Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qGrN-bbr-Khn-bccqBpu4Prd9Xc.roa
File:                     qGrN-bbr-Khn-bccqBpu4Prd9Xc.roa (raw, json)
Hash identifier:          Svf7IyscuEQN7yOdlTKaaj1W5Cip7cwhAGBLAVIVA9s=
Subject key identifier:   A8:6A:CD:F9:B6:EB:F8:A8:67:F9:B7:1C:A8:1A:6E:E0:FA:DD:F5:77
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0189981651DE7CF53BFFB91AC328A62CCF23
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qGrN-bbr-Khn-bccqBpu4Prd9Xc.roa
Signing time:             Thu 27 Jul 2023 16:02:26 +0000
ROA not before:           Thu 27 Jul 2023 16:02:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200385
IP address blocks:        193.124.227.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          62.76.235.0/24 maxlen: 24
                          194.87.240.0/24 maxlen: 24
                          194.87.23.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          194.87.243.0/24 maxlen: 24
                          193.124.49.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          194.87.160.0/24 maxlen: 24
                          195.133.37.0/24 maxlen: 24
                          212.192.249.0/24 maxlen: 24
                          194.87.53.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 03 Aug 2023 15:03:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:98:16:51:de:7c:f5:3b:ff:b9:1a:c3:28:a6:2c:cf:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jul 27 16:02:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a86acdf9b6ebf8a867f9b71ca81a6ee0faddf577
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:15:8c:3b:20:f6:7a:39:5f:76:41:2c:89:3c:
                    c5:09:ca:ba:8d:4b:99:03:94:63:df:6c:e3:33:f7:
                    55:2f:7b:78:a3:55:7b:cc:7d:2e:df:2a:2d:14:6a:
                    b2:91:84:d7:0e:d7:9c:5f:de:99:bd:6e:03:88:dd:
                    2e:c7:eb:90:41:14:37:52:d5:1a:a7:f8:a2:42:00:
                    f1:57:ee:ed:2f:9b:7a:38:3a:e7:c5:f7:99:66:d0:
                    0a:76:5d:96:63:31:2c:0a:9a:c8:80:6b:09:cf:71:
                    fa:d3:f0:d9:3e:85:63:22:a4:6e:79:2c:18:39:30:
                    c4:ec:af:f7:13:32:d9:78:d1:b4:fe:08:c8:be:8d:
                    54:cf:66:a2:80:c0:6d:a4:21:77:3e:9d:11:9d:40:
                    de:7c:c8:3e:fc:7b:12:08:59:a1:5a:e4:e9:64:99:
                    8b:2e:3e:b9:8b:9f:cf:c5:96:04:24:5b:66:20:e5:
                    73:d5:70:4f:74:a7:6c:cd:68:e4:21:a3:ff:28:0e:
                    95:de:0e:13:c8:a7:a8:7e:f8:0a:6a:f4:34:ce:e8:
                    dc:f7:3f:b8:94:9c:f7:5a:7a:96:be:6f:f0:d3:da:
                    48:e2:85:5b:b9:49:23:e6:4c:bb:a7:a0:0e:12:0b:
                    84:a1:a0:83:df:19:75:1f:04:40:dc:7a:6e:df:ca:
                    94:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:6A:CD:F9:B6:EB:F8:A8:67:F9:B7:1C:A8:1A:6E:E0:FA:DD:F5:77
