Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/AzfW0j15lZQMN6jvW9Pc0Bwjub4.roa
File:                     AzfW0j15lZQMN6jvW9Pc0Bwjub4.roa (raw, json)
Hash identifier:          lPAl9pPZ65JwFWhA+GfXsKtDEYu1z4vChe0S3SUqhdA=
Subject key identifier:   03:37:D6:D2:3D:79:95:94:0C:37:A8:EF:5B:D3:DC:D0:1C:23:B9:BE
Certificate issuer:       /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial:       01856F5DC263C5BBBE1DF27D40CD1C136DE4
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/AzfW0j15lZQMN6jvW9Pc0Bwjub4.roa
Signing time:             Sun 01 Jan 2023 22:04:53 +0000
ROA not before:           Sun 01 Jan 2023 22:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1901
IP address blocks:        194.152.160.0/19 maxlen: 19
                          195.230.32.0/19 maxlen: 19
                          213.240.64.0/18 maxlen: 18
                          195.64.0.0/19 maxlen: 19
                          212.60.160.0/19 maxlen: 19
                          213.157.128.0/19 maxlen: 19
                          194.96.0.0/16 maxlen: 16
                          193.80.0.0/15 maxlen: 15
                          195.170.64.0/19 maxlen: 19
                          194.166.0.0/16 maxlen: 16
                          212.16.32.0/19 maxlen: 19
                          194.118.0.0/16 maxlen: 16
                          212.124.128.0/19 maxlen: 19
                          62.116.32.0/19 maxlen: 19
                          193.154.0.0/16 maxlen: 16
                          212.88.0.0/19 maxlen: 19
                          212.197.128.0/18 maxlen: 18
                          193.83.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Wed 23 Aug 2023 06:45:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:c2:63:c5:bb:be:1d:f2:7d:40:cd:1c:13:6d:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
        Validity
            Not Before: Jan  1 22:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0337d6d23d7995940c37a8ef5bd3dcd01c23b9be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:7e:7a:6e:3c:94:13:90:46:8b:d8:2d:b5:28:
                    40:b5:95:a5:bf:52:f0:1e:61:c6:49:e8:de:25:62:
                    a9:5b:48:b6:35:9f:40:40:f6:69:53:85:ce:1d:52:
                    4b:37:ae:7f:c1:ab:30:86:95:f2:7c:04:cd:37:6d:
                    53:98:b1:e3:30:d0:01:4e:ca:1a:95:aa:8a:c7:3b:
                    59:5b:19:fa:39:a7:5f:9a:45:54:92:57:da:09:f2:
                    54:b7:0b:32:3d:34:a8:a7:aa:f6:3d:66:42:0b:e2:
                    77:ad:1e:e4:7e:d3:86:26:64:cb:fe:e3:f7:e0:ef:
                    d4:eb:1b:a2:39:8f:45:d2:78:9f:0a:71:8c:12:34:
                    bb:47:e3:19:03:ff:3b:99:b5:3d:1c:d5:91:34:53:
                    71:a1:0c:ff:36:1e:27:14:c6:f9:61:39:e4:bd:5a:
                    8e:17:6d:5d:00:18:26:b9:72:a7:cf:f9:90:25:d5:
                    46:4a:ae:7e:ae:8b:c8:c0:fb:aa:ec:47:e7:43:26:
                    88:0d:c7:f9:f3:f1:0c:b5:21:23:16:4b:ca:8a:d6:
                    ec:ab:33:5a:91:37:91:a6:b4:29:25:02:a3:4d:61:
                    f7:09:a8:b0:34:c4:05:6f:be:44:36:a4:92:d6:3a:
                    bd:85:1f:de:1e:47:b4:06:47:0f:29:c6:84:2f:46:
                    10:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:37:D6:D2:3D:79:95:94:0C:37:A8:EF:5B:D3:DC:D0:1C:23:B9:BE
