Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/pn2ppEJMt3pbt8UA0aFzeU82PBI.roa
File:                     pn2ppEJMt3pbt8UA0aFzeU82PBI.roa (raw, json)
Hash identifier:          M/zpncAgHTcOgMlypR55WRYOT2GmBeyl0K45K/M8dFQ=
Subject key identifier:   A6:7D:A9:A4:42:4C:B7:7A:5B:B7:C5:00:D1:A1:73:79:4F:36:3C:12
Certificate issuer:       /CN=19622650048107918adf1b22cdf087c8a834f79c
Certificate serial:       018BBD8B7CC0E0EFF605DD606DF7B8BECCC1
Authority key identifier: 19:62:26:50:04:81:07:91:8A:DF:1B:22:CD:F0:87:C8:A8:34:F7:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GWImUASBB5GK3xsizfCHyKg095w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/pn2ppEJMt3pbt8UA0aFzeU82PBI.roa
Signing time:             Sat 11 Nov 2023 08:41:57 +0000
ROA not before:           Sat 11 Nov 2023 08:41:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206170
IP address blocks:        185.132.127.0/24 maxlen: 24
                          86.106.25.0/24 maxlen: 24
                          195.85.54.0/24 maxlen: 24
                          86.107.103.0/24 maxlen: 24
                          109.205.246.0/24 maxlen: 24
                          188.66.60.0/22 maxlen: 22
                          188.66.62.0/24 maxlen: 24
                          188.66.60.0/24 maxlen: 24
                          185.189.48.0/22 maxlen: 22
                          188.66.61.0/24 maxlen: 24
                          188.66.63.0/24 maxlen: 24
                          2a0b:dc80::/29 maxlen: 29
                          2a0d:5f47:ffff::/48 maxlen: 48
                          2001:67c:750::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 18 Dec 2023 17:13:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:bd:8b:7c:c0:e0:ef:f6:05:dd:60:6d:f7:b8:be:cc:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19622650048107918adf1b22cdf087c8a834f79c
        Validity
            Not Before: Nov 11 08:41:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a67da9a4424cb77a5bb7c500d1a173794f363c12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:de:90:76:8c:42:88:37:22:73:0f:3e:22:4e:
                    10:cb:2c:4b:57:03:d6:38:09:d5:bf:d5:b2:c8:ca:
                    7a:01:95:47:5e:da:7c:dd:61:1b:59:70:d5:e8:cf:
                    b6:6c:d5:a1:2f:5a:1b:37:3f:0b:8c:d3:23:3c:c0:
                    e3:51:e7:fc:94:41:ea:dd:a5:58:16:5d:be:0e:31:
                    58:6a:76:f9:35:67:61:9b:f1:f9:ce:cf:bf:9f:e8:
                    a1:1a:5a:c1:e5:55:53:a7:22:8c:22:fd:4c:fd:44:
                    0b:fc:76:4e:08:b2:e1:87:83:d7:fa:7d:e0:fc:55:
                    8a:d7:58:b8:95:82:ec:ee:d6:d2:a1:6c:05:28:4f:
                    a3:4e:82:f9:30:bd:b9:5a:27:f4:f8:87:65:e7:ee:
                    b2:6d:74:4a:ee:a8:ac:43:13:5a:8e:49:41:bd:45:
                    d5:6c:76:14:9a:b0:a9:3f:0d:66:30:69:74:0f:a1:
                    60:89:4b:fe:45:ca:51:61:a8:c3:e7:97:66:d5:71:
                    a8:f0:77:69:00:75:f4:05:71:bc:68:1f:b2:a2:18:
                    96:cd:9a:c2:84:0a:14:b6:83:56:fb:d4:a6:1d:54:
                    bb:df:38:27:ea:ba:95:63:99:e2:96:37:8a:77:ad:
                    8c:ff:11:13:bb:36:08:8f:78:1f:5b:7f:54:04:63:
                    62:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:7D:A9:A4:42:4C:B7:7A:5B:B7:C5:00:D1:A1:73:79:4F:36:3C:12
            X509v3 Authority Key Identifier:
                keyid:19:62:26:50:04:81:07:91:8A:DF:1B:22:CD:F0:87:C8:A8:34:F7:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWImUASBB5GK3xsizfCHyKg095w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/pn2ppEJMt3pbt8UA0aFzeU82PBI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/GWImUASBB5GK3xsizfCHyKg095w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.106.25.0/24
                  86.107.103.0/24
                  109.205.246.0/24
                  185.132.127.0/24
                  185.189.48.0/22
                  188.66.60.0/22
                  195.85.54.0/24
                IPv6:
                  2001:67c:750::/48
                  2a0b:dc80::/29
                  2a0d:5f47:ffff::/48

    Signature Algorithm: sha256WithRSAEncryption
         93:3f:0e:86:d4:8e:14:1b:56:fb:28:1b:8a:c3:87:8e:e0:cf:
         a8:30:89:e4:3c:c1:de:bc:44:5d:4f:69:ba:fe:7c:5d:ad:c3:
         4c:5d:60:da:ef:58:9d:b4:01:d1:ac:52:b6:e7:cd:92:96:15:
         0c:47:b0:bb:fa:9f:9c:ab:52:14:54:20:c0:00:3f:6a:85:19:
         2c:c0:a0:d7:2b:34:dd:3f:8e:81:2a:ab:85:65:0f:3f:11:43:
         97:1f:7f:28:f7:fe:68:28:69:a9:0b:30:83:be:ea:05:14:62:
         cd:80:3d:12:66:1d:d7:1b:fe:a9:9b:e0:73:d7:f1:1c:46:1d:
         81:50:78:e5:c9:b0:82:a8:f4:3c:b3:dd:e5:55:35:91:37:5d:
         c3:d0:5b:f5:78:c0:2d:12:7c:a8:bb:03:20:4a:00:01:4b:7b:
         cf:1e:8a:de:ff:a0:8b:d2:d0:6b:a2:a4:05:b4:54:9d:32:78:
         9f:e2:43:4e:b8:87:14:91:d5:b6:21:38:c1:43:b5:47:f0:0f:
         2d:a7:83:af:df:ca:1b:d8:5f:2f:b7:f0:f0:fc:7c:31:52:ee:
         c4:0d:d3:39:84:e4:65:78:30:f2:df:3b:3c:3d:23:88:16:3a:
         b3:e8:a2:d9:27:36:ae:20:ea:b2:92:05:62:81:46:13:2f:fe:
         4f:ea:4d:66
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYu9i3zA4O/2Bd1gbfe4vszBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjIyNjUwMDQ4MTA3OTE4YWRmMWIyMmNkZjA4N2M4YTgz
NGY3OWMwHhcNMjMxMTExMDg0MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjdkYTlhNDQyNGNiNzdhNWJiN2M1MDBkMWExNzM3OTRmMzYzYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt6QdoxCiDcicw8+Ik4QyyxLVwPW
OAnVv9WyyMp6AZVHXtp83WEbWXDV6M+2bNWhL1obNz8LjNMjPMDjUef8lEHq3aVY
Fl2+DjFYanb5NWdhm/H5zs+/n+ihGlrB5VVTpyKMIv1M/UQL/HZOCLLhh4PX+n3g
/FWK11i4lYLs7tbSoWwFKE+jToL5ML25Wif0+Idl5+6ybXRK7qisQxNajklBvUXV
bHYUmrCpPw1mMGl0D6FgiUv+RcpRYajD55dm1XGo8HdpAHX0BXG8aB+yohiWzZrC
hAoUtoNW+9SmHVS73zgn6rqVY5niljeKd62M/xETuzYIj3gfW39UBGNiawIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFKZ9qaRCTLd6W7fFANGhc3lPNjwSMB8GA1UdIwQY
MBaAFBliJlAEgQeRit8bIs3wh8ioNPecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dJbVVBU0JCNUdLM3hzaXpmQ0h5S2cwOTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jNTAyYzEtZjMxNC00MGIxLWEwMjQt
OGQxMGZlZTU4NGZlLzEvcG4ycHBFSk10M3BidDhVQTBhRnplVTgyUEJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jNTAyYzEtZjMxNC00MGIxLWEwMjQtOGQxMGZlZTU4NGZl
LzEvR1dJbVVBU0JCNUdLM3hzaXpmQ0h5S2cwOTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAwBAIAATAqAwQAVmoZAwQA
VmtnAwQAbc32AwQAuYR/AwQCub0wAwQCvEI8AwQAw1U2MB8EAgACMBkDBwAgAQZ8
B1ADBQMqC9yAAwcAKg1fR///MA0GCSqGSIb3DQEBCwUAA4IBAQCTPw6G1I4UG1b7
KBuKw4eO4M+oMInkPMHevERdT2m6/nxdrcNMXWDa71idtAHRrFK2582SlhUMR7C7
+p+cq1IUVCDAAD9qhRkswKDXKzTdP46BKquFZQ8/EUOXH38o9/5oKGmpCzCDvuoF
FGLNgD0SZh3XG/6pm+Bz1/EcRh2BUHjlybCCqPQ8s93lVTWRN13D0Fv1eMAtEnyo
uwMgSgABS3vPHore/6CL0tBroqQFtFSdMnif4kNOuIcUkdW2ITjBQ7VH8A8tp4Ov
38ob2F8vt/Dw/HwxUu7EDdM5hORleDDy3zs8PSOIFjqz6KLZJzauIOqykgVigUYT
L/5P6k1m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:31 2024 by rpki-client on console-fra.rpki-client.org