Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JUpgvDwsrVmSXCppLxqGx5fgc74.roa
File:                     JUpgvDwsrVmSXCppLxqGx5fgc74.roa (raw, json)
Hash identifier:          DFRXWlNLXe2K2U4ahcMWhtxCxnpNvsD37ziN+bne5YM=
Subject key identifier:   25:4A:60:BC:3C:2C:AD:59:92:5C:2A:69:2F:1A:86:C7:97:E0:73:BE
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018B62D2ADE7631F6FF4509B4AE89B211648
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JUpgvDwsrVmSXCppLxqGx5fgc74.roa
Signing time:             Tue 24 Oct 2023 17:54:16 +0000
ROA not before:           Tue 24 Oct 2023 17:54:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        188.241.243.0/24 maxlen: 24
                          185.255.39.0/24 maxlen: 24
                          188.214.209.0/24 maxlen: 24
                          185.241.210.0/23 maxlen: 24
                          93.115.254.0/23 maxlen: 24
                          188.213.202.0/24 maxlen: 24
                          193.23.129.0/24 maxlen: 24
                          193.23.128.0/24 maxlen: 24
                          213.232.93.0/24 maxlen: 24
                          213.232.92.0/24 maxlen: 24
                          213.232.94.0/23 maxlen: 24
                          45.156.157.0/24 maxlen: 24
                          89.33.85.0/24 maxlen: 24
                          185.255.169.0/24 maxlen: 24
                          185.255.170.0/23 maxlen: 24
                          185.255.170.0/24 maxlen: 24
                          185.255.168.0/24 maxlen: 24
                          89.35.154.0/24 maxlen: 24
                          188.212.133.0/24 maxlen: 24
                          188.212.159.0/24 maxlen: 24
                          87.247.148.0/24 maxlen: 24
                          87.247.150.0/24 maxlen: 24
                          87.247.149.0/24 maxlen: 24
                          87.247.151.0/24 maxlen: 24
                          188.240.224.0/24 maxlen: 24
                          188.240.225.0/24 maxlen: 24
                          188.240.227.0/24 maxlen: 24
                          91.188.205.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24
                          91.188.206.0/24 maxlen: 24
                          91.188.207.0/24 maxlen: 24
                          89.37.63.0/24 maxlen: 24
                          45.146.184.0/22 maxlen: 24
                          185.135.140.0/24 maxlen: 24
                          185.135.141.0/24 maxlen: 24
                          185.135.143.0/24 maxlen: 24
                          185.238.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 28 Oct 2023 06:45:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:62:d2:ad:e7:63:1f:6f:f4:50:9b:4a:e8:9b:21:16:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Oct 24 17:54:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=254a60bc3c2cad59925c2a692f1a86c797e073be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:99:5a:a6:60:d3:64:6f:03:fd:ae:10:f1:f4:
                    7a:c6:11:9a:66:0b:3b:c4:b7:4f:da:55:e0:c5:17:
                    ef:e2:73:28:56:87:19:33:0d:cf:47:4b:84:c8:94:
                    37:e4:2a:39:07:d6:97:3f:e1:b1:8c:72:20:a8:cd:
                    b6:7e:5f:2c:c3:0f:1e:f1:29:1e:3a:44:61:64:d5:
                    29:9e:10:8a:bb:df:67:ca:55:e7:f5:84:b2:f9:e9:
                    a1:59:c3:27:69:b8:92:f1:9d:86:cb:7d:26:c9:e8:
                    0a:48:8f:55:0c:bc:57:b1:0a:a7:12:e0:8a:2c:0f:
                    a6:e1:f4:fc:ef:ba:f6:52:49:cc:d7:00:6f:fb:89:
                    11:40:e0:ff:23:68:85:19:54:46:ff:72:38:35:e4:
                    14:e6:d6:af:d4:4d:9e:07:a8:06:73:3b:81:d9:d6:
                    d6:a0:b3:16:c4:10:a5:44:b0:d5:f4:4f:33:9c:89:
                    24:f0:37:6b:0c:b3:47:42:21:d2:46:04:86:66:7a:
                    1a:39:e8:f1:0e:cd:36:42:f9:ab:9e:fe:ec:7f:af:
                    83:af:c0:6f:f5:84:61:e7:80:57:12:44:7e:c5:3c:
                    31:7e:24:38:33:e8:56:f9:3c:42:67:3e:d2:6e:b4:
                    b2:68:c6:30:c4:5b:4c:9b:14:d3:b6:78:56:3d:e9:
                    de:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:4A:60:BC:3C:2C:AD:59:92:5C:2A:69:2F:1A:86:C7:97:E0:73:BE
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JUpgvDwsrVmSXCppLxqGx5fgc74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.184.0/22
                  45.156.157.0/24
                  87.247.148.0/22
                  89.33.85.0/24
                  89.35.154.0/24
                  89.37.63.0/24
                  91.188.204.0/22
                  93.115.254.0/23
                  185.135.140.0/23
                  185.135.143.0/24
                  185.238.10.0/24
                  185.241.210.0/23
                  185.255.39.0/24
                  185.255.168.0/22
                  188.212.133.0/24
                  188.212.159.0/24
                  188.213.202.0/24
                  188.214.209.0/24
                  188.240.224.0/23
                  188.240.227.0/24
                  188.241.243.0/24
                  193.23.128.0/23
                  213.232.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:21:33:9d:96:8c:41:79:d6:ed:f2:49:1b:aa:b5:5a:53:b0:
         1b:e7:0f:de:b9:c3:ea:1d:6c:90:ad:16:d6:cf:07:42:53:fd:
         fe:d0:3d:ec:35:7f:8d:f6:66:bd:7d:6c:5f:2b:94:2d:13:6a:
         e2:d0:0a:cd:b9:03:d8:ae:e2:a5:3b:d8:f2:94:ae:7c:1b:08:
         92:dd:e7:ec:b0:38:98:41:fd:c5:9c:73:1e:99:48:7b:1c:9c:
         d8:de:46:3e:06:97:de:d6:7d:40:dd:e4:c1:71:5c:08:e6:aa:
         e6:61:3b:7e:c8:de:03:c1:d8:a3:e6:da:ad:e8:65:aa:5b:50:
         30:a9:4e:8a:4f:58:c5:0a:13:95:4d:c6:6a:6d:0c:27:44:56:
         d0:97:c5:d1:ab:08:bb:b6:c7:35:43:62:38:32:cf:74:2c:41:
         52:ef:9b:0b:9e:d7:e5:f2:04:d4:2b:24:95:21:b4:14:15:cc:
         d2:35:50:f9:cf:a4:41:d3:d9:b8:ba:1b:e9:f5:45:27:88:c6:
         2c:db:d8:cd:73:37:95:89:79:42:7b:31:89:b1:db:49:d2:2b:
         8d:42:f0:b5:cb:4f:ff:79:b7:c0:5f:fb:38:43:1c:af:1d:87:
         84:2e:75:b7:0e:cd:67:b1:24:b7:36:43:56:7b:f1:b2:b2:bc:
         39:04:b9:e8
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYti0q3nYx9v9FCbSuibIRZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDI0MTc1NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRhNjBiYzNjMmNhZDU5OTI1YzJhNjkyZjFhODZjNzk3ZTA3M2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5lapmDTZG8D/a4Q8fR6xhGaZgs7
xLdP2lXgxRfv4nMoVocZMw3PR0uEyJQ35Co5B9aXP+GxjHIgqM22fl8sww8e8Ske
OkRhZNUpnhCKu99nylXn9YSy+emhWcMnabiS8Z2Gy30myegKSI9VDLxXsQqnEuCK
LA+m4fT877r2UknM1wBv+4kRQOD/I2iFGVRG/3I4NeQU5tav1E2eB6gGczuB2dbW
oLMWxBClRLDV9E8znIkk8DdrDLNHQiHSRgSGZnoaOejxDs02Qvmrnv7sf6+Dr8Bv
9YRh54BXEkR+xTwxfiQ4M+hW+TxCZz7SbrSyaMYwxFtMmxTTtnhWPeneZwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFCVKYLw8LK1ZklwqaS8ahseX4HO+MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSlVwZ3ZEd3NyVm1TWENwcEx4cUd4NWZnYzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAC81J8DBAC8
1coDBAC81tEDBAG88OADBAC88OMDBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcN
AQELBQADggEBAAshM52WjEF51u3ySRuqtVpTsBvnD965w+odbJCtFtbPB0JT/f7Q
Pew1f432Zr19bF8rlC0TauLQCs25A9iu4qU72PKUrnwbCJLd5+ywOJhB/cWccx6Z
SHscnNjeRj4Gl97WfUDd5MFxXAjmquZhO37I3gPB2KPm2q3oZapbUDCpTopPWMUK
E5VNxmptDCdEVtCXxdGrCLu2xzVDYjgyz3QsQVLvmwue1+XyBNQrJJUhtBQVzNI1
UPnPpEHT2bi6G+n1RSeIxizb2M1zN5WJeUJ7MYmx20nSK41C8LXLT/95t8Bf+zhD
HK8dh4QudbcOzWexJLc2Q1Z78bKyvDkEueg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org