Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DWwyxgZjmSklegVGNjUXLSLRzJw.roa
File:                     DWwyxgZjmSklegVGNjUXLSLRzJw.roa (raw, json)
Hash identifier:          VuylHfyNudw2SvPyb0k/kgW2dcsrDgYhI/eMLngQgJ8=
Subject key identifier:   0D:6C:32:C6:06:63:99:29:25:7A:05:46:36:35:17:2D:22:D1:CC:9C
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0187C6829E1A30F3D8AA125190C31919C166
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DWwyxgZjmSklegVGNjUXLSLRzJw.roa
Signing time:             Fri 28 Apr 2023 06:17:41 +0000
ROA not before:           Fri 28 Apr 2023 06:17:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        89.35.154.0/24 maxlen: 24
                          188.241.243.0/24 maxlen: 24
                          188.212.155.0/24 maxlen: 24
                          87.247.149.0/24 maxlen: 24
                          87.247.151.0/24 maxlen: 24
                          188.241.182.0/24 maxlen: 24
                          188.240.233.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24
                          89.37.62.0/24 maxlen: 24
                          89.37.63.0/24 maxlen: 24
                          213.232.94.0/23 maxlen: 24
                          185.135.141.0/24 maxlen: 24
                          45.156.159.0/24 maxlen: 24
                          188.241.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 10 Jun 2023 05:12:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c6:82:9e:1a:30:f3:d8:aa:12:51:90:c3:19:19:c1:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr 28 06:17:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0d6c32c606639929257a05463635172d22d1cc9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:30:46:65:ae:92:51:33:49:a6:61:a2:2a:d0:
                    5c:fc:92:ce:82:1c:cb:90:61:58:42:c4:2d:89:79:
                    6a:92:9e:98:96:64:78:3a:42:d3:0c:9d:ce:6d:6c:
                    ae:71:0f:65:90:15:a9:2d:fe:f0:09:fa:eb:2e:5b:
                    81:2b:5c:33:f6:26:4a:d9:4a:fc:b7:25:b1:80:11:
                    88:6e:98:b2:1f:61:4c:6f:9a:3f:9c:60:d3:36:08:
                    3e:46:0c:36:d3:b7:44:01:be:2a:c7:69:4d:b3:58:
                    08:bd:7c:4a:55:b7:31:d1:3f:b4:d1:b2:8e:9a:fe:
                    2d:3e:cb:ca:fa:af:b7:e6:ba:50:a5:46:35:4e:3e:
                    7f:dc:d8:75:35:a5:63:14:ae:ab:fe:ab:d7:1a:5a:
                    6e:e2:d4:2e:3b:80:3d:9f:b8:63:ff:3a:78:13:c3:
                    2e:8b:67:6e:de:4c:de:24:7e:57:36:c4:db:a7:24:
                    96:f4:20:1b:c2:46:e4:3f:6a:4b:a0:52:c3:9c:61:
                    7b:96:81:8b:07:4f:46:c0:ac:52:c6:0b:0d:25:27:
                    1f:e8:50:1d:8a:73:1b:a5:c0:5f:75:2e:f4:7e:0b:
                    11:37:55:ed:c7:46:9f:cf:10:dd:ec:22:bb:14:52:
                    e8:24:52:e6:a4:67:f0:fd:5b:4b:4f:e5:f8:cd:d2:
                    99:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:6C:32:C6:06:63:99:29:25:7A:05:46:36:35:17:2D:22:D1:CC:9C
