Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/NScIb3AKai_8a6LSfqTz5iaO-7k.roa
File:                     NScIb3AKai_8a6LSfqTz5iaO-7k.roa (raw, json)
Hash identifier:          BkNi0ypxWg38bDypm95JQrtw04HMCJFD0/pUBr7PLDw=
Subject key identifier:   35:27:08:6F:70:0A:6A:2F:FC:6B:A2:D2:7E:A4:F3:E6:26:8E:FB:B9
Certificate issuer:       /CN=681ce4d99ba8ebb91a794abfcbdd15bde09c99f8
Certificate serial:       0189B5D27DFF037636619365781843AA3A57
Authority key identifier: 68:1C:E4:D9:9B:A8:EB:B9:1A:79:4A:BF:CB:DD:15:BD:E0:9C:99:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBzk2Zuo67kaeUq_y90VveCcmfg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/NScIb3AKai_8a6LSfqTz5iaO-7k.roa
Signing time:             Wed 02 Aug 2023 10:36:58 +0000
ROA not before:           Wed 02 Aug 2023 10:36:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6752
IP address blocks:        80.80.85.0/24 maxlen: 24
                          80.80.84.0/22 maxlen: 22
                          80.80.84.0/24 maxlen: 24
                          80.80.92.0/22 maxlen: 22
                          185.87.36.0/22 maxlen: 22
                          185.33.0.0/22 maxlen: 22
                          194.158.64.0/22 maxlen: 22
                          194.158.64.0/19 maxlen: 19
                          194.158.64.0/24 maxlen: 24
                          194.158.68.0/22 maxlen: 22
                          194.158.78.0/24 maxlen: 24
                          194.158.72.0/23 maxlen: 23
                          194.158.72.0/22 maxlen: 22
                          194.158.76.0/22 maxlen: 22
                          185.87.40.0/22 maxlen: 22
                          185.87.44.0/22 maxlen: 22
                          188.241.26.0/23 maxlen: 23
                          91.187.64.0/19 maxlen: 19
                          91.187.64.0/22 maxlen: 22
                          91.187.68.0/22 maxlen: 22
                          91.187.76.0/22 maxlen: 22
                          91.187.72.0/22 maxlen: 22
                          91.187.84.0/22 maxlen: 22
                          91.187.83.0/24 maxlen: 24
                          91.187.80.0/22 maxlen: 22
                          91.187.88.0/22 maxlen: 22
                          89.150.4.0/22 maxlen: 22
                          89.150.2.0/23 maxlen: 23
                          89.150.8.0/22 maxlen: 22
                          89.150.12.0/22 maxlen: 22
                          91.187.93.0/24 maxlen: 24
                          91.187.92.0/22 maxlen: 22
                          185.194.56.0/22 maxlen: 22
                          185.194.59.0/24 maxlen: 24
                          46.172.224.0/19 maxlen: 19
                          46.172.232.0/22 maxlen: 22
                          185.4.52.0/22 maxlen: 22
                          94.125.138.0/23 maxlen: 23
                          94.125.140.0/23 maxlen: 23
                          185.132.200.0/22 maxlen: 22
                          109.111.96.0/24 maxlen: 24
                          109.111.96.0/22 maxlen: 22
                          109.111.96.0/19 maxlen: 19
                          109.111.100.0/22 maxlen: 22
                          109.111.104.0/22 maxlen: 22
                          109.111.108.0/22 maxlen: 22
                          109.111.112.0/22 maxlen: 22
                          109.111.111.0/24 maxlen: 24
                          109.111.116.0/22 maxlen: 22
