Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jlkaaOAEudhCvpieisde_vrozp8.roa
File:                     jlkaaOAEudhCvpieisde_vrozp8.roa (raw, json)
Hash identifier:          PnbM37Qm33w5mbQ161Zn7J2g7pkDAsitVCosdBUpcgE=
Subject key identifier:   8E:59:1A:68:E0:04:B9:D8:42:BE:98:9E:8A:C7:5E:FE:FA:E8:CE:9F
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018CE048102FAFDA9057100F7BACA30050A5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jlkaaOAEudhCvpieisde_vrozp8.roa
Signing time:             Sat 06 Jan 2024 19:37:48 +0000
ROA not before:           Sat 06 Jan 2024 19:37:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        195.133.74.0/24 maxlen: 24
                          195.133.84.0/24 maxlen: 24
                          62.76.227.0/24 maxlen: 24
                          194.87.224.0/24 maxlen: 24
                          194.87.229.0/24 maxlen: 24
                          194.87.26.0/24 maxlen: 24
                          194.135.33.0/24 maxlen: 24
                          193.124.47.0/24 maxlen: 24
                          212.192.1.0/24 maxlen: 24
                          212.192.214.0/24 maxlen: 24
                          212.192.222.0/24 maxlen: 24
                          195.133.27.0/24 maxlen: 24
                          195.133.25.0/24 maxlen: 24
                          194.87.170.0/24 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          195.58.63.0/24 maxlen: 24
                          194.58.66.0/24 maxlen: 24
                          193.124.200.0/24 maxlen: 24
                          194.87.128.0/24 maxlen: 24
                          193.124.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Jan 2024 06:27:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:e0:48:10:2f:af:da:90:57:10:0f:7b:ac:a3:00:50:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  6 19:37:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8e591a68e004b9d842be989e8ac75efefae8ce9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:8d:c2:d6:00:2e:6a:21:65:bd:b0:24:fc:4c:
                    89:a9:82:30:60:99:0c:a8:65:64:60:ed:d1:6c:60:
                    0a:57:f1:22:47:5b:c7:d8:98:9a:a1:7c:e0:58:0e:
                    01:89:d4:ee:46:3f:72:2b:8f:f9:a5:ad:4e:52:87:
                    67:95:72:ed:88:b3:aa:af:40:a1:51:22:d5:e5:aa:
                    1f:a5:3f:23:24:89:cb:58:2b:01:aa:da:b8:3f:93:
                    c5:6f:3e:63:f3:15:a6:44:b3:c6:e4:94:2a:0a:15:
                    2b:bd:60:56:db:c2:13:1b:b9:2a:3d:84:33:85:bc:
                    13:22:69:c1:20:54:e9:e0:d1:87:50:13:27:3f:3d:
                    74:6f:ff:91:fc:83:ba:96:58:48:0b:76:ff:2b:c6:
                    df:18:c4:6e:35:97:ab:30:ba:44:cf:c5:cd:82:18:
                    c0:b6:23:ae:9a:89:8b:3b:84:02:ac:e2:f0:7b:8d:
                    b6:d5:bb:59:b3:c8:b0:fd:4d:7f:b4:73:5d:2e:3a:
                    91:34:aa:21:ab:66:6e:3b:7d:18:79:b2:97:e9:64:
                    59:83:1d:a4:67:74:fe:0b:13:9f:e5:08:96:2c:c7:
                    b3:a1:97:f3:29:43:40:90:3d:c2:af:0b:c2:9e:8a:
                    c6:bf:f4:2b:9a:e9:12:52:60:94:fd:91:d1:d9:a5:
                    3b:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:59:1A:68:E0:04:B9:D8:42:BE:98:9E:8A:C7:5E:FE:FA:E8:CE:9F
