Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JV58FwbJf0vbwzW6niVso_lK5GE.roa
File:                     JV58FwbJf0vbwzW6niVso_lK5GE.roa (raw, json)
Hash identifier:          NcRZt9W/cM1Eest8iwda7CG8EOX6PkcsHIj/jODGMxM=
Subject key identifier:   25:5E:7C:17:06:C9:7F:4B:DB:C3:35:BA:9E:25:6C:A3:F9:4A:E4:61
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018D06C3069C7EAB8FDCB6710C071EDCB707
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JV58FwbJf0vbwzW6niVso_lK5GE.roa
Signing time:             Sun 14 Jan 2024 06:57:40 +0000
ROA not before:           Sun 14 Jan 2024 06:57:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        188.241.243.0/24 maxlen: 24
                          185.255.39.0/24 maxlen: 24
                          188.214.208.0/24 maxlen: 24
                          188.214.209.0/24 maxlen: 24
                          185.241.210.0/23 maxlen: 24
                          93.115.254.0/23 maxlen: 24
                          89.40.76.0/24 maxlen: 24
                          193.23.129.0/24 maxlen: 24
                          193.23.128.0/24 maxlen: 24
                          213.232.93.0/24 maxlen: 24
                          213.232.92.0/24 maxlen: 24
                          213.232.94.0/23 maxlen: 24
                          45.156.157.0/24 maxlen: 24
                          89.33.84.0/24 maxlen: 24
                          89.35.154.0/24 maxlen: 24
                          188.212.133.0/24 maxlen: 24
                          188.212.159.0/24 maxlen: 24
                          188.212.158.0/24 maxlen: 24
                          188.240.224.0/24 maxlen: 24
                          188.240.225.0/24 maxlen: 24
                          188.240.227.0/24 maxlen: 24
                          91.188.205.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24
                          91.188.206.0/24 maxlen: 24
                          89.37.62.0/24 maxlen: 24
                          91.188.207.0/24 maxlen: 24
                          89.37.63.0/24 maxlen: 24
                          45.146.184.0/22 maxlen: 24
                          185.135.140.0/24 maxlen: 24
                          185.135.141.0/24 maxlen: 24
                          185.135.143.0/24 maxlen: 24
                          185.238.10.0/24 maxlen: 24
                          188.241.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 Jan 2024 08:14:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:06:c3:06:9c:7e:ab:8f:dc:b6:71:0c:07:1e:dc:b7:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan 14 06:57:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=255e7c1706c97f4bdbc335ba9e256ca3f94ae461
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:33:ea:b1:48:00:ba:b2:d3:6c:eb:26:df:59:
                    10:2a:d0:96:79:50:26:f4:7c:e3:7f:bf:4e:b4:51:
                    ff:ef:90:81:e6:6c:f1:91:22:01:81:01:67:a9:69:
                    19:1c:70:c4:fb:85:d2:aa:84:7b:1c:45:95:c4:15:
                    ad:70:a3:20:80:48:dc:f0:12:6b:04:49:be:6f:5c:
                    66:97:84:ff:40:e5:73:4e:c3:10:eb:77:59:08:bf:
                    2f:5f:0f:9f:84:6b:cb:8d:60:88:bc:74:07:6f:ca:
                    04:c0:98:07:b7:01:58:e4:57:aa:86:1b:65:9e:9f:
                    7e:79:0e:e4:48:05:36:ca:b9:c0:9a:ba:e2:de:d3:
                    16:b8:85:aa:1d:23:7c:65:31:6e:b2:7b:c6:4a:a8:
                    77:fb:35:0a:dc:b7:e4:d7:0e:3c:a8:88:9b:51:c6:
                    a8:a5:a1:8f:85:7e:b9:34:95:6b:77:c8:d9:8d:ce:
                    c6:09:88:02:e0:48:cd:ae:a4:33:22:3a:54:08:c5:
                    56:bf:5a:c3:d0:e1:a1:bb:ca:6b:db:63:86:c3:76:
                    f9:e8:18:ef:28:31:b6:80:14:b1:25:58:7c:1c:ad:
                    d5:c9:9d:91:a9:18:ed:29:ae:ed:bc:87:36:dc:f3:
                    06:7c:66:9c:2a:27:b0:cf:c0:92:d7:42:6b:7c:64:
                    f2:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:5E:7C:17:06:C9:7F:4B:DB:C3:35:BA:9E:25:6C:A3:F9:4A:E4:61
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JV58FwbJf0vbwzW6niVso_lK5GE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.184.0/22
                  45.156.157.0/24
                  89.33.84.0/24
                  89.35.154.0/24
                  89.37.62.0/23
                  89.40.76.0/24
                  91.188.204.0/22
                  93.115.254.0/23
                  185.135.140.0/23
                  185.135.143.0/24
                  185.238.10.0/24
                  185.241.210.0/23
                  185.255.39.0/24
                  188.212.133.0/24
                  188.212.158.0/23
                  188.214.208.0/23
                  188.240.224.0/23
                  188.240.227.0/24
                  188.241.110.0/24
                  188.241.243.0/24
                  193.23.128.0/23
                  213.232.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8f:72:e9:47:44:70:2b:0e:36:47:6e:1f:7f:65:fa:e4:4b:0b:
         79:69:5d:5e:12:73:c7:9e:49:cc:60:14:d0:b8:b7:e4:1e:88:
         a7:6d:e0:b8:3e:97:e0:8d:e8:16:c8:89:4a:91:fe:90:c5:06:
         66:85:11:5f:4c:41:82:17:bc:ad:e2:34:bd:09:a6:0d:f8:2a:
         7f:d6:94:c0:25:64:fe:63:99:ee:c7:eb:a1:a5:e0:10:31:97:
         a9:ef:4a:f5:d9:7b:25:59:32:9f:57:37:ac:a4:3d:1f:b9:e4:
         6e:45:55:f0:a3:c7:f4:15:33:0a:52:fd:71:77:4a:8e:77:64:
         32:cb:81:82:a8:f8:83:f1:48:d2:1a:4b:cd:fc:72:e3:f4:c2:
         df:d8:f2:bc:f9:4b:44:4d:cf:e0:f4:0e:a8:41:09:ee:1c:fd:
         ac:d8:a7:9f:64:8f:bf:5e:69:14:1e:d4:91:90:0c:15:6b:47:
         71:b6:ec:dc:59:f7:2b:d6:