Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sxRHbqEilzH9erNwSYiykFc_qJI.roa
File:                     sxRHbqEilzH9erNwSYiykFc_qJI.roa (raw, json)
Hash identifier:          kVOpl3nYmbveRRTTeyNXn1WPAVEKH4M7eo9RnQ8j8Fw=
Subject key identifier:   B3:14:47:6E:A1:22:97:31:FD:7A:B3:70:49:88:B2:90:57:3F:A8:92
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0185E2AA1FAAADE209649D9A80E3205DC851
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sxRHbqEilzH9erNwSYiykFc_qJI.roa
Signing time:             Tue 24 Jan 2023 07:24:38 +0000
ROA not before:           Tue 24 Jan 2023 07:24:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        193.124.3.0/24 maxlen: 24
                          193.124.9.0/24 maxlen: 24
                          194.87.1.0/24 maxlen: 24
                          193.124.44.0/24 maxlen: 24
                          195.58.36.0/24 maxlen: 24
                          195.58.35.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          195.58.56.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          195.133.0.0/24 maxlen: 24
                          194.87.42.0/24 maxlen: 24
                          194.87.73.0/24 maxlen: 24
                          194.135.18.0/24 maxlen: 24
                          194.135.23.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          195.133.30.0/24 maxlen: 24
                          194.87.166.0/24 maxlen: 24
                          194.87.170.0/23 maxlen: 23
                          194.87.168.0/24 maxlen: 24
                          194.87.172.0/24 maxlen: 24
                          195.133.35.0/24 maxlen: 24
                          194.87.179.0/24 maxlen: 24
                          212.192.31.0/24 maxlen: 24
                          194.87.178.0/24 maxlen: 24
                          194.87.182.0/24 maxlen: 24
                          194.87.187.0/24 maxlen: 24
                          193.124.201.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 26 Jan 2023 08:25:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e2:aa:1f:aa:ad:e2:09:64:9d:9a:80:e3:20:5d:c8:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan 24 07:24:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b314476ea1229731fd7ab3704988b290573fa892
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:dc:08:45:29:1b:62:bf:64:9c:ed:c4:a9:af:
                    65:eb:f6:83:4e:db:4c:35:56:1a:d2:a8:c8:7f:a7:
                    4d:74:55:13:43:04:0f:21:67:ba:e7:fa:4e:5b:64:
                    66:4d:9d:2e:45:e2:b9:6a:52:46:81:40:1c:8e:83:
                    9a:d1:dc:0c:a0:7e:e0:63:9f:a9:67:44:dd:f6:62:
                    1d:0b:7d:02:1a:28:5c:2a:2f:ac:31:0f:95:3f:5c:
                    86:a1:d9:cf:b1:ed:08:17:c4:26:2b:e2:48:19:ff:
                    45:2e:ad:c0:3b:43:89:1a:93:8c:8b:bd:3c:8f:cf:
                    3f:60:41:38:6b:aa:22:e1:73:ec:cf:01:c9:5e:9e:
                    73:ca:61:64:64:ad:41:96:d0:a1:e0:2e:3a:38:47:
                    4b:8e:61:6e:23:8f:9c:4f:c4:a4:90:88:82:eb:bb:
                    25:b5:95:37:0c:52:09:e3:cf:dd:70:fa:56:3d:e6:
                    49:04:ba:62:9a:09:52:63:56:9e:90:73:81:af:51:
                    f6:ae:8c:9e:50:8e:97:53:fd:8f:0c:f7:5f:59:7a:
                    4a:da:56:cf:ba:09:ae:de:75:87:d2:ec:17:94:51:
                    7a:7e:76:75:38:72:dc:16:60:97:d8:0a:4a:45:9c:
                    2f:87:4f:f3:2a:5f:ee:41:18:19:64:50:3a:86:3a:
                    2f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:14:47:6E:A1:22:97:31:FD:7A:B3:70:49:88:B2:90:57:3F:A8:92
