioIYXM8DRI/+g8W/4CHbV+G6A/mvUm5lo=
Subject key identifier:   25:6B:90:75:C3:C3:39:C8:F2:5F:06:8F:57:59:A3:72:F8:1D:DA:2C
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0189A7CC3ADFAEB3BD776CE4AFFEAB34DE27
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JWuQdcPDOcjyXwaPV1mjcvgd2iw.roa
Signing time:             Sun 30 Jul 2023 17:15:26 +0000
ROA not before:           Sun 30 Jul 2023 17:15:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        195.133.76.0/24 maxlen: 24
                          194.87.10.0/24 maxlen: 24
                          194.87.17.0/24 maxlen: 24
                          193.124.35.0/24 maxlen: 24
                          194.87.255.0/24 maxlen: 24
                          195.133.20.0/24 maxlen: 24
                          194.58.40.0/24 maxlen: 24
                          194.85.251.0/24 maxlen: 24
                          194.85.248.0/24 maxlen: 24
                          194.58.56.0/23 maxlen: 23
                          194.87.77.0/24 maxlen: 24
                          195.133.64.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 29 Nov 2023 04:16:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:a7:cc:3a:df:ae:b3:bd:77:6c:e4:af:fe:ab:34:de:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jul 30 17:15:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=256b9075c3c339c8f25f068f5759a372f81dda2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:91:14:50:11:80:47:d6:80:55:aa:73:b1:64:
                    5c:7d:b0:ba:15:bf:29:5a:0d:02:e3:b2:fc:90:d8:
                    b1:78:88:34:fd:f2:0d:23:7f:83:c7:e3:b1:b2:ad:
                    53:0b:76:f8:c8:77:a2:25:61:40:b3:75:cc:bc:c6:
                    9d:19:ca:78:b3:b7:32:82:44:fa:29:85:ac:7e:b0:
                    88:ec:65:d4:01:8b:3f:13:b5:d5:15:ab:ed:d7:7b:
                    86:3d:19:85:5c:2d:5a:13:fa:34:75:07:93:6a:f9:
                    0e:02:27:80:05:05:0b:61:9d:18:00:8f:46:93:ec:
                    ad:54:60:8f:a4:e5:18:1d:d3:2a:6a:b2:1f:dc:6f:
                    e6:17:e5:93:99:67:0c:b7:d1:a0:c5:7c:74:b5:a2:
                    55:44:5e:79:3d:44:0a:51:4d:8b:0b:bf:7c:bc:8e:
                    ea:30:0c:4d:49:97:3b:0f:69:b7:e5:64:45:3c:82:
                    e5:05:d7:03:a1:05:e0:e5:23:e5:71:69:55:b2:c6:
                    3b:79:3b:63:64:33:19:4b:72:4d:cf:a2:12:3b:dd:
                    db:8a:bb:a0:e3:4e:50:9a:f2:23:17:91:aa:04:73:
                    80:f7:5e:51:df:29:59:55:35:5a:ab:14:1f:ca:5d:
                    c4:c7:dd:ba:6a:ad:8c:2a:33:ea:f0:2a:d2:a1:34:
                    2f:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:6B:90:75:C3:C3:39:C8:F2:5F:06:8F:57:59:A3:72:F8:1D:DA:2C
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JWuQdcPDOcjyXwaPV1mjcvgd2iw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.35.0/24
