Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/hHP7fBg2n7KdlqYO59TAAZZUSr8.roa
File:                     hHP7fBg2n7KdlqYO59TAAZZUSr8.roa (raw, json)
Hash identifier:          5HL9Fd3/a6lZnruQ6c/xhe+kSWDoq6rP3rrjK2pWSh4=
Subject key identifier:   84:73:FB:7C:18:36:9F:B2:9D:96:A6:0E:E7:D4:C0:01:96:54:4A:BF
Certificate issuer:       /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial:       0187805279C54841115BFB3681BAFA2E8AB0
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/hHP7fBg2n7KdlqYO59TAAZZUSr8.roa
Signing time:             Fri 14 Apr 2023 15:11:41 +0000
ROA not before:           Fri 14 Apr 2023 15:11:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     286
IP address blocks:        62.132.116.0/23 maxlen: 23
                          62.132.114.0/23 maxlen: 23
                          192.129.32.0/23 maxlen: 24
                          192.129.36.0/24 maxlen: 24
                          62.132.132.0/23 maxlen: 23
                          192.129.43.0/24 maxlen: 24
                          192.129.44.0/24 maxlen: 24
                          192.129.46.0/24 maxlen: 24
                          192.129.48.0/24 maxlen: 24
                          62.41.160.0/24 maxlen: 24
                          193.141.0.0/23 maxlen: 23
                          194.45.4.0/23 maxlen: 23
                          192.129.56.0/24 maxlen: 24
                          192.129.54.0/24 maxlen: 24
                          193.141.2.0/24 maxlen: 24
                          62.41.80.0/22 maxlen: 22
                          62.41.84.0/23 maxlen: 23
                          62.41.102.0/24 maxlen: 24
                          193.242.80.0/20 maxlen: 20
                          194.45.98.0/23 maxlen: 23
                          192.16.202.0/24 maxlen: 24
                          194.121.52.0/22 maxlen: 22
                          194.45.12.0/23 maxlen: 23
                          193.141.44.0/23 maxlen: 23
                          193.141.40.0/22 maxlen: 22
                          194.45.47.0/24 maxlen: 24
                          194.45.182.0/23 maxlen: 23
                          92.71.0.0/17 maxlen: 17
                          192.67.190.0/23 maxlen: 23
                          192.67.192.0/22 maxlen: 22
                          192.67.196.0/24 maxlen: 24
                          193.141.140.0/23 maxlen: 23
                          62.41.16.0/21 maxlen: 21
                          62.132.0.0/22 maxlen: 22
                          62.41.24.0/22 maxlen: 22
                          62.132.16.0/22 maxlen: 22
                          62.41.37.0/24 maxlen: 24
                          62.41.32.0/24 maxlen: 24
                          62.132.24.0/23 maxlen: 23
                          62.132.28.0/24 maxlen: 24
                          92.71.128.0/18 maxlen: 18
                          62.132.42.0/23 maxlen: 23
                          62.41.56.0/21 maxlen: 21
                          194.41.62.0/24 maxlen: 24