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qGrN-bbr-Khn-bccqBpu4Prd9Xc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.235.0/24
                  193.124.18.0/24
                  193.124.49.0/24
                  193.124.227.0/24
                  194.87.23.0/24
                  194.87.53.0/24
                  194.87.160.0/24
                  194.87.240.0/24
                  194.87.243.0/24
                  194.135.23.0/24
                  195.133.37.0/24
                  212.192.10.0/24
                  212.192.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:de:74:5b:62:88:70:b6:09:a9:02:2b:c9:a5:dd:fd:92:39:
         5b:af:77:0a:b8:ba:ed:df:b5:fa:a9:52:7b:c1:f7:47:08:85:
         60:cf:82:0f:b9:1e:96:a7:9d:6d:10:cf:28:a1:15:7e:3f:4b:
         21:5c:4a:2e:fe:08:81:f9:68:52:87:6a:43:7a:2b:e4:c7:31:
         41:fc:06:79:30:28:ac:6d:a9:8d:3b:ac:5f:c7:6c:e4:7b:b9:
         73:cc:be:12:e1:1a:5e:ca:13:0d:fa:ab:32:90:fe:59:6c:38:
         b2:24:3b:3e:4e:52:bf:9c:b0:b7:93:76:eb:ed:ab:85:1a:1b:
         25:4b:cd:e0:9e:44:ae:f8:20:2a:09:1c:a6:72:b2:76:71:83:
         f4:51:18:fd:d1:90:c7:a5:ab:f2:ec:ad:6b:c5:ce:07:5b:26:
         71:b9:05:f5:60:76:b4:8f:09:ce:f1:ec:f1:07:47:ef:7f:de:
         4c:fb:ae:1d:5c:cd:03:f5:3d:17:9f:29:8d:8a:54:38:7b:33:
         8f:4a:40:a9:b0:20:70:e1:9e:66:80:b6:f3:1a:93:ed:a2:13:
         50:a6:0e:19:e1:b4:ae:39:fe:a6:5a:db:51:ed:d6:86:d0:f1:
         8e:b0:30:70:04:5d:97:19:bd:4a:4a:aa:20:91:db:ad:62:ad:
         25:7e:e6:80
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYmYFlHefPU7/7kawyimLM8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzI3MTYwMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODZhY2RmOWI2ZWJmOGE4NjdmOWI3MWNhODFhNmVlMGZhZGRmNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohWMOyD2ejlfdkEsiTzFCcq6jUuZ
A5Rj32zjM/dVL3t4o1V7zH0u3yotFGqykYTXDtecX96ZvW4DiN0ux+uQQRQ3UtUa
p/iiQgDxV+7tL5t6ODrnxfeZZtAKdl2WYzEsCprIgGsJz3H60/DZPoVjIqRueSwY
OTDE7K/3EzLZeNG0/gjIvo1Uz2aigMBtpCF3Pp0RnUDefMg+/HsSCFmhWuTpZJmL
Lj65i5/PxZYEJFtmIOVz1XBPdKdszWjkIaP/KA6V3g4TyKeofvgKavQ0zujc9z+4
lJz3WnqWvm/w09pI4oVbuUkj5ky7p6AOEguEoaCD3xl1HwRA3Hpu38qUOwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFKhqzfm26/ioZ/m3HKgabuD63fV3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcUdyTi1iYnItS2huLWJjY3FCcHU0UHJkOVhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAPkzrAwQA
wXwSAwQAwXwxAwQAwXzjAwQAwlcXAwQAwlc1AwQAwlegAwQAwlfwAwQAwlfzAwQA
wocXAwQAw4UlAwQA1MAKAwQA1MD5MA0GCSqGSIb3DQEBCwUAA4IBAQCS3nRbYohw
tgmpAivJpd39kjlbr3cKuLrt37X6qVJ7wfdHCIVgz4IPuR6Wp51tEM8ooRV+P0sh
XEou/giB+WhSh2pDeivkxzFB/AZ5MCisbamNO6xfx2zke7lzzL4S4RpeyhMN+qsy
kP5ZbDiyJDs+TlK/nLC3k3br7auFGhslS83gnkSu+CAqCRymcrJ2cYP0URj90ZDH
pavy7K1rxc4HWyZxuQX1YHa0jwnO8ezxB0fvf95M+64dXM0D9T0XnymNilQ4ezOP
SkCpsCBw4Z5mgLbzGpPtohNQpg4Z4bSuOf6mWttR7daG0PGOsDBwBF2XGb1KSqog
kdutYq0lfuaA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:27 2024 by rpki-client on console-fra.rpki-client.org