Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/iGxfUGfGF5de0GUeDOSOZkTP1MQ.roa
File:                     iGxfUGfGF5de0GUeDOSOZkTP1MQ.roa (raw, json)
Hash identifier:          f3zJ4uxGnQCN81zFSRozbmkbHbPb/vYemT5c1628MNE=
Subject key identifier:   88:6C:5F:50:67:C6:17:97:5E:D0:65:1E:0C:E4:8E:66:44:CF:D4:C4
Certificate issuer:       /CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
Certificate serial:       018CC9BB3E1AA3912CBC9B5E2FB96B3F202E
Authority key identifier: 0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/iGxfUGfGF5de0GUeDOSOZkTP1MQ.roa
Signing time:             Tue 02 Jan 2024 10:32:20 +0000
ROA not before:           Tue 02 Jan 2024 10:32:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48147
IP address blocks:        185.142.156.0/24 maxlen: 24
                          185.142.156.0/22 maxlen: 22
                          185.142.157.0/24 maxlen: 24
                          185.142.158.0/24 maxlen: 24
                          185.142.159.0/24 maxlen: 24
                          185.208.180.0/22 maxlen: 22
                          185.208.180.0/24 maxlen: 24
                          185.208.181.0/24 maxlen: 24
                          185.208.182.0/24 maxlen: 24
                          185.208.183.0/24 maxlen: 24
                          185.213.8.0/24 maxlen: 24
                          185.213.10.0/24 maxlen: 24
                          2a07:4284::/32 maxlen: 32
                          2a0b:3cc7::/32 maxlen: 32
                          2a07:4285::/32 maxlen: 32
                          2a07:4283::/32 maxlen: 32
                          2a0b:3cc0::/32 maxlen: 32
                          2a0b:3cc6::/32 maxlen: 32
                          2a07:4280::/29 maxlen: 29
                          2a07:4287::/32 maxlen: 32
                          2a0b:3cc5::/32 maxlen: 32
                          2a07:4281::/32 maxlen: 32
                          2a0b:3cc2::/32 maxlen: 32
                          2a0b:3cc3::/32 maxlen: 32
                          2a07:4280::/32 maxlen: 32
                          2a0b:3cc0::/29 maxlen: 29
                          2a0b:3cc1::/32 maxlen: 32
                          2a07:4282::/32 maxlen: 32
                          2a0b:3cc4::/32 maxlen: 32
                          2a07:4286::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 29 Feb 2024 11:52:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bb:3e:1a:a3:91:2c:bc:9b:5e:2f:b9:6b:3f:20:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
        Validity
            Not Before: Jan  2 10:32:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=886c5f5067c617975ed0651e0ce48e6644cfd4c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:a6:82:98:0c:92:ea:87:90:ae:b5:7b:31:47:
                    55:4c:c3:27:90:f6:aa:5a:f5:5c:09:77:4b:59:89:
                    95:58:ee:70:87:42:5d:2c:01:bc:86:6a:df:d1:a5:
                    2d:00:6c:db:b2:cd:65:de:e4:16:08:31:25:60:9f:
                    36:2e:fc:e5:2b:33:9a:c2:60:94:0b:eb:6f:49:43:
                    8e:35:ea:58:e8:4d:d7:e5:e4:7c:99:38:28:cb:e1:
                    e5:b9:a8:0c:4b:e5:56:99:7a:fb:e5:35:97:81:c1:
                    92:90:76:c0:6a:7f:64:d1:84:ec:58:da:1d:7c:25:
                    e5:c5:c0:3a:1d:da:5f:6e:3e:b6:dc:b6:c4:11:50:
                    0c:8e:a4:35:15:b0:6d:05:66:ed:b6:6d:0f:11:f6:
                    f2:62:d0:3a:a0:d2:c8:84:34:98:8a:dd:b5:1e:19:
                    d0:ce:44:29:72:28:44:e5:52:96:cb:b9:33:72:2d:
                    43:ac:ab:e1:15:c9:3a:23:62:15:7a:56:d6:27:65:
                    c4:0f:30:1f:98:ee:21:0e:00:c0:64:aa:f2:09:b3:
                    57:01:f8:61:81:a6:2e:e1:d9:70:58:aa:a3:de:97:
                    85:ea:29:22:d4:33:3d:cd:5b:00:07:c6:96:cc:49:
                    42:65:ba:fe:81:aa:b7:b7:82:1e:51:ce:9c:4e:a5:
                    ba:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:6C:5F:50:67:C6:17:97:5E:D0:65:1E:0C:E4:8E:66:44:CF:D4:C4
            X509v3 Authority Key Identifier:
                keyid:0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/iGxfUGfGF5de0GUeDOSOZkTP1MQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/C40btyeRyHhVDRudj-9WSsORk2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.142.156.0/22
                  185.208.180.0/22
                  185.213.8.0/24
                  185.213.10.0/24
                IPv6:
                  2a07:4280::/29
                  2a0b:3cc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         69:37:24:ad:4d:7d:3d:7a:5d:90:73:20:d8:c8:58:64:65:f1:
         b8:65:b1:9b:ae:e2:19:01:aa:1b:1f:d5:2c:56:fd:1d:45:04:
         17:ee:3f:a5:82:21:69:a7:38:74:59:72:af:66:7f:69:b6:88:
         15:c4:4a:be:e3:d5:46:f8:28:40:0c:45:df:6d:a0:35:f2:5e:
         8b:08:e2:40:88:11:5c:12:36:6b:be:18:4d:f3:0e:2b:03:6c:
         da:e0:70:d5:2c:02:36:79:f3:e4:81:f8:e8:1b:ef:14:92:e7:
         01:61:03:fd:0a:db:ba:94:b1:51:54:63:18:a1:52:70:ef:3a:
         80:67:ea:0f:da:a1:7f:8f:2e:17:35:c9:d3:2d:fa:9e:e6:11:
         2d:cd:39:d8:32:fd:00:c4:56:d0:2d:39:3d:e8:7f:3b:23:14:
         a7:04:27:c8:f1:86:66:bd:77:93:bc:8d:c2:70:ad:6e:77:d0:
         b3:94:f0:e3:d4:c7:74:24:33:c8:04:01:e2:6a:30:96:9e:e9:
         02:11:ee:06:3e:a8:32:15:3d:f0:c6:63:fc:cb:db:ef:2a:19:
         27:b7:13:16:5a:24:22:af:ea:29:ad:61:9a:45:1f:91:1e:67:
         c9:08:70:2e:b9:79:93:70:10:38:90:fe:c1:88:db:75:df:49:
         13:f0:6a:74
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzJuz4ao5EsvJteL7lrPyAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOGQxYmI3Mjc5MWM4Nzg1NTBkMWI5ZDhmZWY1NjRhYzM5
MTkzNjgwHhcNMjQwMTAyMTAzMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODZjNWY1MDY3YzYxNzk3NWVkMDY1MWUwY2U0OGU2NjQ0Y2ZkNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKaCmAyS6oeQrrV7MUdVTMMnkPaq
WvVcCXdLWYmVWO5wh0JdLAG8hmrf0aUtAGzbss1l3uQWCDElYJ82LvzlKzOawmCU
C+tvSUOONepY6E3X5eR8mTgoy+HluagMS+VWmXr75TWXgcGSkHbAan9k0YTsWNod
fCXlxcA6Hdpfbj623LbEEVAMjqQ1FbBtBWbttm0PEfbyYtA6oNLIhDSYit21HhnQ
zkQpcihE5VKWy7kzci1DrKvhFck6I2IVelbWJ2XEDzAfmO4hDgDAZKryCbNXAfhh
gaYu4dlwWKqj3peF6iki1DM9zVsAB8aWzElCZbr+gaq3t4IeUc6cTqW6ywIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFIhsX1BnxheXXtBlHgzkjmZEz9TEMB8GA1UdIwQY
MBaAFAuNG7cnkch4VQ0bnY/vVkrDkZNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMt
MDI3OGM1ZGMxNDkxLzEvaUd4ZlVHZkdGNWRlMEdVZURPU09aa1RQMU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMtMDI3OGM1ZGMxNDkx
LzEvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCuY6cAwQC
udC0AwQAudUIAwQAudUKMBQEAgACMA4DBQMqB0KAAwUDKgs8wDANBgkqhkiG9w0B
AQsFAAOCAQEAaTckrU19PXpdkHMg2MhYZGXxuGWxm67iGQGqGx/VLFb9HUUEF+4/
pYIhaac4dFlyr2Z/abaIFcRKvuPVRvgoQAxF322gNfJeiwjiQIgRXBI2a74YTfMO
KwNs2uBw1SwCNnnz5IH46BvvFJLnAWED/QrbupSxUVRjGKFScO86gGfqD9qhf48u
FzXJ0y36nuYRLc052DL9AMRW0C05Peh/OyMUpwQnyPGGZr13k7yNwnCtbnfQs5Tw
49THdCQzyAQB4mowlp7pAhHuBj6oMhU98MZj/Mvb7yoZJ7cTFlokIq/qKa1hmkUf
kR5nyQhwLrl5k3AQOJD+wYjbdd9JE/BqdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:55 2024 by rpki-client on console-fra.rpki-client.org