Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tnnoYrWFIzoG6t2Sl5_rZJzoauE.roa
File:                     tnnoYrWFIzoG6t2Sl5_rZJzoauE.roa (raw, json)
Hash identifier:          voPVJW3QhCTh6qJLCEQzKz8lnhzOa3yadbHORe/3YGM=
Subject key identifier:   B6:79:E8:62:B5:85:23:3A:06:EA:DD:92:97:9F:EB:64:9C:E8:6A:E1
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0185B6C039513CC47DF82EB3541DC88CE25A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tnnoYrWFIzoG6t2Sl5_rZJzoauE.roa
Signing time:             Sun 15 Jan 2023 18:45:28 +0000
ROA not before:           Sun 15 Jan 2023 18:45:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2118
IP address blocks:        193.124.3.0/24 maxlen: 24
                          193.124.6.0/24 maxlen: 24
                          193.124.8.0/24 maxlen: 24
                          62.76.231.0/24 maxlen: 24
                          194.87.6.0/24 maxlen: 24
                          194.87.7.0/24 maxlen: 24
                          194.87.24.0/22 maxlen: 24
                          194.87.27.0/24 maxlen: 24
                          194.87.104.0/24 maxlen: 24
                          194.87.115.0/24 maxlen: 24
                          194.87.116.0/24 maxlen: 24
                          194.87.118.0/24 maxlen: 24
                          194.87.114.0/24 maxlen: 24
                          194.87.123.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.87.138.0/23 maxlen: 23
                          194.87.136.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.87.76.0/24 maxlen: 24
                          194.87.82.0/24 maxlen: 24
                          194.87.83.0/24 maxlen: 24
                          195.133.86.0/24 maxlen: 24
                          195.133.94.0/24 maxlen: 24
                          195.133.12.0/24 maxlen: 24
                          195.133.55.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24
                          195.133.195.0/24 maxlen: 24
                          212.193.12.0/24 maxlen: 24
                          194.58.38.0/24 maxlen: 24
                          194.58.39.0/24 maxlen: 24
                          194.58.42.0/24 maxlen: 24
                          194.58.46.0/23 maxlen: 24
                          194.58.45.0/24 maxlen: 24
                          195.58.50.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          195.58.52.0/22 maxlen: 22
                          195.58.58.0/24 maxlen: 24
                          195.58.56.0/21 maxlen: 24
                          195.58.61.0/24 maxlen: 24
                          194.58.59.0/24 maxlen: 24
                          195.58.62.0/24 maxlen: 24
                          212.193.0.0/24 maxlen: 24
                          194.58.155.0/24 maxlen: 24
                          194.87.202.0/24 maxlen: 24
                          194.87.208.0/23 maxlen: 24
                          194.87.222.0/23 maxlen: 24
                          194.87.233.0/24 maxlen: 24
                          212.192.0.0/23 maxlen: 24
                          194.87.149.0/24 maxlen: 24
                          192.124.172.0/24 maxlen: 24
                          194.87.165.0/24 maxlen: 24
                          194.87.163.0/24 maxlen: 24
                          192.124.178.0/24 maxlen: 24
                          192.124.181.0/24 maxlen: 24
