Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wKJgxfu3jnoCjdV6V7mkhDm_8sA.roa
File:                     wKJgxfu3jnoCjdV6V7mkhDm_8sA.roa (raw, json)
Hash identifier:          DSii6gMeYPtnAXOwHFbe/YfGqK03kF/VvHP/+iXZnh8=
Subject key identifier:   C0:A2:60:C5:FB:B7:8E:7A:02:8D:D5:7A:57:B9:A4:84:39:BF:F2:C0
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       018CCA9931184EC2CEF75248CF81E44F93C2
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wKJgxfu3jnoCjdV6V7mkhDm_8sA.roa
Signing time:             Tue 02 Jan 2024 14:34:46 +0000
ROA not before:           Tue 02 Jan 2024 14:34:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42337
IP address blocks:        87.107.44.0/22 maxlen: 24
                          87.107.48.0/23 maxlen: 23
                          87.107.56.0/21 maxlen: 24
                          87.107.64.0/22 maxlen: 24
                          87.107.72.0/21 maxlen: 24
                          87.107.80.0/21 maxlen: 24
                          87.107.16.0/21 maxlen: 24
                          87.107.28.0/22 maxlen: 24
                          87.107.32.0/23 maxlen: 23
                          87.107.36.0/22 maxlen: 24
                          87.107.148.0/22 maxlen: 24
                          87.107.156.0/22 maxlen: 24
                          62.220.118.0/23 maxlen: 24
                          62.220.113.0/24 maxlen: 24
                          62.220.112.0/21 maxlen: 21
                          87.107.176.0/21 maxlen: 24
                          87.107.184.0/22 maxlen: 24
                          87.107.92.0/22 maxlen: 24
                          87.107.100.0/22 maxlen: 22
                          87.107.136.0/21 maxlen: 24
                          81.12.0.0/21 maxlen: 24
                          81.12.32.0/21 maxlen: 24
                          81.12.40.0/21 maxlen: 24
                          81.12.54.0/23 maxlen: 24
                          81.12.56.0/23 maxlen: 23
                          81.12.60.0/22 maxlen: 24
                          81.12.64.0/18 maxlen: 24

Validation:               Failed, certificate revoked on Tue 13 Feb 2024 10:59:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:99:31:18:4e:c2:ce:f7:52:48:cf:81:e4:4f:93:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Jan  2 14:34:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c0a260c5fbb78e7a028dd57a57b9a48439bff2c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:0b:bd:39:49:7c:bf:33:3c:82:27:be:20:ec:
                    21:09:ad:10:82:1a:29:da:c6:3c:e7:ae:10:e1:fc:
                    e6:57:f6:03:3b:96:17:f4:01:c0:92:0a:3b:42:96:
                    f3:20:33:b7:4e:86:f0:ea:5c:a3:a8:97:62:44:a0:
                    87:96:8e:ec:69:ae:28:a2:ca:ed:b2:f9:c7:77:c8:
                    b6:e4:c4:99:8e:94:b9:6c:22:13:31:3f:0e:d0:c0:
                    0e:63:c7:0b:a5:76:5f:64:d8:bc:98:75:c0:8d:ae:
                    97:ac:d3:49:34:bb:34:8a:30:ba:71:05:4d:0b:c3:
                    32:2b:26:7e:0b:5c:d9:66:a4:bf:a0:52:84:46:38:
                    2c:5d:31:e7:4a:3b:ac:a6:c2:42:75:ce:60:f6:2e:
                    89:41:77:26:1c:b4:a2:c9:11:f3:5f:85:45:58:ee:
                    86:3d:5e:e6:49:4d:64:0e:79:b4:b9:af:68:26:a2:
                    4e:59:ea:90:7e:d3:95:8e:46:54:72:47:07:e4:65:
                    3a:39:42:b4:05:e0:7e:95:aa:8d:be:8b:c6:91:7e:
                    73:ed:93:5c:5b:d3:fc:14:cb:69:78:2f:f4:d4:bb:
                    dd:49:b9:cf:78:59:f0:80:71:d9:48:b7:ee:17:aa:
                    54:1d:79:4c:98:f4:73:51:73:ff:31:6e:52:03:2a:
                    fa:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:A2:60:C5:FB:B7:8E:7A:02:8D:D5:7A:57:B9:A4:84:39:BF:F2:C0
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/wKJgxfu3jnoCjdV6V7mkhDm_8sA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.220.112.0/21
                  81.12.0.0/21
                  81.12.32.0/20
                  81.12.54.0-81.12.57.255
                  81.12.60.0-81.12.127.255
                  87.107.16.0/21
                  87.107.28.0-87.107.33.255
                  87.107.36.0/22
                  87.107.44.0-87.107.49.255
                  87.107.56.0-87.107.67.255
                  87.107.72.0-87.107.87.255
                  87.107.92.0/22
                  87.107.100.0/22
                  87.107.136.0/21
                  87.107.148.0/22
                  87.107.156.0/22
                  87.107.176.0-87.107.187.255

    Signature Algorithm: sha256WithRSAEncryption
         9b:89:4b:ca:56:a1:9c:b6:5d:38:3d:76:58:2f:ae:b0:87:bb:
         8d:66:67:f2:e2:0e:84:f4:46:59:64:8b:93:35:bd:11:d1:fa:
         98:26:6d:23:e3:33:8d:ea:59:71:70:5b:50:14:80:7c:0e:62:
         e6:58:bc:ce:85:55:f0:d0:20:4f:e2:8c:b8:08:4e:5f:4e:14:
         1f:39:6f:b3:40:25:0e:82:0d:39:39:a7:1f:33:53:8a:30:19:
         57:1c:86:b6:59:3c:aa:cd:5b:2f:5f:be:90:4a:93:36:7b:ec:
         c7:c7:4d:cc:14:18:81:37:5b:77:5e:7d:84:16:4b:d6:ef:f0:
         b1:a6:21:9a:0f:dc:1c:1c:5f:31:4d:da:9c:58:e7:f2:ed:b0:
         41:f0:f5:25:71:4d:a5:70:1e:bc:8b:af:f3:fb:c4:ca:89:f7:
         08:17:d2:8c:07:65:88:58:ac:0b:98:a6:46:15:e4:5b:c2:d6:
         86:c4:6e:19:8c:9f:0e:15:64:c6:51:af:d5:9e:99:60:4e:0a:
         69:01:51:9b:79:5c:b7:bf:71:64:98:be:21:8c:2b:e2:c1:36:
         ea:89:cb:7c:03:84:4a:6b:98:d3:4a:2c:6a:2a:be:9f:65:1a:
         10:dc:5c:55:f7:fb:f4:44:a1:14:a2:85:91:55:4b:b9:28:4d:
         a7:db:70:72
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzKmTEYTsLO91JIz4HkT5PCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMTAyMTQzNDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGEyNjBjNWZiYjc4ZTdhMDI4ZGQ1N2E1N2I5YTQ4NDM5YmZmMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Au9OUl8vzM8gie+IOwhCa0Qghop
2sY8564Q4fzmV/YDO5YX9AHAkgo7QpbzIDO3Tobw6lyjqJdiRKCHlo7saa4oosrt
svnHd8i25MSZjpS5bCITMT8O0MAOY8cLpXZfZNi8mHXAja6XrNNJNLs0ijC6cQVN
C8MyKyZ+C1zZZqS/oFKERjgsXTHnSjuspsJCdc5g9i6JQXcmHLSiyRHzX4VFWO6G
PV7mSU1kDnm0ua9oJqJOWeqQftOVjkZUckcH5GU6OUK0BeB+laqNvovGkX5z7ZNc
W9P8FMtpeC/01LvdSbnPeFnwgHHZSLfuF6pUHXlMmPRzUXP/MW5SAyr6AwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFMCiYMX7t456Ao3Vele5pIQ5v/LAMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvd0tKZ3hmdTNqbm9DamRWNlY3bWtoRG1fOHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAM+
3HADBANRDAADBARRDCAwDAMEAVEMNgMEAVEMODAMAwQCUQw8AwQHUQwAAwQDV2sQ
MAwDBAJXaxwDBAFXayADBAJXayQwDAMEAldrLAMEAVdrMDAMAwQDV2s4AwQCV2tA
MAwDBANXa0gDBANXa1ADBAJXa1wDBAJXa2QDBANXa4gDBAJXa5QDBAJXa5wwDAME
BFdrsAMEAldruDANBgkqhkiG9w0BAQsFAAOCAQEAm4lLylahnLZdOD12WC+usIe7
jWZn8uIOhPRGWWSLkzW9EdH6mCZtI+MzjepZcXBbUBSAfA5i5li8zoVV8NAgT+KM
uAhOX04UHzlvs0AlDoINOTmnHzNTijAZVxyGtlk8qs1bL1++kEqTNnvsx8dNzBQY
gTdbd159hBZL1u/wsaYhmg/cHBxfMU3anFjn8u2wQfD1JXFNpXAevIuv8/vEyon3
CBfSjAdliFisC5imRhXkW8LWhsRuGYyfDhVkxlGv1Z6ZYE4KaQFRm3lct79xZJi+
IYwr4sE26onLfAOESmuY00osaiq+n2UaENxcVff79EShFKKFkVVLuShNp9twcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org