Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WFdHx5XivKqCCiUkkgrho5UXcjY.roa
File:                     WFdHx5XivKqCCiUkkgrho5UXcjY.roa (raw, json)
Hash identifier:          dXBt55EyskDjBXDKFbYX0j7uHa9caOu4khZEJ/5lAhA=
Subject key identifier:   58:57:47:C7:95:E2:BC:AA:82:0A:25:24:92:0A:E1:A3:95:17:72:36
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0185BA0DC1A96E04F614F917BCFAC6E37B74
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WFdHx5XivKqCCiUkkgrho5UXcjY.roa
Signing time:             Mon 16 Jan 2023 10:09:01 +0000
ROA not before:           Mon 16 Jan 2023 10:09:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2118
IP address blocks:        193.124.3.0/24 maxlen: 24
                          193.124.6.0/24 maxlen: 24
                          193.124.8.0/24 maxlen: 24
                          62.76.231.0/24 maxlen: 24
                          194.87.3.0/24 maxlen: 24
                          194.87.6.0/24 maxlen: 24
                          194.87.7.0/24 maxlen: 24
                          194.87.16.0/24 maxlen: 24
                          194.87.22.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          194.87.27.0/24 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.115.0/24 maxlen: 24
                          194.87.116.0/24 maxlen: 24
                          194.87.118.0/24 maxlen: 24
                          194.87.114.0/24 maxlen: 24
                          194.87.123.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.126.0/24 maxlen: 24
                          194.87.138.0/23 maxlen: 23
                          194.87.136.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.87.76.0/24 maxlen: 24
                          194.87.82.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          195.133.86.0/24 maxlen: 24
                          195.133.94.0/24 maxlen: 24
                          195.133.12.0/24 maxlen: 24
                          195.133.55.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24
                          212.193.12.0/24 maxlen: 24
                          194.58.38.0/24 maxlen: 24
                          194.58.39.0/24 maxlen: 24
                          194.58.42.0/24 maxlen: 24
                          194.58.46.0/23 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          195.58.52.0/22 maxlen: 22
                          195.58.58.0/24 maxlen: 24
                          195.58.56.0/21 maxlen: 24
                          195.58.61.0/24 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          195.58.62.0/24 maxlen: 24
                          212.193.0.0/24 maxlen: 24
                          212.193.6.0/24 maxlen: 24
                          194.58.155.0/24 maxlen: 24
                          194.87.202.0/24 maxlen: 24
                          194.87.204.0/24 maxlen: 24
                          194.87.208.0/23 maxlen: 24
                          194.87.222.0/23 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          212.192.0.0/23 maxlen: 24
                          194.87.149.0/24 maxlen: 24
                          192.124.172.0/24 maxlen: 24
                          194.87.165.0/24 maxlen: 24
                          194.87.163.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          192.124.180.0/22 maxlen: 24
                          192.124.182.0/23 maxlen: 24
                          194.87.171.0/24 maxlen: 24
                          194.87.172.0/24 maxlen: 24
