Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Oi1nzoQbXzHfUOc-8Nncks8sqJ0.roa
File:                     Oi1nzoQbXzHfUOc-8Nncks8sqJ0.roa (raw, json)
Hash identifier:          6EqDu0zETj2gIlm2tIh7jypyWYbAmWR/0dTBoeimRkk=
Subject key identifier:   3A:2D:67:CE:84:1B:5F:31:DF:50:E7:3E:F0:D9:DC:92:CF:2C:A8:9D
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       0189318CADEE2928F2415B6A06725168ABBB
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Oi1nzoQbXzHfUOc-8Nncks8sqJ0.roa
Signing time:             Fri 07 Jul 2023 18:10:50 +0000
ROA not before:           Fri 07 Jul 2023 18:10:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200845
IP address blocks:        185.28.51.0/24 maxlen: 24
                          185.231.186.0/24 maxlen: 24
                          185.231.187.0/24 maxlen: 24
                          31.15.4.0/24 maxlen: 24
                          31.15.7.0/24 maxlen: 24
                          31.15.6.0/24 maxlen: 24
                          31.15.5.0/24 maxlen: 24
                          89.190.152.0/24 maxlen: 24
                          185.225.244.0/22 maxlen: 22
                          89.190.152.0/22 maxlen: 22
                          185.225.246.0/24 maxlen: 24
                          185.225.245.0/24 maxlen: 24
                          185.225.244.0/24 maxlen: 24
                          89.190.154.0/24 maxlen: 24
                          89.190.153.0/24 maxlen: 24
                          89.190.155.0/24 maxlen: 24
                          185.225.247.0/24 maxlen: 24
                          185.246.15.0/24 maxlen: 24
                          185.246.14.0/24 maxlen: 24
                          185.246.13.0/24 maxlen: 24
                          185.246.12.0/24 maxlen: 24
                          185.244.231.0/24 maxlen: 24
                          185.244.230.0/24 maxlen: 24
                          185.244.229.0/24 maxlen: 24
                          185.244.228.0/24 maxlen: 24
                          80.66.122.0/24 maxlen: 24
                          194.32.112.0/24 maxlen: 24
                          194.32.112.0/22 maxlen: 22
                          194.32.115.0/24 maxlen: 24
                          194.32.114.0/24 maxlen: 24
                          194.32.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Sep 2023 08:59:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:31:8c:ad:ee:29:28:f2:41:5b:6a:06:72:51:68:ab:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jul  7 18:10:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a2d67ce841b5f31df50e73ef0d9dc92cf2ca89d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:14:06:39:45:22:f8:d1:03:86:3a:fb:06:95:
                    4a:6a:ff:43:d7:ac:8f:0f:08:84:35:5d:24:f7:08:
                    de:f4:2d:77:2f:14:17:ea:d5:49:2c:d3:48:a5:dd:
                    c6:00:36:93:3d:89:c5:26:76:46:6f:2c:0a:fd:8f:
                    09:81:b9:bd:08:9c:01:52:19:df:4d:67:f9:07:29:
                    82:82:09:03:06:6c:0b:44:b4:ee:a0:87:d8:e4:89:
                    1f:75:5a:7a:df:76:84:b7:09:aa:11:2b:e6:43:35:
                    3f:40:bd:54:56:3f:50:2e:77:d9:57:a5:ce:da:47:
                    24:82:91:b7:df:19:1d:a9:95:fe:00:18:84:e9:79:
                    c6:91:74:86:2a:e2:1f:fe:75:65:83:91:90:1c:ae:
                    73:61:b4:04:aa:c9:14:a6:84:5b:2f:40:80:18:69:
                    33:6b:d3:92:dd:5b:60:3d:48:ca:9c:4b:71:d5:af:
                    98:d1:8a:02:29:03:c3:fa:f4:3f:62:8c:ee:72:21:
                    d4:c0:6e:d9:44:79:11:7c:d4:0f:07:82:3d:9d:b2:
                    e8:87:88:04:8f:c1:64:28:e4:50:f7:5b:78:f7:4d:
                    0d:3a:b9:ad:43:0f:ed:3a:4a:c3:8d:13:15:2b:58:
                    09:cc:3b:7c:a3:f8:ee:f3:5c:0c:da:d1:bb:71:1c:
                    16:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:2D:67:CE:84:1B:5F:31:DF:50:E7:3E:F0:D9:DC:92:CF:2C:A8:9D
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Oi1nzoQbXzHfUOc-8Nncks8sqJ0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.15.4.0/22
                  80.66.122.0/24
                  89.190.152.0/22
                  185.28.51.0/24
                  185.225.244.0/22
                  185.231.186.0/23
                  185.244.228.0/22
                  185.246.12.0/22
                  194.32.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         14:76:75:bc:be:6f:b5:3e:80:62:af:d9:4e:94:c1:21:f8:6c:
         c1:4c:0a:cf:64:0b:60:2f:a5:8f:ef:56:f7:8d:30:7a:9c:b0:
         7a:7f:03:04:66:19:ad:d1:0c:5b:6b:3b:56:72:e7:1f:57:bb:
         d9:ca:75:d7:c0:39:bf:5e:a4:40:95:3d:fb:9b:3c:2d:91:41:
         11:32:92:fb:9e:c8:b1:90:b9:3b:02:29:c2:15:24:d8:f5:24:
         87:82:17:c8:b6:6a:2d:04:d4:b4:ca:1e:2e:52:67:fd:04:b1:
         6e:b4:83:73:72:b1:2f:cb:61:9c:be:7e:c1:8c:12:f8:d0:48:
         43:0f:f1:9f:3b:4e:29:ea:d1:8f:12:68:bb:af:76:aa:7d:67:
         04:64:04:01:b8:ff:55:af:f7:0d:4e:92:e7:44:d6:5b:74:b1:
         9e:4b:58:a2:e9:10:2b:5a:4b:05:bb:13:ff:b5:d8:c4:ce:2c:
         d1:11:ef:49:56:53:24:b8:44:19:e4:2e:61:cb:e5:68:a1:ba:
         cd:02:02:09:70:27:20:b1:7b:b7:c2:f9:07:ac:e8:79:b0:44:
         bc:62:29:0b:12:32:20:3a:96:e7:da:39:a4:c2:bd:97:ba:50:
         08:e5:dd:e0:84:3f:fc:74:94:ad:7c:5c:22:2d:b7:d3:56:61:
         04:98:62:47
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYkxjK3uKSjyQVtqBnJRaKu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwNzA3MTgxMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTJkNjdjZTg0MWI1ZjMxZGY1MGU3M2VmMGQ5ZGM5MmNmMmNhODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRQGOUUi+NEDhjr7BpVKav9D16yP
DwiENV0k9wje9C13LxQX6tVJLNNIpd3GADaTPYnFJnZGbywK/Y8Jgbm9CJwBUhnf
TWf5BymCggkDBmwLRLTuoIfY5IkfdVp633aEtwmqESvmQzU/QL1UVj9QLnfZV6XO
2kckgpG33xkdqZX+ABiE6XnGkXSGKuIf/nVlg5GQHK5zYbQEqskUpoRbL0CAGGkz
a9OS3VtgPUjKnEtx1a+Y0YoCKQPD+vQ/YozuciHUwG7ZRHkRfNQPB4I9nbLoh4gE
j8FkKORQ91t4900NOrmtQw/tOkrDjRMVK1gJzDt8o/ju81wM2tG7cRwWUwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDotZ86EG18x31DnPvDZ3JLPLKidMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvT2kxbnpvUWJYekhmVU9jLThObmNrczhzcUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCHw8EAwQA
UEJ6AwQCWb6YAwQAuRwzAwQCueH0AwQBuee6AwQCufTkAwQCufYMAwQCwiBwMA0G
CSqGSIb3DQEBCwUAA4IBAQAUdnW8vm+1PoBir9lOlMEh+GzBTArPZAtgL6WP71b3
jTB6nLB6fwMEZhmt0QxbaztWcucfV7vZynXXwDm/XqRAlT37mzwtkUERMpL7nsix
kLk7AinCFSTY9SSHghfItmotBNS0yh4uUmf9BLFutINzcrEvy2Gcvn7BjBL40EhD
D/GfO04p6tGPEmi7r3aqfWcEZAQBuP9Vr/cNTpLnRNZbdLGeS1ii6RArWksFuxP/
tdjEzizREe9JVlMkuEQZ5C5hy+VoobrNAgIJcCcgsXu3wvkHrOh5sES8YikLEjIg
Opbn2jmkwr2XulAI5d3ghD/8dJStfFwiLbfTVmEEmGJH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org