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sxRHbqEilzH9erNwSYiykFc_qJI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.3.0/24
                  193.124.9.0/24
                  193.124.44.0/24
                  193.124.201.0/24
                  194.87.1.0/24
                  194.87.42.0/24
                  194.87.73.0/24
                  194.87.130.0/23
                  194.87.166.0/24
                  194.87.168.0/24
                  194.87.170.0-194.87.172.255
                  194.87.178.0/23
                  194.87.182.0/24
                  194.87.187.0/24
                  194.135.18.0/24
                  194.135.23.0/24
                  195.58.35.0-195.58.36.255
                  195.58.50.0/24
                  195.58.56.0/24
                  195.133.0.0/24
                  195.133.30.0/24
                  195.133.35.0/24
                  195.133.195.0/24
                  212.192.10.0/24
                  212.192.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:57:46:13:a1:18:13:74:fd:fa:2c:36:a7:12:b7:ab:6c:64:
         15:4d:7d:a0:ec:ef:ab:c8:0d:76:c7:1a:6e:3c:1a:b0:d8:dd:
         71:db:84:06:f2:4a:f1:4b:1e:11:d8:1c:c8:2b:ae:b8:43:01:
         39:cd:bd:6c:34:b5:64:91:0c:8c:a4:6a:0d:66:bc:20:9b:ef:
         db:b9:b1:ba:5c:6b:a9:ba:92:88:68:7f:d5:66:9d:9e:45:22:
         bc:f6:9d:e6:b5:69:ca:a5:91:bf:42:0c:bc:93:3a:51:91:9a:
         bc:97:e0:26:2b:8a:5c:89:b3:11:70:68:61:6b:d9:25:d9:e9:
         38:05:fe:ee:e1:a1:a6:c2:f8:fc:b6:a0:f1:e7:35:bf:1a:48:
         ea:0d:05:a3:08:68:6a:2e:86:78:86:cd:31:5c:4e:d6:46:73:
         b2:76:86:37:86:54:ff:11:22:c7:79:e2:ec:8a:ce:8f:60:5a:
         40:ce:e3:54:b9:93:d9:8f:a9:f5:0b:ef:fd:e8:07:18:70:f9:
         72:20:12:12:36:27:e8:6b:55:28:4c:a8:bc:e6:0a:a8:02:d5:
         af:ce:41:67:0c:88:3b:d6:d2:4e:b9:af:a9:4c:81:2d:21:4e:
         c7:19:03:87:a9:c9:04:97:1c:49:1f:44:98:84:5a:39:69:64:
         66:e0:f8:18
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYXiqh+qreIJZJ2agOMgXchRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTI0MDcyNDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzE0NDc2ZWExMjI5NzMxZmQ3YWIzNzA0OTg4YjI5MDU3M2ZhODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydwIRSkbYr9knO3Eqa9l6/aDTttM
NVYa0qjIf6dNdFUTQwQPIWe65/pOW2RmTZ0uReK5alJGgUAcjoOa0dwMoH7gY5+p
Z0Td9mIdC30CGihcKi+sMQ+VP1yGodnPse0IF8QmK+JIGf9FLq3AO0OJGpOMi708
j88/YEE4a6oi4XPszwHJXp5zymFkZK1BltCh4C46OEdLjmFuI4+cT8SkkIiC67sl
tZU3DFIJ48/dcPpWPeZJBLpimglSY1aekHOBr1H2royeUI6XU/2PDPdfWXpK2lbP
ugmu3nWH0uwXlFF6fnZ1OHLcFmCX2ApKRZwvh0/zKl/uQRgZZFA6hjovbQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFLMUR26hIpcx/XqzcEmIspBXP6iSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc3hSSGJxRWlsekg5ZXJOd1NZaXlrRmNfcUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBADB
fAMDBADBfAkDBADBfCwDBADBfMkDBADCVwEDBADCVyoDBADCV0kDBAHCV4IDBADC
V6YDBADCV6gwDAMEAcJXqgMEAMJXrAMEAcJXsgMEAMJXtgMEAMJXuwMEAMKHEgME
AMKHFzAMAwQAwzojAwQAwzokAwQAwzoyAwQAwzo4AwQAw4UAAwQAw4UeAwQAw4Uj
AwQAw4XDAwQA1MAKAwQA1MAfMA0GCSqGSIb3DQEBCwUAA4IBAQB2V0YToRgTdP36
LDanErerbGQVTX2g7O+ryA12xxpuPBqw2N1x24QG8krxSx4R2BzIK664QwE5zb1s
NLVkkQyMpGoNZrwgm+/bubG6XGupupKIaH/VZp2eRSK89p3mtWnKpZG/Qgy8kzpR
kZq8l+AmK4pcibMRcGhha9kl2ek4Bf7u4aGmwvj8tqDx5zW/GkjqDQWjCGhqLoZ4
hs0xXE7WRnOydoY3hlT/ESLHeeLsis6PYFpAzuNUuZPZj6n1C+/96AcYcPlyIBIS
Nifoa1UoTKi85gqoAtWvzkFnDIg71tJOua+pTIEtIU7HGQOHqckElxxJH0SYhFo5
aWRm4PgY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:48 2024 by rpki-client on console-ams.rpki-client.org