Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/4dwxkdyTJTbTvs0rL4pdEDSEYj4.roa
File:                     4dwxkdyTJTbTvs0rL4pdEDSEYj4.roa (raw, json)
Hash identifier:          k0XtqN/ruPPqRbhHgE3/8bygapCbH1gvvyF6Bpg1d4c=
Subject key identifier:   E1:DC:31:91:DC:93:25:36:D3:BE:CD:2B:2F:8A:5D:10:34:84:62:3E
Certificate issuer:       /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial:       01898C01AB0A2BDC6267630CF37079543EE8
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/4dwxkdyTJTbTvs0rL4pdEDSEYj4.roa
Signing time:             Tue 25 Jul 2023 07:44:26 +0000
ROA not before:           Tue 25 Jul 2023 07:44:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210906
IP address blocks:        209.35.99.0/24 maxlen: 24
                          193.36.76.0/24 maxlen: 24
                          194.29.67.0/24 maxlen: 24
                          194.29.70.0/24 maxlen: 24
                          194.29.80.0/24 maxlen: 24
                          193.200.96.0/23 maxlen: 23
                          89.32.204.0/24 maxlen: 24
                          89.47.34.0/24 maxlen: 24
                          86.104.215.0/24 maxlen: 24
                          89.33.83.0/24 maxlen: 24
                          194.26.149.0/24 maxlen: 24
                          86.104.227.0/24 maxlen: 24
                          162.218.158.0/24 maxlen: 24
                          162.218.157.0/24 maxlen: 24
                          212.102.116.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 25 Jul 2023 08:55:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:8c:01:ab:0a:2b:dc:62:67:63:0c:f3:70:79:54:3e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
        Validity
            Not Before: Jul 25 07:44:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e1dc3191dc932536d3becd2b2f8a5d103484623e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:60:d3:9c:1c:b1:aa:99:2e:43:e0:cd:d3:28:
                    6f:93:de:6b:85:b7:f8:f4:ee:89:ac:14:1f:af:0a:
                    0e:9d:4d:2c:34:61:9d:15:17:bb:ca:b1:ec:aa:b7:
                    a8:cc:31:22:f2:6f:74:d0:21:0d:34:94:ab:3b:32:
                    ef:0e:c3:e4:f8:bc:e7:69:de:7a:05:2d:1e:e8:22:
                    92:3f:5c:f5:e0:30:73:ce:d3:d9:d0:fb:7d:81:37:
                    2d:48:80:a0:e6:16:cb:55:7a:41:d1:66:1e:3f:87:
                    1d:fe:3a:be:3c:2e:cd:57:ee:92:64:35:4b:61:84:
                    23:a9:01:c5:60:3e:70:65:02:4e:20:66:00:50:a0:
                    04:f8:eb:94:76:33:27:13:3d:80:f0:fc:e1:e8:f0:
                    a7:0d:36:05:14:75:ed:83:60:ea:c2:f5:7d:2c:6c:
                    aa:1b:e1:96:85:ce:65:1a:af:5a:83:b5:87:d2:01:
                    7b:ce:97:ae:13:b4:b9:06:d1:dd:4c:00:84:05:42:
                    7d:0f:76:92:05:bc:63:1b:ff:be:f1:8c:8a:e6:32:
                    a3:35:22:80:dc:91:e3:a1:48:b1:33:a3:83:15:ca:
                    2b:09:c9:4b:b8:b7:0c:be:a8:20:d9:ab:c1:13:fd:
                    a5:3d:97:58:c1:a8:dd:57:d7:d3:b0:61:14:e9:20:
                    89:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:DC:31:91:DC:93:25:36:D3:BE:CD:2B:2F:8A:5D:10:34:84:62:3E
