Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vqP0S82Tfb0EYIek03oWrMHQG7Y.roa
File:                     vqP0S82Tfb0EYIek03oWrMHQG7Y.roa (raw, json)
Hash identifier:          Xete+H/npL3XPz0guhteN/kT1/28WbORjwDrNQ3JdoU=
Subject key identifier:   BE:A3:F4:4B:CD:93:7D:BD:04:60:87:A4:D3:7A:16:AC:C1:D0:1B:B6
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0189C09D8E0E223DEDB38CA86443403B6E87
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vqP0S82Tfb0EYIek03oWrMHQG7Y.roa
Signing time:             Fri 04 Aug 2023 12:54:58 +0000
ROA not before:           Fri 04 Aug 2023 12:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200385
IP address blocks:        193.124.227.0/24 maxlen: 24
                          193.124.18.0/24 maxlen: 24
                          62.76.235.0/24 maxlen: 24
                          194.87.230.0/24 maxlen: 24
                          194.87.240.0/24 maxlen: 24
                          194.87.23.0/24 maxlen: 24
                          194.87.243.0/24 maxlen: 24
                          193.124.49.0/24 maxlen: 24
                          212.192.10.0/24 maxlen: 24
                          194.87.160.0/24 maxlen: 24
                          195.133.37.0/24 maxlen: 24
                          212.192.249.0/24 maxlen: 24
                          194.87.53.0/24 maxlen: 24
                          194.87.85.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 07 Aug 2023 06:06:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:c0:9d:8e:0e:22:3d:ed:b3:8c:a8:64:43:40:3b:6e:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug  4 12:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bea3f44bcd937dbd046087a4d37a16acc1d01bb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:21:f6:70:a4:1e:98:c2:5c:ea:aa:3c:28:54:
                    d4:62:9c:ca:22:ee:da:40:7c:38:85:c4:7e:4b:d9:
                    68:1c:37:0a:b3:d2:d2:16:35:77:f3:7c:b8:bd:80:
                    99:7e:9f:ca:85:09:3b:97:53:07:4d:8b:6e:8f:ba:
                    34:e8:b6:08:44:69:5f:fc:6a:26:be:d5:4b:2e:a8:
                    1b:d5:c3:4f:b0:5a:8c:54:ff:8b:a5:4b:be:75:d5:
                    9a:1d:c9:ad:eb:9a:cc:6b:26:a2:7f:8e:2e:8d:87:
                    2f:88:15:39:68:ff:27:b3:e2:fe:9a:14:b7:f5:93:
                    b9:40:e7:19:13:22:db:99:ce:80:03:0f:3a:34:90:
                    c5:68:7a:18:ec:72:bd:05:24:63:90:b5:73:85:0d:
                    d8:10:e5:e7:fc:42:41:45:d8:00:be:3a:24:13:2c:
                    50:36:85:dd:b9:fc:d2:e1:df:ab:53:b9:58:6c:a4:
                    d4:45:e0:71:29:00:de:1f:90:d2:f7:1d:c9:ca:8c:
                    24:09:32:8f:2d:f7:a8:7a:0e:13:09:31:a4:6c:c9:
                    de:a0:34:22:1d:48:f1:bc:7b:d4:9a:08:ae:61:b5:
                    32:07:03:4f:34:b0:cd:48:8a:72:1f:3b:6d:7f:ee:
                    a1:d7:38:58:d4:af:cf:78:0a:29:ce:05:d3:a5:1a:
                    c1:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:A3:F4:4B:CD:93:7D:BD:04:60:87:A4:D3:7A:16:AC:C1:D0:1B:B6