                          192.124.180.0/22 maxlen: 24
                          192.124.182.0/23 maxlen: 24
                          194.87.171.0/24 maxlen: 24
                          212.192.30.0/24 maxlen: 24
                          192.124.190.0/24 maxlen: 24
                          194.87.176.0/24 maxlen: 24
                          193.124.203.0/24 maxlen: 24
                          194.87.190.0/24 maxlen: 24
                          194.87.198.0/24 maxlen: 24
                          193.124.207.0/24 maxlen: 24
                          194.87.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Jan 2023 07:04:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:b6:c0:39:51:3c:c4:7d:f8:2e:b3:54:1d:c8:8c:e2:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan 15 18:45:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b679e862b585233a06eadd92979feb649ce86ae1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:58:2d:5a:cf:2e:d1:ce:55:38:19:47:de:e6:
                    51:6c:b6:09:fa:59:bb:2e:4a:9d:de:8f:55:27:be:
                    97:d0:a2:c3:97:33:49:f8:94:96:8a:e3:3d:1d:8e:
                    1b:b1:e1:01:ae:5b:4b:ce:c7:b3:21:00:d0:bd:43:
                    53:21:65:4a:b5:ab:12:4b:60:5d:d9:51:48:25:59:
                    80:10:5d:99:0f:c9:41:21:82:48:c3:e4:bf:44:0d:
                    90:5e:85:42:63:de:a3:67:21:6d:3f:e8:e2:6f:e2:
                    4c:54:8f:00:4f:64:64:56:f4:e8:d5:15:4b:b8:c8:
                    2a:7d:51:7a:85:94:9f:6c:e8:6e:39:1b:6d:a8:8c:
                    f1:00:94:e8:be:cd:0d:83:1f:ac:9f:96:00:fd:2a:
                    07:f3:4c:a6:a2:10:49:01:f8:59:c5:79:2b:d6:0a:
                    72:00:51:10:89:cb:07:8c:a4:ff:8e:2c:50:6c:48:
                    ba:8b:41:a0:46:b5:7d:fd:ba:65:ac:8c:ac:9e:52:
                    f5:2e:7e:d7:3d:d6:4e:2c:2d:87:f1:d1:04:d0:55:
                    04:40:f4:d7:d2:dc:4e:4e:24:a9:98:43:89:6b:b0:
                    bb:ca:27:b5:b0:b5:fc:42:79:c2:86:39:f5:66:70:
                    7c:2d:22:c4:8d:0e:0f:e0:3b:4a:8c:29:fe:b6:a5:
                    cc:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:79:E8:62:B5:85:23:3A:06:EA:DD:92:97:9F:EB:64:9C:E8:6A:E1
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/tnnoYrWFIzoG6t2Sl5_rZJzoauE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.231.0/24
                  192.124.172.0/24
                  192.124.178.0/24
                  192.124.180.0/22
                  192.124.190.0/24
                  193.124.3.0/24
                  193.124.6.0/24
                  193.124.8.0/24
                  193.124.133.0/24
                  193.124.203.0/24
                  193.124.207.0/24
                  194.58.38.0/23
                  194.58.42.0/24
                  194.58.45.0-194.58.47.255
                  194.58.59.0/24
                  194.58.155.0/24
                  194.87.6.0/23
                  194.87.24.0/22
                  194.87.56.0/24
                  194.87.76.0/24
                  194.87.82.0/23
                  194.87.104.0/24
                  194.87.114.0-194.87.116.255
                  194.87.118.0/24
                  194.87.123.0/24
                  194.87.136.0/24
                  194.87.138.0/23
                  194.87.149.0/24
                  194.87.163.0/24
                  194.87.165.0/24
                  194.87.171.0/24
