Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qEPu5EeseGpa8hjmUEtESz_7kAA.roa
File:                     qEPu5EeseGpa8hjmUEtESz_7kAA.roa (raw, json)
Hash identifier:          CvJtyvZQR6z5KXWN6MYk2OEzUcAAz8rGUvdfcVaz80w=
Subject key identifier:   A8:43:EE:E4:47:AC:78:6A:5A:F2:18:E6:50:4B:44:4B:3F:FB:90:00
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0186D95294C142886218F8CE98AB19600397
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qEPu5EeseGpa8hjmUEtESz_7kAA.roa
Signing time:             Mon 13 Mar 2023 04:55:13 +0000
ROA not before:           Mon 13 Mar 2023 04:55:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        193.124.3.0/24 maxlen: 24
                          62.76.225.0/24 maxlen: 24
                          193.124.6.0/24 maxlen: 24
                          193.124.8.0/24 maxlen: 24
                          193.124.9.0/24 maxlen: 24
                          62.76.233.0/24 maxlen: 24
                          194.87.1.0/24 maxlen: 24
                          194.87.2.0/24 maxlen: 24
                          194.87.3.0/24 maxlen: 24
                          62.76.230.0/23 maxlen: 23
                          193.124.16.0/24 maxlen: 24
                          194.87.7.0/24 maxlen: 24
                          194.87.11.0/24 maxlen: 24
                          194.87.12.0/24 maxlen: 24
                          194.87.16.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          193.124.44.0/24 maxlen: 24
                          194.87.26.0/23 maxlen: 23
                          194.87.36.0/24 maxlen: 24
                          194.87.37.0/24 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.114.0/23 maxlen: 23
                          194.87.122.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          194.87.138.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          193.124.80.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          193.124.93.0/24 maxlen: 24
                          195.133.26.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          195.133.35.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24
                          195.58.35.0/24 maxlen: 24
                          195.58.36.0/24 maxlen: 24
                          194.58.38.0/24 maxlen: 24
                          194.58.39.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          195.58.54.0/24 maxlen: 24
                          195.58.56.0/24 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          194.58.67.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          194.87.202.0/24 maxlen: 24
                          194.87.222.0/24 maxlen: 24
                          194.135.18.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          194.87.240.0/24 maxlen: 24
                          212.192.1.0/24 maxlen: 24
                          194.87.149.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          194.87.166.0/24 maxlen: 24
                          194.87.160.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          194.87.168.0/24 maxlen: 24
                          194.87.172.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          194.87.170.0/23 maxlen: 23
                          192.124.180.0/22 maxlen: 24
                          194.87.176.0/24 maxlen: 24
                          194.87.177.0/24 maxlen: 24