            X509v3 Authority Key Identifier:
                keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/AzfW0j15lZQMN6jvW9Pc0Bwjub4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.116.32.0/19
                  193.80.0.0/15
                  193.83.0.0/16
                  193.154.0.0/16
                  194.96.0.0/16
                  194.118.0.0/16
                  194.152.160.0/19
                  194.166.0.0/16
                  195.64.0.0/19
                  195.170.64.0/19
                  195.230.32.0/19
                  212.16.32.0/19
                  212.60.160.0/19
                  212.88.0.0/19
                  212.124.128.0/19
                  212.197.128.0/18
                  213.157.128.0/19
                  213.240.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         2e:df:c8:33:f7:d7:c9:d1:b6:e2:11:c3:9c:8e:33:ea:32:86:
         51:02:76:2e:6d:6c:e0:43:c0:f4:4c:8f:36:fb:53:0c:80:d0:
         82:c2:3d:8d:55:b6:89:02:30:40:13:89:4b:f7:60:8b:ef:a4:
         48:87:69:cb:40:12:dc:e7:48:7c:a9:47:b3:49:2a:4a:65:49:
         1c:65:c4:3b:6a:96:dd:ad:bb:2f:9e:95:08:53:39:65:ed:84:
         cd:45:e3:a8:68:31:3a:dd:e4:bf:2c:96:9c:d7:94:1e:f8:47:
         84:5f:14:10:a7:65:48:01:20:85:8e:79:24:46:40:d9:17:a8:
         06:c5:0d:ae:96:37:4f:27:9a:82:03:97:a1:2e:f8:99:ae:c5:
         5b:44:08:24:f2:21:93:d7:de:04:e5:a1:f2:ba:f0:78:f5:fa:
         db:a2:d7:4e:5c:9b:f3:c6:19:0d:aa:8b:c0:a5:6d:98:a5:58:
         6b:a8:c2:86:29:db:eb:79:a1:d4:e5:fd:68:47:10:4b:52:56:
         f0:5f:0c:9f:00:47:65:e3:ec:04:56:12:8a:c8:3b:5e:46:cb:
         2a:ad:6d:d3:0c:77:9d:31:15:3d:4f:e4:9f:62:e7:fd:57:df:
         91:fa:ca:20:22:0a:52:a8:f9:e7:c9:42:c6:7a:d9:14:2a:b6:
         68:9c:cf:18
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYVvXcJjxbu+HfJ9QM0cE23kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMwMTAxMjIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzM3ZDZkMjNkNzk5NTk0MGMzN2E4ZWY1YmQzZGNkMDFjMjNiOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnn56bjyUE5BGi9gttShAtZWlv1Lw
HmHGSejeJWKpW0i2NZ9AQPZpU4XOHVJLN65/waswhpXyfATNN21TmLHjMNABTsoa
laqKxztZWxn6OadfmkVUklfaCfJUtwsyPTSop6r2PWZCC+J3rR7kftOGJmTL/uP3
4O/U6xuiOY9F0nifCnGMEjS7R+MZA/87mbU9HNWRNFNxoQz/Nh4nFMb5YTnkvVqO
F21dABgmuXKnz/mQJdVGSq5+rovIwPuq7EfnQyaIDcf58/EMtSEjFkvKitbsqzNa
kTeRprQpJQKjTWH3CaiwNMQFb75ENqSS1jq9hR/eHke0BkcPKcaEL0YQjQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFAM31tI9eZWUDDeo71vT3NAcI7m+MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvQXpmVzBqMTVsWlFNTjZqdlc5UGMwQndqdWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQFPnQgAwMB
wVADAwDBUwMDAMGaAwMAwmADAwDCdgMEBcKYoAMDAMKmAwQFw0AAAwQFw6pAAwQF
w+YgAwQF1BAgAwQF1DygAwQF1FgAAwQF1HyAAwQG1MWAAwQF1Z2AAwQG1fBAMA0G
CSqGSIb3DQEBCwUAA4IBAQAu38gz99fJ0bbiEcOcjjPqMoZRAnYubWzgQ8D0TI82
+1MMgNCCwj2NVbaJAjBAE4lL92CL76RIh2nLQBLc50h8qUezSSpKZUkcZcQ7apbd
rbsvnpUIUzll7YTNReOoaDE63eS/LJac15Qe+EeEXxQQp2VIASCFjnkkRkDZF6gG
xQ2uljdPJ5qCA5ehLviZrsVbRAgk8iGT194E5aHyuvB49frbotdOXJvzxhkNqovA
pW2YpVhrqMKGKdvreaHU5f1oRxBLUlbwXwyfAEdl4+wEVhKKyDteRssqrW3TDHed
MRU9T+SfYuf9V9+R+sogIgpSqPnnyULGetkUKrZonM8Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:38 2024 by rpki-client on console-fra.rpki-client.org