Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hWZPyGSWj9gZZZ9vHnVLLINtbuA.roa
File:                     hWZPyGSWj9gZZZ9vHnVLLINtbuA.roa (raw, json)
Hash identifier:          lD4Cy/i/YWo2sWJG4yMfl12qNfDshWGotUqjJIxrkTs=
Subject key identifier:   85:66:4F:C8:64:96:8F:D8:19:65:9F:6F:1E:75:4B:2C:83:6D:6E:E0
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0189926963A78055B8941CBD53DD80471D64
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hWZPyGSWj9gZZZ9vHnVLLINtbuA.roa
Signing time:             Wed 26 Jul 2023 13:35:27 +0000
ROA not before:           Wed 26 Jul 2023 13:35:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200385
IP address blocks:        193.124.227.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          62.76.235.0/24 maxlen: 24
                          194.87.240.0/24 maxlen: 24
                          194.87.23.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          194.87.243.0/24 maxlen: 24
                          193.124.49.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          194.87.160.0/24 maxlen: 24
                          195.133.37.0/24 maxlen: 24
                          212.192.249.0/24 maxlen: 24
                          194.135.46.0/24 maxlen: 24
                          194.87.53.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 27 Jul 2023 16:02:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:92:69:63:a7:80:55:b8:94:1c:bd:53:dd:80:47:1d:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jul 26 13:35:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=85664fc864968fd819659f6f1e754b2c836d6ee0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:9a:b4:23:8a:12:d8:fc:79:6d:f4:0f:1d:b3:
                    93:d9:27:7f:da:9e:8b:82:aa:2c:16:79:db:22:1c:
                    e0:d2:7e:c8:af:f5:84:85:89:30:dc:c6:09:96:36:
                    7b:d0:3f:77:78:2f:dd:dd:f6:88:e5:04:95:18:80:
                    0b:1d:1b:19:ec:bd:c0:a0:a9:6d:87:5a:d9:09:c5:
                    0e:80:b5:53:34:dc:2b:82:81:ea:c5:55:17:84:40:
                    9c:c1:e2:7e:46:08:b9:51:c8:bc:d7:48:ab:ab:b5:
                    b2:d5:b6:bf:6a:8a:2f:68:cd:33:f0:52:e6:a9:98:
                    d4:d8:40:21:58:1c:98:6e:48:11:79:33:db:17:ab:
                    b6:f8:06:44:8e:09:33:34:17:2e:18:20:f5:05:5d:
                    52:eb:ea:8b:ec:fd:18:98:f0:3c:c0:0f:67:e0:2e:
                    db:a0:73:2f:e5:54:97:80:56:7d:bd:eb:27:c5:b1:
                    aa:b8:8d:0f:35:b9:0f:3c:93:4d:55:7b:3e:7e:7e:
                    d8:ed:72:86:39:f8:62:07:b2:9d:1a:96:04:20:d4:
                    d2:c4:a9:02:b1:af:08:1f:cf:60:96:e0:27:e1:9d:
                    b4:3b:5d:aa:b9:e2:26:84:cc:c2:85:ca:9d:fb:74:
                    c0:bb:17:10:32:34:f8:86:96:f4:8a:ce:8a:3d:b7:
                    d6:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:66:4F:C8:64:96:8F:D8:19:65:9F:6F:1E:75:4B:2C:83:6D:6E:E0
