Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/c0N6iV3Xwg9T2oWwIwY4rQooPcc.roa
File:                     c0N6iV3Xwg9T2oWwIwY4rQooPcc.roa (raw, json)
Hash identifier:          NWFLIK9N0J4Fqjp2HOJS5KcfojdOSxUhtUvUh4+R1e4=
Subject key identifier:   73:43:7A:89:5D:D7:C2:0F:53:DA:85:B0:23:06:38:AD:0A:28:3D:C7
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0185BA744DA09969C554C3DEED82393F5FA9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/c0N6iV3Xwg9T2oWwIwY4rQooPcc.roa
Signing time:             Mon 16 Jan 2023 12:01:02 +0000
ROA not before:           Mon 16 Jan 2023 12:01:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58212
IP address blocks:        194.87.207.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          195.133.94.0/24 maxlen: 24
                          193.124.41.0/24 maxlen: 24
                          194.87.30.0/24 maxlen: 24
                          193.124.47.0/24 maxlen: 24
                          212.192.7.0/24 maxlen: 24
                          194.58.43.0/24 maxlen: 24
                          194.87.161.0/24 maxlen: 24
                          194.58.46.0/24 maxlen: 24
                          212.192.30.0/24 maxlen: 24
                          193.124.205.0/24 maxlen: 24
                          194.87.108.0/24 maxlen: 24
                          194.87.64.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 17 Jan 2023 07:24:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ba:74:4d:a0:99:69:c5:54:c3:de:ed:82:39:3f:5f:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan 16 12:01:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=73437a895dd7c20f53da85b0230638ad0a283dc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:98:f0:52:7b:25:bf:db:b7:e2:d2:16:98:20:
                    33:88:8b:09:52:7c:27:5c:09:70:bc:a7:5c:30:7a:
                    7f:7c:11:a1:01:7e:ff:e8:ba:03:45:d4:89:3b:87:
                    38:3b:0d:aa:17:2c:48:e3:ab:d2:3d:7c:ac:b5:b8:
                    07:77:19:ec:36:a4:58:8a:17:c5:57:3e:92:30:80:
                    12:11:3f:c4:5a:62:02:89:f8:bf:31:a0:24:e3:23:
                    f9:ca:f2:f6:b5:df:f7:d8:58:3a:88:08:22:85:41:
                    a8:6d:e7:fb:70:7b:0f:a1:df:e0:96:97:64:43:1e:
                    3b:ca:0b:79:33:85:83:21:63:a5:47:6d:46:dc:8d:
                    3f:b8:83:c4:7e:98:cc:58:6d:5a:0a:8b:29:ac:1c:
                    c6:6b:d7:13:c2:17:b4:17:62:4a:65:00:56:d9:dd:
                    0b:7a:64:b0:f2:c3:9c:23:f3:49:a7:ec:0b:20:9e:
                    25:66:cc:f6:70:58:7c:2c:3f:c5:bd:0d:bb:41:23:
                    5f:8a:6a:c5:85:9f:dd:aa:f0:68:92:d5:c0:ea:a1:
                    4a:e0:88:ce:16:ed:ca:ee:6c:b7:82:21:bf:d2:8c:
                    27:95:b7:f0:ad:94:71:6e:eb:04:0e:67:21:c1:1e:
                    a0:fb:e1:cf:07:cf:11:ba:59:71:16:41:da:55:5d:
                    1b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:43:7A:89:5D:D7:C2:0F:53:DA:85:B0:23:06:38:AD:0A:28:3D:C7