                          62.41.64.0/20 maxlen: 20
                          192.54.104.0/24 maxlen: 24
                          62.41.0.0/20 maxlen: 20
                          2a00:1750::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 14 Apr 2023 15:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:80:52:79:c5:48:41:11:5b:fb:36:81:ba:fa:2e:8a:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
        Validity
            Not Before: Apr 14 15:11:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8473fb7c18369fb29d96a60ee7d4c00196544abf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f5:3f:32:b4:1e:e2:d5:f3:71:38:7d:8c:ba:
                    a9:f1:ad:49:09:d7:a8:44:42:7f:99:f7:49:09:c9:
                    73:96:07:3b:1c:cc:97:ee:33:b2:e3:b5:c9:f1:ca:
                    b1:96:a7:8f:3f:30:a2:a0:20:17:70:04:cd:32:09:
                    3e:e7:f6:f6:e8:0a:e0:05:d3:e6:c3:46:06:7e:1e:
                    0c:e3:6e:fa:3f:a5:65:3e:69:f1:d0:ce:fa:50:e3:
                    33:60:92:b6:30:f4:d5:7b:a3:dd:7c:ce:f1:de:2d:
                    37:63:02:44:7c:6d:1f:41:ed:59:03:54:9d:91:1f:
                    aa:7e:f7:c9:2a:f0:38:40:07:14:1b:24:6c:8e:39:
                    21:27:0e:cf:b1:d5:73:39:2e:57:91:3f:33:0a:c8:
                    37:bb:c8:ea:67:93:05:ae:0b:0d:b0:ec:84:46:44:
                    5f:02:bf:b4:c7:5a:4f:8d:bb:05:7a:a5:2a:a6:42:
                    61:4c:9e:e2:67:54:e2:30:89:46:93:f2:b4:a0:ea:
                    b1:a6:27:2b:77:13:4c:a2:c8:25:2f:93:2b:1f:c1:
                    2e:bc:63:d6:71:75:e6:47:6a:4d:02:6c:b6:b0:5a:
                    30:65:a0:bc:41:95:d2:44:f2:9e:10:a9:e7:7f:3a:
                    21:2c:3a:e7:db:9f:48:45:38:cb:dc:06:eb:7d:de:
                    c8:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:73:FB:7C:18:36:9F:B2:9D:96:A6:0E:E7:D4:C0:01:96:54:4A:BF
            X509v3 Authority Key Identifier:
                keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/hHP7fBg2n7KdlqYO59TAAZZUSr8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.41.0.0-62.41.27.255
                  62.41.32.0/24
                  62.41.37.0/24
                  62.41.56.0-62.41.85.255
                  62.41.102.0/24
                  62.41.160.0/24
                  62.132.0.0/22
                  62.132.16.0/22
                  62.132.24.0/23
                  62.132.28.0/24
                  62.132.42.0/23
                  62.132.114.0-62.132.117.255
                  62.132.132.0/23
                  92.71.0.0-92.71.191.255
                  192.16.202.0/24
                  192.54.104.0/24
                  192.67.190.0-192.67.196.255
                  192.129.32.0/23
                  192.129.36.0/24
                  192.129.43.0-192.129.44.255
                  192.129.46.0/24
                  192.129.48.0/24
                  192.129.54.0/24
                  192.129.56.0/24
                  193.141.0.0-193.141.2.255
                  193.141.40.0-193.141.45.255
                  193.141.140.0/23
                  193.242.80.0/20
