Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/lWWHcQUQ1eFWjYaedJKEkU6MpOg.roa
File:                     lWWHcQUQ1eFWjYaedJKEkU6MpOg.roa (raw, json)
Hash identifier:          mqDc0qB3F0I2G3+/7PEgni8rLd/G31ZTwp5AkZPV/ZE=
Subject key identifier:   95:65:87:71:05:10:D5:E1:56:8D:86:9E:74:92:84:91:4E:8C:A4:E8
Certificate issuer:       /CN=369c713c51987e1ffa5482277f5f1c8cb722f44b
Certificate serial:       01880A0F8553E7D268FAED2D3F38E9895B6F
Authority key identifier: 36:9C:71:3C:51:98:7E:1F:FA:54:82:27:7F:5F:1C:8C:B7:22:F4:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NpxxPFGYfh_6VIInf18cjLci9Es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/lWWHcQUQ1eFWjYaedJKEkU6MpOg.roa
Signing time:             Thu 11 May 2023 09:06:09 +0000
ROA not before:           Thu 11 May 2023 09:06:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25384
IP address blocks:        193.162.192.0/19 maxlen: 19
                          193.162.218.0/23 maxlen: 23
                          193.162.217.0/24 maxlen: 24
                          193.162.219.0/24 maxlen: 24
                          109.236.176.0/20 maxlen: 20
                          85.89.239.0/24 maxlen: 24
                          85.89.250.0/24 maxlen: 24
                          92.60.144.0/20 maxlen: 20
                          217.10.16.0/20 maxlen: 20
                          185.3.15.0/24 maxlen: 24
                          185.3.14.0/24 maxlen: 24
                          185.3.13.0/24 maxlen: 24
                          85.89.224.0/19 maxlen: 19
                          2001:15f8:1::/48 maxlen: 48
                          2001:15f8:c00::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:0a:0f:85:53:e7:d2:68:fa:ed:2d:3f:38:e9:89:5b:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=369c713c51987e1ffa5482277f5f1c8cb722f44b
        Validity
            Not Before: May 11 09:06:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=956587710510d5e1568d869e749284914e8ca4e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0f:e2:9c:ad:db:ae:4a:88:ae:c7:44:9d:4a:
                    f8:8a:38:b4:f1:88:09:3b:d5:8a:04:09:e4:c3:dc:
                    fd:b5:75:89:23:c4:be:56:47:e9:62:a5:49:37:57:
                    35:84:bc:56:56:28:5f:e0:04:88:10:7d:f8:df:21:
                    f0:1d:23:01:82:7e:f3:86:e9:de:dc:3e:55:37:91:
                    1c:78:6c:af:71:5e:a6:f4:39:a0:b4:0c:d9:ce:8f:
                    28:7f:3f:2b:23:92:b3:9b:9c:cb:9b:9f:7a:7b:dc:
                    73:1f:15:e8:ac:92:1c:a9:9c:f3:aa:a6:44:f0:12:
                    a9:48:08:28:84:ef:b5:58:80:06:06:e8:f1:e9:43:
                    6c:95:ec:eb:ab:b4:5e:23:da:ff:21:1e:02:fc:57:
                    a1:26:4a:88:48:44:0e:77:0c:54:2d:59:0e:58:6c:
                    c1:65:93:79:2a:92:c9:93:70:39:bb:51:59:6f:1d:
                    c3:47:e3:08:b7:88:7d:f7:be:2d:a8:47:66:5c:40:
                    de:90:d7:13:98:42:a9:d3:14:69:7e:0b:11:44:9f:
                    8c:8e:b0:57:92:e7:ad:73:4b:c8:d7:b8:23:b5:25:
                    f8:bc:5c:19:98:13:a4:d5:55:59:35:d6:f8:91:99:
                    0f:58:f4:0b:49:2c:c8:a1:06:69:20:ed:e5:11:08:
                    98:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:65:87:71:05:10:D5:E1:56:8D:86:9E:74:92:84:91:4E:8C:A4:E8
            X509v3 Authority Key Identifier:
                keyid:36:9C:71:3C:51:98:7E:1F:FA:54:82:27:7F:5F:1C:8C:B7:22:F4:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpxxPFGYfh_6VIInf18cjLci9Es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/lWWHcQUQ1eFWjYaedJKEkU6MpOg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/802e9e-f982-449d-8b70-76c05cf5f2e6/1/NpxxPFGYfh_6VIInf18cjLci9Es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.89.224.0/19
                  92.60.144.0/20
                  109.236.176.0/20
                  185.3.13.0-185.3.15.255
                  193.162.192.0/19
                  217.10.16.0/20
                IPv6:
                  2001:15f8:1::/48
                  2001:15f8:c00::/48

    Signature Algorithm: sha256WithRSAEncryption
         32:3c:f9:7a:cd:20:76:fa:e2:04:a2:83:0a:b5:4f:28:42:69:
         0d:48:26:d2:7c:74:fb:9e:4c:9f:c0:ed:f6:78:42:89:30:38:
         0c:f0:45:1c:6f:c2:ff:d2:02:b1:50:fc:66:da:3c:92:42:35:
         97:9a:08:db:ea:60:dd:a0:0a:68:2f:f2:87:cc:0a:08:7d:e5:
         1f:cc:78:72:ee:00:0e:17:9e:e0:04:ae:6e:66:69:79:60:ca:
         c9:8c:57:0c:9f:4f:7b:94:fa:81:cd:c3:0d:21:6f:38:cd:8a:
         af:fe:0f:55:30:5a:ad:d9:64:62:22:dd:8f:c8:6d:78:35:e4:
         ff:35:1f:63:f3:06:14:fa:1d:44:cd:8b:cc:52:55:67:02:88:
         f3:1b:ee:02:13:ae:71:4d:0e:d3:5e:42:d4:cd:0c:28:16:8d:
         33:4c:79:10:a9:77:25:35:01:06:47:df:8e:08:1c:f6:61:1d:
         17:c7:e6:c7:a5:d4:fd:1b:ba:f9:ca:b0:75:ad:eb:98:19:71:
         d1:70:0f:12:56:82:fb:0a:2e:eb:6e:90:dd:4b:d2:25:37:07:
         f1:92:d1:56:67:7b:b9:7d:1d:8d:d0:3e:84:2c:cf:f1:bd:2c:
         8d:2a:4a:7b:87:71:e6:ae:3b:54:25:8b:15:b9:06:3e:4a:ea:
         28:33:d3:f0
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYgKD4VT59Jo+u0tPzjpiVtvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OWM3MTNjNTE5ODdlMWZmYTU0ODIyNzdmNWYxYzhjYjcy
MmY0NGIwHhcNMjMwNTExMDkwNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTY1ODc3MTA1MTBkNWUxNTY4ZDg2OWU3NDkyODQ5MTRlOGNhNGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ/inK3brkqIrsdEnUr4iji08YgJ
O9WKBAnkw9z9tXWJI8S+VkfpYqVJN1c1hLxWVihf4ASIEH343yHwHSMBgn7zhune
3D5VN5EceGyvcV6m9DmgtAzZzo8ofz8rI5Kzm5zLm596e9xzHxXorJIcqZzzqqZE
8BKpSAgohO+1WIAGBujx6UNslezrq7ReI9r/IR4C/FehJkqISEQOdwxULVkOWGzB
ZZN5KpLJk3A5u1FZbx3DR+MIt4h9974tqEdmXEDekNcTmEKp0xRpfgsRRJ+MjrBX
kuetc0vI17gjtSX4vFwZmBOk1VVZNdb4kZkPWPQLSSzIoQZpIO3lEQiYJwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFJVlh3EFENXhVo2GnnSShJFOjKToMB8GA1UdIwQY
MBaAFDaccTxRmH4f+lSCJ39fHIy3IvRLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnB4eFBGR1lmaF82VklJbmYxOGNqTGNpOUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84MDJlOWUtZjk4Mi00NDlkLThiNzAt
NzZjMDVjZjVmMmU2LzEvbFdXSGNRVVExZUZXallhZWRKS0VrVTZNcE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84MDJlOWUtZjk4Mi00NDlkLThiNzAtNzZjMDVjZjVmMmU2
LzEvTnB4eFBGR1lmaF82VklJbmYxOGNqTGNpOUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAyBAIAATAsAwQFVVngAwQE
XDyQAwQEbeywMAwDBAC5Aw0DBAS5AwADBAXBosADBATZChAwGAQCAAIwEgMHACAB
FfgAAQMHACABFfgMADANBgkqhkiG9w0BAQsFAAOCAQEAMjz5es0gdvriBKKDCrVP
KEJpDUgm0nx0+55Mn8Dt9nhCiTA4DPBFHG/C/9ICsVD8Zto8kkI1l5oI2+pg3aAK
aC/yh8wKCH3lH8x4cu4ADhee4ASubmZpeWDKyYxXDJ9Pe5T6gc3DDSFvOM2Kr/4P
VTBardlkYiLdj8hteDXk/zUfY/MGFPodRM2LzFJVZwKI8xvuAhOucU0O015C1M0M
KBaNM0x5EKl3JTUBBkffjggc9mEdF8fmx6XU/Ru6+cqwda3rmBlx0XAPElaC+wou
626Q3UvSJTcH8ZLRVmd7uX0djdA+hCzP8b0sjSpKe4dx5q47VCWLFbkGPkrqKDPT
8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:54 2024 by rpki-client on console-ams.rpki-client.org