Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/rrok3vzbZ-4Z9hrcm0HSsFpwmmM.roa
File:                     rrok3vzbZ-4Z9hrcm0HSsFpwmmM.roa (raw, json)
Hash identifier:          WR7D1Ju5sQ8jjnHDANNrfyDe1fl08EyHI5o6CoHHG6Y=
Subject key identifier:   AE:BA:24:DE:FC:DB:67:EE:19:F6:1A:DC:9B:41:D2:B0:5A:70:9A:63
Certificate issuer:       /CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Certificate serial:       018AD772EA256A1E76D63736A7BCF53E7280
Authority key identifier: 1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/rrok3vzbZ-4Z9hrcm0HSsFpwmmM.roa
Signing time:             Wed 27 Sep 2023 16:22:27 +0000
ROA not before:           Wed 27 Sep 2023 16:22:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5378
IP address blocks:        195.8.160.0/19 maxlen: 19
                          77.233.128.0/19 maxlen: 19
                          83.107.64.0/18 maxlen: 18
                          193.237.0.0/16 maxlen: 16
                          80.176.0.0/15 maxlen: 15
                          212.248.128.0/17 maxlen: 17
                          195.58.64.0/19 maxlen: 19
                          212.225.0.0/17 maxlen: 17
                          62.49.0.0/16 maxlen: 16
                          212.228.0.0/15 maxlen: 15
                          83.107.192.0/18 maxlen: 18
                          62.56.0.0/17 maxlen: 17
                          83.104.0.0/14 maxlen: 14
                          83.107.128.0/18 maxlen: 18

Validation:               Failed, certificate revoked on Tue 03 Oct 2023 15:46:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d7:72:ea:25:6a:1e:76:d6:37:36:a7:bc:f5:3e:72:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ada225cb7f29416e7534695fbfb21762fee93c8
        Validity
            Not Before: Sep 27 16:22:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aeba24defcdb67ee19f61adc9b41d2b05a709a63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:8e:76:6a:56:2e:eb:7e:d7:09:f0:01:a4:c9:
                    b8:2a:04:c1:7f:4d:2e:63:e6:a2:4b:4a:91:a5:4c:
                    43:c2:f8:6f:89:94:86:f7:86:f2:5e:81:cb:fa:9a:
                    b6:7a:e4:9f:e7:5c:15:4e:7e:20:e8:f6:38:f2:ba:
                    f9:96:cc:aa:72:6a:74:9a:cb:b1:eb:9b:2f:b8:16:
                    24:7d:6c:d5:d5:fc:43:5f:73:27:3e:5d:9f:cf:25:
                    b4:46:c6:7b:6f:e6:cd:71:65:a0:3d:dd:cc:b1:1d:
                    12:0c:85:3d:8c:ac:0c:e5:f2:13:ba:8e:7b:df:a8:
                    6f:d7:ae:32:b5:8a:ab:c8:ad:03:63:33:36:cd:78:
                    d7:d2:df:19:f8:bd:ee:95:3f:f3:f6:fd:38:41:c9:
                    ac:2b:82:55:2e:9b:fe:c2:0c:a8:eb:4e:dd:f6:cf:
                    28:41:ad:48:a4:6d:2a:27:97:d7:51:67:00:58:d5:
                    0b:df:91:6c:94:9e:5c:93:31:58:fb:a2:aa:39:50:
                    1f:73:51:aa:9a:2a:39:b7:d0:64:c5:2d:ca:85:bb:
                    cf:77:c3:12:cb:65:77:a5:64:f3:3f:57:0b:b4:8e:
                    4f:c9:99:5a:57:90:80:9b:03:32:0e:09:6c:70:be:
                    47:46:a2:82:11:ff:18:b4:92:fc:12:b8:77:b1:d8:
                    83:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:BA:24:DE:FC:DB:67:EE:19:F6:1A:DC:9B:41:D2:B0:5A:70:9A:63