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hWZPyGSWj9gZZZ9vHnVLLINtbuA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.235.0/24
                  193.124.18.0/24
                  193.124.49.0/24
                  193.124.227.0/24
                  194.87.23.0/24
                  194.87.53.0/24
                  194.87.160.0/24
                  194.87.240.0/24
                  194.87.243.0/24
                  194.135.23.0/24
                  194.135.46.0/24
                  195.133.37.0/24
                  212.192.10.0/24
                  212.192.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:be:87:fc:13:26:89:fd:99:8e:f2:ef:ab:9e:a1:a8:bb:1e:
         1c:ab:eb:51:03:0b:55:d6:8f:29:f0:97:06:f0:fa:46:b6:6a:
         7d:fe:e4:22:36:28:21:a8:73:bc:a2:f8:26:72:1a:5e:5b:e8:
         f3:bb:af:f1:35:93:68:d8:4a:0e:0a:2f:18:f0:bc:6e:c0:ac:
         1d:31:76:d6:38:49:a2:e9:9f:8b:d3:d8:5c:32:5a:b5:d0:d8:
         44:dd:17:54:6a:d7:69:6e:74:c6:2a:22:82:5f:79:6c:db:81:
         de:cc:d7:ed:3d:74:05:4a:c9:81:64:97:25:47:d8:93:d6:f4:
         29:6c:93:34:ca:8d:f9:80:a4:cc:96:82:d0:c9:7a:9d:00:38:
         92:53:75:2d:07:1d:71:c6:d8:01:13:70:61:26:9a:fb:44:94:
         38:39:92:44:a8:6e:bc:e2:e7:aa:20:a5:bc:44:88:d5:fc:eb:
         5d:66:91:50:4d:3a:6c:e7:8c:ad:f7:db:58:bc:7f:54:4a:36:
         bb:9c:eb:d8:88:d3:4a:59:e5:e9:99:26:a1:74:a3:74:ff:c3:
         4d:a9:d2:87:31:d2:ca:3e:0f:c7:1f:dd:e7:71:d0:4a:4d:2b:
         7c:21:86:d8:18:0d:66:e1:99:6e:ee:c6:a7:5e:61:67:4c:ec:
         8f:19:9f:74
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYmSaWOngFW4lBy9U92ARx1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI2MTMzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTY2NGZjODY0OTY4ZmQ4MTk2NTlmNmYxZTc1NGIyYzgzNmQ2ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJq0I4oS2Px5bfQPHbOT2Sd/2p6L
gqosFnnbIhzg0n7Ir/WEhYkw3MYJljZ70D93eC/d3faI5QSVGIALHRsZ7L3AoKlt
h1rZCcUOgLVTNNwrgoHqxVUXhECcweJ+Rgi5Uci810irq7Wy1ba/aoovaM0z8FLm
qZjU2EAhWByYbkgReTPbF6u2+AZEjgkzNBcuGCD1BV1S6+qL7P0YmPA8wA9n4C7b
oHMv5VSXgFZ9vesnxbGquI0PNbkPPJNNVXs+fn7Y7XKGOfhiB7KdGpYEINTSxKkC
sa8IH89gluAn4Z20O12queImhMzChcqd+3TAuxcQMjT4hpb0is6KPbfWYwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFIVmT8hklo/YGWWfbx51SyyDbW7gMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaFdaUHlHU1dqOWdaWlo5dkhuVkxMSU50YnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAPkzrAwQA
wXwSAwQAwXwxAwQAwXzjAwQAwlcXAwQAwlc1AwQAwlegAwQAwlfwAwQAwlfzAwQA
wocXAwQAwocuAwQAw4UlAwQA1MAKAwQA1MD5MA0GCSqGSIb3DQEBCwUAA4IBAQBx
vof8EyaJ/ZmO8u+rnqGoux4cq+tRAwtV1o8p8JcG8PpGtmp9/uQiNighqHO8ovgm
chpeW+jzu6/xNZNo2EoOCi8Y8LxuwKwdMXbWOEmi6Z+L09hcMlq10NhE3RdUatdp
bnTGKiKCX3ls24HezNftPXQFSsmBZJclR9iT1vQpbJM0yo35gKTMloLQyXqdADiS
U3UtBx1xxtgBE3BhJpr7RJQ4OZJEqG684ueqIKW8RIjV/OtdZpFQTTps54yt99tY
vH9USja7nOvYiNNKWeXpmSahdKN0/8NNqdKHMdLKPg/HH93ncdBKTSt8IYbYGA1m
4Zlu7sanXmFnTOyPGZ90
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:23 2024 by rpki-client on console-fra.rpki-client.org