Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/SrqjPr10WqQutq635_O0GJV_ZGc.roa
File:                     SrqjPr10WqQutq635_O0GJV_ZGc.roa (raw, json)
Hash identifier:          Eb9lJ/prDrt27NlJz0kUznCD+AU4xY49I8C6RPx1Rxw=
Subject key identifier:   4A:BA:A3:3E:BD:74:5A:A4:2E:B6:AE:B7:E7:F3:B4:18:95:7F:64:67
Certificate issuer:       /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial:       0185CE69D29582DE4D967D28A8281798F9F7
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/SrqjPr10WqQutq635_O0GJV_ZGc.roa
Signing time:             Fri 20 Jan 2023 09:01:59 +0000
ROA not before:           Fri 20 Jan 2023 09:01:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29405
IP address blocks:        185.176.72.0/22 maxlen: 22
                          46.229.230.0/24 maxlen: 24
                          81.89.48.0/20 maxlen: 20
                          86.110.224.0/19 maxlen: 19
                          176.109.56.0/21 maxlen: 21
                          86.110.229.0/24 maxlen: 24
                          92.240.230.0/24 maxlen: 24
                          92.240.229.0/24 maxlen: 24
                          92.240.228.0/24 maxlen: 24
                          92.240.231.0/24 maxlen: 24
                          92.240.234.0/24 maxlen: 24
                          92.240.237.0/24 maxlen: 24
                          92.240.236.0/24 maxlen: 24
                          92.240.235.0/24 maxlen: 24
                          92.240.241.0/24 maxlen: 24
                          92.240.244.0/24 maxlen: 24
                          92.240.242.0/24 maxlen: 24
                          92.240.245.0/24 maxlen: 24
                          92.240.253.0/24 maxlen: 24
                          92.240.249.0/24 maxlen: 24
                          92.240.254.0/24 maxlen: 24
                          217.73.16.0/24 maxlen: 24
                          217.73.16.0/20 maxlen: 20
                          217.73.17.0/24 maxlen: 24
                          93.184.64.0/20 maxlen: 20
                          93.184.76.0/24 maxlen: 24
                          46.229.224.0/20 maxlen: 20
                          109.74.144.0/20 maxlen: 20
                          2a01:390::/32 maxlen: 32
                          2a00:10d8::/32 maxlen: 32
                          2a00:10d8:10::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 02 Mar 2023 15:20:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ce:69:d2:95:82:de:4d:96:7d:28:a8:28:17:98:f9:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
        Validity
            Not Before: Jan 20 09:01:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4abaa33ebd745aa42eb6aeb7e7f3b418957f6467
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:16:09:ac:e8:ef:d8:a2:51:91:9d:10:31:45:
                    7e:6b:1a:f3:fa:af:59:fb:4d:03:4b:d3:82:dc:b8:
                    10:1f:3e:be:12:26:00:1e:77:c9:38:72:c2:87:6e:
                    8e:6b:2e:5f:ec:76:fb:13:bd:2a:c8:58:48:56:6e:
                    ed:5f:b3:7d:7b:1c:7c:12:42:07:13:ee:20:98:bd:
                    64:4e:64:e3:cd:8b:49:84:0c:75:d0:07:14:0b:f8:
                    20:4e:f5:04:e2:8d:4c:a9:38:7f:85:a4:c1:b1:96:
                    63:e4:71:b3:32:cd:5c:af:aa:98:dc:8a:15:1f:47:
                    68:77:17:b6:2e:b9:dd:95:4f:1a:fb:c4:cc:a8:3f:
                    4f:3e:5b:77:15:e9:88:59:d7:4a:a2:90:e0:8d:9b:
                    81:d2:00:7e:87:29:1a:0a:db:31:4e:8f:b5:a7:93:
                    e1:17:32:9d:67:71:97:61:5f:eb:26:f4:bf:09:25:
                    99:6f:59:ef:90:fa:70:7d:86:a5:34:70:2f:bb:9e:
                    85:be:99:47:cf:31:91:50:b3:71:27:74:8b:57:e5:
