Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9WDcNkrcblFhnAkgP2hx_0EyrMc.roa
File:                     9WDcNkrcblFhnAkgP2hx_0EyrMc.roa (raw, json)
Hash identifier:          8N14N0edeLftyOmrech2B+qae3Y08TbxlrRbVi9bhIE=
Subject key identifier:   F5:60:DC:36:4A:DC:6E:51:61:9C:09:20:3F:68:71:FF:41:32:AC:C7
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018E9E29391694C4B54339CD868765C6D178
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9WDcNkrcblFhnAkgP2hx_0EyrMc.roa
Signing time:             Tue 02 Apr 2024 09:34:45 +0000
ROA not before:           Tue 02 Apr 2024 09:34:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        45.146.184.0/22 maxlen: 24
                          45.156.157.0/24 maxlen: 24
                          89.33.84.0/24 maxlen: 24
                          89.35.154.0/24 maxlen: 24
                          89.37.62.0/24 maxlen: 24
                          89.37.63.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24
                          91.188.205.0/24 maxlen: 24
                          91.188.206.0/24 maxlen: 24
                          91.188.207.0/24 maxlen: 24
                          93.115.254.0/23 maxlen: 24
                          185.135.140.0/24 maxlen: 24
                          185.135.141.0/24 maxlen: 24
                          185.135.143.0/24 maxlen: 24
                          185.238.10.0/24 maxlen: 24
                          185.241.210.0/23 maxlen: 24
                          185.255.39.0/24 maxlen: 24
                          188.212.133.0/24 maxlen: 24
                          188.212.158.0/24 maxlen: 24
                          188.212.159.0/24 maxlen: 24
                          188.214.208.0/24 maxlen: 24
                          188.214.209.0/24 maxlen: 24
                          188.240.224.0/24 maxlen: 24
                          188.240.225.0/24 maxlen: 24
                          188.240.227.0/24 maxlen: 24
                          188.240.232.0/24 maxlen: 24
                          188.241.243.0/24 maxlen: 24
                          193.23.128.0/24 maxlen: 24
                          193.23.129.0/24 maxlen: 24
                          213.232.92.0/24 maxlen: 24
                          213.232.93.0/24 maxlen: 24
                          213.232.94.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sat 13 Apr 2024 04:32:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9e:29:39:16:94:c4:b5:43:39:cd:86:87:65:c6:d1:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr  2 09:34:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f560dc364adc6e51619c09203f6871ff4132acc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:b7:32:2e:a6:05:33:42:d8:f4:ec:ea:d2:e0:
                    64:1e:4a:f1:a4:66:5d:54:98:ef:47:89:d7:4b:55:
                    b5:3b:c1:35:03:ef:5c:89:8b:b4:98:43:14:d5:c8:
                    28:b0:45:37:7b:40:98:48:15:32:7e:1e:7a:63:af:
                    5d:1c:16:78:0c:27:cf:6e:01:e7:8c:d8:e0:7e:56:
                    56:52:56:8d:35:11:d8:cb:f2:00:43:c5:42:81:b5:
                    14:33:95:1a:e6:a2:34:d4:d0:7c:33:a1:de:d8:3b:
                    56:ca:a4:25:50:96:ec:5c:39:63:b4:f3:85:df:49:
                    b9:85:6b:38:76:4a:e4:b7:cb:6d:c5:14:90:dc:04:
                    81:d9:59:2c:5e:d7:ca:64:d8:42:bd:00:e3:29:7d:
                    2b:56:3c:84:cf:83:c7:cc:fb:26:f4:33:2c:ce:25:
                    a7:a3:b7:fb:41:84:a2:07:4a:f8:ef:e4:3e:b6:98:
                    f9:ef:16:2b:33:db:1c:2b:e1:b2:be:7d:34:36:d1:
                    49:71:ec:1f:82:a8:b1:88:b5:5e:db:08:cc:e9:21:
                    69:cb:4d:86:2c:69:a9:94:17:78:aa:37:b7:45:4a:
                    6d:70:3d:0a:5a:b0:f7:b1:c0:1b:59:8d:ca:07:02:
                    0a:b1:24:1b:00:4d:18:bd:0c:17:e1:8b:cb:91:51:
                    27:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:60:DC:36:4A:DC:6E:51:61:9C:09:20:3F:68:71:FF:41:32:AC:C7
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9WDcNkrcblFhnAkgP2hx_0EyrMc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.184.0/22
                  45.156.157.0/24
                  89.33.84.0/24
                  89.35.154.0/24
                  89.37.62.0/23
                  91.188.204.0/22
                  93.115.254.0/23
                  185.135.140.0/23
                  185.135.143.0/24
                  185.238.10.0/24
                  185.241.210.0/23
                  185.255.39.0/24
                  188.212.133.0/24
                  188.212.158.0/23
                  188.214.208.0/23
                  188.240.224.0/23
                  188.240.227.0/24
                  188.240.232.0/24
                  188.241.243.0/24
                  193.23.128.0/23
                  213.232.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0e:e8:9e:e1:ae:23:63:4c:1e:cd:12:0d:79:18:d4:55:c5:33:
         0d:f0:db:01:04:b1:18:f7:75:76:6c:ec:a3:5a:81:bc:d3:46:
         fe:88:5f:34:e2:54:30:bc:cd:49:98:f0:56:8f:12:70:81:fd:
         ff:79:69:07:7f:3f:d9:75:98:99:ad:2d:eb:36:7e:d4:3c:37:
         1f:02:20:d7:ed:31:bd:8a:a0:c8:8a:44:0e:24:20:73:e3:42:
         73:6d:3d:98:94:c1:12:3b:40:ab:90:af:d6:1c:b5:88:c7:95:
         70:5d:70:40:21:69:b8:6b:c6:11:da:cd:ea:32:4c:93:f5:13:
         00:fe:b3:ac:e6:bc:71:39:b4:db:59:b2:17:b0:87:f0:0b:36:
         a4:6f:55:dc:48:b8:bd:c5:90:c7:81:05:04:12:b2:3e:40:3d:
         ed:75:77:34:2e:0b:06:d5:94:17:95:9b:31:f7:0d:8d:c7:67:
         81:c6:ee:12:fd:e6:62:7b:fe:5a:07:6c:f6:d5:a7:46:13:03:
         8f:4f:ad:c5:4d:c1:73:18:2d:12:a8:81:cf:60:de:38:5a:8e:
         f3:b5:1e:23:b9:38:32:29:45:2d:59:60:b7:5c:84:f1:ba:45:
         62:cc:03:39:2c:ce:d0:55:c0:b4:a1:6f:9a:ca:49:1a:50:4e:
         29:10:29:59
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY6eKTkWlMS1QznNhodlxtF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNDAyMDkzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTYwZGMzNjRhZGM2ZTUxNjE5YzA5MjAzZjY4NzFmZjQxMzJhY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbcyLqYFM0LY9Ozq0uBkHkrxpGZd
VJjvR4nXS1W1O8E1A+9ciYu0mEMU1cgosEU3e0CYSBUyfh56Y69dHBZ4DCfPbgHn
jNjgflZWUlaNNRHYy/IAQ8VCgbUUM5Ua5qI01NB8M6He2DtWyqQlUJbsXDljtPOF
30m5hWs4dkrkt8ttxRSQ3ASB2VksXtfKZNhCvQDjKX0rVjyEz4PHzPsm9DMsziWn
o7f7QYSiB0r47+Q+tpj57xYrM9scK+Gyvn00NtFJcewfgqixiLVe2wjM6SFpy02G
LGmplBd4qje3RUptcD0KWrD3scAbWY3KBwIKsSQbAE0YvQwX4YvLkVEntQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFPVg3DZK3G5RYZwJID9ocf9BMqzHMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOVdEY05rcmNibEZobkFrZ1AyaHhfMEV5ck1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAi2S
uAMEAC2cnQMEAFkhVAMEAFkjmgMEAVklPgMEAlu8zAMEAV1z/gMEAbmHjAMEALmH
jwMEALnuCgMEAbnx0gMEALn/JwMEALzUhQMEAbzUngMEAbzW0AMEAbzw4AMEALzw
4wMEALzw6AMEALzx8wMEAcEXgAMEAtXoXDANBgkqhkiG9w0BAQsFAAOCAQEADuie
4a4jY0wezRINeRjUVcUzDfDbAQSxGPd1dmzso1qBvNNG/ohfNOJUMLzNSZjwVo8S
cIH9/3lpB38/2XWYma0t6zZ+1Dw3HwIg1+0xvYqgyIpEDiQgc+NCc209mJTBEjtA
q5Cv1hy1iMeVcF1wQCFpuGvGEdrN6jJMk/UTAP6zrOa8cTm021myF7CH8As2pG9V
3Ei4vcWQx4EFBBKyPkA97XV3NC4LBtWUF5WbMfcNjcdngcbuEv3mYnv+Wgds9tWn
RhMDj0+txU3BcxgtEqiBz2DeOFqO87UeI7k4MilFLVlgt1yE8bpFYswDOSzO0FXA
tKFvmspJGlBOKRApWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org