Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NZBB1LfRBq2lTYSmzOitpTKqPto.roa
File:                     NZBB1LfRBq2lTYSmzOitpTKqPto.roa (raw, json)
Hash identifier:          IwENnxkZWHMOWrX+AXwJbPHpkoNbBabifwWIBxpKyQc=
Subject key identifier:   35:90:41:D4:B7:D1:06:AD:A5:4D:84:A6:CC:E8:AD:A5:32:AA:3E:DA
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01857154357C5C63B6D6F54FA0BB92519776
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NZBB1LfRBq2lTYSmzOitpTKqPto.roa
Signing time:             Mon 02 Jan 2023 07:13:42 +0000
ROA not before:           Mon 02 Jan 2023 07:13:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2118
IP address blocks:        193.124.4.0/24 maxlen: 24
                          193.124.3.0/24 maxlen: 24
                          193.124.6.0/24 maxlen: 24
                          193.124.8.0/24 maxlen: 24
                          62.76.231.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          194.87.7.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.116.0/24 maxlen: 24
                          194.87.118.0/24 maxlen: 24
                          194.87.123.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.138.0/23 maxlen: 23
                          194.87.136.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.87.76.0/24 maxlen: 24
                          194.87.82.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          195.133.94.0/24 maxlen: 24
                          195.133.12.0/24 maxlen: 24
                          195.133.55.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24
                          212.193.12.0/24 maxlen: 24
                          194.58.38.0/24 maxlen: 24
                          212.192.222.0/24 maxlen: 24
                          194.58.42.0/24 maxlen: 24
                          194.58.46.0/23 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          194.58.58.0/24 maxlen: 24
                          195.58.52.0/22 maxlen: 22
                          195.58.56.0/21 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          195.58.62.0/24 maxlen: 24
                          212.193.0.0/24 maxlen: 24
                          194.87.202.0/24 maxlen: 24
                          194.87.208.0/23 maxlen: 24
                          194.87.222.0/23 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          212.192.0.0/23 maxlen: 24
                          194.87.149.0/24 maxlen: 24
                          192.124.172.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          194.87.165.0/24 maxlen: 24
                          194.87.163.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          192.124.180.0/22 maxlen: 24
                          192.124.182.0/23 maxlen: 24
                          194.87.171.0/24 maxlen: 24
                          194.87.172.0/24 maxlen: 24
                          194.87.176.0/24 maxlen: 24
                          194.87.182.0/24 maxlen: 24
                          193.124.201.0/24 maxlen: 24
                          193.124.203.0/24 maxlen: 24
                          194.87.198.0/24 maxlen: 24
                          193.124.207.0/24 maxlen: 24
                          194.87.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Jan 2023 09:23:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:54:35:7c:5c:63:b6:d6:f5:4f:a0:bb:92:51:97:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  2 07:13:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=359041d4b7d106ada54d84a6cce8ada532aa3eda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:e2:8d:e1:85:74:bb:a8:f1:20:d9:05:13:d1:
                    4f:d1:c2:43:fd:25:d0:2a:71:fc:f3:f8:53:6f:cc:
                    74:02:70:26:e8:0a:9b:28:d1:ad:8b:07:b7:95:11:
                    90:4e:94:2d:96:d5:6e:4a:1d:aa:d2:45:9a:b8:ce:
                    71:c9:49:64:58:fb:e4:d1:e4:e1:30:37:e5:6c:79:
                    83:4d:c0:e7:fb:c0:11:89:2d:03:b0:c1:1a:1c:6c:
                    ba:b3:cc:4d:e4:b8:7a:d2:fa:b7:ee:62:80:f5:09:
                    7b:bb:1b:5b:8e:6d:3d:1d:a3:5f:3d:5b:30:4c:46:
                    48:86:ef:7f:8c:bb:5f:47:80:82:53:8a:a2:ff:85:
                    9f:c2:0c:a7:44:85:fd:49:6d:c9:59:bf:2c:51:de:
                    29:0a:4b:da:52:a7:cc:9b:f8:ea:bd:6a:d0:9c:9e:
                    54:ad:39:9d:5c:ed:ed:8e:3b:42:53:55:a7:68:62:
                    f9:7b:20:e4:b1:00:31:78:f6:bf:68:2d:78:4d:a2:
                    58:2c:75:a7:eb:57:42:b4:99:37:94:2f:d8:6e:32:
                    e4:77:11:3a:77:63:7c:02:ca:7f:7c:44:04:a6:11:
                    50:28:69:0c:39:f4:72:0e:08:92:a3:c7:a9:12:8f:
                    c1:35:cb:0c:79:c0:42:33:54:4c:c2:01:66:2e:0e:
