Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qX8r6lOoYCL9k_hxAHBUg0wKI8E.roa
File:                     qX8r6lOoYCL9k_hxAHBUg0wKI8E.roa (raw, json)
Hash identifier:          xA5ssx9If7pkd5B7SlfCMVAyKq6q6gSyGbkSGh6C9Lk=
Subject key identifier:   A9:7F:2B:EA:53:A8:60:22:FD:93:F8:71:00:70:54:83:4C:0A:23:C1
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01894867D8B40A10AB67CADAEA8305EB7791
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qX8r6lOoYCL9k_hxAHBUg0wKI8E.roa
Signing time:             Wed 12 Jul 2023 04:41:52 +0000
ROA not before:           Wed 12 Jul 2023 04:41:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        212.193.12.0/24 maxlen: 24
                          193.124.5.0/24 maxlen: 24
                          62.76.225.0/24 maxlen: 24
                          195.133.79.0/24 maxlen: 24
                          195.133.14.0/24 maxlen: 24
                          195.58.35.0/24 maxlen: 24
                          194.87.178.0/24 maxlen: 24
                          194.87.114.0/24 maxlen: 24
                          194.87.121.0/24 maxlen: 24
                          194.87.129.0/24 maxlen: 24
                          194.87.51.0/24 maxlen: 24
                          194.87.52.0/24 maxlen: 24
                          194.87.54.0/24 maxlen: 24
                          194.87.81.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Jul 2023 09:47:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:48:67:d8:b4:0a:10:ab:67:ca:da:ea:83:05:eb:77:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jul 12 04:41:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a97f2bea53a86022fd93f871007054834c0a23c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:79:9d:5f:43:52:6b:dc:bd:48:05:45:e7:a5:
                    c0:83:8d:8f:f2:2c:42:4a:25:a6:22:c9:a2:c2:9c:
                    dc:64:f7:a9:bd:1a:29:62:f9:f9:e8:22:ad:3e:13:
                    46:9c:7f:4f:f2:a4:f5:75:91:ac:2f:2e:57:a9:5d:
                    cd:c6:07:d3:5d:c6:2b:9c:8f:7b:db:7f:01:33:b1:
                    37:9a:75:7c:52:e7:56:80:b3:00:6a:28:c5:ba:6b:
                    88:9b:70:c9:b4:6a:7f:c9:06:ad:85:39:01:41:1a:
                    a5:bc:8f:d4:87:2a:d4:89:70:43:ca:52:7f:89:5d:
                    5f:49:88:92:34:90:e6:11:e5:2c:75:d6:43:cb:43:
                    ec:dd:28:d5:f0:05:d5:81:1b:67:08:27:59:84:cd:
                    42:7e:b4:77:cd:6c:ae:9d:e5:6c:96:92:47:7a:d5:
                    61:1b:7f:08:2c:0d:39:2c:55:63:50:4c:ec:bd:ba:
                    34:db:c8:79:4b:e1:86:c8:ec:54:03:24:56:e9:05:
                    0f:b8:8c:4e:c0:85:a8:5f:41:9d:2c:28:9b:d0:1b:
                    ef:59:1f:53:c0:74:04:26:b5:b4:86:c8:84:62:23:
                    11:97:78:97:92:53:47:6e:6b:7d:10:c3:1a:4a:11:
                    98:ac:0c:40:97:1c:71:21:6e:92:74:aa:72:68:b6:
                    b8:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:7F:2B:EA:53:A8:60:22:FD:93:F8:71:00:70:54:83:4C:0A:23:C1
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qX8r6lOoYCL9k_hxAHBUg0wKI8E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.225.0/24
                  193.124.5.0/24
                  194.87.51.0-194.87.52.255
                  194.87.54.0/24
                  194.87.81.0/24
                  194.87.114.0/24
                  194.87.121.0/24
                  194.87.129.0/24
                  194.87.178.0/24
                  195.58.35.0/24
                  195.133.14.0/24
                  195.133.79.0/24
                  212.193.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:5c:62:ad:ee:50:63:58:2d:62:41:9d:0a:5c:6e:cb:5b:bb:
         3b:98:a0:b5:f4:97:d6:22:d9:23:38:aa:3c:29:0e:d1:2f:9c:
         8d:43:c9:cd:bd:40:6d:90:2a:9d:86:ae:c1:72:fb:59:35:7b:
         08:46:4c:25:8f:3f:da:64:8c:68:cf:38:1a:af:9b:b0:cb:10:
         f4:2b:ae:ec:4e:00:44:c9:62:ba:71:61:95:d8:a4:e8:25:af:
         b3:26:9b:f3:06:4c:63:9d:c5:ac:ee:fe:06:d8:ab:5f:38:12:
         14:d4:0c:cc:ca:ce:bb:ff:39:cf:23:be:84:ae:d4:6f:57:9b:
         0f:e9:79:0f:ea:3f:ae:20:a8:29:49:c3:53:7d:1b:21:ce:c0:
         ab:49:ee:d9:cc:00:cf:d2:40:8a:70:74:bd:a9:54:73:26:6b:
         75:af:9f:48:92:49:6b:02:dd:92:db:1a:30:3b:d3:9c:58:e4:
         f9:94:c0:75:32:f5:c2:1e:0c:55:fe:43:56:72:12:2d:ef:e7:
         d9:88:c7:21:b3:f9:d4:9c:43:aa:06:7f:e3:91:dc:e8:13:ff:
         af:46:82:0f:c6:54:86:68:59:eb:05:6f:e2:a9:1f:f4:70:b1:
         70:92:03:10:e5:cc:ba:7b:dc:92:74:1e:98:f6:fa:19:97:82:
         ff:e2:0e:7f
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYlIZ9i0ChCrZ8ra6oMF63eRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzEyMDQ0MTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTdmMmJlYTUzYTg2MDIyZmQ5M2Y4NzEwMDcwNTQ4MzRjMGEyM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHmdX0NSa9y9SAVF56XAg42P8ixC
SiWmIsmiwpzcZPepvRopYvn56CKtPhNGnH9P8qT1dZGsLy5XqV3NxgfTXcYrnI97
238BM7E3mnV8UudWgLMAaijFumuIm3DJtGp/yQathTkBQRqlvI/UhyrUiXBDylJ/
iV1fSYiSNJDmEeUsddZDy0Ps3SjV8AXVgRtnCCdZhM1CfrR3zWyuneVslpJHetVh
G38ILA05LFVjUEzsvbo028h5S+GGyOxUAyRW6QUPuIxOwIWoX0GdLCib0BvvWR9T
wHQEJrW0hsiEYiMRl3iXklNHbmt9EMMaShGYrAxAlxxxIW6SdKpyaLa4DQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFKl/K+pTqGAi/ZP4cQBwVINMCiPBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcVg4cjZsT29ZQ0w5a19oeEFIQlVnMHdLSThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAPkzhAwQA
wXwFMAwDBADCVzMDBADCVzQDBADCVzYDBADCV1EDBADCV3IDBADCV3kDBADCV4ED
BADCV7IDBADDOiMDBADDhQ4DBADDhU8DBADUwQwwDQYJKoZIhvcNAQELBQADggEB
AIZcYq3uUGNYLWJBnQpcbstbuzuYoLX0l9Yi2SM4qjwpDtEvnI1Dyc29QG2QKp2G
rsFy+1k1ewhGTCWPP9pkjGjPOBqvm7DLEPQrruxOAETJYrpxYZXYpOglr7Mmm/MG
TGOdxazu/gbYq184EhTUDMzKzrv/Oc8jvoSu1G9Xmw/peQ/qP64gqClJw1N9GyHO
wKtJ7tnMAM/SQIpwdL2pVHMma3Wvn0iSSWsC3ZLbGjA705xY5PmUwHUy9cIeDFX+
Q1ZyEi3v59mIxyGz+dScQ6oGf+OR3OgT/69Ggg/GVIZoWesFb+KpH/RwsXCSAxDl
zLp73JJ0Hpj2+hmXgv/iDn8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:27 2024 by rpki-client on console-fra.rpki-client.org