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jlkaaOAEudhCvpieisde_vrozp8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.227.0/24
                  193.124.47.0/24
                  193.124.95.0/24
                  193.124.200.0/24
                  194.58.66.0/24
                  194.87.26.0/24
                  194.87.128.0/24
                  194.87.170.0/24
                  194.87.224.0/24
                  194.87.229.0/24
                  194.135.33.0/24
                  195.58.54.0/24
                  195.58.63.0/24
                  195.133.25.0/24
                  195.133.27.0/24
                  195.133.74.0/24
                  195.133.84.0/24
                  212.192.1.0/24
                  212.192.214.0/24
                  212.192.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:a3:63:2a:e1:d7:d2:69:c3:3e:f5:96:b5:7b:41:be:a3:70:
         d2:46:d1:bc:c7:48:a9:f1:f7:ab:6e:1f:9a:91:8c:12:6a:21:
         9e:8a:d8:84:f1:27:88:37:51:7f:5f:99:44:dd:f1:41:c7:4b:
         3c:18:7a:ca:aa:cb:35:31:6d:7c:3b:bf:20:e7:96:3a:bc:b7:
         d6:4b:82:1b:cc:11:ce:a7:d9:a9:87:42:99:6b:b2:b6:6f:a4:
         a3:35:49:c3:65:b5:79:32:cb:af:7e:68:66:4b:b6:bd:52:8e:
         e0:19:cf:ac:9b:e4:ac:aa:e4:f0:ac:d9:f4:43:92:7a:a9:8c:
         58:00:2a:22:b9:6b:57:7a:bb:34:e8:8c:d5:19:92:0a:a7:dc:
         27:50:46:d5:d5:19:a2:f7:67:d4:3d:17:1e:40:62:5d:b1:f1:
         a7:cf:4c:b6:67:84:c4:5f:e8:45:04:55:4e:82:c1:1a:9f:9f:
         ba:d7:6b:e8:58:f2:38:05:81:8b:1d:ab:0b:74:2b:aa:66:99:
         79:7d:31:3b:e1:2c:2e:b9:eb:0d:7c:56:89:a7:d7:28:d3:b2:
         02:df:4c:d7:45:a9:a5:59:f4:ed:06:1f:91:dc:12:ba:0a:23:
         cb:23:ab:19:93:63:bb:47:d2:5e:5c:81:f8:f7:c0:66:08:93:
         17:22:d6:c2
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYzgSBAvr9qQVxAPe6yjAFClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTA2MTkzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTU5MWE2OGUwMDRiOWQ4NDJiZTk4OWU4YWM3NWVmZWZhZThjZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh43C1gAuaiFlvbAk/EyJqYIwYJkM
qGVkYO3RbGAKV/EiR1vH2JiaoXzgWA4BidTuRj9yK4/5pa1OUodnlXLtiLOqr0Ch
USLV5aofpT8jJInLWCsBqtq4P5PFbz5j8xWmRLPG5JQqChUrvWBW28ITG7kqPYQz
hbwTImnBIFTp4NGHUBMnPz10b/+R/IO6llhIC3b/K8bfGMRuNZerMLpEz8XNghjA
tiOumomLO4QCrOLwe4221btZs8iw/U1/tHNdLjqRNKohq2ZuO30YebKX6WRZgx2k
Z3T+CxOf5QiWLMezoZfzKUNAkD3CrwvCnorGv/QrmukSUmCU/ZHR2aU75wIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFI5ZGmjgBLnYQr6YnorHXv766M6fMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvamxrYWFPQUV1ZGhDdnBpZWlzZGVfdnJvenA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAPkzj
AwQAwXwvAwQAwXxfAwQAwXzIAwQAwjpCAwQAwlcaAwQAwleAAwQAwleqAwQAwlfg
AwQAwlflAwQAwochAwQAwzo2AwQAwzo/AwQAw4UZAwQAw4UbAwQAw4VKAwQAw4VU
AwQA1MABAwQA1MDWAwQA1MDeMA0GCSqGSIb3DQEBCwUAA4IBAQCQo2Mq4dfSacM+
9Za1e0G+o3DSRtG8x0ip8ferbh+akYwSaiGeitiE8SeIN1F/X5lE3fFBx0s8GHrK
qss1MW18O78g55Y6vLfWS4IbzBHOp9mph0KZa7K2b6SjNUnDZbV5MsuvfmhmS7a9
Uo7gGc+sm+SsquTwrNn0Q5J6qYxYACoiuWtXers06IzVGZIKp9wnUEbV1Rmi92fU
PRceQGJdsfGnz0y2Z4TEX+hFBFVOgsEan5+612voWPI4BYGLHasLdCuqZpl5fTE7
4SwuuesNfFaJp9co07IC30zXRamlWfTtBh+R3BK6CiPLI6sZk2O7R9JeXIH498Bm
CJMXItbC
-----END CERTIFICATE-----
Generated at Mon Jan 8 09:35:55 2024 by rpki-client on console-ams.rpki-client.org