                          85.94.164.0/22 maxlen: 22
                          109.111.124.0/22 maxlen: 22
                          109.111.120.0/22 maxlen: 22
                          85.94.160.0/19 maxlen: 19
                          85.94.160.0/22 maxlen: 22
                          85.94.168.0/22 maxlen: 22
                          85.94.172.0/22 maxlen: 22
                          85.94.176.0/22 maxlen: 22
                          85.94.184.0/22 maxlen: 22
                          85.94.180.0/22 maxlen: 22
                          194.158.80.0/22 maxlen: 22
                          194.158.84.0/22 maxlen: 22
                          194.158.84.0/24 maxlen: 24
                          194.158.85.0/24 maxlen: 24
                          194.158.88.0/22 maxlen: 22
                          194.158.95.0/24 maxlen: 24
                          194.158.92.0/22 maxlen: 22
                          85.94.188.0/22 maxlen: 22
                          46.175.158.0/24 maxlen: 24
                          46.175.157.0/24 maxlen: 24
                          46.175.156.0/24 maxlen: 24
                          46.175.156.0/22 maxlen: 22
                          46.175.159.0/24 maxlen: 24
                          2a02:8060::/31 maxlen: 31

Validation:               Failed, certificate revoked on Tue 17 Oct 2023 09:08:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:b5:d2:7d:ff:03:76:36:61:93:65:78:18:43:aa:3a:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=681ce4d99ba8ebb91a794abfcbdd15bde09c99f8
        Validity
            Not Before: Aug  2 10:36:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3527086f700a6a2ffc6ba2d27ea4f3e6268efbb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7a:db:6d:0e:64:69:3d:90:ad:47:4b:bb:59:
                    27:d0:f4:19:23:dc:d5:53:ec:3c:20:bd:b9:53:3a:
                    55:6d:bb:70:fd:e2:c7:d6:2b:ae:d4:46:1b:0f:ea:
                    98:0f:1e:d6:f6:61:aa:32:10:74:f5:82:cf:cd:be:
                    7b:8c:b3:4b:1c:e7:bd:15:24:60:59:d3:17:6f:5f:
                    8a:d4:16:6d:f7:0a:fa:32:74:61:71:d9:b9:3d:fa:
                    6a:00:93:35:e9:ad:80:da:12:71:b6:24:9d:ba:d8:
                    9f:b1:d7:ce:7a:2e:41:e5:67:a2:b0:e7:4f:4c:48:
                    f4:77:e7:9d:27:52:c0:ff:b5:e5:4c:32:56:30:66:
                    1a:51:d6:af:b9:8f:81:14:38:88:3e:6c:f5:76:d7:
                    eb:38:c1:bc:51:be:3f:3c:66:55:51:59:eb:c3:8c:
                    87:f4:29:93:b0:f5:77:24:9d:73:a8:cc:26:47:46:
                    76:f1:a8:69:84:5f:61:ee:25:c6:77:32:00:06:47:
                    28:db:f3:51:f1:f3:01:f9:ca:ad:cd:08:6f:4d:f2:
                    d1:40:30:bf:38:34:c1:8a:c8:46:5b:4b:eb:c6:a7:
                    c5:65:5a:cc:db:fd:c4:dc:ce:c9:2a:95:c7:e4:99:
                    e3:2c:4e:72:2f:32:1f:c8:c5:b7:c2:67:36:c1:6d:
                    88:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:27:08:6F:70:0A:6A:2F:FC:6B:A2:D2:7E:A4:F3:E6:26:8E:FB:B9
            X509v3 Authority Key Identifier:
                keyid:68:1C:E4:D9:9B:A8:EB:B9:1A:79:4A:BF:CB:DD:15:BD:E0:9C:99:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBzk2Zuo67kaeUq_y90VveCcmfg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/NScIb3AKai_8a6LSfqTz5iaO-7k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/aBzk2Zuo67kaeUq_y90VveCcmfg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.172.224.0/19
                  46.175.156.0/22