                          212.192.30.0/24 maxlen: 24
                          192.124.190.0/24 maxlen: 24
                          194.87.176.0/24 maxlen: 24
                          193.124.202.0/24 maxlen: 24
                          193.124.203.0/24 maxlen: 24
                          194.87.190.0/24 maxlen: 24
                          194.87.198.0/24 maxlen: 24
                          193.124.207.0/24 maxlen: 24
                          194.87.199.0/24 maxlen: 24
                          212.192.208.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Jan 2023 12:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ba:0d:c1:a9:6e:04:f6:14:f9:17:bc:fa:c6:e3:7b:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan 16 10:09:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=585747c795e2bcaa820a2524920ae1a395177236
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:46:42:d3:ec:fb:a9:03:0b:96:0b:50:0a:cc:
                    8b:4c:49:73:b4:2f:fb:f5:e6:08:73:3a:89:6c:78:
                    84:f3:b4:43:d9:69:d3:55:f8:7a:75:dd:37:d7:b9:
                    93:86:87:11:92:90:93:f6:46:ca:76:c8:15:7b:f5:
                    af:2a:98:4f:a0:d8:a3:82:a9:79:f8:5e:25:bc:9a:
                    25:69:50:cd:a9:2f:fb:8a:3b:3c:d2:05:e2:87:6c:
                    c0:e8:cd:1f:c0:a2:2e:bc:c2:b3:74:96:6d:0d:3a:
                    d3:03:bb:e3:e3:e7:6d:3c:55:78:c0:55:bf:6c:31:
                    13:3a:12:ec:98:2f:b0:86:0d:c1:16:2c:e8:2d:f9:
                    5c:fc:42:5c:1c:12:80:a6:78:6f:3c:c5:d5:08:37:
                    12:ce:8e:f5:0f:45:88:96:20:db:9f:2b:4a:16:50:
                    d8:42:2a:0e:92:0e:83:d8:30:9d:eb:5e:25:30:2a:
                    f0:da:6b:16:9f:d6:1a:3f:a2:97:5c:f1:73:97:3b:
                    86:e6:94:99:26:1b:37:9b:ab:06:ae:94:9b:f6:61:
                    c0:d9:d5:d2:f0:3f:0e:b1:b2:bb:79:a9:59:43:8b:
                    3c:07:6b:e3:55:bb:01:bc:7e:2a:ad:54:fc:d6:06:
                    de:5c:38:e4:dc:ad:b5:84:7b:68:ff:5c:e7:3b:fc:
                    b7:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:57:47:C7:95:E2:BC:AA:82:0A:25:24:92:0A:E1:A3:95:17:72:36
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WFdHx5XivKqCCiUkkgrho5UXcjY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.231.0/24
                  192.124.172.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  192.124.190.0/24
                  193.124.3.0/24
                  193.124.6.0/24
                  193.124.8.0/24
                  193.124.133.0/24
                  193.124.202.0/23
                  193.124.207.0/24
                  194.58.38.0/23
                  194.58.42.0/24
                  194.58.45.0-194.58.47.255
                  194.58.59.0/24
                  194.58.155.0/24
                  194.87.3.0/24
                  194.87.6.0/23
                  194.87.16.0/24
                  194.87.22.0/24
                  194.87.24.0/22
                  194.87.56.0/24
                  194.87.76.0/24
                  194.87.82.0/23
                  194.87.104.0/24
                  194.87.114.0-194.87.116.255
                  194.87.118.0/24
                  194.87.123.0/24
                  194.87.126.0/24
                  194.87.136.0/24
                  194.87.138.0/23
                  194.87.149.0/24
                  194.87.163.0/24
                  194.87.165.0/24
                  194.87.171.0-194.87.172.255
                  194.87.176.0/24
                  194.87.190.0/24
