Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/magLuOFM_er3LhWA_O-JvUDJyTU.roa
File:                     magLuOFM_er3LhWA_O-JvUDJyTU.roa (raw, json)
Hash identifier:          pG/hugNJlK408yUQsza6o1cOAo5xINOlq09lQOKMXxU=
Subject key identifier:   99:A8:0B:B8:E1:4C:FD:EA:F7:2E:15:80:FC:EF:89:BD:40:C9:C9:35
Certificate issuer:       /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial:       018E7FF940E6918C43D7D69AB0241E20BF0E
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/magLuOFM_er3LhWA_O-JvUDJyTU.roa
Signing time:             Wed 27 Mar 2024 12:53:45 +0000
ROA not before:           Wed 27 Mar 2024 12:53:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     56884
IP address blocks:        62.122.188.0/24 maxlen: 24
                          84.246.111.0/24 maxlen: 24
                          91.247.178.0/24 maxlen: 24
                          176.97.213.0/24 maxlen: 24
                          178.23.188.0/24 maxlen: 24
                          194.26.223.0/24 maxlen: 24
                          213.232.252.0/24 maxlen: 24
                          2a13:8e00::/29 maxlen: 29
                          2a13:9300::/29 maxlen: 29
                          2a13:a700::/29 maxlen: 29
                          2a13:b900::/29 maxlen: 29
                          2a13:da00::/29 maxlen: 29
                          2a13:e200::/29 maxlen: 29
                          2a13:e400::/29 maxlen: 29
                          2a13:fe00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 16:06:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:7f:f9:40:e6:91:8c:43:d7:d6:9a:b0:24:1e:20:bf:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
        Validity
            Not Before: Mar 27 12:53:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=99a80bb8e14cfdeaf72e1580fcef89bd40c9c935
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2e:1c:ec:68:fa:54:a1:24:0c:56:c4:1a:15:
                    58:03:8c:f5:5f:35:14:53:b5:cf:09:5f:1a:36:2f:
                    8f:db:37:6d:38:1d:59:49:7d:07:58:f0:61:83:85:
                    48:8f:cc:63:bd:59:3f:70:77:f4:30:17:c9:59:41:
                    47:2a:57:78:ed:a4:2a:e1:eb:b4:38:d2:70:07:0e:
                    12:52:b0:95:5e:84:c7:e6:ab:39:90:a3:98:dc:c1:
                    f8:2d:97:0c:02:5d:59:02:43:76:42:ac:5d:0c:d8:
                    31:b0:90:3c:6c:52:cc:57:66:2c:92:4f:3c:b7:ac:
                    e4:e4:98:05:29:1b:62:02:58:35:b0:d1:d1:90:28:
                    b4:3b:5d:33:96:0c:a2:31:27:0b:a2:d1:26:60:8f:
                    8c:95:98:66:6e:30:3f:76:ec:06:32:11:e8:98:6b:
                    f4:92:7d:7a:0d:bd:25:be:74:1f:6f:38:7a:e6:8b:
                    01:e7:ca:06:75:a2:26:9c:41:c7:7e:61:05:84:0d:
                    4d:c1:ee:a4:c9:3d:38:5e:51:dc:a5:56:ae:69:70:
                    c1:58:81:ba:59:92:18:e9:4b:2f:ab:b3:7d:99:8a:
                    a9:9a:01:91:65:77:29:ad:0c:e6:39:4f:84:2a:2e:
                    87:3f:15:cc:51:3f:24:b9:72:41:46:44:8b:d9:74:
                    f2:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:A8:0B:B8:E1:4C:FD:EA:F7:2E:15:80:FC:EF:89:BD:40:C9:C9:35
            X509v3 Authority Key Identifier:
                keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/magLuOFM_er3LhWA_O-JvUDJyTU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.122.188.0/24
                  84.246.111.0/24
                  91.247.178.0/24
                  176.97.213.0/24
                  178.23.188.0/24
                  194.26.223.0/24
                  213.232.252.0/24
                IPv6:
                  2a13:8e00::/29
                  2a13:9300::/29
                  2a13:a700::/29
                  2a13:b900::/29
                  2a13:da00::/29
                  2a13:e200::/29
                  2a13:e400::/29
                  2a13:fe00::/29

    Signature Algorithm: sha256WithRSAEncryption
         4f:f0:1d:4d:ac:d6:d9:fa:c3:e5:fa:97:85:0a:b8:9f:23:d8:
         e2:20:db:1e:77:b2:f5:15:10:56:11:2d:03:be:be:00:21:4c:
         3c:dd:46:58:b8:57:49:19:75:72:24:1d:32:89:e2:66:fe:21:
         08:d5:78:d6:29:e4:c8:b1:5e:51:aa:9e:3c:f5:ec:60:67:00:
         f8:78:0b:8c:0d:b3:5f:47:52:8d:57:65:9e:ab:10:cc:37:9d:
         66:a9:c7:ac:84:c1:56:36:87:3f:02:23:3a:be:27:11:4e:70:
         63:e9:43:18:77:c7:b3:79:18:75:c5:9a:cf:2e:54:4d:d7:7e:
         26:05:69:9f:de:30:33:87:5b:d3:c4:10:f4:d9:1b:b9:c1:85:
         8b:70:80:e5:34:b4:aa:a6:5b:41:d2:ff:6e:16:de:ae:22:00:
         c1:3e:0c:9f:da:bb:91:06:9d:07:35:7f:33:e0:d7:af:59:23:
         af:6a:4d:c9:22:17:80:4a:2f:f0:a2:30:3a:b1:19:4e:d0:31:
         9f:20:37:f3:bf:da:73:a4:bd:c5:36:60:0b:0b:2c:90:db:50:
         1e:0b:13:9f:20:75:9b:0e:0c:a7:88:2e:76:34:52:eb:68:8f:
         3b:b1:cf:99:0d:42:29:41:aa:c3:4e:a8:a1:ad:7c:e0:b1:85:
         ff:f4:7d:c1
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAY5/+UDmkYxD19aasCQeIL8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwMzI3MTI1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWE4MGJiOGUxNGNmZGVhZjcyZTE1ODBmY2VmODliZDQwYzljOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi4c7Gj6VKEkDFbEGhVYA4z1XzUU
U7XPCV8aNi+P2zdtOB1ZSX0HWPBhg4VIj8xjvVk/cHf0MBfJWUFHKld47aQq4eu0
ONJwBw4SUrCVXoTH5qs5kKOY3MH4LZcMAl1ZAkN2QqxdDNgxsJA8bFLMV2Yskk88
t6zk5JgFKRtiAlg1sNHRkCi0O10zlgyiMScLotEmYI+MlZhmbjA/duwGMhHomGv0
kn16Db0lvnQfbzh65osB58oGdaImnEHHfmEFhA1Nwe6kyT04XlHcpVauaXDBWIG6
WZIY6Usvq7N9mYqpmgGRZXcprQzmOU+EKi6HPxXMUT8kuXJBRkSL2XTyFQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFJmoC7jhTP3q9y4VgPzvib1Ayck1MB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvbWFnTHVPRk1fZXIzTGhXQV9PLUp2VURKeVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwMAQCAAEwKgMEAD56vAME
AFT2bwMEAFv3sgMEALBh1QMEALIXvAMEAMIa3wMEANXo/DA+BAIAAjA4AwUDKhOO
AAMFAyoTkwADBQMqE6cAAwUDKhO5AAMFAyoT2gADBQMqE+IAAwUDKhPkAAMFAyoT
/gAwDQYJKoZIhvcNAQELBQADggEBAE/wHU2s1tn6w+X6l4UKuJ8j2OIg2x53svUV
EFYRLQO+vgAhTDzdRli4V0kZdXIkHTKJ4mb+IQjVeNYp5MixXlGqnjz17GBnAPh4
C4wNs19HUo1XZZ6rEMw3nWapx6yEwVY2hz8CIzq+JxFOcGPpQxh3x7N5GHXFms8u
VE3XfiYFaZ/eMDOHW9PEEPTZG7nBhYtwgOU0tKqmW0HS/24W3q4iAME+DJ/au5EG
nQc1fzPg169ZI69qTckiF4BKL/CiMDqxGU7QMZ8gN/O/2nOkvcU2YAsLLJDbUB4L
E58gdZsODKeILnY0Uutojzuxz5kNQilBqsNOqKGtfOCxhf/0fcE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:58 2024 by rpki-client on console-ams.rpki-client.org