                  80.80.84.0/22
                  80.80.92.0/22
                  85.94.160.0/19
                  89.150.2.0-89.150.15.255
                  91.187.64.0/19
                  94.125.138.0-94.125.141.255
                  109.111.96.0/19
                  185.4.52.0/22
                  185.33.0.0/22
                  185.87.36.0-185.87.47.255
                  185.132.200.0/22
                  185.194.56.0/22
                  188.241.26.0/23
                  194.158.64.0/19
                IPv6:
                  2a02:8060::/31

    Signature Algorithm: sha256WithRSAEncryption
         2e:1b:45:08:4f:9e:1c:02:a4:7a:d1:0f:e4:2a:3f:13:0a:a7:
         49:db:6b:ec:d5:77:9c:b4:b0:6b:2c:60:0a:fe:cc:4f:14:d7:
         87:6c:73:9c:b6:48:ad:b1:27:76:b7:fd:81:55:5c:fc:7d:11:
         1d:05:65:53:64:64:09:d8:22:7c:49:9c:4f:42:79:42:94:fc:
         8c:9c:54:ee:c3:ce:a8:79:83:3d:1a:9a:06:a1:2a:8c:ea:39:
         a0:7e:c4:7f:1a:9c:27:9c:0a:80:84:d8:63:a9:3c:bd:75:2a:
         e0:e6:aa:1b:43:66:13:66:ab:f8:ec:be:ed:58:2d:02:10:f0:
         5b:6a:6c:eb:c1:be:bc:01:68:b1:d5:84:73:6b:0b:8c:c5:27:
         38:f3:58:23:9a:38:47:a7:05:8e:76:f7:f2:1f:a7:45:fa:38:
         28:ca:a5:97:06:69:4e:e7:d4:3a:8c:91:0e:0e:94:4c:bd:ed:
         60:74:cc:c4:1f:60:84:05:ea:a4:c8:65:88:85:7f:d9:b3:d0:
         f4:57:d1:60:28:a8:ba:80:15:8a:17:80:78:7c:dd:54:b0:3e:
         0f:03:9d:dd:eb:b8:e7:0f:49:41:59:dc:d9:1b:00:ef:7f:a9:
         10:cf:35:85:af:aa:19:16:dd:e4:89:de:35:1f:c6:97:fc:a1:
         9c:57:9e:10
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYm10n3/A3Y2YZNleBhDqjpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MWNlNGQ5OWJhOGViYjkxYTc5NGFiZmNiZGQxNWJkZTA5
Yzk5ZjgwHhcNMjMwODAyMTAzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTI3MDg2ZjcwMGE2YTJmZmM2YmEyZDI3ZWE0ZjNlNjI2OGVmYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3rbbQ5kaT2QrUdLu1kn0PQZI9zV
U+w8IL25UzpVbbtw/eLH1iuu1EYbD+qYDx7W9mGqMhB09YLPzb57jLNLHOe9FSRg
WdMXb1+K1BZt9wr6MnRhcdm5PfpqAJM16a2A2hJxtiSdutifsdfOei5B5WeisOdP
TEj0d+edJ1LA/7XlTDJWMGYaUdavuY+BFDiIPmz1dtfrOMG8Ub4/PGZVUVnrw4yH
9CmTsPV3JJ1zqMwmR0Z28ahphF9h7iXGdzIABkco2/NR8fMB+cqtzQhvTfLRQDC/
ODTBishGW0vrxqfFZVrM2/3E3M7JKpXH5JnjLE5yLzIfyMW3wmc2wW2INQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFDUnCG9wCmov/Gui0n6k8+Ymjvu5MB8GA1UdIwQY
MBaAFGgc5NmbqOu5GnlKv8vdFb3gnJn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJ6azJadW82N2thZVVxX3k5MFZ2ZUNjbWZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi82YjllZTgtOTI0Yi00YTMxLWE0NjQt
OWY5OWMxNDc3ZmJlLzEvTlNjSWIzQUthaV84YTZMU2ZxVHo1aWFPLTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi82YjllZTgtOTI0Yi00YTMxLWE0NjQtOWY5OWMxNDc3ZmJl
LzEvYUJ6azJadW82N2thZVVxX3k5MFZ2ZUNjbWZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQFLqzg
AwQCLq+cAwQCUFBUAwQCUFBcAwQFVV6gMAwDBAFZlgIDBARZlgADBAVbu0AwDAME
AV59igMEAV59jAMEBW1vYAMEArkENAMEArkhADAMAwQCuVckAwQEuVcgAwQCuYTI
AwQCucI4AwQBvPEaAwQFwp5AMA0EAgACMAcDBQEqAoBgMA0GCSqGSIb3DQEBCwUA
A4IBAQAuG0UIT54cAqR60Q/kKj8TCqdJ22vs1XectLBrLGAK/sxPFNeHbHOctkit
sSd2t/2BVVz8fREdBWVTZGQJ2CJ8SZxPQnlClPyMnFTuw86oeYM9GpoGoSqM6jmg
fsR/GpwnnAqAhNhjqTy9dSrg5qobQ2YTZqv47L7tWC0CEPBbamzrwb68AWix1YRz
awuMxSc481gjmjhHpwWOdvfyH6dF+jgoyqWXBmlO59Q6jJEODpRMve1gdMzEH2CE
BeqkyGWIhX/Zs9D0V9FgKKi6gBWKF4B4fN1UsD4PA53d67jnD0lBWdzZGwDvf6kQ
zzWFr6oZFt3kid41H8aX/KGcV54Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:36 2024 by rpki-client on console-fra.rpki-client.org