                          194.87.178.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          194.87.182.0/24 maxlen: 24
                          194.87.187.0/24 maxlen: 24
                          194.87.190.0/24 maxlen: 24
                          193.124.201.0/24 maxlen: 24
                          193.124.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 Mar 2023 04:49:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:d9:52:94:c1:42:88:62:18:f8:ce:98:ab:19:60:03:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Mar 13 04:55:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a843eee447ac786a5af218e6504b444b3ffb9000
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c7:92:98:fc:8f:27:22:a9:0f:40:41:5b:a2:
                    ba:c7:37:8e:4b:8a:d8:71:7e:42:0b:23:14:7c:87:
                    45:31:93:9e:ed:f9:77:84:3e:5a:63:df:51:db:db:
                    35:e5:33:c6:97:79:ae:a6:98:68:4f:5a:62:7b:6f:
                    fc:47:58:5a:c2:27:57:a7:3b:ea:26:c1:4d:b1:dc:
                    e6:77:84:81:da:46:bc:33:e2:20:bf:18:49:ce:ee:
                    cc:db:1e:37:ba:83:fe:b9:54:5e:ad:a6:57:3c:16:
                    2b:50:e9:9b:34:ef:71:c6:17:21:8e:c1:fb:5e:32:
                    5e:77:52:7b:e6:df:59:d4:4d:4e:21:03:c6:96:4b:
                    c6:d5:d0:89:bc:aa:bf:aa:5b:25:db:14:1b:06:04:
                    64:b9:b3:39:13:fd:06:42:19:7a:29:08:75:72:d4:
                    38:69:4b:31:0d:47:92:79:45:91:20:2d:b1:28:bc:
                    77:19:d1:9b:ab:17:a5:4b:17:7b:da:ad:41:fe:98:
                    1b:68:7f:59:81:cd:fc:35:fe:e3:a3:1d:ef:34:78:
                    eb:ca:9a:d2:8c:9b:46:bb:6e:e9:67:4c:47:fd:a1:
                    bd:76:99:e3:18:bf:e6:88:5b:4f:3b:da:2f:a5:9f:
                    ac:60:db:11:0d:3d:09:e9:19:e6:52:a3:2a:b2:95:
                    fc:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:43:EE:E4:47:AC:78:6A:5A:F2:18:E6:50:4B:44:4B:3F:FB:90:00
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qEPu5EeseGpa8hjmUEtESz_7kAA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.225.0/24
                  62.76.230.0/23
                  62.76.233.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  193.124.3.0/24
                  193.124.6.0/24
                  193.124.8.0/23
                  193.124.16.0/24
                  193.124.44.0/24
                  193.124.80.0/24
                  193.124.93.0/24
                  193.124.201.0/24
                  193.124.207.0/24
                  194.58.38.0/23
                  194.58.47.0/24
                  194.58.59.0/24
                  194.58.67.0/24
                  194.87.1.0-194.87.3.255
                  194.87.7.0/24
                  194.87.11.0-194.87.12.255
                  194.87.16.0/24
                  194.87.24.0/22
                  194.87.36.0/23
                  194.87.56.0/24
                  194.87.73.0/24
                  194.87.83.0/24
                  194.87.104.0/24
                  194.87.114.0/23
                  194.87.122.0/24
                  194.87.130.0/23
                  194.87.138.0/24
                  194.87.149.0/24
                  194.87.160.0/24
                  194.87.166.0/24
                  194.87.168.0/24
                  194.87.170.0-194.87.172.255
                  194.87.176.0/22
                  194.87.182.0/24
                  194.87.187.0/24