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/vqP0S82Tfb0EYIek03oWrMHQG7Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.235.0/24
                  193.124.18.0/24
                  193.124.49.0/24
                  193.124.227.0/24
                  194.87.23.0/24
                  194.87.53.0/24
                  194.87.85.0/24
                  194.87.160.0/24
                  194.87.230.0/24
                  194.87.240.0/24
                  194.87.243.0/24
                  195.133.37.0/24
                  212.192.10.0/24
                  212.192.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:55:b8:89:7f:b8:19:a5:3b:cd:3d:42:43:ef:bc:7d:1f:6c:
         d1:de:fb:e8:a2:f1:c1:5d:02:96:3d:14:ca:22:c4:13:f6:fd:
         9b:bf:ec:1c:51:be:41:67:9e:b6:c2:7d:55:43:a6:e0:97:c6:
         82:79:d1:87:97:00:bb:31:23:d3:fa:f2:36:dc:f8:ef:2d:82:
         58:c0:9e:14:e4:7f:bf:86:88:12:c5:63:a1:ba:5f:78:3a:1b:
         19:ae:a3:2d:88:c1:11:a0:59:6a:03:bf:1b:f7:29:d8:12:11:
         82:09:42:3c:6f:5d:d6:4b:41:f0:46:8b:37:88:51:cb:d4:f0:
         a7:07:b0:80:1f:6a:41:c2:dc:71:b7:b2:10:bc:72:f2:04:5e:
         01:c4:bf:81:9a:23:9f:44:b8:6e:cd:86:94:90:79:6c:ab:90:
         3b:87:ce:1d:dd:1b:f9:65:f9:54:88:55:7b:04:40:2e:64:0b:
         64:06:3f:5f:cc:70:10:c8:fe:46:0b:80:50:38:33:e1:7b:26:
         a2:d7:cd:26:00:95:9a:1a:57:03:b1:ce:3e:2e:1f:25:04:01:
         a3:bf:dc:c3:3b:25:54:a9:8b:e9:5e:94:58:11:6c:a9:cd:af:
         44:de:d3:27:fa:5e:69:3e:e4:b2:9d:09:dd:39:39:e6:2f:6f:
         e6:3a:7c:75
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYnAnY4OIj3ts4yoZENAO26HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODA0MTI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWEzZjQ0YmNkOTM3ZGJkMDQ2MDg3YTRkMzdhMTZhY2MxZDAxYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCH2cKQemMJc6qo8KFTUYpzKIu7a
QHw4hcR+S9loHDcKs9LSFjV383y4vYCZfp/KhQk7l1MHTYtuj7o06LYIRGlf/Gom
vtVLLqgb1cNPsFqMVP+LpUu+ddWaHcmt65rMayaif44ujYcviBU5aP8ns+L+mhS3
9ZO5QOcZEyLbmc6AAw86NJDFaHoY7HK9BSRjkLVzhQ3YEOXn/EJBRdgAvjokEyxQ
NoXdufzS4d+rU7lYbKTUReBxKQDeH5DS9x3JyowkCTKPLfeoeg4TCTGkbMneoDQi
HUjxvHvUmgiuYbUyBwNPNLDNSIpyHzttf+6h1zhY1K/PeAopzgXTpRrBRQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFL6j9EvNk329BGCHpNN6FqzB0Bu2MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdnFQMFM4MlRmYjBFWUllazAzb1dyTUhRRzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAPkzrAwQA
wXwSAwQAwXwxAwQAwXzjAwQAwlcXAwQAwlc1AwQAwldVAwQAwlegAwQAwlfmAwQA
wlfwAwQAwlfzAwQAw4UlAwQA1MAKAwQA1MD5MA0GCSqGSIb3DQEBCwUAA4IBAQAi
VbiJf7gZpTvNPUJD77x9H2zR3vvoovHBXQKWPRTKIsQT9v2bv+wcUb5BZ562wn1V
Q6bgl8aCedGHlwC7MSPT+vI23PjvLYJYwJ4U5H+/hogSxWOhul94OhsZrqMtiMER
oFlqA78b9ynYEhGCCUI8b13WS0HwRos3iFHL1PCnB7CAH2pBwtxxt7IQvHLyBF4B
xL+BmiOfRLhuzYaUkHlsq5A7h84d3Rv5ZflUiFV7BEAuZAtkBj9fzHAQyP5GC4BQ
ODPheyai180mAJWaGlcDsc4+Lh8lBAGjv9zDOyVUqYvpXpRYEWypza9E3tMn+l5p
PuSynQndOTnmL2/mOnx1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:50 2024 by rpki-client on console-ams.rpki-client.org