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/c0N6iV3Xwg9T2oWwIwY4rQooPcc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.18.0/24
                  193.124.41.0/24
                  193.124.47.0/24
                  193.124.205.0/24
                  194.58.43.0/24
                  194.58.46.0/24
                  194.87.30.0/24
                  194.87.64.0/24
                  194.87.108.0/24
                  194.87.161.0/24
                  194.87.207.0/24
                  195.133.94.0/24
                  212.192.7.0/24
                  212.192.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:a5:a1:ba:85:b2:8b:04:76:16:44:a4:f5:78:39:c3:22:4b:
         1b:7e:c6:0e:00:25:da:94:de:25:20:ab:a6:c1:a4:6b:89:36:
         2e:dc:65:95:95:a9:eb:fe:bd:c2:e3:ea:6f:a4:09:76:cf:0e:
         70:20:d8:7f:9c:35:39:23:c8:f2:f7:36:5f:e6:e3:87:65:f1:
         2b:d5:90:70:77:9e:99:fa:cf:8e:e6:ab:92:91:c0:de:aa:32:
         ae:6f:46:a6:9a:b0:a1:15:91:f6:a3:77:94:93:0f:54:b1:c3:
         c7:24:c7:84:37:ea:5a:c6:d4:ea:62:56:37:69:fc:9c:d9:e9:
         92:23:f6:36:e3:9b:aa:5f:00:36:0e:77:99:fc:52:a2:78:ec:
         b2:81:55:ad:97:ba:a3:68:4c:52:b9:b6:91:8f:19:7b:6d:6e:
         ea:80:db:48:2f:ba:7b:ad:48:88:93:7f:71:cd:a6:68:0b:53:
         4b:cb:60:82:60:3c:a1:09:c1:6e:50:5b:83:93:43:14:69:3f:
         18:3c:7b:a4:6a:5d:83:56:31:f7:3c:06:2b:a8:21:9f:11:66:
         1f:a1:64:45:17:08:c9:2f:26:4c:65:37:e8:d6:fe:17:63:f3:
         96:99:be:09:a4:e6:09:aa:d2:3b:d4:fa:26:bd:a3:49:69:ee:
         e2:1b:18:c0
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYW6dE2gmWnFVMPe7YI5P1+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE2MTIwMTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzQzN2E4OTVkZDdjMjBmNTNkYTg1YjAyMzA2MzhhZDBhMjgzZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJjwUnslv9u34tIWmCAziIsJUnwn
XAlwvKdcMHp/fBGhAX7/6LoDRdSJO4c4Ow2qFyxI46vSPXystbgHdxnsNqRYihfF
Vz6SMIASET/EWmICifi/MaAk4yP5yvL2td/32Fg6iAgihUGobef7cHsPod/glpdk
Qx47ygt5M4WDIWOlR21G3I0/uIPEfpjMWG1aCosprBzGa9cTwhe0F2JKZQBW2d0L
emSw8sOcI/NJp+wLIJ4lZsz2cFh8LD/FvQ27QSNfimrFhZ/dqvBoktXA6qFK4IjO
Fu3K7my3giG/0ownlbfwrZRxbusEDmchwR6g++HPB88RullxFkHaVV0bDwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHNDeold18IPU9qFsCMGOK0KKD3HMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYzBONmlWM1h3ZzlUMm9Xd0l3WTRyUW9vUGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAwXwSAwQA
wXwpAwQAwXwvAwQAwXzNAwQAwjorAwQAwjouAwQAwlceAwQAwldAAwQAwldsAwQA
wlehAwQAwlfPAwQAw4VeAwQA1MAHAwQA1MAeMA0GCSqGSIb3DQEBCwUAA4IBAQBl
paG6hbKLBHYWRKT1eDnDIksbfsYOACXalN4lIKumwaRriTYu3GWVlanr/r3C4+pv
pAl2zw5wINh/nDU5I8jy9zZf5uOHZfEr1ZBwd56Z+s+O5quSkcDeqjKub0ammrCh
FZH2o3eUkw9UscPHJMeEN+paxtTqYlY3afyc2emSI/Y245uqXwA2DneZ/FKieOyy
gVWtl7qjaExSubaRjxl7bW7qgNtIL7p7rUiIk39xzaZoC1NLy2CCYDyhCcFuUFuD
k0MUaT8YPHukal2DVjH3PAYrqCGfEWYfoWRFFwjJLyZMZTfo1v4XY/OWmb4JpOYJ
qtI71PomvaNJae7iGxjA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:21 2024 by rpki-client on console-fra.rpki-client.org