Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NOdKnsIp0yzsfLWhocVFsJeOmFw.roa
File:                     NOdKnsIp0yzsfLWhocVFsJeOmFw.roa (raw, json)
Hash identifier:          NiiARi89fO2WWFRYf5exCImByMxqqiXA+k6uBKT6btc=
Subject key identifier:   34:E7:4A:9E:C2:29:D3:2C:EC:7C:B5:A1:A1:C5:45:B0:97:8E:98:5C
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0185967181375BDCC906222CEA6600FC1CAC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NOdKnsIp0yzsfLWhocVFsJeOmFw.roa
Signing time:             Mon 09 Jan 2023 12:11:39 +0000
ROA not before:           Mon 09 Jan 2023 12:11:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        193.124.3.0/24 maxlen: 24
                          193.124.9.0/24 maxlen: 24
                          194.87.1.0/24 maxlen: 24
                          193.124.44.0/24 maxlen: 24
                          194.87.38.0/24 maxlen: 24
                          195.58.36.0/24 maxlen: 24
                          195.58.35.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          195.58.56.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.42.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24
                          194.135.18.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          194.87.166.0/24 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          195.133.35.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          212.192.31.0/24 maxlen: 24
                          194.87.178.0/24 maxlen: 24
                          194.87.187.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Jan 2023 08:11:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:96:71:81:37:5b:dc:c9:06:22:2c:ea:66:00:fc:1c:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  9 12:11:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=34e74a9ec229d32cec7cb5a1a1c545b0978e985c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:be:5b:60:66:03:e3:f7:cd:7d:e5:7b:b1:b7:
                    c9:0c:b6:6b:10:f2:c0:db:2f:af:26:5f:a5:8c:a6:
                    be:d9:41:9c:0a:09:fe:c8:5d:d9:09:e3:1e:ff:ba:
                    79:59:e2:13:17:f0:1e:26:0c:87:60:7a:14:89:7c:
                    e9:8b:24:20:ff:4e:dd:40:cf:0b:3d:d3:1c:08:39:
                    cd:85:66:44:af:95:06:85:05:ef:8b:d9:53:f6:52:
                    93:8c:ed:08:81:18:3f:e6:ec:39:7d:e5:37:af:5b:
                    71:28:d7:be:0a:76:99:20:68:f7:54:5c:8e:95:e8:
                    24:fd:3a:c1:22:a2:fa:aa:46:dc:16:7a:90:b3:fa:
                    99:b9:fd:4e:33:d0:98:df:e7:ab:70:98:d6:85:6f:
                    1e:91:2c:9c:5e:d2:64:69:d5:8c:eb:3b:47:6f:d7:
                    3b:e5:71:ad:78:f5:a4:da:e9:bf:77:b6:2d:77:48:
                    54:97:16:4d:46:8b:c4:d8:90:da:4b:01:94:1a:e9:
                    29:e0:e5:83:b8:13:02:29:96:6e:a7:1d:e6:9e:75:
                    94:fa:43:83:b5:05:63:64:8f:77:e9:c9:89:90:8b:
                    27:68:3e:cc:92:00:b5:f6:56:27:bd:4e:3d:88:21:
                    c4:96:c8:63:bd:1a:06:6d:66:19:0c:2e:b3:70:3f:
                    17:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:E7:4A:9E:C2:29:D3:2C:EC:7C:B5:A1:A1:C5:45:B0:97:8E:98:5C
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NOdKnsIp0yzsfLWhocVFsJeOmFw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.3.0/24
