Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/NBDcLImAKyY7QJ_prKozficUcqU.roa
File:                     NBDcLImAKyY7QJ_prKozficUcqU.roa (raw, json)
Hash identifier:          bA5hx3IuyKAQQ/dkWwvhTqevtBdDYU6InYlIFjkwfU0=
Subject key identifier:   34:10:DC:2C:89:80:2B:26:3B:40:9F:E9:AC:AA:33:7E:27:14:72:A5
Certificate issuer:       /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial:       01894A077A7558CD75715C0AC976CAE86E49
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/NBDcLImAKyY7QJ_prKozficUcqU.roa
Signing time:             Wed 12 Jul 2023 12:15:51 +0000
ROA not before:           Wed 12 Jul 2023 12:15:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200532
IP address blocks:        89.33.41.0/24 maxlen: 24
                          185.129.48.0/24 maxlen: 24
                          185.129.49.0/24 maxlen: 24
                          185.129.50.0/24 maxlen: 24
                          185.129.51.0/24 maxlen: 24
                          185.100.64.0/24 maxlen: 24
                          185.100.67.0/24 maxlen: 24
                          185.100.65.0/24 maxlen: 24
                          185.100.66.0/24 maxlen: 24
                          188.241.216.0/24 maxlen: 24
                          188.241.217.0/24 maxlen: 24
                          185.111.104.0/22 maxlen: 22
                          185.111.104.0/24 maxlen: 24
                          185.111.105.0/24 maxlen: 24
                          185.111.106.0/24 maxlen: 24
                          185.111.107.0/24 maxlen: 24
                          185.98.4.0/24 maxlen: 24
                          185.98.5.0/24 maxlen: 24
                          185.98.6.0/24 maxlen: 24
                          185.98.7.0/24 maxlen: 24
                          185.121.80.0/24 maxlen: 24
                          185.121.80.0/22 maxlen: 22
                          185.121.81.0/24 maxlen: 24
                          185.121.82.0/24 maxlen: 24
                          185.121.83.0/24 maxlen: 24
                          31.14.27.0/24 maxlen: 24
                          185.113.132.0/22 maxlen: 22
                          185.113.132.0/24 maxlen: 24
                          89.46.33.0/24 maxlen: 24
                          185.113.133.0/24 maxlen: 24
                          185.113.134.0/24 maxlen: 24
                          185.113.135.0/24 maxlen: 24
                          185.125.88.0/24 maxlen: 24
                          185.125.89.0/24 maxlen: 24
                          185.125.90.0/24 maxlen: 24
                          185.125.91.0/24 maxlen: 24
                          185.116.192.0/24 maxlen: 24
                          185.116.192.0/22 maxlen: 22
                          185.116.193.0/24 maxlen: 24
                          185.116.194.0/24 maxlen: 24
                          185.116.195.0/24 maxlen: 24
                          2a06:940::/56 maxlen: 56
                          2a06:942::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 03 Sep 2023 04:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:4a:07:7a:75:58:cd:75:71:5c:0a:c9:76:ca:e8:6e:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
        Validity
            Not Before: Jul 12 12:15:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3410dc2c89802b263b409fe9acaa337e271472a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:cd:1a:96:1e:18:f5:d5:13:38:0c:4f:18:60:
                    35:d2:f8:e3:e7:a1:b4:b3:47:07:05:a5:c9:00:bf:
                    6d:da:45:ab:e1:39:cb:42:73:db:9d:f9:49:69:25:
                    5a:bf:12:3e:ed:7a:86:fb:c4:1b:63:f6:66:a1:11:
                    d0:bf:a5:a6:4f:85:07:77:92:c0:9c:94:50:a2:fe:
                    20:f9:a3:42:f3:ee:96:31:aa:69:65:0d:9b:7e:9f:
                    d0:47:f5:02:a7:b7:2a:39:e7:2f:cf:c1:79:1e:8b:
                    d9:d4:0a:5f:f7:1a:59:d0:96:19:bd:cd:6b:ce:68:
                    0f:c9:7d:46:f0:b6:57:79:12:a0:73:da:6e:69:86:
                    f5:51:59:e3:42:6b:86:09:2d:cf:1f:a9:63:57:f0:
                    4e:ea:a0:28:40:c5:28:b3:51:8f:05:69:cd:53:0f:
                    40:c1:95:3e:eb:b0:d0:42:73:08:4f:6c:8f:98:09:
                    68:a1:14:9e:b7:e4:51:d2:72:b3:df:e2:3e:c0:38:
                    72:2c:9c:be:f2:6c:ca:8c:53:74:54:de:80:a2:63:
                    76:99:cc:95:d2:ff:08:c0:7d:de:94:13:1d:33:28:
                    a4:84:9c:9d:42:55:d0:f2:18:04:ef:3e:79:16:a3:
                    d1:5b:28:a7:46:5e:4f:7b:4c:ca:d1:ba:e7:4a:98:
                    4d:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:10:DC:2C:89:80:2B:26:3B:40:9F:E9:AC:AA:33:7E:27:14:72:A5
            X509v3 Authority Key Identifier:
                keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/NBDcLImAKyY7QJ_prKozficUcqU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.14.27.0/24
                  89.33.41.0/24
                  89.46.33.0/24
                  185.98.4.0/22
                  185.100.64.0/22
                  185.111.104.0/22
                  185.113.132.0/22
                  185.116.192.0/22
                  185.121.80.0/22
                  185.125.88.0/22
                  185.129.48.0/22
                  188.241.216.0/23
                IPv6:
                  2a06:940::/56
                  2a06:942::/48

    Signature Algorithm: sha256WithRSAEncryption
         8a:7e:fe:7c:99:a9:84:66:89:8f:b5:c0:b9:43:57:7e:0d:d4:
         9e:81:58:7f:26:03:6d:1e:55:44:43:2b:20:89:3f:a7:28:21:
         64:6f:4d:b2:e3:70:43:22:b1:69:e4:d2:b8:67:53:37:20:81:
         cd:15:2f:0f:64:ea:df:35:08:51:f5:8b:ed:d6:b4:88:0f:dc:
         2f:55:2d:9d:18:86:30:8b:75:6f:88:a9:e3:67:ad:a8:cb:67:
         7b:db:8e:9a:fc:9b:7c:d7:c9:1c:ae:29:1c:7f:68:e3:4b:6c:
         63:ef:37:06:0c:9b:bc:7d:91:6a:73:9a:77:04:5c:8a:c8:12:
         62:7d:54:8e:da:93:df:4d:6e:ba:72:e2:06:95:00:5b:2c:6a:
         c5:72:e3:f5:a9:01:1e:9c:0e:ba:1c:e2:8b:24:8f:55:a5:84:
         62:00:17:bc:1e:39:75:ce:2b:0e:a6:82:b6:97:ae:c1:5f:d2:
         51:86:19:86:c9:69:e0:85:53:d0:aa:5e:43:e3:67:eb:13:1e:
         eb:30:b2:fe:30:da:9b:be:37:35:89:8c:b9:10:21:7a:23:a8:
         b3:8a:ab:3c:f4:20:51:c2:a9:9a:20:36:84:83:f3:7a:9a:11:
         85:65:42:ec:f0:64:a8:ee:4e:9f:d7:b4:9e:20:15:5e:e2:12:
         7c:70:9d:cc
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYlKB3p1WM11cVwKyXbK6G5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjMwNzEyMTIxNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDEwZGMyYzg5ODAyYjI2M2I0MDlmZTlhY2FhMzM3ZTI3MTQ3MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzs0alh4Y9dUTOAxPGGA10vjj56G0
s0cHBaXJAL9t2kWr4TnLQnPbnflJaSVavxI+7XqG+8QbY/ZmoRHQv6WmT4UHd5LA
nJRQov4g+aNC8+6WMappZQ2bfp/QR/UCp7cqOecvz8F5HovZ1Apf9xpZ0JYZvc1r
zmgPyX1G8LZXeRKgc9puaYb1UVnjQmuGCS3PH6ljV/BO6qAoQMUos1GPBWnNUw9A
wZU+67DQQnMIT2yPmAlooRSet+RR0nKz3+I+wDhyLJy+8mzKjFN0VN6AomN2mcyV
0v8IwH3elBMdMyikhJydQlXQ8hgE7z55FqPRWyinRl5Pe0zK0brnSphN2QIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFDQQ3CyJgCsmO0Cf6ayqM34nFHKlMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvTkJEY0xJbUFLeVk3UUpfcHJLb3pmaWNVY3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBOBAIAATBIAwQAHw4bAwQA
WSEpAwQAWS4hAwQCuWIEAwQCuWRAAwQCuW9oAwQCuXGEAwQCuXTAAwQCuXlQAwQC
uX1YAwQCuYEwAwQBvPHYMBkEAgACMBMDCAAqBglAAAAAAwcAKgYJQgAAMA0GCSqG
SIb3DQEBCwUAA4IBAQCKfv58mamEZomPtcC5Q1d+DdSegVh/JgNtHlVEQysgiT+n
KCFkb02y43BDIrFp5NK4Z1M3IIHNFS8PZOrfNQhR9Yvt1rSID9wvVS2dGIYwi3Vv
iKnjZ62oy2d7246a/Jt818kcrikcf2jjS2xj7zcGDJu8fZFqc5p3BFyKyBJifVSO
2pPfTW66cuIGlQBbLGrFcuP1qQEenA66HOKLJI9VpYRiABe8Hjl1zisOpoK2l67B
X9JRhhmGyWnghVPQql5D42frEx7rMLL+MNqbvjc1iYy5ECF6I6iziqs89CBRwqma
IDaEg/N6mhGFZULs8GSo7k6f17SeIBVe4hJ8cJ3M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:22 2024 by rpki-client on console-ams.rpki-client.org