Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wZpstix_vhjc31ZtUrUxLhaQTp0.roa
File:                     wZpstix_vhjc31ZtUrUxLhaQTp0.roa (raw, json)
Hash identifier:          5e4ZvqLRtz1l3JAOaYCPCKVa1r9XJ3OVlIaR3Dehn1k=
Subject key identifier:   C1:9A:6C:B6:2C:7F:BE:18:DC:DF:56:6D:52:B5:31:2E:16:90:4E:9D
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018E08DF7E3DB165C528FF352479E8F53F1C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wZpstix_vhjc31ZtUrUxLhaQTp0.roa
Signing time:             Mon 04 Mar 2024 09:50:48 +0000
ROA not before:           Mon 04 Mar 2024 09:50:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15731
IP address blocks:        192.124.178.0/24 maxlen: 24
                          192.124.189.0/24 maxlen: 24
                          193.124.16.0/24 maxlen: 24
                          193.124.80.0/24 maxlen: 24
                          193.124.133.0/24 maxlen: 24
                          194.58.47.0/24 maxlen: 24
                          194.87.1.0/24 maxlen: 24
                          194.87.11.0/24 maxlen: 24
                          194.87.18.0/24 maxlen: 24
                          194.87.21.0/24 maxlen: 24
                          194.87.30.0/24 maxlen: 24
                          194.87.56.0/24 maxlen: 24
                          194.87.114.0/23 maxlen: 23
                          194.87.114.0/24 maxlen: 24
                          194.87.122.0/24 maxlen: 24
                          194.87.131.0/24 maxlen: 24
                          194.87.134.0/23 maxlen: 23
                          194.87.179.0/24 maxlen: 24
                          195.58.58.0/23 maxlen: 23
                          195.58.62.0/23 maxlen: 23
                          195.133.0.0/24 maxlen: 24
                          195.133.84.0/23 maxlen: 23
                          212.192.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Mar 2024 10:32:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:08:df:7e:3d:b1:65:c5:28:ff:35:24:79:e8:f5:3f:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Mar  4 09:50:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c19a6cb62c7fbe18dcdf566d52b5312e16904e9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:b1:b8:7d:9e:48:54:e8:a7:e0:06:41:ee:88:
                    27:b8:e9:29:bb:05:b0:4c:9d:ce:fd:0f:bb:d6:63:
                    28:0f:32:7b:10:cc:bd:83:59:2b:fc:c2:e1:49:05:
                    17:8f:7d:10:c5:1b:03:8d:9b:21:55:54:d6:5b:93:
                    97:56:93:64:cb:86:2a:cc:80:14:8e:96:60:3b:70:
                    42:e4:78:18:57:30:dc:f5:83:e5:f3:a4:90:d1:70:
                    f9:9e:8f:c9:0c:5f:69:74:f4:56:c0:21:3a:f9:51:
                    14:5d:1d:4b:06:3f:fe:22:4b:c9:ac:0b:a1:77:21:
                    2f:7f:c8:5d:ad:57:11:3d:45:68:6c:e0:83:cf:ea:
                    37:12:b5:85:d9:d8:47:64:c7:f3:4e:22:65:e3:a8:
                    0d:47:bf:de:01:35:32:b4:70:32:08:b9:8a:36:3a:
                    0d:43:cc:98:b7:45:b7:a9:59:55:f7:2b:7b:b9:6e:
                    45:47:ec:7a:f5:65:52:6e:0e:11:38:1c:05:be:b3:
                    95:63:03:e5:33:3a:cd:bc:9b:63:1c:88:ea:db:2e:
                    db:01:71:65:33:e3:d6:08:f5:dd:d7:6d:56:80:06:
                    67:7e:a4:ce:a5:a2:ad:b9:d0:4a:83:9a:24:e2:58:
                    26:08:08:e4:f9:90:8c:3e:d5:05:33:d2:a1:69:8c:
                    b6:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:9A:6C:B6:2C:7F:BE:18:DC:DF:56:6D:52:B5:31:2E:16:90:4E:9D
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wZpstix_vhjc31ZtUrUxLhaQTp0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.124.178.0/24
                  192.124.189.0/24
                  193.124.16.0/24
                  193.124.80.0/24
                  193.124.133.0/24
                  194.58.47.0/24
                  194.87.1.0/24
                  194.87.11.0/24
                  194.87.18.0/24
                  194.87.21.0/24
                  194.87.30.0/24
                  194.87.56.0/24
                  194.87.114.0/23
                  194.87.122.0/24
                  194.87.131.0/24
                  194.87.134.0/23
                  194.87.179.0/24
                  195.58.58.0/23
                  195.58.62.0/23
                  195.133.0.0/24
                  195.133.84.0/23
                  212.192.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:b1:d9:c1:6e:8a:a4:54:a1:32:9c:58:81:e4:14:a9:eb:1e:
         0b:1b:95:73:71:c5:06:17:d6:52:cd:81:ec:bc:76:13:b3:9d:
         19:31:79:56:84:5a:f6:9a:1b:7d:f8:b4:c7:97:b9:39:c3:64:
         8a:96:58:1d:81:13:44:91:0a:e8:dc:26:43:68:cf:64:00:68:
         21:9f:b1:f6:c4:0d:35:84:71:13:1e:b8:8d:84:dc:1a:59:7f:
         70:f3:a4:7a:f2:cd:33:c2:ee:b2:c1:f2:c7:12:fa:42:b7:ee:
         ee:71:18:5d:e5:d3:7c:9d:90:e2:aa:7e:58:73:5e:f5:ce:7a:
         12:a9:ab:28:b9:62:11:96:ba:e3:ed:08:6b:e5:ee:39:3e:33:
         f7:7f:d7:f1:fb:ee:aa:71:79:c5:75:d4:76:24:9d:1f:68:3e:
         79:a5:de:2f:6c:bc:c8:49:57:5e:19:56:23:6a:ac:45:d4:7a:
         a2:3f:28:9e:bc:ea:54:d6:5e:5f:5b:ce:73:36:94:89:a4:e3:
         ed:78:3e:8a:d2:f8:e6:22:8b:59:3d:99:d7:18:bd:1d:7c:42:
         66:76:8f:34:6f:f5:ff:7c:17:33:ae:e1:f0:22:5a:3a:5d:3f:
         b3:6f:e0:83:ad:7e:98:92:16:60:60:47:5e:d2:5a:45:f3:17:
         e1:38:0d:06
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY4I3349sWXFKP81JHno9T8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzA0MDk1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTlhNmNiNjJjN2ZiZTE4ZGNkZjU2NmQ1MmI1MzEyZTE2OTA0ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLG4fZ5IVOin4AZB7ognuOkpuwWw
TJ3O/Q+71mMoDzJ7EMy9g1kr/MLhSQUXj30QxRsDjZshVVTWW5OXVpNky4YqzIAU
jpZgO3BC5HgYVzDc9YPl86SQ0XD5no/JDF9pdPRWwCE6+VEUXR1LBj/+IkvJrAuh
dyEvf8hdrVcRPUVobOCDz+o3ErWF2dhHZMfzTiJl46gNR7/eATUytHAyCLmKNjoN
Q8yYt0W3qVlV9yt7uW5FR+x69WVSbg4ROBwFvrOVYwPlMzrNvJtjHIjq2y7bAXFl
M+PWCPXd121WgAZnfqTOpaKtudBKg5ok4lgmCAjk+ZCMPtUFM9KhaYy22wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFMGabLYsf74Y3N9WbVK1MS4WkE6dMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd1pwc3RpeF92aGpjMzFadFVyVXhMaGFRVHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADCOi8DBADCVwEDBADCVwsDBADC
VxIDBADCVxUDBADCVx4DBADCVzgDBAHCV3IDBADCV3oDBADCV4MDBAHCV4YDBADC
V7MDBAHDOjoDBAHDOj4DBADDhQADBAHDhVQDBADUwN4wDQYJKoZIhvcNAQELBQAD
ggEBAICx2cFuiqRUoTKcWIHkFKnrHgsblXNxxQYX1lLNgey8dhOznRkxeVaEWvaa
G334tMeXuTnDZIqWWB2BE0SRCujcJkNoz2QAaCGfsfbEDTWEcRMeuI2E3BpZf3Dz
pHryzTPC7rLB8scS+kK37u5xGF3l03ydkOKqflhzXvXOehKpqyi5YhGWuuPtCGvl
7jk+M/d/1/H77qpxecV11HYknR9oPnml3i9svMhJV14ZViNqrEXUeqI/KJ686lTW
Xl9bznM2lImk4+14PorS+OYii1k9mdcYvR18QmZ2jzRv9f98FzOu4fAiWjpdP7Nv
4IOtfpiSFmBgR17SWkXzF+E4DQY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:30 2024 by rpki-client on console-fra.rpki-client.org