            X509v3 Authority Key Identifier:
                keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/4dwxkdyTJTbTvs0rL4pdEDSEYj4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.104.215.0/24
                  86.104.227.0/24
                  89.32.204.0/24
                  89.33.83.0/24
                  89.47.34.0/24
                  162.218.157.0-162.218.158.255
                  193.36.76.0/24
                  193.200.96.0/23
                  194.26.149.0/24
                  194.29.67.0/24
                  194.29.70.0/24
                  194.29.80.0/24
                  209.35.99.0/24
                  212.102.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:62:65:ce:eb:ae:58:31:0c:d2:be:26:c5:f5:9c:da:1a:9b:
         87:96:20:6b:de:a4:fd:d7:3d:88:df:ac:e4:a9:4c:c3:c1:71:
         6f:8c:51:02:56:f7:9e:4d:31:32:50:91:92:a4:22:f0:bf:15:
         cd:06:cd:1a:11:64:53:6b:bd:8f:c2:65:46:83:e9:9f:3e:0c:
         f4:1d:84:1d:51:f4:78:db:08:75:97:db:ac:d1:ae:ea:08:ce:
         de:e2:9e:ef:ab:a9:b6:25:af:76:64:b8:96:49:11:81:62:92:
         9a:4e:a3:ba:49:38:f2:f2:8e:2e:ff:ff:ab:29:05:37:e6:15:
         89:21:29:3e:b2:9c:7b:54:1a:e6:9f:e5:ab:a1:dc:21:40:92:
         37:b8:f4:65:29:92:00:68:4c:4a:77:17:82:2b:49:f6:28:aa:
         f6:40:be:52:11:69:23:51:5c:83:a6:7e:40:15:b8:b8:e1:2a:
         fe:e7:ec:ea:bf:22:18:2e:8e:95:43:46:a8:a9:e9:5b:ce:6a:
         51:bb:b9:58:4d:04:13:a8:a1:90:25:c3:3d:0b:03:05:5a:18:
         b9:a4:36:f1:56:cf:db:3c:22:75:97:06:d7:4b:55:df:0d:77:
         6b:ce:6b:02:25:84:5d:72:e1:83:dc:09:f8:fd:c2:81:18:8a:
         19:b7:2d:b5
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYmMAasKK9xiZ2MM83B5VD7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjMwNzI1MDc0NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWRjMzE5MWRjOTMyNTM2ZDNiZWNkMmIyZjhhNWQxMDM0ODQ2MjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWDTnByxqpkuQ+DN0yhvk95rhbf4
9O6JrBQfrwoOnU0sNGGdFRe7yrHsqreozDEi8m900CENNJSrOzLvDsPk+Lznad56
BS0e6CKSP1z14DBzztPZ0Pt9gTctSICg5hbLVXpB0WYeP4cd/jq+PC7NV+6SZDVL
YYQjqQHFYD5wZQJOIGYAUKAE+OuUdjMnEz2A8Pzh6PCnDTYFFHXtg2DqwvV9LGyq
G+GWhc5lGq9ag7WH0gF7zpeuE7S5BtHdTACEBUJ9D3aSBbxjG/++8YyK5jKjNSKA
3JHjoUixM6ODFcorCclLuLcMvqgg2avBE/2lPZdYwajdV9fTsGEU6SCJMwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFOHcMZHckyU2077NKy+KXRA0hGI+MB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvNGR3eGtkeVRKVGJUdnMwckw0cGRFRFNFWWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAVmjXAwQA
VmjjAwQAWSDMAwQAWSFTAwQAWS8iMAwDBACi2p0DBACi2p4DBADBJEwDBAHByGAD
BADCGpUDBADCHUMDBADCHUYDBADCHVADBADRI2MDBADUZnQwDQYJKoZIhvcNAQEL
BQADggEBAINiZc7rrlgxDNK+JsX1nNoam4eWIGvepP3XPYjfrOSpTMPBcW+MUQJW
955NMTJQkZKkIvC/Fc0GzRoRZFNrvY/CZUaD6Z8+DPQdhB1R9HjbCHWX26zRruoI
zt7inu+rqbYlr3ZkuJZJEYFikppOo7pJOPLyji7//6spBTfmFYkhKT6ynHtUGuaf
5auh3CFAkje49GUpkgBoTEp3F4IrSfYoqvZAvlIRaSNRXIOmfkAVuLjhKv7n7Oq/
IhgujpVDRqip6VvOalG7uVhNBBOooZAlwz0LAwVaGLmkNvFWz9s8InWXBtdLVd8N
d2vOawIlhF1y4YPcCfj9woEYihm3LbU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:35 2024 by rpki-client on console-ams.rpki-client.org