Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/9RPwIqgdBFJ2G7MtQhpKics40zE.roa
File:                     9RPwIqgdBFJ2G7MtQhpKics40zE.roa (raw, json)
Hash identifier:          H9b2MHTZPk0no7rKai1qqdYMZnQN1FsGXeTua9CmZnI=
Subject key identifier:   F5:13:F0:22:A8:1D:04:52:76:1B:B3:2D:42:1A:4A:89:CB:38:D3:31
Certificate issuer:       /CN=6ff362c0765afb7b9804b6d819470007b01f262e
Certificate serial:       0185738FF1AF1C26C91041DBCBED3CD26C62
Authority key identifier: 6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/9RPwIqgdBFJ2G7MtQhpKics40zE.roa
Signing time:             Mon 02 Jan 2023 17:38:11 +0000
ROA not before:           Mon 02 Jan 2023 17:38:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31399
IP address blocks:        141.113.232.0/21 maxlen: 21
                          141.113.240.0/21 maxlen: 21
                          141.113.248.0/21 maxlen: 21
                          141.113.204.0/22 maxlen: 22
                          141.113.200.0/22 maxlen: 22
                          141.113.208.0/21 maxlen: 21
                          141.113.216.0/21 maxlen: 21
                          141.113.224.0/21 maxlen: 21
                          141.113.16.0/21 maxlen: 21
                          141.113.24.0/22 maxlen: 22
                          141.113.36.0/22 maxlen: 22
                          141.113.32.0/22 maxlen: 22
                          141.113.32.0/21 maxlen: 21
                          141.113.40.0/21 maxlen: 21
                          141.113.48.0/21 maxlen: 21
                          141.113.56.0/21 maxlen: 21
                          141.113.64.0/21 maxlen: 21
                          53.0.0.0/8 maxlen: 8
                          141.113.0.0/21 maxlen: 21
                          141.113.8.0/21 maxlen: 21
                          53.3.144.0/21 maxlen: 21
                          141.113.120.0/21 maxlen: 21
                          141.113.72.0/21 maxlen: 21
                          141.113.88.0/22 maxlen: 22
                          141.113.96.0/21 maxlen: 21
                          141.113.104.0/21 maxlen: 21
                          141.113.112.0/21 maxlen: 21
                          2a03:9e40::/29 maxlen: 29
                          2a03:9e42::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:8f:f1:af:1c:26:c9:10:41:db:cb:ed:3c:d2:6c:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ff362c0765afb7b9804b6d819470007b01f262e
        Validity
            Not Before: Jan  2 17:38:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f513f022a81d0452761bb32d421a4a89cb38d331
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:cb:f4:98:2b:20:d5:fc:d4:be:b8:a2:e9:ba:
                    ac:13:10:7f:08:df:f4:fe:89:ec:f5:60:56:a4:d3:
                    27:17:35:25:78:13:c5:d7:08:f5:65:7c:32:59:28:
                    8c:cf:13:a3:ae:13:2b:ba:f5:e6:8b:b4:90:63:81:
                    e3:30:c0:6e:12:27:cd:02:2c:bc:65:6e:ab:d4:97:
                    27:1c:57:42:c8:b1:58:10:ad:cb:73:2a:84:1a:62:
                    23:40:46:47:f9:f2:b3:19:86:3a:d1:f6:bb:a1:33:
                    e2:f0:46:52:df:ec:2c:5a:a7:96:b4:fd:cf:e8:34:
                    07:4b:9b:58:99:3b:ed:27:64:ae:56:57:47:db:a9:
                    c2:68:ad:ea:26:b1:16:4f:64:3e:1d:d9:76:f1:5b:
                    b7:1e:e9:41:8b:80:fd:28:97:70:fd:fa:a8:7d:4e:
                    67:bd:3d:48:0a:de:77:e3:e8:ca:9f:4b:3b:b5:91:
                    db:cd:a3:2f:6d:71:cb:89:7f:88:71:2f:9e:c6:03:
                    e3:bd:d2:28:6a:45:18:8d:8a:66:a2:37:21:07:2c:
                    8c:8b:bc:4e:dd:15:66:07:a9:f9:1c:df:05:c1:9e:
                    f2:43:fc:c2:5d:f5:65:4a:5a:d7:3d:e6:83:98:02:
                    41:4f:38:0d:53:4a:1a:01:e0:ec:ab:4f:cb:94:c7:
                    6c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:13:F0:22:A8:1D:04:52:76:1B:B3:2D:42:1A:4A:89:CB:38:D3:31
            X509v3 Authority Key Identifier:
                keyid:6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/9RPwIqgdBFJ2G7MtQhpKics40zE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  53.0.0.0/8
                  141.113.0.0-141.113.27.255
                  141.113.32.0-141.113.79.255
                  141.113.88.0/22
                  141.113.96.0/19
                  141.113.200.0-141.113.255.255
                IPv6:
                  2a03:9e40::/29

    Signature Algorithm: sha256WithRSAEncryption
         05:72:c8:3d:e9:8c:1b:18:5b:79:9b:42:51:99:d3:f4:a8:93:
         12:19:44:08:83:e2:6f:2a:a2:c6:ee:b1:ec:a9:15:47:fd:e8:
         9a:88:c8:eb:3f:1b:ef:b9:83:3a:73:20:22:82:db:e3:1f:b1:
         84:41:6c:c0:0e:c4:bc:86:10:fc:1b:70:30:08:0a:f6:74:1c:
         a0:45:f0:f5:36:d2:3c:ca:db:eb:43:3e:13:06:72:ab:f9:2e:
         a2:a3:67:c5:54:0d:a9:87:6f:ab:1b:3a:e1:5f:25:6e:0e:db:
         32:db:4f:84:c2:f0:7c:0d:45:d8:bb:f3:a6:21:a7:27:01:33:
         d9:03:29:cb:ef:65:fd:3d:9f:ee:18:cf:64:2c:a3:7a:61:1f:
         66:02:cb:af:9d:fc:be:34:8b:f2:4b:d8:2c:3d:84:ca:2f:45:
         2c:42:c6:4e:54:a3:09:7c:c1:cf:64:da:8d:4b:27:0d:9c:d6:
         48:be:17:6e:cd:71:b5:09:ac:1e:bd:95:5b:72:c6:a7:d5:bd:
         70:df:06:e4:16:69:61:c6:51:bd:c9:cd:f0:56:9e:a1:7d:7c:
         c1:77:64:e3:e5:41:6c:5c:c7:4f:87:7d:02:66:b4:7e:35:67:
         4d:dc:f2:03:62:6b:b8:df:8d:0b:6d:3d:8a:d8:14:69:af:7b:
         51:a2:7a:f5
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYVzj/GvHCbJEEHby+080mxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZjM2MmMwNzY1YWZiN2I5ODA0YjZkODE5NDcwMDA3YjAx
ZjI2MmUwHhcNMjMwMTAyMTczODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTEzZjAyMmE4MWQwNDUyNzYxYmIzMmQ0MjFhNGE4OWNiMzhkMzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncv0mCsg1fzUvrii6bqsExB/CN/0
/ons9WBWpNMnFzUleBPF1wj1ZXwyWSiMzxOjrhMruvXmi7SQY4HjMMBuEifNAiy8
ZW6r1JcnHFdCyLFYEK3LcyqEGmIjQEZH+fKzGYY60fa7oTPi8EZS3+wsWqeWtP3P
6DQHS5tYmTvtJ2SuVldH26nCaK3qJrEWT2Q+Hdl28Vu3HulBi4D9KJdw/fqofU5n
vT1ICt534+jKn0s7tZHbzaMvbXHLiX+IcS+exgPjvdIoakUYjYpmojchByyMi7xO
3RVmB6n5HN8FwZ7yQ/zCXfVlSlrXPeaDmAJBTzgNU0oaAeDsq0/LlMdsHwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPUT8CKoHQRSdhuzLUIaSonLONMxMB8GA1UdIwQY
MBaAFG/zYsB2Wvt7mAS22BlHAAewHyYuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEt
ZGFmZDc0NzYzZDIzLzEvOVJQd0lxZ2RCRkoyRzdNdFFocEtpY3M0MHpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEtZGFmZDc0NzYzZDIz
LzEvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwIANTALAwMA
jXEDBAKNcRgwDAMEBY1xIAMEBI1xQAMEAo1xWAMEBY1xYDALAwQDjXHIAwMBjXAw
DQQCAAIwBwMFAyoDnkAwDQYJKoZIhvcNAQELBQADggEBAAVyyD3pjBsYW3mbQlGZ
0/SokxIZRAiD4m8qosbuseypFUf96JqIyOs/G++5gzpzICKC2+MfsYRBbMAOxLyG
EPwbcDAICvZ0HKBF8PU20jzK2+tDPhMGcqv5LqKjZ8VUDamHb6sbOuFfJW4O2zLb
T4TC8HwNRdi786YhpycBM9kDKcvvZf09n+4Yz2Qso3phH2YCy6+d/L40i/JL2Cw9
hMovRSxCxk5Uowl8wc9k2o1LJw2c1ki+F27NcbUJrB69lVtyxqfVvXDfBuQWaWHG
Ub3JzfBWnqF9fMF3ZOPlQWxcx0+HfQJmtH41Z03c8gNia7jfjQttPYrYFGmve1Gi
evU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:06 2024 by rpki-client on console-fra.rpki-client.org