                  194.58.40.0/24
                  194.58.56.0/23
                  194.85.248.0/24
                  194.85.251.0/24
                  194.87.10.0/24
                  194.87.17.0/24
                  194.87.77.0/24
                  194.87.255.0/24
                  195.133.20.0/24
                  195.133.64.0/22
                  195.133.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:45:64:fc:b5:40:0e:93:22:af:a5:ef:aa:1b:62:4e:4f:4b:
         13:af:6d:fa:39:72:32:f5:bd:7d:b5:0c:7e:6d:7d:e3:a9:b9:
         c3:35:02:2e:7e:2b:fb:87:a3:88:30:9a:c8:20:99:c1:8b:e2:
         af:e5:e8:43:c0:00:3c:09:70:c6:2b:0c:c5:4f:e3:f9:71:d9:
         f8:2f:dc:9a:52:ff:96:f7:7c:5e:d7:97:39:82:e9:15:61:3d:
         84:2a:1e:52:9c:c3:4d:6c:1c:f8:71:3f:0b:3f:fc:c9:ac:da:
         88:04:5b:d2:1c:ce:74:e3:e4:59:fa:be:03:96:53:19:28:46:
         44:e8:7d:b7:3b:6e:96:c3:32:86:ec:a0:b0:c6:86:e3:ee:35:
         7d:d4:0f:fa:b8:16:ca:75:02:8e:d8:93:2c:b2:b4:86:e6:8c:
         43:d5:30:0c:35:bf:04:46:e2:ca:e6:a4:a5:b0:01:7d:e8:45:
         fc:3e:2c:92:55:2d:fd:db:4a:05:4a:d5:82:6a:75:55:09:f6:
         65:fc:87:d2:48:d3:9d:94:69:28:79:0f:bb:83:61:2e:88:c9:
         e3:81:90:6e:76:01:bd:9f:24:6e:44:bd:29:69:a4:11:78:d4:
         9d:92:7a:60:67:16:4d:c2:50:58:c8:f9:50:2a:e2:bb:00:d0:
         4a:65:8c:95
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYmnzDrfrrO9d2zkr/6rNN4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzMwMTcxNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTZiOTA3NWMzYzMzOWM4ZjI1ZjA2OGY1NzU5YTM3MmY4MWRkYTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJEUUBGAR9aAVapzsWRcfbC6Fb8p
Wg0C47L8kNixeIg0/fINI3+Dx+Oxsq1TC3b4yHeiJWFAs3XMvMadGcp4s7cygkT6
KYWsfrCI7GXUAYs/E7XVFavt13uGPRmFXC1aE/o0dQeTavkOAieABQULYZ0YAI9G
k+ytVGCPpOUYHdMqarIf3G/mF+WTmWcMt9GgxXx0taJVRF55PUQKUU2LC798vI7q
MAxNSZc7D2m35WRFPILlBdcDoQXg5SPlcWlVssY7eTtjZDMZS3JNz6ISO93birug
405QmvIjF5GqBHOA915R3ylZVTVaqxQfyl3Ex926aq2MKjPq8CrSoTQvlwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCVrkHXDwznI8l8Gj1dZo3L4HdosMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSld1UWRjUERPY2p5WHdhUFYxbWpjdmdkMml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAwXwjAwQA
wjooAwQBwjo4AwQAwlX4AwQAwlX7AwQAwlcKAwQAwlcRAwQAwldNAwQAwlf/AwQA
w4UUAwQCw4VAAwQAw4VMMA0GCSqGSIb3DQEBCwUAA4IBAQBARWT8tUAOkyKvpe+q
G2JOT0sTr236OXIy9b19tQx+bX3jqbnDNQIufiv7h6OIMJrIIJnBi+Kv5ehDwAA8
CXDGKwzFT+P5cdn4L9yaUv+W93xe15c5gukVYT2EKh5SnMNNbBz4cT8LP/zJrNqI
BFvSHM504+RZ+r4DllMZKEZE6H23O26WwzKG7KCwxobj7jV91A/6uBbKdQKO2JMs
srSG5oxD1TAMNb8ERuLK5qSlsAF96EX8PiySVS3920oFStWCanVVCfZl/IfSSNOd
lGkoeQ+7g2EuiMnjgZBudgG9nyRuRL0paaQReNSdknpgZxZNwlBYyPlQKuK7ANBK
ZYyV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:12 2024 by rpki-client on console-fra.rpki-client.org