Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/tpeHpDGofHFmtgWJBNv1SLhwb88.roa
File:                     tpeHpDGofHFmtgWJBNv1SLhwb88.roa (raw, json)
Hash identifier:          VbEng9fffdtatVKtTI2Ei3MFSPp2dSPuumxFDUoYj30=
Subject key identifier:   B6:97:87:A4:31:A8:7C:71:66:B6:05:89:04:DB:F5:48:B8:70:6F:CF
Certificate issuer:       /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial:       018E2E3678141ACE4241D804EA31F69DBDD9
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/tpeHpDGofHFmtgWJBNv1SLhwb88.roa
Signing time:             Mon 11 Mar 2024 15:51:45 +0000
ROA not before:           Mon 11 Mar 2024 15:51:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     12722
IP address blocks:        2.59.48.0/24 maxlen: 24
                          31.222.240.0/24 maxlen: 24
                          31.222.250.0/24 maxlen: 24
                          37.221.80.0/24 maxlen: 24
                          45.11.22.0/24 maxlen: 24
                          45.14.220.0/24 maxlen: 24
                          45.14.221.0/24 maxlen: 24
                          45.80.120.0/22 maxlen: 22
                          45.89.68.0/24 maxlen: 24
                          45.89.71.0/24 maxlen: 24
                          91.188.220.0/24 maxlen: 24
                          94.158.188.0/24 maxlen: 24
                          176.56.35.0/24 maxlen: 24
                          176.124.34.0/24 maxlen: 24
                          185.212.112.0/24 maxlen: 24
                          185.234.8.0/24 maxlen: 24
                          188.95.71.0/24 maxlen: 24
                          193.3.18.0/24 maxlen: 24
                          193.201.114.0/24 maxlen: 24
                          194.32.240.0/24 maxlen: 24
                          195.18.26.0/24 maxlen: 24
                          195.69.148.0/24 maxlen: 24
                          195.69.150.0/24 maxlen: 24
                          195.225.96.0/24 maxlen: 24
                          213.109.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 May 2024 14:36:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:2e:36:78:14:1a:ce:42:41:d8:04:ea:31:f6:9d:bd:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
        Validity
            Not Before: Mar 11 15:51:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b69787a431a87c7166b6058904dbf548b8706fcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:45:16:f2:6e:5e:e3:7d:f0:34:81:4a:37:72:
                    ce:50:c1:8d:65:f3:19:64:bf:5a:6b:8a:81:c3:eb:
                    20:b6:d0:e4:ff:f9:00:10:9d:7e:d6:d0:f8:73:ef:
                    47:3c:9a:bf:c5:45:1d:3a:55:95:6d:f4:b7:f9:1f:
                    2b:62:8d:aa:80:88:bd:0a:3d:64:fe:fd:31:41:40:
                    48:1b:5d:e9:6f:b9:ce:d7:35:c8:85:51:dd:66:1c:
                    ba:43:16:4b:62:fa:a8:d0:34:e6:b2:15:72:1d:d5:
                    d5:92:19:09:f3:c9:e8:3c:c0:89:60:fd:2b:58:92:
                    6d:e2:09:66:ed:e9:38:ca:b5:ca:c6:45:ff:22:67:
                    5a:e9:ad:56:71:67:2a:79:e2:86:f2:12:fd:51:d2:
                    66:7c:4f:0d:01:4c:a3:93:bb:0b:21:4a:1b:4b:43:
                    6f:cc:7a:93:35:9d:af:b8:f5:65:2a:69:13:17:76:
                    66:60:4e:c6:e4:c8:19:0d:5e:27:e5:22:80:59:2e:
                    75:a9:45:a2:bf:00:a6:ab:f7:cc:f2:d3:97:21:36:
                    c2:86:ba:f4:fb:f2:89:f4:33:b6:b2:43:9e:43:d3:
                    46:6c:81:1f:82:f1:e7:9d:6d:d2:97:b6:71:fc:ce:
                    07:ca:70:28:08:84:9f:3a:15:cc:7a:15:f2:dd:ff:
                    db:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:97:87:A4:31:A8:7C:71:66:B6:05:89:04:DB:F5:48:B8:70:6F:CF
            X509v3 Authority Key Identifier:
                keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/tpeHpDGofHFmtgWJBNv1SLhwb88.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.48.0/24
                  31.222.240.0/24
                  31.222.250.0/24
                  37.221.80.0/24
                  45.11.22.0/24
                  45.14.220.0/23
                  45.80.120.0/22
                  45.89.68.0/24
                  45.89.71.0/24
                  91.188.220.0/24
                  94.158.188.0/24
                  176.56.35.0/24
                  176.124.34.0/24
                  185.212.112.0/24
                  185.234.8.0/24
                  188.95.71.0/24
                  193.3.18.0/24
                  193.201.114.0/24
                  194.32.240.0/24
                  195.18.26.0/24
                  195.69.148.0/24
                  195.69.150.0/24
                  195.225.96.0/24
                  213.109.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:fe:06:9b:ce:19:5f:23:95:fb:cb:a6:24:dc:67:c8:81:bd:
         27:5e:df:48:cc:2a:1e:a4:40:6a:88:bb:7c:d3:68:0b:87:74:
         68:26:76:e1:a1:07:10:fa:6e:a3:bc:10:ad:2d:7b:29:5d:9e:
         28:78:ce:22:ee:a2:82:45:67:b5:aa:ef:c7:03:6c:85:06:ed:
         ed:23:80:dd:75:38:52:13:9b:b7:97:b4:38:5c:8c:b4:1b:fe:
         bf:d2:1f:5e:e3:bb:e5:43:49:15:ce:27:e0:f1:ff:cb:d9:84:
         56:d2:18:b4:c5:c8:13:a8:b0:32:a7:d2:62:ee:0a:3e:7d:68:
         c1:f9:2e:86:6e:69:fa:cc:41:f6:9a:9d:d4:e3:e7:36:3e:e9:
         ae:e3:ae:ee:ba:3b:68:87:32:b1:f9:b3:4b:62:ca:b6:42:8e:
         65:1c:1d:7a:05:75:3e:d9:e8:e0:86:34:74:15:23:05:a6:9e:
         4d:58:37:f4:15:d3:0a:9b:82:cb:31:fd:b9:df:c0:d0:27:db:
         4e:28:15:99:8d:d1:6b:4f:bc:a6:5b:02:cb:1a:3a:63:7d:c6:
         8f:6f:67:db:02:15:60:4c:ac:36:e1:d6:f5:d4:e8:a7:5f:61:
         d1:4c:07:7b:02:3b:9c:05:cb:80:96:74:37:c8:76:1b:9f:8c:
         6f:9d:ba:5d
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAY4uNngUGs5CQdgE6jH2nb3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzExMTU1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjk3ODdhNDMxYTg3YzcxNjZiNjA1ODkwNGRiZjU0OGI4NzA2ZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEUW8m5e433wNIFKN3LOUMGNZfMZ
ZL9aa4qBw+sgttDk//kAEJ1+1tD4c+9HPJq/xUUdOlWVbfS3+R8rYo2qgIi9Cj1k
/v0xQUBIG13pb7nO1zXIhVHdZhy6QxZLYvqo0DTmshVyHdXVkhkJ88noPMCJYP0r
WJJt4glm7ek4yrXKxkX/Imda6a1WcWcqeeKG8hL9UdJmfE8NAUyjk7sLIUobS0Nv
zHqTNZ2vuPVlKmkTF3ZmYE7G5MgZDV4n5SKAWS51qUWivwCmq/fM8tOXITbChrr0
+/KJ9DO2skOeQ9NGbIEfgvHnnW3Sl7Zx/M4HynAoCISfOhXMehXy3f/bhQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFLaXh6QxqHxxZrYFiQTb9Ui4cG/PMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvdHBlSHBER29mSEZtdGdXSkJOdjFTTGh3Yjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAAC
OzADBAAf3vADBAAf3voDBAAl3VADBAAtCxYDBAEtDtwDBAItUHgDBAAtWUQDBAAt
WUcDBABbvNwDBABenrwDBACwOCMDBACwfCIDBAC51HADBAC56ggDBAC8X0cDBADB
AxIDBADByXIDBADCIPADBADDEhoDBADDRZQDBADDRZYDBADD4WADBADVbc4wDQYJ
KoZIhvcNAQELBQADggEBAA3+BpvOGV8jlfvLpiTcZ8iBvSde30jMKh6kQGqIu3zT
aAuHdGgmduGhBxD6bqO8EK0teyldnih4ziLuooJFZ7Wq78cDbIUG7e0jgN11OFIT
m7eXtDhcjLQb/r/SH17ju+VDSRXOJ+Dx/8vZhFbSGLTFyBOosDKn0mLuCj59aMH5
LoZuafrMQfaandTj5zY+6a7jru66O2iHMrH5s0tiyrZCjmUcHXoFdT7Z6OCGNHQV
IwWmnk1YN/QV0wqbgssx/bnfwNAn204oFZmN0WtPvKZbAssaOmN9xo9vZ9sCFWBM
rDbh1vXU6KdfYdFMB3sCO5wFy4CWdDfIdhufjG+dul0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org