                    bb:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:90:41:D4:B7:D1:06:AD:A5:4D:84:A6:CC:E8:AD:A5:32:AA:3E:DA
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NZBB1LfRBq2lTYSmzOitpTKqPto.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.231.0/24
                  192.124.172.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  193.124.3.0-193.124.4.255
                  193.124.6.0/24
                  193.124.8.0/24
                  193.124.18.0/24
                  193.124.133.0/24
                  193.124.201.0/24
                  193.124.203.0/24
                  193.124.207.0/24
                  194.58.38.0/24
                  194.58.42.0/24
                  194.58.45.0-194.58.47.255
                  194.58.58.0/23
                  194.87.7.0/24
                  194.87.24.0/22
                  194.87.56.0/24
                  194.87.76.0/24
                  194.87.82.0/23
                  194.87.104.0/24
                  194.87.116.0/24
                  194.87.118.0/24
                  194.87.123.0/24
                  194.87.136.0/24
                  194.87.138.0/23
                  194.87.149.0/24
                  194.87.163.0/24
                  194.87.165.0/24
                  194.87.171.0-194.87.172.255
                  194.87.176.0/24
                  194.87.182.0/24
                  194.87.198.0/23
                  194.87.202.0/24
                  194.87.208.0/23
                  194.87.222.0/23
                  194.87.233.0/24
                  195.58.50.0/24
                  195.58.52.0-195.58.63.255
                  195.133.12.0/24
                  195.133.55.0/24
                  195.133.94.0/24
                  195.133.195.0/24
                  212.192.0.0/23
                  212.192.10.0/24
                  212.192.222.0/24
                  212.193.0.0/24
                  212.193.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:fa:1a:7d:c0:b6:28:e7:f3:45:37:ca:38:52:16:44:97:16:
         02:c3:ab:07:36:a7:ce:9e:1f:f0:0e:8c:51:d6:52:ad:01:bd:
         8f:4a:eb:82:9b:be:4e:aa:ce:61:2e:b4:fa:13:9c:08:30:f7:
         cf:84:43:a8:16:20:f8:c6:74:b4:81:46:c9:f5:4e:1d:c1:49:
         38:a7:67:e6:45:11:45:56:5d:6e:df:01:20:f3:42:10:e0:bb:
         70:ee:4b:75:3b:3a:97:21:53:ce:7f:d5:56:6b:fe:f9:77:a6:
         9f:26:9c:1a:69:5d:82:b9:90:93:82:d5:d3:c6:ef:f9:74:b0:
         1a:5c:e7:8b:0b:f2:1f:81:26:b5:a7:83:4a:49:d7:29:cc:95:
         fc:7d:2f:4c:25:e2:43:4a:f8:07:59:bb:03:0f:4e:c0:60:9c:
         de:48:ca:23:f6:44:7e:97:58:94:48:ea:66:84:74:32:62:a5:
         e7:8d:b8:f8:e7:e4:13:0d:45:85:32:2a:95:29:94:90:da:95:
         66:5e:fb:0b:cf:86:10:ad:0d:8c:8b:96:b8:2b:d5:db:26:0c:
         ea:e2:8c:c8:70:80:b7:30:bc:aa:c1:d8:4a:26:64:4f:74:44:
         5f:86:c2:30:9f:00:38:42:f1:13:39:c2:3b:61:0c:bb:22:75:
         ce:e9:9b:a9
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAYVxVDV8XGO21vVPoLuSUZd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAyMDcxMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTkwNDFkNGI3ZDEwNmFkYTU0ZDg0YTZjY2U4YWRhNTMyYWEzZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eKN4YV0u6jxINkFE9FP0cJD/SXQ
KnH88/hTb8x0AnAm6AqbKNGtiwe3lRGQTpQtltVuSh2q0kWauM5xyUlkWPvk0eTh
MDflbHmDTcDn+8ARiS0DsMEaHGy6s8xN5Lh60vq37mKA9Ql7uxtbjm09HaNfPVsw
TEZIhu9/jLtfR4CCU4qi/4WfwgynRIX9SW3JWb8sUd4pCkvaUqfMm/jqvWrQnJ5U
rTmdXO3tjjtCU1WnaGL5eyDksQAxePa/aC14TaJYLHWn61dCtJk3lC/YbjLkdxE6
d2N8Asp/fEQEphFQKGkMOfRyDgiSo8epEo/BNcsMecBCM1RMwgFmLg67eQIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFDWQQdS30QatpU2EpszoraUyqj7aMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTlpCQjFMZlJCcTJsVFlTbXpPaXRwVEtxUHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCCAU4EAgABMIIB
RgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tDAMAwQAwXwDAwQAwXwEAwQAwXwGAwQA
wXwIAwQAwXwSAwQAwXyFAwQAwXzJAwQAwXzLAwQAwXzPAwQAwjomAwQAwjoqMAwD
BADCOi0DBATCOiADBAHCOjoDBADCVwcDBALCVxgDBADCVzgDBADCV0wDBAHCV1ID
BADCV2gDBADCV3QDBADCV3YDBADCV3sDBADCV4gDBAHCV4oDBADCV5UDBADCV6MD
BADCV6UwDAMEAMJXqwMEAMJXrAMEAMJXsAMEAMJXtgMEAcJXxgMEAMJXygMEAcJX
0AMEAcJX3gMEAMJX6QMEAMM6MjAMAwQCwzo0AwQGwzoAAwQAw4UMAwQAw4U3AwQA
w4VeAwQAw4XDAwQB1MAAAwQA1MAKAwQA1MDeAwQA1MEAAwQA1MEMMA0GCSqGSIb3
DQEBCwUAA4IBAQAh+hp9wLYo5/NFN8o4UhZElxYCw6sHNqfOnh/wDoxR1lKtAb2P
SuuCm75Oqs5hLrT6E5wIMPfPhEOoFiD4xnS0gUbJ9U4dwUk4p2fmRRFFVl1u3wEg
80IQ4Ltw7kt1OzqXIVPOf9VWa/75d6afJpwaaV2CuZCTgtXTxu/5dLAaXOeLC/If
gSa1p4NKSdcpzJX8fS9MJeJDSvgHWbsDD07AYJzeSMoj9kR+l1iUSOpmhHQyYqXn
jbj45+QTDUWFMiqVKZSQ2pVmXvsLz4YQrQ2Mi5a4K9XbJgzq4ozIcIC3MLyqwdhK
JmRPdERfhsIwnwA4QvETOcI7YQy7InXO6Zup
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org