                  193.124.9.0/24
                  193.124.44.0/24
                  194.87.1.0/24
                  194.87.38.0/24
                  194.87.42.0/24
                  194.87.73.0/24
                  194.87.130.0/23
                  194.87.166.0/24
                  194.87.168.0/24
                  194.87.178.0/23
                  194.87.187.0/24
                  194.135.18.0/24
                  194.135.23.0/24
                  195.58.35.0-195.58.36.255
                  195.58.50.0/24
                  195.58.56.0/24
                  195.133.0.0/24
                  195.133.30.0/24
                  195.133.35.0/24
                  195.133.195.0/24
                  212.192.10.0/24
                  212.192.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:80:f9:a2:00:f6:96:70:8f:9d:1f:0e:ae:79:42:09:aa:47:
         ee:2a:91:70:4f:9a:0b:dc:ca:88:99:2d:ec:14:94:eb:5b:2c:
         74:cc:62:d3:03:07:3c:85:ac:71:02:d1:59:f6:ba:3a:a6:92:
         f2:42:83:0a:bd:2f:b2:96:80:a6:09:c2:06:33:64:bc:3f:0e:
         22:a0:a0:23:3d:34:01:eb:17:96:f2:fa:6f:65:16:ce:38:71:
         2a:69:d0:87:4c:0d:dd:2b:a2:b1:2c:09:ec:d5:f3:bf:05:cd:
         6a:03:a4:7f:f4:0a:b7:b2:84:1c:12:11:35:99:bb:16:bc:1b:
         12:8d:42:96:23:ed:df:7a:fa:ed:17:65:65:3a:8a:cb:ed:58:
         03:65:59:53:a5:d2:11:82:f9:f7:9c:8b:57:8a:c6:d0:8c:d4:
         9a:a8:15:85:3a:5c:98:80:6f:56:8a:a8:b3:b9:e6:62:82:db:
         34:e5:b9:52:bf:66:32:dc:0e:df:bb:7a:76:f9:48:f7:44:0b:
         ec:b5:27:08:59:b0:3a:18:f6:3f:6a:99:8f:72:81:3a:57:f1:
         16:7a:5e:47:d8:22:95:2c:7d:95:77:4b:e6:df:08:6d:c9:eb:
         79:6a:c7:6f:fd:5b:c2:a7:76:5a:86:e0:16:ce:96:09:12:a2:
         06:1e:3b:b6
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYWWcYE3W9zJBiIs6mYA/BysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTA5MTIxMTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGU3NGE5ZWMyMjlkMzJjZWM3Y2I1YTFhMWM1NDViMDk3OGU5ODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA675bYGYD4/fNfeV7sbfJDLZrEPLA
2y+vJl+ljKa+2UGcCgn+yF3ZCeMe/7p5WeITF/AeJgyHYHoUiXzpiyQg/07dQM8L
PdMcCDnNhWZEr5UGhQXvi9lT9lKTjO0IgRg/5uw5feU3r1txKNe+CnaZIGj3VFyO
legk/TrBIqL6qkbcFnqQs/qZuf1OM9CY3+ercJjWhW8ekSycXtJkadWM6ztHb9c7
5XGtePWk2um/d7Ytd0hUlxZNRovE2JDaSwGUGukp4OWDuBMCKZZupx3mnnWU+kOD
tQVjZI936cmJkIsnaD7MkgC19lYnvU49iCHElshjvRoGbWYZDC6zcD8X7wIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFDTnSp7CKdMs7Hy1oaHFRbCXjphcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTk9kS25zSXAweXpzZkxXaG9jVkZzSmVPbUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBADB
fAMDBADBfAkDBADBfCwDBADCVwEDBADCVyYDBADCVyoDBADCV0kDBAHCV4IDBADC
V6YDBADCV6gDBAHCV7IDBADCV7sDBADChxIDBADChxcwDAMEAMM6IwMEAMM6JAME
AMM6MgMEAMM6OAMEAMOFAAMEAMOFHgMEAMOFIwMEAMOFwwMEANTACgMEANTAHzAN
BgkqhkiG9w0BAQsFAAOCAQEAA4D5ogD2lnCPnR8OrnlCCapH7iqRcE+aC9zKiJkt
7BSU61ssdMxi0wMHPIWscQLRWfa6OqaS8kKDCr0vspaApgnCBjNkvD8OIqCgIz00
AesXlvL6b2UWzjhxKmnQh0wN3SuisSwJ7NXzvwXNagOkf/QKt7KEHBIRNZm7Frwb
Eo1CliPt33r67RdlZTqKy+1YA2VZU6XSEYL595yLV4rG0IzUmqgVhTpcmIBvVoqo
s7nmYoLbNOW5Ur9mMtwO37t6dvlI90QL7LUnCFmwOhj2P2qZj3KBOlfxFnpeR9gi
lSx9lXdL5t8IbcnreWrHb/1bwqd2WobgFs6WCRKiBh47tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org