                  194.87.190.0/24
                  194.87.200.0/24
                  194.87.202.0/24
                  194.87.222.0/24
                  194.87.240.0/24
                  194.135.18.0/24
                  194.135.23.0/24
                  195.58.35.0-195.58.36.255
                  195.58.50.0/24
                  195.58.54.0/24
                  195.58.56.0/24
                  195.133.0.0/24
                  195.133.26.0/24
                  195.133.30.0/24
                  195.133.35.0/24
                  195.133.194.0/23
                  212.192.1.0/24
                  212.192.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:4b:b6:e1:94:99:b3:f3:d6:34:18:8c:aa:27:a1:1b:72:95:
         9c:15:6b:e7:e1:55:a0:57:06:5b:f6:48:ce:82:d2:c6:25:b7:
         f0:ec:6c:01:b8:ba:d7:68:d3:73:93:91:50:45:6c:eb:c4:03:
         7a:ce:fe:16:77:7d:f1:00:69:28:47:e9:34:65:f9:d4:fa:5e:
         85:ab:b3:56:6f:dd:02:20:5e:be:7e:23:48:cf:c3:bb:eb:d8:
         ff:61:c1:bc:2f:42:a6:ec:b7:38:bb:84:62:a4:f4:f1:7a:62:
         07:24:00:aa:a4:58:2b:70:e4:97:7a:0f:1f:cd:ed:28:c3:30:
         93:11:29:d1:43:d4:7e:0a:a3:72:b1:b4:4b:86:67:1c:42:0c:
         c8:22:fa:a6:ba:83:7d:07:20:eb:06:60:a5:79:f0:63:c5:97:
         89:b0:66:3a:c4:fb:26:64:bd:19:5e:b8:d0:01:aa:83:dd:e4:
         8d:c7:11:b5:81:e8:3e:50:64:9f:0b:00:13:72:48:0e:a6:f3:
         19:84:7b:27:ca:a1:db:c3:e9:66:87:c8:45:6b:24:d4:c7:6c:
         db:dd:a6:15:b5:2a:d2:99:d8:f4:f8:c9:31:de:d0:d6:cb:31:
         08:ca:fa:80:51:30:c7:53:44:e0:89:3d:6c:62:cc:9e:35:fb:
         e9:3b:5e:f8
-----BEGIN CERTIFICATE-----
MIIGfTCCBWWgAwIBAgISAYbZUpTBQohiGPjOmKsZYAOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzEzMDQ1NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQzZWVlNDQ3YWM3ODZhNWFmMjE4ZTY1MDRiNDQ0YjNmZmI5MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnceSmPyPJyKpD0BBW6K6xzeOS4rY
cX5CCyMUfIdFMZOe7fl3hD5aY99R29s15TPGl3mupphoT1pie2/8R1hawidXpzvq
JsFNsdzmd4SB2ka8M+IgvxhJzu7M2x43uoP+uVReraZXPBYrUOmbNO9xxhchjsH7
XjJed1J75t9Z1E1OIQPGlkvG1dCJvKq/qlsl2xQbBgRkubM5E/0GQhl6KQh1ctQ4
aUsxDUeSeUWRIC2xKLx3GdGbqxelSxd72q1B/pgbaH9Zgc38Nf7jox3vNHjryprS
jJtGu27pZ0xH/aG9dpnjGL/miFtPO9ovpZ+sYNsRDT0J6RnmUqMqspX8OwIDAQAB
o4IDiTCCA4UwHQYDVR0OBBYEFKhD7uRHrHhqWvIY5lBLREs/+5AAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcUVQdTVFZXNlR3BhOGhqbVVFdEVTel83a0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnQYIKwYBBQUHAQcBAf8EggGMMIIBiDCCAYQEAgABMIIB
fAMEAD5M4QMEAT5M5gMEAD5M6QMEAMB8sgMEAsB8tAMEAMF8AwMEAMF8BgMEAcF8
CAMEAMF8EAMEAMF8LAMEAMF8UAMEAMF8XQMEAMF8yQMEAMF8zwMEAcI6JgMEAMI6
LwMEAMI6OwMEAMI6QzAMAwQAwlcBAwQCwlcAAwQAwlcHMAwDBADCVwsDBADCVwwD
BADCVxADBALCVxgDBAHCVyQDBADCVzgDBADCV0kDBADCV1MDBADCV2gDBAHCV3ID
BADCV3oDBAHCV4IDBADCV4oDBADCV5UDBADCV6ADBADCV6YDBADCV6gwDAMEAcJX
qgMEAMJXrAMEAsJXsAMEAMJXtgMEAMJXuwMEAMJXvgMEAMJXyAMEAMJXygMEAMJX
3gMEAMJX8AMEAMKHEgMEAMKHFzAMAwQAwzojAwQAwzokAwQAwzoyAwQAwzo2AwQA
wzo4AwQAw4UAAwQAw4UaAwQAw4UeAwQAw4UjAwQBw4XCAwQA1MABAwQA1MAKMA0G
CSqGSIb3DQEBCwUAA4IBAQA9S7bhlJmz89Y0GIyqJ6EbcpWcFWvn4VWgVwZb9kjO
gtLGJbfw7GwBuLrXaNNzk5FQRWzrxAN6zv4Wd33xAGkoR+k0ZfnU+l6Fq7NWb90C
IF6+fiNIz8O769j/YcG8L0Km7Lc4u4RipPTxemIHJACqpFgrcOSXeg8fze0owzCT
ESnRQ9R+CqNysbRLhmccQgzIIvqmuoN9ByDrBmClefBjxZeJsGY6xPsmZL0ZXrjQ
AaqD3eSNxxG1geg+UGSfCwATckgOpvMZhHsnyqHbw+lmh8hFayTUx2zb3aYVtSrS
mdj0+Mkx3tDWyzEIyvqAUTDHU0TgiT1sYsyeNfvpO174
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org