Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tVFpW-0b8VZ7ny_rdt92vqWQjLs.roa
File:                     tVFpW-0b8VZ7ny_rdt92vqWQjLs.roa (raw, json)
Hash identifier:          LZhxcqgON/LnvPdd0WhSUWhZ0R8j13fVvuQr5TtH2Q4=
Subject key identifier:   B5:51:69:5B:ED:1B:F1:56:7B:9F:2F:EB:76:DF:76:BE:A5:90:8C:BB
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018D776C9BE80D2E15AD8232391103AE8FF0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tVFpW-0b8VZ7ny_rdt92vqWQjLs.roa
Signing time:             Mon 05 Feb 2024 04:00:22 +0000
ROA not before:           Mon 05 Feb 2024 04:00:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44559
IP address blocks:        62.76.227.0/24 maxlen: 24
                          62.76.233.0/24 maxlen: 24
                          185.72.10.0/24 maxlen: 24
                          192.124.188.0/24 maxlen: 24
                          192.124.209.0/24 maxlen: 24
                          193.124.4.0/24 maxlen: 24
                          194.58.41.0/24 maxlen: 24
                          194.87.33.0/24 maxlen: 24
                          194.87.76.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          194.87.90.0/24 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.115.0/24 maxlen: 24
                          194.87.128.0/24 maxlen: 24
                          194.87.130.0/24 maxlen: 24
                          194.87.138.0/24 maxlen: 24
                          194.87.161.0/24 maxlen: 24
                          194.87.178.0/24 maxlen: 24
                          194.87.187.0/24 maxlen: 24
                          194.87.200.0/24 maxlen: 24
                          194.87.208.0/24 maxlen: 24
                          194.87.226.0/24 maxlen: 24
                          194.87.229.0/24 maxlen: 24
                          194.87.231.0/24 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          194.87.250.0/24 maxlen: 24
                          195.58.38.0/24 maxlen: 24
                          195.133.31.0/24 maxlen: 24
                          195.133.35.0/24 maxlen: 24
                          195.133.73.0/24 maxlen: 24
                          212.192.8.0/24 maxlen: 24
                          212.193.1.0/24 maxlen: 24
                          212.193.5.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Feb 2024 05:11:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:77:6c:9b:e8:0d:2e:15:ad:82:32:39:11:03:ae:8f:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Feb  5 04:00:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b551695bed1bf1567b9f2feb76df76bea5908cbb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e5:bc:67:37:c0:2b:0b:5f:95:31:a0:ab:a0:
                    c8:94:7c:b3:9b:6a:32:03:58:cd:f8:7f:48:0c:42:
                    49:b0:44:e6:90:65:93:d4:42:1c:49:2b:93:35:5a:
                    68:57:6c:00:ad:b1:c8:db:5e:a6:71:05:f8:ef:93:
                    5c:8a:d0:a1:3d:7c:6a:10:9e:8f:d2:ce:43:95:cd:
                    52:bf:44:66:29:d1:e4:ec:d0:5d:ad:29:2a:2e:30:
                    46:ea:f0:70:00:6a:2b:3b:14:59:49:ab:af:d1:bd:
                    e6:ef:c4:8f:92:06:cb:fa:86:8f:70:e4:3c:95:a5:
                    b2:16:4a:5b:ef:10:08:01:28:a2:a5:0f:0a:ff:0e:
                    d8:9b:eb:7b:c8:9b:0d:2e:54:6e:df:38:45:43:a4:
                    d2:37:1a:c8:ad:57:8e:1d:be:18:e0:ca:08:6a:e2:
                    32:f6:4b:af:cc:34:75:2a:c3:77:31:46:e0:b1:14:
                    76:1b:c1:30:f7:96:d6:73:76:e8:05:63:d1:04:68:
                    16:a7:c1:46:9c:c4:c6:65:49:d8:71:d3:53:60:3f:
                    cf:df:98:38:30:41:37:09:5f:59:d6:13:b1:bf:0d:
                    42:2a:cc:53:5e:27:1c:9d:d4:19:e6:c0:10:b8:00:
                    52:4f:42:4a:e7:2a:de:c3:70:9e:b3:7e:11:11:50:
                    b0:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:51:69:5B:ED:1B:F1:56:7B:9F:2F:EB:76:DF:76:BE:A5:90:8C:BB
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tVFpW-0b8VZ7ny_rdt92vqWQjLs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.227.0/24
                  62.76.233.0/24
                  185.72.10.0/24
                  192.124.188.0/24
                  192.124.209.0/24
                  193.124.4.0/24
                  194.58.41.0/24
                  194.87.33.0/24
                  194.87.76.0/24
                  194.87.83.0/24
                  194.87.90.0/24
                  194.87.104.0/24
                  194.87.115.0/24
                  194.87.128.0/24
                  194.87.130.0/24
                  194.87.138.0/24
                  194.87.161.0/24
                  194.87.178.0/24
                  194.87.187.0/24
                  194.87.200.0/24
                  194.87.208.0/24
                  194.87.226.0/24
                  194.87.229.0/24
                  194.87.231.0/24
                  194.87.233.0/24
                  194.87.250.0/24
                  195.58.38.0/24
                  195.133.31.0/24
                  195.133.35.0/24
                  195.133.73.0/24
                  212.192.8.0/24
                  212.193.1.0/24
                  212.193.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:65:62:82:33:0f:1c:45:8a:f3:a9:78:e9:16:e0:74:f0:09:
         68:29:d4:c9:c4:cd:75:3a:75:cd:64:92:71:84:d1:1c:1c:c6:
         30:1a:14:e5:d7:2c:34:9c:32:e8:b5:b6:eb:38:f9:3b:62:f2:
         77:45:90:7f:c9:f7:88:96:28:f3:25:ff:e9:e1:c9:14:00:3a:
         7f:e4:8e:bd:df:bb:50:43:8e:ab:95:75:5c:3b:50:cb:a7:a8:
         33:f3:5e:1a:cd:04:74:e0:01:e4:c5:ad:e3:21:9b:07:84:25:
         77:4b:87:ec:71:e9:1c:79:22:06:7a:f3:0d:fe:61:84:52:8f:
         6c:1c:bb:72:da:b0:83:46:3d:09:e1:03:45:f6:3b:6f:db:18:
         c7:9e:a0:57:25:fe:15:82:f4:1e:52:24:b6:13:67:fb:d2:d2:
         ca:14:85:91:0f:77:73:54:a1:2b:65:26:53:64:73:cc:7a:c2:
         94:e6:42:02:91:d5:4e:99:35:80:a4:fe:98:1e:48:42:23:cf:
         be:bd:c1:af:7e:4c:1e:be:39:a1:6e:c0:2d:1d:e9:ae:12:96:
         29:8a:c6:d5:df:e3:05:b5:b8:2f:00:2e:5f:28:d0:58:71:6f:
         e4:cd:38:79:ea:20:9d:5b:6b:43:2c:f9:74:c8:6a:20:7f:c9:
         c5:02:a8:0a
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAY13bJvoDS4VrYIyOREDro/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA1MDQwMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTUxNjk1YmVkMWJmMTU2N2I5ZjJmZWI3NmRmNzZiZWE1OTA4Y2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOW8ZzfAKwtflTGgq6DIlHyzm2oy
A1jN+H9IDEJJsETmkGWT1EIcSSuTNVpoV2wArbHI216mcQX475NcitChPXxqEJ6P
0s5Dlc1Sv0RmKdHk7NBdrSkqLjBG6vBwAGorOxRZSauv0b3m78SPkgbL+oaPcOQ8
laWyFkpb7xAIASiipQ8K/w7Ym+t7yJsNLlRu3zhFQ6TSNxrIrVeOHb4Y4MoIauIy
9kuvzDR1KsN3MUbgsRR2G8Ew95bWc3boBWPRBGgWp8FGnMTGZUnYcdNTYD/P35g4
MEE3CV9Z1hOxvw1CKsxTXiccndQZ5sAQuABST0JK5yrew3Ces34REVCwCwIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFLVRaVvtG/FWe58v63bfdr6lkIy7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdFZGcFctMGI4Vlo3bnlfcmR0OTJ2cVdRakxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBAA+
TOMDBAA+TOkDBAC5SAoDBADAfLwDBADAfNEDBADBfAQDBADCOikDBADCVyEDBADC
V0wDBADCV1MDBADCV1oDBADCV2gDBADCV3MDBADCV4ADBADCV4IDBADCV4oDBADC
V6EDBADCV7IDBADCV7sDBADCV8gDBADCV9ADBADCV+IDBADCV+UDBADCV+cDBADC
V+kDBADCV/oDBADDOiYDBADDhR8DBADDhSMDBADDhUkDBADUwAgDBADUwQEDBADU
wQUwDQYJKoZIhvcNAQELBQADggEBAIRlYoIzDxxFivOpeOkW4HTwCWgp1MnEzXU6
dc1kknGE0RwcxjAaFOXXLDScMui1tus4+Tti8ndFkH/J94iWKPMl/+nhyRQAOn/k
jr3fu1BDjquVdVw7UMunqDPzXhrNBHTgAeTFreMhmweEJXdLh+xx6Rx5IgZ68w3+
YYRSj2wcu3LasINGPQnhA0X2O2/bGMeeoFcl/hWC9B5SJLYTZ/vS0soUhZEPd3NU
oStlJlNkc8x6wpTmQgKR1U6ZNYCk/pgeSEIjz769wa9+TB6+OaFuwC0d6a4SlimK
xtXf4wW1uC8ALl8o0Fhxb+TNOHnqIJ1ba0Ms+XTIaiB/ycUCqAo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org