                  194.87.198.0/23
                  194.87.202.0/24
                  194.87.204.0/24
                  194.87.208.0/23
                  194.87.222.0/23
                  194.87.233.0/24
                  195.58.50.0/24
                  195.58.52.0-195.58.63.255
                  195.133.12.0/24
                  195.133.55.0/24
                  195.133.86.0/24
                  195.133.94.0/24
                  195.133.194.0/23
                  212.192.0.0/23
                  212.192.30.0/24
                  212.192.208.0/23
                  212.193.0.0/24
                  212.193.6.0/24
                  212.193.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:d9:fc:ab:a7:ac:04:5e:09:d6:35:8c:06:0e:33:ea:fe:5f:
         d2:d0:52:97:7a:e9:08:c7:74:37:78:a0:c8:69:f6:a9:e2:6a:
         d7:46:5b:81:a9:c8:0e:4c:cf:c4:f7:06:f7:91:fb:81:bd:c3:
         28:b7:ec:f2:4f:96:68:8a:e6:e7:d9:4d:36:97:32:c3:88:9a:
         bc:ea:b9:18:16:52:75:c5:c0:74:81:0b:d9:99:33:3d:a0:74:
         69:b9:92:17:25:61:d9:e3:21:8c:63:f4:3a:96:c9:99:3e:10:
         c6:b9:d7:51:48:c5:d9:ae:cb:08:2d:aa:0a:83:05:b0:32:ad:
         b9:0d:89:aa:85:bf:58:05:7c:46:fa:4c:c5:c3:ea:59:a5:39:
         fe:92:97:42:e8:db:95:d2:8a:34:65:85:00:21:99:28:09:ef:
         77:d5:47:7f:fc:0f:92:2b:8f:76:6e:b3:38:7f:ff:ed:19:bb:
         cc:4a:06:f5:4c:01:9c:0f:75:61:0a:f7:7a:4b:a4:97:43:18:
         f0:6e:4f:3d:04:57:1a:d6:80:89:cc:a6:6b:d3:ce:20:7e:07:
         94:9c:08:eb:98:21:e2:ed:a4:a7:a2:c2:92:56:d6:10:9d:70:
         18:26:45:ed:ee:a5:33:11:36:8a:e3:eb:c5:3c:56:00:3e:f4:
         61:e4:78:0a
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgISAYW6DcGpbgT2FPkXvPrG43t0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE2MTAwOTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODU3NDdjNzk1ZTJiY2FhODIwYTI1MjQ5MjBhZTFhMzk1MTc3MjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEZC0+z7qQMLlgtQCsyLTElztC/7
9eYIczqJbHiE87RD2WnTVfh6dd0317mThocRkpCT9kbKdsgVe/WvKphPoNijgql5
+F4lvJolaVDNqS/7ijs80gXih2zA6M0fwKIuvMKzdJZtDTrTA7vj4+dtPFV4wFW/
bDETOhLsmC+whg3BFizoLflc/EJcHBKApnhvPMXVCDcSzo71D0WIliDbnytKFlDY
QioOkg6D2DCd614lMCrw2msWn9YaP6KXXPFzlzuG5pSZJhs3m6sGrpSb9mHA2dXS
8D8OsbK7ealZQ4s8B2vjVbsBvH4qrVT81gbeXDjk3K21hHto/1znO/y3uQIDAQAB
o4IDfTCCA3kwHQYDVR0OBBYEFFhXR8eV4ryqggolJJIK4aOVF3I2MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvV0ZkSHg1WGl2S3FDQ2lVa2tncmhvNVVYY2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBkQYIKwYBBQUHAQcBAf8EggGAMIIBfDCCAXgEAgABMIIB
cAMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB8vgMEAMF8AwMEAMF8BgMEAMF8
CAMEAMF8hQMEAcF8ygMEAMF8zwMEAcI6JgMEAMI6KjAMAwQAwjotAwQEwjogAwQA
wjo7AwQAwjqbAwQAwlcDAwQBwlcGAwQAwlcQAwQAwlcWAwQCwlcYAwQAwlc4AwQA
wldMAwQBwldSAwQAwldoMAwDBAHCV3IDBADCV3QDBADCV3YDBADCV3sDBADCV34D
BADCV4gDBAHCV4oDBADCV5UDBADCV6MDBADCV6UwDAMEAMJXqwMEAMJXrAMEAMJX
sAMEAMJXvgMEAcJXxgMEAMJXygMEAMJXzAMEAcJX0AMEAcJX3gMEAMJX6QMEAMM6
MjAMAwQCwzo0AwQGwzoAAwQAw4UMAwQAw4U3AwQAw4VWAwQAw4VeAwQBw4XCAwQB
1MAAAwQA1MAeAwQB1MDQAwQA1MEAAwQA1MEGAwQA1MEMMA0GCSqGSIb3DQEBCwUA
A4IBAQBU2fyrp6wEXgnWNYwGDjPq/l/S0FKXeukIx3Q3eKDIafap4mrXRluBqcgO
TM/E9wb3kfuBvcMot+zyT5Zoiubn2U02lzLDiJq86rkYFlJ1xcB0gQvZmTM9oHRp
uZIXJWHZ4yGMY/Q6lsmZPhDGuddRSMXZrssILaoKgwWwMq25DYmqhb9YBXxG+kzF
w+pZpTn+kpdC6NuV0oo0ZYUAIZkoCe931Ud//A+SK492brM4f//tGbvMSgb1TAGc
D3VhCvd6S6SXQxjwbk89BFca1oCJzKZr084gfgeUnAjrmCHi7aSnosKSVtYQnXAY
JkXt7qUzETaK4+vFPFYAPvRh5HgK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:18 2024 by rpki-client on console-fra.rpki-client.org