Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/wDsEUM-sLBa-BgAWRIRVrbfD9t8.roa
File:                     wDsEUM-sLBa-BgAWRIRVrbfD9t8.roa (raw, json)
Hash identifier:          hf0YoQgXVyA/cLRXvUleFjH9M7gy6kpN4cZgQ5YN4Fs=
Subject key identifier:   C0:3B:04:50:CF:AC:2C:16:BE:06:00:16:44:84:55:AD:B7:C3:F6:DF
Certificate issuer:       /CN=a60d129401b2693a38d5b4373dc7607bf85b8a6e
Certificate serial:       01857169BFEAA88708164C03043BC83F46BF
Authority key identifier: A6:0D:12:94:01:B2:69:3A:38:D5:B4:37:3D:C7:60:7B:F8:5B:8A:6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pg0SlAGyaTo41bQ3Pcdge_hbim4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/wDsEUM-sLBa-BgAWRIRVrbfD9t8.roa
Signing time:             Mon 02 Jan 2023 07:37:13 +0000
ROA not before:           Mon 02 Jan 2023 07:37:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204260
IP address blocks:        194.34.0.0/24 maxlen: 24
                          194.34.0.0/22 maxlen: 22
                          194.34.0.0/21 maxlen: 21
                          194.34.1.0/24 maxlen: 24
                          194.34.2.0/24 maxlen: 24
                          194.34.3.0/24 maxlen: 24
                          194.34.4.0/22 maxlen: 22
                          194.34.4.0/24 maxlen: 24
                          194.34.7.0/24 maxlen: 24
                          194.34.5.0/24 maxlen: 24
                          194.34.6.0/24 maxlen: 24
                          185.109.8.0/22 maxlen: 22
                          185.109.8.0/24 maxlen: 24
                          185.109.8.0/23 maxlen: 23
                          185.109.9.0/24 maxlen: 24
                          185.109.10.0/23 maxlen: 23
                          185.109.10.0/24 maxlen: 24
                          185.109.11.0/24 maxlen: 24
                          2a02:e600::/30 maxlen: 30

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:69:bf:ea:a8:87:08:16:4c:03:04:3b:c8:3f:46:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a60d129401b2693a38d5b4373dc7607bf85b8a6e
        Validity
            Not Before: Jan  2 07:37:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c03b0450cfac2c16be060016448455adb7c3f6df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:89:26:46:58:34:74:37:ec:86:a3:41:03:72:
                    34:1e:b5:79:8b:82:dc:7c:f4:72:93:86:20:e5:d7:
                    68:58:ee:b2:60:df:95:eb:9d:67:8d:03:d4:32:6a:
                    00:d5:59:ec:67:b5:d9:7c:13:b6:66:c4:75:8b:49:
                    9c:94:37:cf:d5:b3:87:8a:c7:61:ca:29:e9:7e:33:
                    09:d3:12:d5:91:d5:c6:39:ca:20:c5:89:b3:c6:63:
                    ac:c9:89:4e:2e:db:3b:c4:92:97:eb:92:80:23:ad:
                    53:77:ce:48:50:40:06:5b:6f:2b:a6:f7:96:11:58:
                    13:b0:44:d4:42:3e:ea:58:6e:60:f1:58:8f:b7:2e:
                    c7:90:62:9a:70:4b:5d:70:a8:f0:d2:f9:af:8b:8e:
                    bb:b7:6d:44:ca:e5:b5:11:c1:64:f4:fc:ec:95:a9:
                    d6:54:13:b6:11:8f:f9:08:84:b8:cc:ae:b1:35:66:
                    08:37:b6:16:f0:1f:09:c0:6c:af:cc:8b:9c:a6:af:
                    59:6a:fd:55:74:42:0d:a6:14:db:95:de:e0:21:30:
                    af:6e:36:b5:b8:2b:93:fe:df:bc:c3:96:d4:42:a1:
                    c1:4a:80:54:21:d9:ed:be:2a:f7:00:4a:ed:88:06:
                    10:2e:ad:ee:63:09:94:33:fb:84:d3:bf:3f:df:d3:
                    16:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:3B:04:50:CF:AC:2C:16:BE:06:00:16:44:84:55:AD:B7:C3:F6:DF
            X509v3 Authority Key Identifier:
                keyid:A6:0D:12:94:01:B2:69:3A:38:D5:B4:37:3D:C7:60:7B:F8:5B:8A:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pg0SlAGyaTo41bQ3Pcdge_hbim4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/wDsEUM-sLBa-BgAWRIRVrbfD9t8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/pg0SlAGyaTo41bQ3Pcdge_hbim4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.109.8.0/22
                  194.34.0.0/21
                IPv6:
                  2a02:e600::/30

    Signature Algorithm: sha256WithRSAEncryption
         2b:76:66:4b:76:59:e4:d0:21:d6:06:8a:e6:ab:2d:5a:ce:39:
         1a:c7:34:27:8e:9a:75:d6:59:12:63:6f:44:a7:c6:04:8a:17:
         9a:ed:08:e5:d5:fb:3c:4e:28:62:15:4c:fa:04:92:21:7f:00:
         be:43:83:b2:27:96:22:3c:f0:17:ef:ef:f7:83:61:83:93:c7:
         04:76:aa:13:d9:7a:4c:b3:c6:82:13:6e:e7:76:25:e5:3d:1d:
         f2:c5:25:da:d0:d6:3d:81:2e:aa:b5:f8:7d:62:2a:c8:17:9a:
         9f:a1:c6:4c:ae:1a:48:b7:8d:a8:d0:a2:a5:fe:1e:68:71:c2:
         3d:11:b0:c7:35:f0:10:e9:59:66:cb:bc:73:d9:49:72:33:49:
         9c:f0:f6:cd:22:8d:06:4b:b4:27:cd:0a:28:02:ca:fc:93:98:
         6c:89:9b:19:eb:e5:cf:b0:7e:bd:09:c2:09:12:b3:2b:a8:03:
         05:b9:40:5f:c2:06:65:07:69:a4:5f:19:aa:a1:33:32:1a:b0:
         5a:d4:11:a5:a6:63:fe:13:45:04:2d:3c:cd:93:0a:59:c8:b8:
         fc:d1:e4:21:c6:55:21:b5:b5:65:cb:93:42:a2:d4:73:57:d8:
         8f:2b:2c:07:77:c0:81:4a:a0:07:07:e6:7b:28:88:dd:1c:50:
         ca:b2:82:f5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxab/qqIcIFkwDBDvIP0a/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MGQxMjk0MDFiMjY5M2EzOGQ1YjQzNzNkYzc2MDdiZjg1
YjhhNmUwHhcNMjMwMTAyMDczNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDNiMDQ1MGNmYWMyYzE2YmUwNjAwMTY0NDg0NTVhZGI3YzNmNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIkmRlg0dDfshqNBA3I0HrV5i4Lc
fPRyk4Yg5ddoWO6yYN+V651njQPUMmoA1VnsZ7XZfBO2ZsR1i0mclDfP1bOHisdh
yinpfjMJ0xLVkdXGOcogxYmzxmOsyYlOLts7xJKX65KAI61Td85IUEAGW28rpveW
EVgTsETUQj7qWG5g8ViPty7HkGKacEtdcKjw0vmvi467t21EyuW1EcFk9PzslanW
VBO2EY/5CIS4zK6xNWYIN7YW8B8JwGyvzIucpq9Zav1VdEINphTbld7gITCvbja1
uCuT/t+8w5bUQqHBSoBUIdntvir3AErtiAYQLq3uYwmUM/uE078/39MWSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMA7BFDPrCwWvgYAFkSEVa23w/bfMB8GA1UdIwQY
MBaAFKYNEpQBsmk6ONW0Nz3HYHv4W4puMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGcwU2xBR3lhVG80MWJRM1BjZGdlX2hiaW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8zZDExZDgtZmFlMC00Yjk3LWFmZGYt
OWMyYmJkOGM5NDk2LzEvd0RzRVVNLXNMQmEtQmdBV1JJUlZyYmZEOXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8zZDExZDgtZmFlMC00Yjk3LWFmZGYtOWMyYmJkOGM5NDk2
LzEvcGcwU2xBR3lhVG80MWJRM1BjZGdlX2hiaW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuW0IAwQD
wiIAMA0EAgACMAcDBQIqAuYAMA0GCSqGSIb3DQEBCwUAA4IBAQArdmZLdlnk0CHW
Bormqy1azjkaxzQnjpp11lkSY29Ep8YEihea7Qjl1fs8TihiFUz6BJIhfwC+Q4Oy
J5YiPPAX7+/3g2GDk8cEdqoT2XpMs8aCE27ndiXlPR3yxSXa0NY9gS6qtfh9YirI
F5qfocZMrhpIt42o0KKl/h5occI9EbDHNfAQ6Vlmy7xz2UlyM0mc8PbNIo0GS7Qn
zQooAsr8k5hsiZsZ6+XPsH69CcIJErMrqAMFuUBfwgZlB2mkXxmqoTMyGrBa1BGl
pmP+E0UELTzNkwpZyLj80eQhxlUhtbVly5NCotRzV9iPKywHd8CBSqAHB+Z7KIjd
HFDKsoL1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:24 2024 by rpki-client on console-fra.rpki-client.org