                    69:6a:e4:ae:8e:8a:b6:55:de:02:b5:25:ad:e6:83:
                    31:8a:64:b9:fb:cf:1a:13:ee:45:0c:8c:4e:ad:f2:
                    14:d4:17:a1:9d:1e:82:e6:f4:8a:f2:64:c4:20:51:
                    a4:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:BA:A3:3E:BD:74:5A:A4:2E:B6:AE:B7:E7:F3:B4:18:95:7F:64:67
            X509v3 Authority Key Identifier:
                keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/SrqjPr10WqQutq635_O0GJV_ZGc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.229.224.0/20
                  81.89.48.0/20
                  86.110.224.0/19
                  92.240.228.0/22
                  92.240.234.0-92.240.237.255
                  92.240.241.0-92.240.242.255
                  92.240.244.0/23
                  92.240.249.0/24
                  92.240.253.0-92.240.254.255
                  93.184.64.0/20
                  109.74.144.0/20
                  176.109.56.0/21
                  185.176.72.0/22
                  217.73.16.0/20
                IPv6:
                  2a00:10d8::/32
                  2a01:390::/32

    Signature Algorithm: sha256WithRSAEncryption
         89:11:db:fd:1e:bc:c4:91:29:bd:53:b8:91:67:76:b3:af:5a:
         fb:bb:c2:6f:88:f5:dc:71:d1:e7:9b:cc:d5:c3:33:fc:f6:47:
         3a:75:16:b2:e2:f0:f8:df:65:7d:2c:4a:33:81:7b:77:34:ec:
         45:2c:36:1d:81:49:96:99:e3:16:d8:49:c0:3c:af:6b:9d:3d:
         cc:4f:9e:41:99:9f:f8:c4:fd:8b:89:3e:90:02:ed:ba:7c:58:
         c6:68:b2:93:6a:25:99:8f:8b:d3:ee:82:ae:84:49:ab:8e:47:
         23:72:19:1a:00:ab:5d:fb:ed:8c:d2:72:d3:ea:65:4d:2b:a9:
         fa:fc:6a:ac:eb:37:37:0d:07:e4:8a:65:40:03:09:d1:15:71:
         fd:af:e1:9d:e0:c4:a1:3f:80:ab:9f:cb:61:5e:b1:0f:f7:28:
         7f:22:b4:a1:bd:f9:30:0d:88:1e:ae:64:1a:27:69:39:45:03:
         a8:6a:58:f3:e7:94:b7:3f:7c:3b:16:e0:85:61:d9:ee:a2:13:
         5f:19:c9:c8:d8:44:7e:0f:a3:66:f1:7a:70:3f:25:4d:07:7a:
         90:f6:6e:3a:bd:a7:27:46:64:ec:e1:4c:c3:10:21:18:c5:ea:
         fd:6c:d3:e8:50:1a:0d:c1:0f:95:fa:25:4c:c4:6e:55:9e:a2:
         76:1c:55:d9
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYXOadKVgt5Nln0oqCgXmPn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjMwMTIwMDkwMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWJhYTMzZWJkNzQ1YWE0MmViNmFlYjdlN2YzYjQxODk1N2Y2NDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhYJrOjv2KJRkZ0QMUV+axrz+q9Z
+00DS9OC3LgQHz6+EiYAHnfJOHLCh26Oay5f7Hb7E70qyFhIVm7tX7N9exx8EkIH
E+4gmL1kTmTjzYtJhAx10AcUC/ggTvUE4o1MqTh/haTBsZZj5HGzMs1cr6qY3IoV
H0dodxe2LrndlU8a+8TMqD9PPlt3FemIWddKopDgjZuB0gB+hykaCtsxTo+1p5Ph
FzKdZ3GXYV/rJvS/CSWZb1nvkPpwfYalNHAvu56FvplHzzGRULNxJ3SLV+VpauSu
joq2Vd4CtSWt5oMximS5+88aE+5FDIxOrfIU1BehnR6C5vSK8mTEIFGk9wIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFEq6oz69dFqkLraut+fztBiVf2RnMB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEvU3JxalByMTBXcVF1dHE2MzVfTzBHSlZfWkdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQELuXg
AwQEUVkwAwQFVm7gAwQCXPDkMAwDBAFc8OoDBAFc8OwwDAMEAFzw8QMEAFzw8gME
AVzw9AMEAFzw+TAMAwQAXPD9AwQAXPD+AwQEXbhAAwQEbUqQAwQDsG04AwQCubBI
AwQE2UkQMBQEAgACMA4DBQAqABDYAwUAKgEDkDANBgkqhkiG9w0BAQsFAAOCAQEA
iRHb/R68xJEpvVO4kWd2s69a+7vCb4j13HHR55vM1cMz/PZHOnUWsuLw+N9lfSxK
M4F7dzTsRSw2HYFJlpnjFthJwDyva509zE+eQZmf+MT9i4k+kALtunxYxmiyk2ol
mY+L0+6CroRJq45HI3IZGgCrXfvtjNJy0+plTSup+vxqrOs3Nw0H5IplQAMJ0RVx
/a/hneDEoT+Aq5/LYV6xD/cofyK0ob35MA2IHq5kGidpOUUDqGpY8+eUtz98Oxbg
hWHZ7qITXxnJyNhEfg+jZvF6cD8lTQd6kPZuOr2nJ0Zk7OFMwxAhGMXq/WzT6FAa
DcEPlfolTMRuVZ6idhxV2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:10 2024 by rpki-client on console-fra.rpki-client.org