                  194.87.176.0/24
                  194.87.190.0/24
                  194.87.198.0/23
                  194.87.202.0/24
                  194.87.208.0/23
                  194.87.222.0/23
                  194.87.233.0/24
                  195.58.50.0/24
                  195.58.52.0-195.58.63.255
                  195.133.12.0/24
                  195.133.55.0/24
                  195.133.86.0/24
                  195.133.94.0/24
                  195.133.194.0/23
                  212.192.0.0/23
                  212.192.30.0/24
                  212.193.0.0/24
                  212.193.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:75:35:78:fc:55:0c:a5:7a:42:71:33:1a:e6:ee:ac:2a:35:
         83:d6:fb:9b:b1:f7:a4:64:1d:7a:f8:de:7a:08:02:5e:47:32:
         79:76:32:53:e1:2c:25:69:66:19:6b:25:83:52:fd:a9:15:1f:
         f8:a2:e5:36:ab:d7:44:7d:19:72:d1:e4:89:fc:17:3a:bc:79:
         3a:0d:e7:c8:fe:58:c5:2c:76:36:5d:af:c2:f1:ba:e3:8a:72:
         85:db:3f:c2:6f:83:06:07:ab:df:5f:c1:29:a1:ce:91:5f:4b:
         06:71:78:c4:b2:c2:35:ca:07:a3:16:1c:d9:b2:a6:3a:25:ff:
         33:80:5c:fc:b9:be:f9:9c:f5:6d:aa:8e:24:0e:94:b7:b1:9a:
         bd:2e:fc:cd:ca:bc:89:85:b9:70:28:e8:a2:47:4b:79:7d:9d:
         0d:66:db:27:c4:e2:51:29:33:ed:b8:c1:42:0f:64:52:18:c9:
         8f:5c:57:9b:1d:46:30:e4:14:c0:87:fb:70:e1:76:e6:72:6f:
         ae:55:c0:d9:88:11:66:b8:23:fa:24:d4:ef:dd:33:b8:30:27:
         b7:a2:4e:f6:6e:6c:c2:00:fc:7d:c2:ab:ff:c2:08:b8:13:7c:
         76:10:c4:a6:36:58:7c:27:f5:27:55:25:f7:2d:62:08:e7:7d:
         58:d8:f0:94
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAYW2wDlRPMR9+C6zVB3IjOJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE1MTg0NTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc5ZTg2MmI1ODUyMzNhMDZlYWRkOTI5NzlmZWI2NDljZTg2YWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFgtWs8u0c5VOBlH3uZRbLYJ+lm7
Lkqd3o9VJ76X0KLDlzNJ+JSWiuM9HY4bseEBrltLzsezIQDQvUNTIWVKtasSS2Bd
2VFIJVmAEF2ZD8lBIYJIw+S/RA2QXoVCY96jZyFtP+jib+JMVI8AT2RkVvTo1RVL
uMgqfVF6hZSfbOhuORttqIzxAJTovs0Ngx+sn5YA/SoH80ymohBJAfhZxXkr1gpy
AFEQicsHjKT/jixQbEi6i0GgRrV9/bplrIysnlL1Ln7XPdZOLC2H8dEE0FUEQPTX
0txOTiSpmEOJa7C7yie1sLX8QnnChjn1ZnB8LSLEjQ4P4DtKjCn+tqXMMwIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFLZ56GK1hSM6Burdkpef62Sc6GrhMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdG5ub1lyV0ZJem9HNnQyU2w1X3JaSnpvYXVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjCCAUYEAgABMIIB
PgMEAD5M5wMEAMB8rAMEAMB8sgMEAsB8tAMEAMB8vgMEAMF8AwMEAMF8BgMEAMF8
CAMEAMF8hQMEAMF8ywMEAMF8zwMEAcI6JgMEAMI6KjAMAwQAwjotAwQEwjogAwQA
wjo7AwQAwjqbAwQBwlcGAwQCwlcYAwQAwlc4AwQAwldMAwQBwldSAwQAwldoMAwD
BAHCV3IDBADCV3QDBADCV3YDBADCV3sDBADCV4gDBAHCV4oDBADCV5UDBADCV6MD
BADCV6UDBADCV6sDBADCV7ADBADCV74DBAHCV8YDBADCV8oDBAHCV9ADBAHCV94D
BADCV+kDBADDOjIwDAMEAsM6NAMEBsM6AAMEAMOFDAMEAMOFNwMEAMOFVgMEAMOF
XgMEAcOFwgMEAdTAAAMEANTAHgMEANTBAAMEANTBDDANBgkqhkiG9w0BAQsFAAOC
AQEAiXU1ePxVDKV6QnEzGuburCo1g9b7m7H3pGQdevjeeggCXkcyeXYyU+EsJWlm
GWslg1L9qRUf+KLlNqvXRH0ZctHkifwXOrx5Og3nyP5YxSx2Nl2vwvG644pyhds/
wm+DBger31/BKaHOkV9LBnF4xLLCNcoHoxYc2bKmOiX/M4Bc/Lm++Zz1baqOJA6U
t7GavS78zcq8iYW5cCjookdLeX2dDWbbJ8TiUSkz7bjBQg9kUhjJj1xXmx1GMOQU
wIf7cOF25nJvrlXA2YgRZrgj+iTU790zuDAnt6JO9m5swgD8fcKr/8IIuBN8dhDE
pjZYfCf1J1Ul9y1iCOd9WNjwlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:28 2024 by rpki-client on console-fra.rpki-client.org