Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/34379TCcU7DjufH0bKJ7zFn4Nu0.roa
File:                     34379TCcU7DjufH0bKJ7zFn4Nu0.roa (raw, json)
Hash identifier:          dy5kEvgMhyj/g4xRKrJxcq+ORQzh4T1Ir1JkRTAg6eI=
Subject key identifier:   DF:8D:FB:F5:30:9C:53:B0:E3:B9:F1:F4:6C:A2:7B:CC:59:F8:36:ED
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       018E669AB4BA370AF7545FF2DFB64FB93EF4
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/34379TCcU7DjufH0bKJ7zFn4Nu0.roa
Signing time:             Fri 22 Mar 2024 14:39:58 +0000
ROA not before:           Fri 22 Mar 2024 14:39:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29262
IP address blocks:        62.182.32.0/24 maxlen: 24
                          62.182.33.0/24 maxlen: 24
                          62.182.34.0/24 maxlen: 24
                          62.182.35.0/24 maxlen: 24
                          85.235.72.0/23 maxlen: 23
                          85.235.74.0/23 maxlen: 23
                          185.254.54.0/24 maxlen: 24
                          185.254.55.0/24 maxlen: 24
                          193.38.44.0/23 maxlen: 23
                          193.38.46.0/23 maxlen: 23
                          194.56.186.0/23 maxlen: 23
                          194.169.92.0/23 maxlen: 23
                          194.169.92.0/24 maxlen: 24
                          194.169.93.0/24 maxlen: 24
                          194.169.94.0/23 maxlen: 23
                          194.169.94.0/24 maxlen: 24
                          194.169.95.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Mar 2024 19:41:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:66:9a:b4:ba:37:0a:f7:54:5f:f2:df:b6:4f:b9:3e:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Mar 22 14:39:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=df8dfbf5309c53b0e3b9f1f46ca27bcc59f836ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:99:c8:24:23:0a:5f:3b:9b:eb:e9:a5:7d:1b:
                    ff:13:0a:6f:fa:72:46:14:f9:4e:ae:43:3b:62:3d:
                    c8:cb:ba:36:ed:23:2c:2f:de:40:d6:11:d4:54:5d:
                    11:9a:07:37:c8:65:12:a8:8e:a1:dd:f9:a7:a9:7b:
                    6a:7e:e7:79:81:dc:b9:16:2f:b9:5d:79:84:80:ac:
                    b4:41:05:91:16:35:4b:c9:4b:5f:b1:65:1d:3e:83:
                    36:85:61:7c:1d:e7:8d:ff:22:d4:0d:bd:7f:c5:d2:
                    f2:09:3a:82:08:71:a6:be:8f:e9:06:e9:9a:2d:ce:
                    3d:68:94:ad:91:66:fc:40:24:34:ca:15:73:0a:00:
                    74:b5:bb:da:6a:18:4a:13:7d:a1:87:9d:7b:a9:49:
                    a5:d1:72:ce:a7:be:ce:66:9b:fa:5e:31:48:c8:7c:
                    ca:57:00:49:92:0f:a6:eb:bf:8b:af:01:e9:0b:ce:
                    39:ac:77:11:f0:b6:20:5f:a9:e9:93:94:7f:b7:50:
                    0e:e2:12:f2:16:63:a2:98:8f:23:6e:bf:d5:1f:7b:
                    b4:71:aa:33:33:7c:17:0d:df:a1:a1:34:0c:98:ce:
                    8e:4a:c5:fd:b5:10:03:92:47:45:b6:69:e6:37:e6:
                    e0:5e:6d:da:8a:8e:d9:2c:7f:d3:65:f3:24:6c:3a:
                    d2:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:8D:FB:F5:30:9C:53:B0:E3:B9:F1:F4:6C:A2:7B:CC:59:F8:36:ED
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/34379TCcU7DjufH0bKJ7zFn4Nu0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.182.32.0/22
                  85.235.72.0/22
                  185.254.54.0/23
                  193.38.44.0/22
                  194.56.186.0/23
                  194.169.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         96:fe:d4:65:e4:b6:7f:76:fa:82:8a:14:ba:01:d5:5b:43:c4:
         16:d2:4b:db:4e:aa:80:18:d3:c2:55:52:95:a9:d5:4a:d5:64:
         ab:58:e8:b9:90:92:ac:6d:a0:a3:69:f1:5c:64:1d:c5:40:35:
         f5:40:99:e4:dd:55:75:67:60:86:33:44:2a:b4:4a:b6:43:06:
         66:99:0e:46:3e:e9:73:f4:df:66:ee:38:78:40:85:9b:f5:f1:
         1a:2e:57:b8:53:01:4a:b9:3d:6f:54:93:a5:1d:9e:4d:d2:25:
         f3:9c:3e:a5:d5:d5:34:9e:c3:e4:e6:16:3d:49:77:a8:2e:37:
         e9:d6:09:e9:fd:7b:38:13:48:d6:21:3d:59:8a:4d:d3:f8:64:
         e9:83:85:f3:9d:06:43:52:f9:73:ba:fc:42:45:a4:3e:5f:50:
         9d:08:74:a9:82:d8:bd:4a:05:14:50:85:fe:b5:36:b7:53:d8:
         02:f1:1e:de:10:54:55:b7:1c:d8:2c:6d:1c:55:6f:69:34:bc:
         ae:8c:61:8a:ce:d5:29:2c:e0:8f:db:a9:d3:87:b0:f0:43:06:
         35:08:48:04:6e:23:b1:94:e8:a3:a8:72:d7:a3:68:d5:6c:55:
         52:0e:44:3a:71:9a:be:d3:8d:db:90:70:0c:1c:64:3d:b1:b6:
         96:a1:b0:0a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY5mmrS6Nwr3VF/y37ZPuT70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwMzIyMTQzOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjhkZmJmNTMwOWM1M2IwZTNiOWYxZjQ2Y2EyN2JjYzU5ZjgzNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZnIJCMKXzub6+mlfRv/Ewpv+nJG
FPlOrkM7Yj3Iy7o27SMsL95A1hHUVF0Rmgc3yGUSqI6h3fmnqXtqfud5gdy5Fi+5
XXmEgKy0QQWRFjVLyUtfsWUdPoM2hWF8HeeN/yLUDb1/xdLyCTqCCHGmvo/pBuma
Lc49aJStkWb8QCQ0yhVzCgB0tbvaahhKE32hh517qUml0XLOp77OZpv6XjFIyHzK
VwBJkg+m67+LrwHpC845rHcR8LYgX6npk5R/t1AO4hLyFmOimI8jbr/VH3u0caoz
M3wXDd+hoTQMmM6OSsX9tRADkkdFtmnmN+bgXm3aio7ZLH/TZfMkbDrSdwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN+N+/UwnFOw47nx9Gyie8xZ+DbtMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvMzQzNzlUQ2NVN0RqdWZIMGJLSjd6Rm40TnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCPrYgAwQC
VetIAwQBuf42AwQCwSYsAwQBwji6AwQCwqlcMA0GCSqGSIb3DQEBCwUAA4IBAQCW
/tRl5LZ/dvqCihS6AdVbQ8QW0kvbTqqAGNPCVVKVqdVK1WSrWOi5kJKsbaCjafFc
ZB3FQDX1QJnk3VV1Z2CGM0QqtEq2QwZmmQ5GPulz9N9m7jh4QIWb9fEaLle4UwFK
uT1vVJOlHZ5N0iXznD6l1dU0nsPk5hY9SXeoLjfp1gnp/Xs4E0jWIT1Zik3T+GTp
g4XznQZDUvlzuvxCRaQ+X1CdCHSpgti9SgUUUIX+tTa3U9gC8R7eEFRVtxzYLG0c
VW9pNLyujGGKztUpLOCP26nTh7DwQwY1CEgEbiOxlOijqHLXo2jVbFVSDkQ6cZq+
043bkHAMHGQ9sbaWobAK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org