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/DWwyxgZjmSklegVGNjUXLSLRzJw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.159.0/24
                  87.247.149.0/24
                  87.247.151.0/24
                  89.35.154.0/24
                  89.37.62.0/23
                  91.188.204.0/24
                  185.135.141.0/24
                  188.212.155.0/24
                  188.240.233.0/24
                  188.241.110.0/24
                  188.241.182.0/24
                  188.241.243.0/24
                  213.232.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8d:d2:9e:3c:9f:42:38:ee:59:8f:20:64:65:e0:57:dc:d5:6e:
         56:14:5b:93:40:5b:fd:70:2a:48:75:6c:4d:fa:10:a8:03:bb:
         82:5d:55:44:44:32:32:db:12:e6:1f:d6:78:ff:95:fa:23:68:
         3a:a3:bd:8f:db:c4:48:15:84:92:b3:7c:bd:c2:b8:cc:01:d9:
         0b:e9:b2:c8:a7:9c:c6:b6:35:5b:d5:72:24:74:64:5e:01:77:
         fe:26:13:30:82:77:ff:9d:81:c7:7d:91:3a:50:f4:e0:28:cb:
         94:3e:0b:bb:59:55:53:84:5e:c5:d3:37:e1:a9:a9:43:23:e9:
         1e:d4:5e:b7:4d:c0:f9:5e:a3:6e:4f:f5:ef:f6:19:cc:b4:cb:
         5c:b9:cb:02:f3:36:52:80:9c:d7:5b:cf:be:8d:5b:b7:ca:9b:
         f3:fa:79:79:c9:6c:8e:9d:df:30:d9:cd:d9:83:39:66:02:c9:
         bb:28:c4:04:26:61:e9:6c:a2:df:0b:74:19:b3:b3:b0:45:d7:
         bb:54:c7:68:f5:91:59:6e:17:03:ed:46:60:18:55:ef:00:cf:
         f5:30:42:19:49:44:70:1a:f7:f0:cb:5f:e1:40:ea:50:4e:bd:
         ed:77:07:fa:d7:d9:75:73:e8:b6:c3:c4:e9:14:d7:82:2b:b1:
         a5:88:45:31
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYfGgp4aMPPYqhJRkMMZGcFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDI4MDYxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDZjMzJjNjA2NjM5OTI5MjU3YTA1NDYzNjM1MTcyZDIyZDFjYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzBGZa6SUTNJpmGiKtBc/JLOghzL
kGFYQsQtiXlqkp6YlmR4OkLTDJ3ObWyucQ9lkBWpLf7wCfrrLluBK1wz9iZK2Ur8
tyWxgBGIbpiyH2FMb5o/nGDTNgg+Rgw207dEAb4qx2lNs1gIvXxKVbcx0T+00bKO
mv4tPsvK+q+35rpQpUY1Tj5/3Nh1NaVjFK6r/qvXGlpu4tQuO4A9n7hj/zp4E8Mu
i2du3kzeJH5XNsTbpySW9CAbwkbkP2pLoFLDnGF7loGLB09GwKxSxgsNJScf6FAd
inMbpcBfdS70fgsRN1Xtx0afzxDd7CK7FFLoJFLmpGfw/VtLT+X4zdKZCQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFA1sMsYGY5kpJXoFRjY1Fy0i0cycMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRFd3eXhnWmptU2tsZWdWR05qVVhMU0xSekp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALZyfAwQA
V/eVAwQAV/eXAwQAWSOaAwQBWSU+AwQAW7zMAwQAuYeNAwQAvNSbAwQAvPDpAwQA
vPFuAwQAvPG2AwQAvPHzAwQB1eheMA0GCSqGSIb3DQEBCwUAA4IBAQCN0p48n0I4
7lmPIGRl4Ffc1W5WFFuTQFv9cCpIdWxN+hCoA7uCXVVERDIy2xLmH9Z4/5X6I2g6
o72P28RIFYSSs3y9wrjMAdkL6bLIp5zGtjVb1XIkdGReAXf+JhMwgnf/nYHHfZE6
UPTgKMuUPgu7WVVThF7F0zfhqalDI+ke1F63TcD5XqNuT/Xv9hnMtMtcucsC8zZS
gJzXW8++jVu3ypvz+nl5yWyOnd8w2c3ZgzlmAsm7KMQEJmHpbKLfC3QZs7OwRde7
VMdo9ZFZbhcD7UZgGFXvAM/1MEIZSURwGvfwy1/hQOpQTr3tdwf619l1c+i2w8Tp
FNeCK7GliEUx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org