            X509v3 Authority Key Identifier:
                keyid:1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/rrok3vzbZ-4Z9hrcm0HSsFpwmmM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.49.0.0/16
                  62.56.0.0/17
                  77.233.128.0/19
                  80.176.0.0/15
                  83.104.0.0/14
                  193.237.0.0/16
                  195.8.160.0/19
                  195.58.64.0/19
                  212.225.0.0/17
                  212.228.0.0/15
                  212.248.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         b1:f1:a1:10:e0:e5:33:4a:90:19:2d:f0:91:1b:f3:48:c5:0b:
         96:c0:76:61:9d:fb:ea:d7:bd:d3:a2:99:23:57:8c:d6:26:bc:
         0a:c4:bf:46:c7:ee:c7:e6:56:f9:b8:63:b9:43:ff:98:8d:dc:
         06:54:6b:d6:ab:e7:2e:9a:ca:d5:dc:f5:25:45:64:09:b1:19:
         47:1e:15:0c:ca:35:69:ad:ea:aa:c1:a5:4e:45:c2:2e:d9:db:
         5a:a1:a1:ca:f8:b6:b8:c9:d8:a3:1c:eb:20:b6:3d:09:2d:ce:
         1c:9b:f8:11:38:5b:9f:89:94:c5:17:37:14:7f:a1:19:73:f1:
         20:fd:b0:dc:9f:9d:a0:46:04:a9:7b:c5:46:88:d5:20:0d:c5:
         6c:86:2f:33:d6:77:aa:0a:d4:a3:bc:62:e1:a6:f4:51:0b:84:
         22:2c:dc:5d:39:c8:3e:4f:e4:e3:4e:7d:ab:f2:87:8c:44:d2:
         f9:50:60:28:85:30:27:b0:a5:55:0d:bc:85:7f:40:e1:9f:cc:
         5c:42:22:71:49:47:34:4d:41:f1:76:c7:89:66:d8:0b:6c:b8:
         c1:9e:f9:53:08:99:ec:69:ee:92:03:30:06:48:4d:e7:70:e9:
         e1:e5:c0:fd:ed:57:25:0f:14:81:36:71:79:1b:6b:71:ec:f7:
         42:4b:c7:99
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYrXcuolah521jc2p7z1PnKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZGEyMjVjYjdmMjk0MTZlNzUzNDY5NWZiZmIyMTc2MmZl
ZTkzYzgwHhcNMjMwOTI3MTYyMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWJhMjRkZWZjZGI2N2VlMTlmNjFhZGM5YjQxZDJiMDVhNzA5YTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY52alYu637XCfABpMm4KgTBf00u
Y+aiS0qRpUxDwvhviZSG94byXoHL+pq2euSf51wVTn4g6PY48rr5lsyqcmp0msux
65svuBYkfWzV1fxDX3MnPl2fzyW0RsZ7b+bNcWWgPd3MsR0SDIU9jKwM5fITuo57
36hv164ytYqryK0DYzM2zXjX0t8Z+L3ulT/z9v04QcmsK4JVLpv+wgyo607d9s8o
Qa1IpG0qJ5fXUWcAWNUL35FslJ5ckzFY+6KqOVAfc1Gqmio5t9BkxS3KhbvPd8MS
y2V3pWTzP1cLtI5PyZlaV5CAmwMyDglscL5HRqKCEf8YtJL8Erh3sdiDbwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFK66JN7822fuGfYa3JtB0rBacJpjMB8GA1UdIwQY
MBaAFBraIly38pQW51NGlfv7IXYv7pPIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUt
NzUyNWQ0ZDQwOGI1LzEvcnJvazN2emJaLTRaOWhyY20wSFNzRnB3bW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUtNzUyNWQ0ZDQwOGI1
LzEvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTBDBAIAATA9AwMAPjEDBAc+
OAADBAVN6YADAwFQsAMDAlNoAwMAwe0DBAXDCKADBAXDOkADBAfU4QADAwHU5AME
B9T4gDANBgkqhkiG9w0BAQsFAAOCAQEAsfGhEODlM0qQGS3wkRvzSMULlsB2YZ37
6te906KZI1eM1ia8CsS/Rsfux+ZW+bhjuUP/mI3cBlRr1qvnLprK1dz1JUVkCbEZ
Rx4VDMo1aa3qqsGlTkXCLtnbWqGhyvi2uMnYoxzrILY9CS3OHJv4EThbn4mUxRc3
FH+hGXPxIP2w3J+doEYEqXvFRojVIA3FbIYvM9Z3qgrUo7xi4ab0UQuEIizcXTnI
Pk/k4059q/KHjETS+VBgKIUwJ7ClVQ28hX9A4Z/MXEIicUlHNE1B8XbHiWbYC2y4
wZ75UwiZ7GnukgMwBkhN53Dp4eXA/e1XJQ8UgTZxeRtrcez3QkvHmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:10 2024 by rpki-client on console-fra.rpki-client.org