Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-HMa4bgoxMR_uMeMNuawPHg-8sU.roa
File:                     1-HMa4bgoxMR_uMeMNuawPHg-8sU.roa (raw, json)
Hash identifier:          mz06mqxSoehtwQzcqxJpVVAsHFPjoLgdlfofgGZdI3s=
Subject key identifier:   F8:73:1A:E1:B8:28:C4:C4:7F:B8:C7:8C:36:E6:B0:3C:78:3E:F2:C5
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018B42B60378049B6C398B37C3F3CAD7D4E9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-HMa4bgoxMR_uMeMNuawPHg-8sU.roa
Signing time:             Wed 18 Oct 2023 12:15:06 +0000
ROA not before:           Wed 18 Oct 2023 12:15:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        188.241.243.0/24 maxlen: 24
                          185.255.39.0/24 maxlen: 24
                          188.214.209.0/24 maxlen: 24
                          185.241.210.0/23 maxlen: 24
                          93.115.254.0/23 maxlen: 24
                          188.213.203.0/24 maxlen: 24
                          188.213.202.0/24 maxlen: 24
                          193.23.129.0/24 maxlen: 24
                          193.23.128.0/24 maxlen: 24
                          213.232.93.0/24 maxlen: 24
                          213.232.92.0/24 maxlen: 24
                          213.232.94.0/23 maxlen: 24
                          45.156.157.0/24 maxlen: 24
                          89.33.85.0/24 maxlen: 24
                          185.255.169.0/24 maxlen: 24
                          185.255.170.0/23 maxlen: 24
                          185.255.170.0/24 maxlen: 24
                          185.255.168.0/24 maxlen: 24
                          89.35.154.0/24 maxlen: 24
                          188.212.133.0/24 maxlen: 24
                          188.212.155.0/24 maxlen: 24
                          188.212.159.0/24 maxlen: 24
                          87.247.148.0/24 maxlen: 24
                          87.247.150.0/24 maxlen: 24
                          87.247.149.0/24 maxlen: 24
                          87.247.151.0/24 maxlen: 24
                          188.240.224.0/24 maxlen: 24
                          188.240.225.0/24 maxlen: 24
                          188.240.227.0/24 maxlen: 24
                          188.240.233.0/24 maxlen: 24
                          91.188.205.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24
                          91.188.206.0/24 maxlen: 24
                          91.188.207.0/24 maxlen: 24
                          89.37.63.0/24 maxlen: 24
                          45.146.184.0/22 maxlen: 24
                          185.135.140.0/24 maxlen: 24
                          185.135.141.0/24 maxlen: 24
                          185.135.143.0/24 maxlen: 24
                          185.238.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 21 Oct 2023 18:48:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:42:b6:03:78:04:9b:6c:39:8b:37:c3:f3:ca:d7:d4:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Oct 18 12:15:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f8731ae1b828c4c47fb8c78c36e6b03c783ef2c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:6c:8e:ad:ab:a3:62:c2:a4:52:a4:9e:a4:7c:
                    47:d9:16:99:75:e0:7d:9a:1e:97:27:43:29:ca:aa:
                    74:fd:10:ef:d0:dc:6e:1f:4f:43:cf:0f:15:58:48:
                    a3:ef:20:f5:17:9d:52:ac:5b:69:bf:32:63:86:68:
                    d2:40:dc:37:a8:8f:96:94:86:5e:52:83:ad:55:44:
                    7d:b0:52:59:3e:1e:48:f5:c3:8e:d4:8b:27:88:6d:
                    15:70:13:de:4a:85:6b:0e:3a:d8:ca:35:75:db:2b:
                    f6:23:de:01:75:09:ad:a0:33:fc:1a:5c:89:5d:5b:
                    81:59:fd:91:14:e7:32:14:86:dc:26:dd:a6:67:2b:
                    c7:01:d2:3b:1e:65:a6:cf:0d:ce:20:c9:c5:b4:4e:
                    a7:7e:ec:5c:67:89:0f:12:7e:73:e4:2f:20:84:30:
                    60:ea:a2:26:06:20:28:21:0a:73:a6:bf:60:31:f1:
                    e6:31:99:b8:0a:92:ea:22:3c:72:1d:28:35:b2:33:
                    69:4a:ca:78:59:a3:66:c2:a6:f2:4e:70:21:30:5b:
                    9a:1f:bd:21:ab:8e:cb:ce:c3:db:f0:db:be:55:df:
                    fc:29:68:86:30:36:50:fe:93:ca:be:a5:26:b7:78:
                    b3:04:74:5d:bf:97:5f:2d:e8:f1:07:87:4f:cc:a6:
                    92:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:73:1A:E1:B8:28:C4:C4:7F:B8:C7:8C:36:E6:B0:3C:78:3E:F2:C5
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-HMa4bgoxMR_uMeMNuawPHg-8sU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.184.0/22
                  45.156.157.0/24
                  87.247.148.0/22
                  89.33.85.0/24
                  89.35.154.0/24
                  89.37.63.0/24
                  91.188.204.0/22
                  93.115.254.0/23
                  185.135.140.0/23
                  185.135.143.0/24
                  185.238.10.0/24
                  185.241.210.0/23
                  185.255.39.0/24
                  185.255.168.0/22
                  188.212.133.0/24
                  188.212.155.0/24
                  188.212.159.0/24
                  188.213.202.0/23
                  188.214.209.0/24
                  188.240.224.0/23
                  188.240.227.0/24
                  188.240.233.0/24
                  188.241.243.0/24
                  193.23.128.0/23
                  213.232.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:07:70:c4:94:63:88:a5:70:7c:bd:82:ff:9a:fe:e0:a0:88:
         4c:ea:24:f4:c5:25:4d:69:47:09:02:62:38:66:f6:ec:d2:21:
         c6:d7:79:b5:18:42:6a:79:9e:a9:cb:86:fc:a6:d7:24:c7:11:
         33:44:05:06:d0:8f:2e:1d:eb:3f:55:f4:52:27:34:37:88:f5:
         c2:a7:32:cc:55:07:63:4e:15:a5:08:c8:f3:be:98:fb:66:d2:
         60:d5:4e:70:f9:1e:16:ef:66:32:ae:da:e7:3a:13:cc:6c:2f:
         e6:ce:a2:a2:3b:10:2f:bc:be:e3:82:69:da:63:15:c4:42:0f:
         6f:f7:65:e2:2d:f5:94:e6:b6:6e:d0:32:58:77:d4:67:cc:7a:
         df:23:88:94:7a:79:b6:0a:a5:8d:a2:91:dd:ef:48:bd:7d:54:
         bf:9f:3d:aa:05:0a:f4:85:ad:f0:e0:b7:c3:46:f4:56:d2:9f:
         47:37:6d:d9:e7:c4:66:cf:b7:6e:66:75:58:e3:e6:62:d9:69:
         15:71:05:4a:f6:d9:c0:48:d4:e5:b6:4d:a8:e8:06:66:9a:47:
         69:f0:93:e4:72:a4:0e:90:b9:47:59:c4:94:6f:9f:07:6c:4c:
         9f:f0:a5:92:d7:88:5f:a0:f8:5b:03:f7:70:78:5c:d5:86:c7:
         1a:91:6c:1b
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYtCtgN4BJtsOYs3w/PK19TpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDE4MTIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODczMWFlMWI4MjhjNGM0N2ZiOGM3OGMzNmU2YjAzYzc4M2VmMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2yOraujYsKkUqSepHxH2RaZdeB9
mh6XJ0Mpyqp0/RDv0NxuH09Dzw8VWEij7yD1F51SrFtpvzJjhmjSQNw3qI+WlIZe
UoOtVUR9sFJZPh5I9cOO1IsniG0VcBPeSoVrDjrYyjV12yv2I94BdQmtoDP8GlyJ
XVuBWf2RFOcyFIbcJt2mZyvHAdI7HmWmzw3OIMnFtE6nfuxcZ4kPEn5z5C8ghDBg
6qImBiAoIQpzpr9gMfHmMZm4CpLqIjxyHSg1sjNpSsp4WaNmwqbyTnAhMFuaH70h
q47LzsPb8Nu+Vd/8KWiGMDZQ/pPKvqUmt3izBHRdv5dfLejxB4dPzKaSNwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFPhzGuG4KMTEf7jHjDbmsDx4PvLFMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMS1ITWE0YmdveE1SX3VNZU1OdWF3UEhnLThzVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1
OC8xL05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBswYIKwYBBQUHAQcBAf8EgaMwgaAwgZ0EAgABMIGWAwQC
LZK4AwQALZydAwQCV/eUAwQAWSFVAwQAWSOaAwQAWSU/AwQCW7zMAwQBXXP+AwQB
uYeMAwQAuYePAwQAue4KAwQBufHSAwQAuf8nAwQCuf+oAwQAvNSFAwQAvNSbAwQA
vNSfAwQBvNXKAwQAvNbRAwQBvPDgAwQAvPDjAwQAvPDpAwQAvPHzAwQBwReAAwQC
1ehcMA0GCSqGSIb3DQEBCwUAA4IBAQA6B3DElGOIpXB8vYL/mv7goIhM6iT0xSVN
aUcJAmI4Zvbs0iHG13m1GEJqeZ6py4b8ptckxxEzRAUG0I8uHes/VfRSJzQ3iPXC
pzLMVQdjThWlCMjzvpj7ZtJg1U5w+R4W72YyrtrnOhPMbC/mzqKiOxAvvL7jgmna
YxXEQg9v92XiLfWU5rZu0DJYd9RnzHrfI4iUenm2CqWNopHd70i9fVS/nz2qBQr0
ha3w4LfDRvRW0p9HN23Z58Rmz7duZnVY4+Zi2WkVcQVK9tnASNTltk2o6AZmmkdp
8JPkcqQOkLlHWcSUb58HbEyf8KWS14hfoPhbA/dweFzVhscakWwb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org