Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/NwPyLzuJBEc9pG0_YF7kwgMOp4o.roa
File:                     NwPyLzuJBEc9pG0_YF7kwgMOp4o.roa (raw, json)
Hash identifier:          3VCgPJWlF31Q4jqZG6p+9CBH1JistCnj3/H53aawOvs=
Subject key identifier:   37:03:F2:2F:3B:89:04:47:3D:A4:6D:3F:60:5E:E4:C2:03:0E:A7:8A
Certificate issuer:       /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial:       018606BA7492F74AE94A8CBD2B221CFFF864
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/NwPyLzuJBEc9pG0_YF7kwgMOp4o.roa
Signing time:             Tue 31 Jan 2023 07:28:48 +0000
ROA not before:           Tue 31 Jan 2023 07:28:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        185.231.205.0/24 maxlen: 24
                          185.231.204.0/24 maxlen: 24
                          185.231.206.0/24 maxlen: 24
                          185.231.207.0/24 maxlen: 24
                          141.98.169.0/24 maxlen: 24
                          45.84.0.0/24 maxlen: 24
                          45.84.1.0/24 maxlen: 24
                          45.89.52.0/24 maxlen: 24
                          45.159.250.0/24 maxlen: 24
                          45.159.249.0/24 maxlen: 24
                          45.159.248.0/24 maxlen: 24
                          45.159.251.0/24 maxlen: 24
                          45.67.35.0/24 maxlen: 24
                          5.182.36.0/24 maxlen: 24
                          5.182.39.0/24 maxlen: 24
                          193.57.138.0/24 maxlen: 24
                          193.57.137.0/24 maxlen: 24
                          193.57.136.0/24 maxlen: 24
                          93.185.166.0/24 maxlen: 24
                          45.87.154.0/24 maxlen: 24
                          45.8.145.0/24 maxlen: 24
                          45.8.144.0/24 maxlen: 24
                          193.46.57.0/24 maxlen: 24
                          193.46.56.0/24 maxlen: 24
                          194.4.48.0/24 maxlen: 24
                          194.4.51.0/24 maxlen: 24
                          194.4.50.0/24 maxlen: 24
                          194.4.49.0/24 maxlen: 24
                          194.116.191.0/24 maxlen: 24
                          194.116.190.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Feb 2023 14:58:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:06:ba:74:92:f7:4a:e9:4a:8c:bd:2b:22:1c:ff:f8:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
        Validity
            Not Before: Jan 31 07:28:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3703f22f3b8904473da46d3f605ee4c2030ea78a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ea:f7:0c:79:a4:2c:b7:54:3e:69:5f:15:52:
                    f2:d4:82:61:da:71:1a:f2:84:04:f3:27:d8:08:9a:
                    9a:db:5a:06:a8:ae:87:24:09:8d:0a:03:bb:ae:95:
                    a8:c8:e4:65:08:04:ec:a7:cf:3b:58:df:5e:ab:38:
                    65:a3:bc:e1:4c:da:b0:cd:b9:6b:3f:8e:0d:dc:70:
                    b6:27:b4:7b:be:e2:5d:44:52:e5:3f:5c:a7:79:c2:
                    43:da:37:c3:42:1c:de:e8:2f:42:79:a2:51:f5:5a:
                    2e:87:78:26:39:3f:6a:a0:dc:e7:da:b7:77:99:8c:
                    64:41:57:54:15:8c:8b:a3:40:f0:78:dc:aa:45:9b:
                    5a:3e:d3:c8:9a:a9:ed:bf:9a:5b:4f:e0:59:7a:da:
                    4d:77:d8:23:d9:f3:40:de:55:32:d4:0f:ca:2a:89:
                    42:0f:0b:3c:ab:8c:a7:d2:d3:c0:9a:cb:7b:70:34:
                    95:36:4a:72:34:1e:b2:a0:e4:e2:79:de:25:0b:84:
