Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MXX89Ep9Cus_67cC1kr1ytW8Hus.roa
File:                     MXX89Ep9Cus_67cC1kr1ytW8Hus.roa (raw, json)
Hash identifier:          2YnbhzBvRSjfbIhUczmR5/kAfa2qUKSrMbpS563ucDk=
Subject key identifier:   31:75:FC:F4:4A:7D:0A:EB:3F:EB:B7:02:D6:4A:F5:CA:D5:BC:1E:EB
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0191A21B487757245F0163B11DF52325180E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MXX89Ep9Cus_67cC1kr1ytW8Hus.roa
Signing time:             Fri 30 Aug 2024 07:06:22 +0000
ROA not before:           Fri 30 Aug 2024 07:06:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     26383
IP address blocks:        62.76.234.0/24 maxlen: 24
                          62.76.239.0/24 maxlen: 24
                          185.72.8.0/24 maxlen: 24
                          192.124.176.0/24 maxlen: 24
                          192.124.209.0/24 maxlen: 24
                          193.124.22.0/24 maxlen: 24
                          193.124.41.0/24 maxlen: 24
                          193.124.46.0/24 maxlen: 24
                          194.58.34.0/24 maxlen: 24
                          194.58.39.0/24 maxlen: 24
                          194.58.40.0/24 maxlen: 24
                          194.58.44.0/24 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          194.58.66.0/24 maxlen: 24
                          194.58.68.0/24 maxlen: 24
                          194.87.10.0/24 maxlen: 24
                          194.87.18.0/24 maxlen: 24
                          194.87.30.0/24 maxlen: 24
                          194.87.39.0/24 maxlen: 24
                          194.87.47.0/24 maxlen: 24
                          194.87.189.0/24 maxlen: 24
                          194.87.198.0/24 maxlen: 24
                          194.87.227.0/24 maxlen: 24
                          194.87.230.0/24 maxlen: 24
                          195.133.67.0/24 maxlen: 24
                          195.133.92.0/24 maxlen: 24
                          212.192.12.0/24 maxlen: 24
                          212.192.13.0/24 maxlen: 24
                          212.192.15.0/24 maxlen: 24
                          212.192.215.0/24 maxlen: 24
                          212.192.221.0/24 maxlen: 24
                          212.192.223.0/24 maxlen: 24
                          212.193.1.0/24 maxlen: 24
                          212.193.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Sep 2024 11:43:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:a2:1b:48:77:57:24:5f:01:63:b1:1d:f5:23:25:18:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 30 07:06:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3175fcf44a7d0aeb3febb702d64af5cad5bc1eeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:6d:b3:40:85:4a:72:1b:4d:80:f8:e8:61:b8:
                    a8:b0:39:77:9e:95:de:b9:49:b5:40:5b:dc:8f:58:
                    b0:5d:27:b1:a3:51:41:83:f9:d3:6e:06:77:42:3f:
                    ba:f4:ee:a4:c5:7a:c8:1f:40:15:3c:7f:51:ec:ad:
                    73:57:f5:3a:ce:5d:0b:e0:82:85:c2:ef:e1:95:9c:
                    04:a7:1c:7f:90:6e:4e:8b:dd:b1:5e:bc:61:69:bb:
                    6d:a0:e6:64:5e:36:34:4d:46:26:60:45:e9:36:7e:
                    a9:eb:c6:f8:9f:b1:84:77:94:df:82:ee:77:e5:9e:
                    1e:39:c7:25:a3:1e:e6:fb:3a:70:2a:32:ac:20:77:
                    86:0a:ae:82:3b:c5:d5:72:49:31:b0:ee:4a:77:1f:
                    c6:1e:68:1f:21:30:df:d2:9e:4a:dc:8b:e6:76:26:
                    d7:c7:d8:f5:c7:69:e1:19:67:f8:08:8f:8a:b9:69:
                    6d:09:f5:1b:3e:b9:84:4d:90:c4:53:53:ef:ad:55:
                    9c:11:ca:cf:b9:6f:1e:ee:e9:0d:40:fd:ca:d1:c6:
                    a8:00:22:89:fd:d1:a3:5f:96:33:01:a6:bd:81:40:
                    d2:a4:b2:f4:69:13:3a:4c:fc:10:56:e1:08:5a:00:
                    c9:62:d2:10:c3:ce:92:7e:5c:cd:c7:b4:8e:d3:15:
                    83:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:75:FC:F4:4A:7D:0A:EB:3F:EB:B7:02:D6:4A:F5:CA:D5:BC:1E:EB
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MXX89Ep9Cus_67cC1kr1ytW8Hus.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.234.0/24
                  62.76.239.0/24
                  185.72.8.0/24
                  192.124.176.0/24
                  192.124.209.0/24
                  193.124.22.0/24
                  193.124.41.0/24
                  193.124.46.0/24
                  194.58.34.0/24
                  194.58.39.0-194.58.40.255
                  194.58.44.0/23
                  194.58.66.0/24
                  194.58.68.0/24
                  194.87.10.0/24
                  194.87.18.0/24
                  194.87.30.0/24
                  194.87.39.0/24
                  194.87.47.0/24
                  194.87.189.0/24
                  194.87.198.0/24
                  194.87.227.0/24
                  194.87.230.0/24
                  195.133.67.0/24
                  195.133.92.0/24
                  212.192.12.0/23
                  212.192.15.0/24
                  212.192.215.0/24
                  212.192.221.0/24
                  212.192.223.0/24
                  212.193.1.0-212.193.2.255

    Signature Algorithm: sha256WithRSAEncryption
         3e:b0:8a:f4:aa:ad:0a:11:c0:33:44:80:ce:27:2d:94:a1:c6:
         62:e6:d7:fc:8f:99:a1:b4:da:5f:c2:48:27:e8:e6:45:f9:46:
         7f:d1:71:1a:54:f3:33:05:c2:d4:58:52:a8:8c:2a:b3:c8:2e:
         3c:a5:4d:6e:d4:b9:4a:e6:25:6f:3c:ec:63:e5:07:ae:54:13:
         5d:01:ee:55:a8:b0:2d:8c:04:25:4c:20:6f:bf:ec:d1:06:4b:
         95:86:7a:22:88:c6:d2:bb:af:a4:43:7e:aa:97:d8:4f:13:c5:
         0f:2f:cd:86:b1:46:9d:07:0c:3a:bd:8a:35:ab:d2:a4:33:a7:
         ce:57:79:16:d7:ca:da:06:47:ad:d3:0a:d4:32:77:54:81:6e:
         5c:61:85:e1:8f:11:a9:62:a8:4c:a2:81:1e:b9:74:b8:76:e5:
         90:72:17:e2:d5:c6:3f:09:01:12:d2:2a:27:2b:b6:20:54:f1:
         96:cb:6d:ac:4d:ba:53:c6:de:0d:2e:50:2a:3e:a9:71:15:5c:
         64:0e:c2:29:1c:6a:03:90:99:83:98:71:87:b5:e2:67:f4:2e:
         8c:d9:61:f9:3c:6e:30:e6:83:f9:66:74:36:5a:7e:8a:4a:d7:
         4f:0b:77:d9:76:62:ef:f7:5d:31:5f:c5:3e:0d:45:c3:cc:1b:
         c9:8a:aa:b1
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZGiG0h3VyRfAWOxHfUjJRgOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODMwMDcwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc1ZmNmNDRhN2QwYWViM2ZlYmI3MDJkNjRhZjVjYWQ1YmMxZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArG2zQIVKchtNgPjoYbiosDl3npXe
uUm1QFvcj1iwXSexo1FBg/nTbgZ3Qj+69O6kxXrIH0AVPH9R7K1zV/U6zl0L4IKF
wu/hlZwEpxx/kG5Oi92xXrxhabttoOZkXjY0TUYmYEXpNn6p68b4n7GEd5Tfgu53
5Z4eOcclox7m+zpwKjKsIHeGCq6CO8XVckkxsO5Kdx/GHmgfITDf0p5K3IvmdibX
x9j1x2nhGWf4CI+KuWltCfUbPrmETZDEU1PvrVWcEcrPuW8e7ukNQP3K0caoACKJ
/dGjX5YzAaa9gUDSpLL0aRM6TPwQVuEIWgDJYtIQw86SflzNx7SO0xWDqwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFDF1/PRKfQrrP+u3AtZK9crVvB7rMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTVhYODlFcDlDdXNfNjdjQzFrcjF5dFc4SHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAA+
TOoDBAA+TO8DBAC5SAgDBADAfLADBADAfNEDBADBfBYDBADBfCkDBADBfC4DBADC
OiIwDAMEAMI6JwMEAMI6KAMEAcI6LAMEAMI6QgMEAMI6RAMEAMJXCgMEAMJXEgME
AMJXHgMEAMJXJwMEAMJXLwMEAMJXvQMEAMJXxgMEAMJX4wMEAMJX5gMEAMOFQwME
AMOFXAMEAdTADAMEANTADwMEANTA1wMEANTA3QMEANTA3zAMAwQA1MEBAwQA1MEC
MA0GCSqGSIb3DQEBCwUAA4IBAQA+sIr0qq0KEcAzRIDOJy2UocZi5tf8j5mhtNpf
wkgn6OZF+UZ/0XEaVPMzBcLUWFKojCqzyC48pU1u1LlK5iVvPOxj5QeuVBNdAe5V
qLAtjAQlTCBvv+zRBkuVhnoiiMbSu6+kQ36ql9hPE8UPL82GsUadBww6vYo1q9Kk
M6fOV3kW18raBket0wrUMndUgW5cYYXhjxGpYqhMooEeuXS4duWQchfi1cY/CQES
0ionK7YgVPGWy22sTbpTxt4NLlAqPqlxFVxkDsIpHGoDkJmDmHGHteJn9C6M2WH5
PG4w5oP5ZnQ2Wn6KStdPC3fZdmLv910xX8U+DUXDzBvJiqqx
-----END CERTIFICATE-----
Generated at Wed Sep 11 16:18:56 2024 by rpki-client on console-ams.rpki-client.org