Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8JjqFyJc8IECqhJ45fKNpfN2k7M.roa
File:                     8JjqFyJc8IECqhJ45fKNpfN2k7M.roa (raw, json)
Hash identifier:          35zviTuIMWoK+4KbdI1uImyLrTI4shKVSCWjHVOwxd8=
Subject key identifier:   F0:98:EA:17:22:5C:F0:81:02:AA:12:78:E5:F2:8D:A5:F3:76:93:B3
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0186029CAF532A356856F171CC5DF68AD0AA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8JjqFyJc8IECqhJ45fKNpfN2k7M.roa
Signing time:             Mon 30 Jan 2023 12:17:48 +0000
ROA not before:           Mon 30 Jan 2023 12:17:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     38337
IP address blocks:        193.23.129.0/24 maxlen: 24
                          193.23.128.0/24 maxlen: 24
                          213.232.94.0/24 maxlen: 24
                          185.135.143.0/24 maxlen: 24
                          185.255.37.0/24 maxlen: 24
                          188.240.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 31 Jan 2023 17:45:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:02:9c:af:53:2a:35:68:56:f1:71:cc:5d:f6:8a:d0:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan 30 12:17:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f098ea17225cf08102aa1278e5f28da5f37693b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:c4:f8:83:6a:33:c6:2c:21:78:2c:ec:d6:01:
                    73:6e:af:c2:37:bd:21:ae:17:96:9e:37:6b:23:d5:
                    3e:4a:f5:46:9d:fb:77:7f:7e:62:1c:5d:f9:c0:6e:
                    d2:6f:6a:fb:30:06:7c:53:9e:a7:f9:c3:86:cb:90:
                    64:37:7b:11:ff:13:d2:34:b0:80:22:59:8e:64:50:
                    bd:5e:88:29:cc:4d:5d:79:c8:df:8e:e0:e6:18:d6:
                    eb:89:47:97:2b:0f:30:2c:41:4d:2c:d6:6f:5c:18:
                    d7:5a:23:86:43:16:db:d5:d4:af:75:d8:94:6e:72:
                    d4:d3:b6:55:95:13:c0:c2:bc:dd:77:fd:47:c5:e6:
                    33:93:b2:69:d3:23:c0:28:73:cb:8e:4b:9b:ff:0a:
                    72:a5:46:f2:b7:04:a5:76:e1:7a:7d:d0:c3:99:e1:
                    08:6f:02:83:0c:a2:73:db:2a:82:88:b0:81:81:f0:
                    9e:eb:18:91:d9:ee:7a:79:a5:34:57:ea:78:0b:d0:
                    35:ff:64:ac:9e:4b:a5:f5:e8:63:47:32:a2:8f:68:
                    19:db:5f:ba:94:31:e3:df:a6:39:dd:db:e4:64:95:
                    d9:a9:44:3a:ad:b6:97:b4:cd:f8:12:80:76:d1:c9:
                    c5:14:22:55:b1:32:c6:6f:1a:b8:67:51:01:7f:e1:
                    a7:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:98:EA:17:22:5C:F0:81:02:AA:12:78:E5:F2:8D:A5:F3:76:93:B3
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/8JjqFyJc8IECqhJ45fKNpfN2k7M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.135.143.0/24
                  185.255.37.0/24
                  188.240.225.0/24
                  193.23.128.0/23
                  213.232.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:e3:9d:f9:ca:c3:ff:92:7b:8f:71:e6:1e:3c:f4:4c:c6:b4:
         63:f9:b5:07:ca:a7:3b:90:10:22:8c:de:91:bd:33:e1:e6:57:
         50:6f:27:ae:96:34:d8:7e:f7:0c:f2:29:92:e7:f8:b7:da:59:
         be:24:80:50:d2:7b:d8:dc:33:6a:1a:a1:06:29:35:08:a4:27:
         86:d9:a5:e8:80:27:ee:2d:e7:46:07:be:93:ce:99:d8:51:04:
         97:1e:8f:3b:9b:e3:73:c5:3e:f6:bb:3a:b2:be:1d:19:cf:d7:
         ad:2e:8a:95:d5:4b:ed:75:c2:4e:99:bd:93:5a:27:8b:5a:fb:
         76:1a:b9:56:d8:26:34:e3:e9:04:b2:6b:ce:45:e9:e1:64:f9:
         07:1b:c3:fb:55:80:23:9c:32:d7:8a:ea:a5:11:d7:94:2c:0d:
         e2:f4:0d:16:fa:9b:ae:6f:d3:54:9e:24:a9:3e:35:f7:77:b9:
         18:c8:ef:2f:11:71:0b:f1:ac:ee:d0:d5:77:18:4e:4e:72:42:
         44:5d:48:64:3f:7f:ef:b7:f0:7d:92:6f:58:14:c0:ff:00:73:
         10:d8:0b:d6:b5:db:03:5f:38:b6:bc:d3:d1:25:b6:3f:31:f7:
         d6:40:f2:b3:f8:16:e1:83:26:4c:54:4a:53:06:4f:1c:7f:ce:
         bb:e6:3f:91
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYCnK9TKjVoVvFxzF32itCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTMwMTIxNzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDk4ZWExNzIyNWNmMDgxMDJhYTEyNzhlNWYyOGRhNWYzNzY5M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicT4g2ozxiwheCzs1gFzbq/CN70h
rheWnjdrI9U+SvVGnft3f35iHF35wG7Sb2r7MAZ8U56n+cOGy5BkN3sR/xPSNLCA
IlmOZFC9XogpzE1decjfjuDmGNbriUeXKw8wLEFNLNZvXBjXWiOGQxbb1dSvddiU
bnLU07ZVlRPAwrzdd/1HxeYzk7Jp0yPAKHPLjkub/wpypUbytwSlduF6fdDDmeEI
bwKDDKJz2yqCiLCBgfCe6xiR2e56eaU0V+p4C9A1/2Ssnkul9ehjRzKij2gZ21+6
lDHj36Y53dvkZJXZqUQ6rbaXtM34EoB20cnFFCJVsTLGbxq4Z1EBf+GnAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPCY6hciXPCBAqoSeOXyjaXzdpOzMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOEpqcUZ5SmM4SUVDcWhKNDVmS05wZk4yazdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuYePAwQA
uf8lAwQAvPDhAwQBwReAAwQA1eheMA0GCSqGSIb3DQEBCwUAA4IBAQBG4535ysP/
knuPceYePPRMxrRj+bUHyqc7kBAijN6RvTPh5ldQbyeuljTYfvcM8imS5/i32lm+
JIBQ0nvY3DNqGqEGKTUIpCeG2aXogCfuLedGB76TzpnYUQSXHo87m+NzxT72uzqy
vh0Zz9etLoqV1UvtdcJOmb2TWieLWvt2GrlW2CY04+kEsmvORenhZPkHG8P7VYAj
nDLXiuqlEdeULA3i9A0W+puub9NUniSpPjX3d7kYyO8vEXEL8azu0NV3GE5OckJE
XUhkP3/vt/B9km9YFMD/AHMQ2AvWtdsDXzi2vNPRJbY/MffWQPKz+BbhgyZMVEpT
Bk8cf8675j+R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org