                    01:98:ea:95:20:e8:04:04:b9:03:45:08:52:04:21:
                    ca:4b:15:2a:1d:05:ab:b3:87:5b:bd:ab:a5:b3:f3:
                    47:14:09:73:ab:34:f3:c4:ed:3e:af:67:b4:94:21:
                    74:08:33:e9:ad:27:dc:44:f9:4a:d0:13:dc:f8:36:
                    b2:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:03:F2:2F:3B:89:04:47:3D:A4:6D:3F:60:5E:E4:C2:03:0E:A7:8A
            X509v3 Authority Key Identifier:
                keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/NwPyLzuJBEc9pG0_YF7kwgMOp4o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.182.36.0/24
                  5.182.39.0/24
                  45.8.144.0/23
                  45.67.35.0/24
                  45.84.0.0/23
                  45.87.154.0/24
                  45.89.52.0/24
                  45.159.248.0/22
                  93.185.166.0/24
                  141.98.169.0/24
                  185.231.204.0/22
                  193.46.56.0/23
                  193.57.136.0-193.57.138.255
                  194.4.48.0/22
                  194.116.190.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ea:b9:30:0d:8e:d5:38:11:ab:9c:1d:87:67:84:9d:c5:1e:9c:
         b4:4c:e8:62:21:3b:44:1a:66:67:f6:8e:5c:76:a9:bf:10:ea:
         90:29:da:8d:c4:9a:bb:2c:ed:68:b2:4f:bd:92:3c:6c:47:fd:
         c6:91:6e:7b:c0:93:85:bc:5f:02:35:cd:1a:e7:df:06:7d:6f:
         00:d8:ff:44:f8:25:f9:cc:ab:fa:f9:d6:7f:44:2a:42:e5:f1:
         8f:29:f8:04:f0:45:65:a7:e2:5c:9e:11:85:76:f4:15:d4:e9:
         da:19:96:a7:41:57:25:fa:03:39:22:d7:f8:59:2a:78:0a:35:
         1d:8e:ba:36:a9:2c:6e:fb:51:91:5d:78:ad:c7:38:dd:31:86:
         0e:90:8c:cb:3f:2e:a4:3c:c5:cf:3c:29:2f:59:d8:b4:64:0c:
         df:bc:ae:e9:c3:1b:41:33:b8:87:83:a3:8d:d6:90:4e:70:b2:
         b1:31:f3:42:22:00:d5:5f:0e:5e:1c:64:97:6c:41:b3:9b:f3:
         7d:fb:17:45:55:c9:3c:8a:64:2b:49:1c:0d:51:cc:f5:6e:ad:
         28:8a:c5:28:ad:30:e9:e0:38:d0:f8:d2:58:21:86:88:ba:30:
         08:37:04:cb:61:73:62:ea:39:e8:ca:82:1a:3c:ee:b9:cb:fd:
         c0:c9:68:e5
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYYGunSS90rpSoy9KyIc//hkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMTMxMDcyODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzAzZjIyZjNiODkwNDQ3M2RhNDZkM2Y2MDVlZTRjMjAzMGVhNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOr3DHmkLLdUPmlfFVLy1IJh2nEa
8oQE8yfYCJqa21oGqK6HJAmNCgO7rpWoyORlCATsp887WN9eqzhlo7zhTNqwzblr
P44N3HC2J7R7vuJdRFLlP1ynecJD2jfDQhze6C9CeaJR9Vouh3gmOT9qoNzn2rd3
mYxkQVdUFYyLo0DweNyqRZtaPtPImqntv5pbT+BZetpNd9gj2fNA3lUy1A/KKolC
Dws8q4yn0tPAmst7cDSVNkpyNB6yoOTied4lC4QBmOqVIOgEBLkDRQhSBCHKSxUq
HQWrs4dbvauls/NHFAlzqzTzxO0+r2e0lCF0CDPprSfcRPlK0BPc+DayGwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFDcD8i87iQRHPaRtP2Be5MIDDqeKMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvTndQeUx6dUpCRWM5cEcwX1lGN2t3Z01PcDRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQABbYkAwQA
BbYnAwQBLQiQAwQALUMjAwQBLVQAAwQALVeaAwQALVk0AwQCLZ/4AwQAXbmmAwQA
jWKpAwQCuefMAwQBwS44MAwDBAPBOYgDBADBOYoDBALCBDADBAHCdL4wDQYJKoZI
hvcNAQELBQADggEBAOq5MA2O1TgRq5wdh2eEncUenLRM6GIhO0QaZmf2jlx2qb8Q
6pAp2o3Emrss7WiyT72SPGxH/caRbnvAk4W8XwI1zRrn3wZ9bwDY/0T4JfnMq/r5
1n9EKkLl8Y8p+ATwRWWn4lyeEYV29BXU6doZlqdBVyX6Azki1/hZKngKNR2Oujap
LG77UZFdeK3HON0xhg6QjMs/LqQ8xc88KS9Z2LRkDN+8runDG0EzuIeDo43WkE5w
srEx80IiANVfDl4cZJdsQbOb8337F0VVyTyKZCtJHA1RzPVurSiKxSitMOngOND4
0lghhoi6MAg3BMthc2LqOejKgho87rnL/cDJaOU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:18 2024 by rpki-client on console-ams.rpki-client.org