Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/Mk263mugZh8KNkJsvRVW8MPwMyQ.roa
File:                     Mk263mugZh8KNkJsvRVW8MPwMyQ.roa (raw, json)
Hash identifier:          Pmu+LuYAmk+zxhnmNTjgTj5yctNRr/B45qEFwK6XdnE=
Subject key identifier:   32:4D:BA:DE:6B:A0:66:1F:0A:36:42:6C:BD:15:56:F0:C3:F0:33:24
Certificate issuer:       /CN=369c713c51987e1ffa5482277f5f1c8cb722f44b
Certificate serial:       0185771E7031864A43B5F4E66B460EF10CD3
Authority key identifier: 36:9C:71:3C:51:98:7E:1F:FA:54:82:27:7F:5F:1C:8C:B7:22:F4:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NpxxPFGYfh_6VIInf18cjLci9Es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/Mk263mugZh8KNkJsvRVW8MPwMyQ.roa
Signing time:             Tue 03 Jan 2023 10:12:41 +0000
ROA not before:           Tue 03 Jan 2023 10:12:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25384
IP address blocks:        193.162.192.0/19 maxlen: 19
                          193.162.218.0/23 maxlen: 23
                          193.162.217.0/24 maxlen: 24
                          193.162.219.0/24 maxlen: 24
                          109.236.176.0/20 maxlen: 20
                          85.89.250.0/24 maxlen: 24
                          92.60.144.0/20 maxlen: 20
                          217.10.16.0/20 maxlen: 20
                          185.3.15.0/24 maxlen: 24
                          185.3.14.0/24 maxlen: 24
                          185.3.13.0/24 maxlen: 24
                          85.89.224.0/19 maxlen: 19
                          2001:15f8:1::/48 maxlen: 48
                          2001:15f8:c00::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 11 May 2023 09:06:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:77:1e:70:31:86:4a:43:b5:f4:e6:6b:46:0e:f1:0c:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=369c713c51987e1ffa5482277f5f1c8cb722f44b
        Validity
            Not Before: Jan  3 10:12:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=324dbade6ba0661f0a36426cbd1556f0c3f03324
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:9d:b2:94:30:5a:4c:1d:4c:e1:37:fa:89:93:
                    20:20:cb:2a:db:41:2f:dc:7b:8c:6a:b6:e8:31:d0:
                    40:fd:88:56:bc:37:d1:44:6f:f5:63:f0:b1:15:57:
                    25:69:07:75:40:54:4b:4e:87:91:1a:a6:c7:1d:82:
                    1f:56:6d:56:7d:cc:49:64:fd:f2:82:ec:db:7a:f4:
                    19:80:96:85:07:da:f2:c3:3f:b3:0c:f4:93:6b:bc:
                    4c:af:b2:17:00:8c:09:e1:e4:29:28:73:dc:54:6f:
                    af:a8:ca:39:33:96:c0:3d:94:b5:2d:fb:58:b8:d7:
                    9c:57:b2:de:7d:14:79:bd:49:4a:0b:ed:3a:5a:93:
                    f1:cd:f1:82:29:d4:49:1f:89:3b:08:a7:a9:73:e1:
                    2c:38:bd:53:1e:2e:bc:c6:07:95:dc:4e:51:55:08:
                    d4:d9:1a:9b:a2:19:e5:b5:2b:08:0f:e2:ae:75:73:
                    ba:8f:a1:74:54:46:29:ad:47:63:9d:bd:1c:f2:31:
                    50:0e:3f:f6:a8:c4:7e:b6:0b:c9:8c:65:3b:09:af:
                    aa:58:cb:40:34:57:af:37:cf:fb:a1:06:f4:ca:a2:
                    4d:47:a3:ec:23:1d:36:6d:07:99:3b:ac:94:45:ec:
                    63:6a:4b:99:f4:56:0c:39:42:86:2b:8a:c8:1d:97:
                    77:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:4D:BA:DE:6B:A0:66:1F:0A:36:42:6C:BD:15:56:F0:C3:F0:33:24
            X509v3 Authority Key Identifier:
                keyid:36:9C:71:3C:51:98:7E:1F:FA:54:82:27:7F:5F:1C:8C:B7:22:F4:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpxxPFGYfh_6VIInf18cjLci9Es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/Mk263mugZh8KNkJsvRVW8MPwMyQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/NpxxPFGYfh_6VIInf18cjLci9Es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.89.224.0/19
                  92.60.144.0/20
                  109.236.176.0/20
                  185.3.13.0-185.3.15.255
                  193.162.192.0/19
                  217.10.16.0/20
                IPv6:
                  2001:15f8:1::/48
                  2001:15f8:c00::/48

    Signature Algorithm: sha256WithRSAEncryption
         6f:87:55:e5:3d:f6:f0:2e:ec:14:70:88:ff:97:b5:3e:79:95:
         b7:ae:74:57:82:aa:f4:50:41:cb:a9:b7:f5:5a:06:fc:70:7c:
         c6:5e:f0:18:be:f3:74:88:c5:91:0a:64:a6:87:58:21:c4:3e:
         eb:cd:15:a8:f8:69:db:5a:e1:ad:cf:3a:d5:0d:03:a4:7a:af:
         65:9e:60:fa:86:85:c9:90:4a:e9:8f:08:76:3e:57:3a:c9:3d:
         7f:09:83:34:79:e2:df:50:70:bf:a0:38:e7:af:6c:06:6e:75:
         b0:db:e9:9e:cd:5a:88:a1:7a:e6:05:f9:4f:db:c9:2b:34:3c:
         23:00:70:ea:3d:39:0b:08:25:bf:8b:92:d0:29:af:ec:43:8d:
         d5:ff:8e:2a:05:35:fa:14:1e:25:f7:26:52:30:46:de:21:e3:
         31:58:c3:1e:de:44:1f:9a:7f:f3:c1:1f:93:ce:d0:e6:2e:d7:
         20:93:80:8b:50:71:99:54:c5:22:e7:5d:7c:3c:68:05:70:ab:
         ba:30:40:49:07:5a:a4:18:1a:9c:66:ee:26:38:49:10:9f:b2:
         a8:46:9c:a1:30:ef:2a:4d:c1:e4:49:4b:f5:6d:53:d6:25:ae:
         2b:c6:5e:e3:1f:a9:7f:1a:c2:2d:a9:e8:da:b1:de:ec:0a:7e:
         a2:1e:25:8c
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYV3HnAxhkpDtfTma0YO8QzTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OWM3MTNjNTE5ODdlMWZmYTU0ODIyNzdmNWYxYzhjYjcy
MmY0NGIwHhcNMjMwMTAzMTAxMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRkYmFkZTZiYTA2NjFmMGEzNjQyNmNiZDE1NTZmMGMzZjAzMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4p2ylDBaTB1M4Tf6iZMgIMsq20Ev
3HuMarboMdBA/YhWvDfRRG/1Y/CxFVclaQd1QFRLToeRGqbHHYIfVm1WfcxJZP3y
guzbevQZgJaFB9rywz+zDPSTa7xMr7IXAIwJ4eQpKHPcVG+vqMo5M5bAPZS1LftY
uNecV7LefRR5vUlKC+06WpPxzfGCKdRJH4k7CKepc+EsOL1THi68xgeV3E5RVQjU
2RqbohnltSsID+KudXO6j6F0VEYprUdjnb0c8jFQDj/2qMR+tgvJjGU7Ca+qWMtA
NFevN8/7oQb0yqJNR6PsIx02bQeZO6yURexjakuZ9FYMOUKGK4rIHZd3AwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFDJNut5roGYfCjZCbL0VVvDD8DMkMB8GA1UdIwQY
MBaAFDaccTxRmH4f+lSCJ39fHIy3IvRLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnB4eFBGR1lmaF82VklJbmYxOGNqTGNpOUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84MDJlOWUtZjk4Mi00NDlkLThiNzAt
NzZjMDVjZjVmMmU2LzEvTWsyNjNtdWdaaDhLTmtKc3ZSVlc4TVB3TXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84MDJlOWUtZjk4Mi00NDlkLThiNzAtNzZjMDVjZjVmMmU2
LzEvTnB4eFBGR1lmaF82VklJbmYxOGNqTGNpOUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAyBAIAATAsAwQFVVngAwQE
XDyQAwQEbeywMAwDBAC5Aw0DBAS5AwADBAXBosADBATZChAwGAQCAAIwEgMHACAB
FfgAAQMHACABFfgMADANBgkqhkiG9w0BAQsFAAOCAQEAb4dV5T328C7sFHCI/5e1
PnmVt650V4Kq9FBBy6m39VoG/HB8xl7wGL7zdIjFkQpkpodYIcQ+680VqPhp21rh
rc861Q0DpHqvZZ5g+oaFyZBK6Y8Idj5XOsk9fwmDNHni31Bwv6A4569sBm51sNvp
ns1aiKF65gX5T9vJKzQ8IwBw6j05Cwglv4uS0Cmv7EON1f+OKgU1+hQeJfcmUjBG
3iHjMVjDHt5EH5p/88Efk87Q5i7XIJOAi1BxmVTFIuddfDxoBXCrujBASQdapBga
nGbuJjhJEJ+yqEacoTDvKk3B5ElL9W1T1iWuK8Ze4x+pfxrCLano2rHe7Ap+oh4l
jA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:26 2024 by rpki-client on console-fra.rpki-client.org