                  194.41.62.0/24
                  194.45.4.0/23
                  194.45.12.0/23
                  194.45.47.0/24
                  194.45.98.0/23
                  194.45.182.0/23
                  194.121.52.0/22
                IPv6:
                  2a00:1750::/32

    Signature Algorithm: sha256WithRSAEncryption
         14:fb:d5:27:d2:db:cd:b9:f7:be:db:61:c6:03:95:49:df:ec:
         55:43:ed:5a:e6:20:4d:34:bd:b7:ba:c5:a5:d9:2d:a5:f0:dd:
         92:cb:38:0e:36:b3:1d:a2:45:d3:bf:de:5f:6f:f8:99:e8:f0:
         58:33:1c:05:5a:e3:7e:10:76:82:aa:62:d5:d2:d9:ba:bb:ff:
         e1:e4:bd:dc:60:8f:d9:6f:90:be:87:6a:a0:1c:27:de:ce:f0:
         2d:5f:41:fa:1f:91:ff:70:12:17:38:aa:af:86:ed:55:69:ba:
         42:3b:a5:ea:a0:60:14:78:e3:63:e7:d2:b4:04:da:4a:66:35:
         39:19:30:2c:69:b3:90:30:d2:6c:0b:15:e6:8d:79:98:26:f9:
         24:86:2b:4e:cf:f8:66:36:ec:b0:b8:69:11:a3:e8:46:78:53:
         2f:67:ec:c8:c0:e0:d8:02:88:57:c9:fb:fe:18:10:4f:f3:90:
         7f:df:d7:54:aa:d6:cc:dd:05:bb:0b:4d:82:76:31:bd:3a:0a:
         f1:9a:33:a6:7d:47:bd:d2:8a:07:69:19:5b:88:26:a3:83:f4:
         9a:f0:46:04:5d:c0:9d:1f:be:ef:c6:00:61:0f:c5:04:9b:d2:
         04:4c:9e:ed:87:cf:d8:84:2f:71:7c:68:28:f7:e7:8a:58:42:
         dd:73:b1:6d
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgISAYeAUnnFSEERW/s2gbr6LoqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwNDE0MTUxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDczZmI3YzE4MzY5ZmIyOWQ5NmE2MGVlN2Q0YzAwMTk2NTQ0YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfU/MrQe4tXzcTh9jLqp8a1JCdeo
REJ/mfdJCclzlgc7HMyX7jOy47XJ8cqxlqePPzCioCAXcATNMgk+5/b26ArgBdPm
w0YGfh4M4276P6VlPmnx0M76UOMzYJK2MPTVe6PdfM7x3i03YwJEfG0fQe1ZA1Sd
kR+qfvfJKvA4QAcUGyRsjjkhJw7PsdVzOS5XkT8zCsg3u8jqZ5MFrgsNsOyERkRf
Ar+0x1pPjbsFeqUqpkJhTJ7iZ1TiMIlGk/K0oOqxpicrdxNMosglL5MrH8EuvGPW
cXXmR2pNAmy2sFowZaC8QZXSRPKeEKnnfzohLDrn259IRTjL3Abrfd7IXQIDAQAB
o4IDKzCCAycwHQYDVR0OBBYEFIRz+3wYNp+ynZamDufUwAGWVEq/MB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvaEhQN2ZCZzJuN0tkbHFZTzU5VEFBWlpVU3I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPwYIKwYBBQUHAQcBAf8EggEuMIIBKjCCARcEAgABMIIB
DzALAwMAPikDBAI+KRgDBAA+KSADBAA+KSUwDAMEAz4pOAMEAT4pVAMEAD4pZgME
AD4poAMEAj6EAAMEAj6EEAMEAT6EGAMEAD6EHAMEAT6EKjAMAwQBPoRyAwQBPoR0
AwQBPoSEMAsDAwBcRwMEBlxHgAMEAMAQygMEAMA2aDAMAwQBwEO+AwQAwEPEAwQB
wIEgAwQAwIEkMAwDBADAgSsDBADAgSwDBADAgS4DBADAgTADBADAgTYDBADAgTgw
CwMDAMGNAwQAwY0CMAwDBAPBjSgDBAHBjSwDBAHBjYwDBATB8lADBADCKT4DBAHC
LQQDBAHCLQwDBADCLS8DBAHCLWIDBAHCLbYDBALCeTQwDQQCAAIwBwMFACoAF1Aw
DQYJKoZIhvcNAQELBQADggEBABT71SfS2825977bYcYDlUnf7FVD7VrmIE00vbe6
xaXZLaXw3ZLLOA42sx2iRdO/3l9v+Jno8FgzHAVa434QdoKqYtXS2bq7/+Hkvdxg
j9lvkL6HaqAcJ97O8C1fQfofkf9wEhc4qq+G7VVpukI7peqgYBR442Pn0rQE2kpm
NTkZMCxps5Aw0mwLFeaNeZgm+SSGK07P+GY27LC4aRGj6EZ4Uy9n7MjA4NgCiFfJ
+/4YEE/zkH/f11Sq1szdBbsLTYJ2Mb06CvGaM6Z9R73SigdpGVuIJqOD9JrwRgRd
wJ0fvu/GAGEPxQSb0gRMnu2Hz9iEL3F8aCj354pYQt1zsW0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:12 2024 by rpki-client on console-fra.rpki-client.org