Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qkwEvUDsxuNnFvpQPiwqlK6xguE.roa
File:                     qkwEvUDsxuNnFvpQPiwqlK6xguE.roa (raw, json)
Hash identifier:          +MS/ltDqq9ANltQ28vsC42WVr/LG/WPFdkJB48+1efM=
Subject key identifier:   AA:4C:04:BD:40:EC:C6:E3:67:16:FA:50:3E:2C:2A:94:AE:B1:82:E1
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018949ED7C5D314CCC3124B563D8734A2FB4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qkwEvUDsxuNnFvpQPiwqlK6xguE.roa
Signing time:             Wed 12 Jul 2023 11:47:27 +0000
ROA not before:           Wed 12 Jul 2023 11:47:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400377
IP address blocks:        195.133.82.0/24 maxlen: 24
                          193.124.45.0/24 maxlen: 24
                          194.87.165.0/24 maxlen: 24
                          192.124.183.0/24 maxlen: 24
                          194.58.58.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Jul 2023 11:53:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:49:ed:7c:5d:31:4c:cc:31:24:b5:63:d8:73:4a:2f:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jul 12 11:47:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aa4c04bd40ecc6e36716fa503e2c2a94aeb182e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f3:3e:7e:d4:d0:2d:f8:56:8d:cc:d0:4f:95:
                    db:22:34:46:e7:e6:5c:a0:cb:8c:8f:42:fe:06:19:
                    db:c7:a2:56:2a:f3:59:6c:59:f4:5e:95:cd:f3:5f:
                    06:b9:7e:65:17:e5:f0:c8:15:b7:de:1f:6e:c5:75:
                    19:18:57:46:5c:13:4f:68:ed:4f:53:31:38:a5:e2:
                    61:e2:24:54:43:52:27:c3:72:7a:f1:83:f5:ef:15:
                    c5:85:57:c4:31:f3:19:dd:3c:ef:e1:0e:6c:64:2c:
                    34:c2:47:80:9a:9f:0c:eb:b0:75:1a:f9:15:a2:d4:
                    b2:1d:a8:ef:7c:ce:a4:07:cd:36:6f:52:56:f8:f2:
                    45:79:e3:9b:97:86:d2:e5:2d:4f:ad:e6:dc:d0:db:
                    99:00:4c:b9:2a:4f:00:4e:66:91:0d:c4:50:c6:af:
                    03:aa:cb:e8:98:46:a8:d8:3b:a6:17:d3:3d:4b:3b:
                    3e:a0:18:c4:df:13:6b:fa:c9:a9:41:7b:3c:01:d2:
                    3c:12:2b:3f:3f:08:5f:45:d0:ef:3d:18:00:5b:03:
                    ff:3a:70:68:12:5f:3a:82:0f:1f:b3:16:3d:c1:8a:
                    c3:90:ae:6d:d2:fc:13:39:62:de:19:70:8d:24:15:
                    d2:7e:a0:4f:8f:e0:03:a4:ac:1a:1c:ae:0c:a6:eb:
                    ed:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:4C:04:BD:40:EC:C6:E3:67:16:FA:50:3E:2C:2A:94:AE:B1:82:E1
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qkwEvUDsxuNnFvpQPiwqlK6xguE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.183.0/24
                  193.124.45.0/24
                  194.58.58.0/24
                  194.87.165.0/24
                  195.133.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:5d:7d:bc:c5:16:12:82:ed:e2:d3:5b:89:75:54:f7:b2:d1:
         a8:cb:cd:f6:30:dd:75:a6:67:67:dc:78:38:ed:79:73:32:3f:
         a5:ce:1d:48:f4:8c:2a:22:dc:0c:50:46:28:0f:ea:5a:dd:5f:
         3c:39:71:6d:7c:46:37:5c:5b:9d:90:24:69:91:c8:d6:ae:99:
         2f:42:c2:8b:7d:0d:e7:87:d9:8d:73:d0:d9:32:4f:d6:17:25:
         95:1c:56:f4:0d:86:56:c6:ed:2b:c7:51:21:ec:cd:c3:b3:ed:
         07:2a:86:03:cf:69:9f:03:1e:4d:75:c3:aa:6a:68:7c:52:d9:
         2c:96:d4:d9:49:37:73:09:9c:77:74:3b:f0:49:ea:4e:1d:40:
         7e:c9:6c:6a:e7:6a:1d:bb:51:1b:78:8a:07:99:38:51:0b:65:
         0b:08:bb:18:69:24:77:d7:ef:c4:a1:d5:75:1d:e8:11:ad:a7:
         8d:c3:54:13:bd:80:78:b2:08:56:f4:f0:df:cc:d1:2b:84:f0:
         e6:f4:4e:2c:1e:a9:7a:ea:49:59:09:c8:ef:94:e4:ce:fd:b3:
         dc:dd:61:ee:84:39:c3:31:f8:79:0d:d8:cf:60:e6:7e:db:12:
         24:14:07:5f:8a:35:55:0a:55:45:21:5e:83:7a:97:15:2c:2b:
         2d:2d:52:de
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYlJ7XxdMUzMMSS1Y9hzSi+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzEyMTE0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTRjMDRiZDQwZWNjNmUzNjcxNmZhNTAzZTJjMmE5NGFlYjE4MmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvM+ftTQLfhWjczQT5XbIjRG5+Zc
oMuMj0L+Bhnbx6JWKvNZbFn0XpXN818GuX5lF+XwyBW33h9uxXUZGFdGXBNPaO1P
UzE4peJh4iRUQ1Inw3J68YP17xXFhVfEMfMZ3Tzv4Q5sZCw0wkeAmp8M67B1GvkV
otSyHajvfM6kB802b1JW+PJFeeObl4bS5S1Prebc0NuZAEy5Kk8ATmaRDcRQxq8D
qsvomEao2DumF9M9Szs+oBjE3xNr+smpQXs8AdI8Eis/PwhfRdDvPRgAWwP/OnBo
El86gg8fsxY9wYrDkK5t0vwTOWLeGXCNJBXSfqBPj+ADpKwaHK4MpuvtWwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKpMBL1A7MbjZxb6UD4sKpSusYLhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcWt3RXZVRHN4dU5uRnZwUVBpd3FsSzZ4Z3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwHy3AwQA
wXwtAwQAwjo6AwQAwlelAwQAw4VSMA0GCSqGSIb3DQEBCwUAA4IBAQA5XX28xRYS
gu3i01uJdVT3stGoy832MN11pmdn3Hg47XlzMj+lzh1I9IwqItwMUEYoD+pa3V88
OXFtfEY3XFudkCRpkcjWrpkvQsKLfQ3nh9mNc9DZMk/WFyWVHFb0DYZWxu0rx1Eh
7M3Ds+0HKoYDz2mfAx5NdcOqamh8UtksltTZSTdzCZx3dDvwSepOHUB+yWxq52od
u1EbeIoHmThRC2ULCLsYaSR31+/EodV1HegRraeNw1QTvYB4sghW9PDfzNErhPDm
9E4sHql66klZCcjvlOTO/bPc3WHuhDnDMfh5DdjPYOZ+2xIkFAdfijVVClVFIV6D
epcVLCstLVLe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:27 2024 by rpki-client on console-fra.rpki-client.org