Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/N1acO8V-LYIIl61NN7I_2gld4qg.roa
File:                     N1acO8V-LYIIl61NN7I_2gld4qg.roa (raw, json)
Hash identifier:          FUj0my3YcWKZpD27JOgxOyMfVr0KF3K5osYkArvjk9I=
Subject key identifier:   37:56:9C:3B:C5:7E:2D:82:08:97:AD:4D:37:B2:3F:DA:09:5D:E2:A8
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A043BD8ABB79C422A54B22CA37FF117E5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/N1acO8V-LYIIl61NN7I_2gld4qg.roa
Signing time:             Thu 17 Aug 2023 16:02:25 +0000
ROA not before:           Thu 17 Aug 2023 16:02:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35913
IP address blocks:        195.133.81.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24
                          194.135.30.0/24 maxlen: 24
                          194.58.41.0/24 maxlen: 24
                          212.193.6.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 20 Aug 2023 08:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:04:3b:d8:ab:b7:9c:42:2a:54:b2:2c:a3:7f:f1:17:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 17 16:02:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=37569c3bc57e2d820897ad4d37b23fda095de2a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:aa:11:34:b1:b4:ac:f3:97:45:5a:62:88:67:
                    37:3f:d6:17:ee:00:4c:37:b3:a4:b7:04:7e:50:28:
                    31:fb:64:3f:de:bd:3d:57:76:d9:cb:09:3e:9e:79:
                    4e:79:0c:e0:3c:a0:81:3f:6c:78:95:b7:fe:51:a0:
                    b2:03:70:5b:74:63:bc:5d:26:90:97:4b:e1:d8:1c:
                    09:6f:ec:2a:18:33:93:02:f9:17:95:82:cb:9a:eb:
                    3e:0b:96:50:e0:89:27:08:cf:e9:f9:8b:99:9c:1d:
                    70:5b:45:05:02:15:66:4a:53:66:2a:6b:d8:f9:4e:
                    50:3d:50:b4:9c:01:83:77:1e:6b:cf:70:c2:ac:4a:
                    c0:a0:e8:00:df:c0:9a:1b:9d:bf:b6:d8:3f:0a:59:
                    cf:0b:91:56:a1:74:01:9c:7c:ab:f2:40:16:b1:f4:
                    17:cf:bc:23:17:c6:0e:fe:a9:6b:a5:bc:bb:06:68:
                    d0:3f:be:21:09:15:ea:a1:e7:90:99:bd:39:19:e3:
                    e9:ec:20:6c:cb:ff:d1:23:27:6d:3a:7c:18:49:b8:
                    b4:b7:cf:26:c1:cb:ec:3a:f3:4a:e4:38:e1:d5:be:
                    73:a0:19:81:19:3a:43:c7:5f:0f:97:8c:54:25:b8:
                    58:2c:90:26:29:96:a7:c3:54:6a:10:0c:b0:9f:6e:
                    64:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:56:9C:3B:C5:7E:2D:82:08:97:AD:4D:37:B2:3F:DA:09:5D:E2:A8
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/N1acO8V-LYIIl61NN7I_2gld4qg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.58.41.0/24
                  194.135.30.0/24
                  195.133.81.0/24
                  195.133.194.0/24
                  212.193.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:50:a0:7b:56:67:0e:a4:39:64:8e:58:3b:77:8f:d9:fe:13:
         d3:1f:dd:6b:4c:df:10:47:28:65:61:8b:8a:0c:85:dd:d6:37:
         bb:7f:d4:da:b8:4e:c5:c0:77:03:22:75:6e:2f:93:d1:af:28:
         18:c2:17:9a:90:e3:8d:fe:d5:a2:85:af:03:16:9c:f9:96:bc:
         8c:a3:0d:e9:ad:b2:47:51:85:f4:d9:31:e1:0e:b7:11:63:41:
         ce:3d:dd:18:65:87:60:07:de:91:93:3b:43:f0:ac:0b:91:66:
         32:48:04:34:ad:dc:5c:7d:af:33:43:d2:33:9a:60:d1:10:25:
         db:bd:3b:66:04:26:cd:a1:db:8b:ad:bb:7b:0d:a1:e4:6e:ce:
         1b:2a:47:b5:e2:74:c8:23:d3:5c:a0:a6:1c:33:01:bf:da:7e:
         71:04:e2:a8:c3:9e:11:44:27:0d:17:03:73:c9:b5:33:f9:10:
         82:80:c4:dd:bf:04:e3:6d:72:8b:4f:2c:af:b4:5e:c5:f5:e4:
         dd:42:58:1b:02:04:fb:4e:01:7a:96:8b:47:8d:b1:06:72:96:
         d6:88:f1:1a:86:34:be:f4:d7:34:10:5f:31:ac:34:bd:e3:98:
         ec:22:37:96:d0:82:df:90:f7:65:d4:30:a3:db:51:27:6b:d0:
         45:df:f4:ee
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYoEO9irt5xCKlSyLKN/8RflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODE3MTYwMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzU2OWMzYmM1N2UyZDgyMDg5N2FkNGQzN2IyM2ZkYTA5NWRlMmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKoRNLG0rPOXRVpiiGc3P9YX7gBM
N7OktwR+UCgx+2Q/3r09V3bZywk+nnlOeQzgPKCBP2x4lbf+UaCyA3BbdGO8XSaQ
l0vh2BwJb+wqGDOTAvkXlYLLmus+C5ZQ4IknCM/p+YuZnB1wW0UFAhVmSlNmKmvY
+U5QPVC0nAGDdx5rz3DCrErAoOgA38CaG52/ttg/ClnPC5FWoXQBnHyr8kAWsfQX
z7wjF8YO/qlrpby7BmjQP74hCRXqoeeQmb05GePp7CBsy//RIydtOnwYSbi0t88m
wcvsOvNK5Djh1b5zoBmBGTpDx18Pl4xUJbhYLJAmKZanw1RqEAywn25keQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDdWnDvFfi2CCJetTTeyP9oJXeKoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTjFhY084Vi1MWUlJbDYxTk43SV8yZ2xkNHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwjopAwQA
woceAwQAw4VRAwQAw4XCAwQA1MEGMA0GCSqGSIb3DQEBCwUAA4IBAQAvUKB7VmcO
pDlkjlg7d4/Z/hPTH91rTN8QRyhlYYuKDIXd1je7f9TauE7FwHcDInVuL5PRrygY
wheakOON/tWiha8DFpz5lryMow3prbJHUYX02THhDrcRY0HOPd0YZYdgB96RkztD
8KwLkWYySAQ0rdxcfa8zQ9IzmmDRECXbvTtmBCbNoduLrbt7DaHkbs4bKke14nTI
I9NcoKYcMwG/2n5xBOKow54RRCcNFwNzybUz+RCCgMTdvwTjbXKLTyyvtF7F9eTd
QlgbAgT7TgF6lotHjbEGcpbWiPEahjS+9Nc0EF8xrDS945jsIjeW0ILfkPdl1DCj
21Ena9BF3/Tu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org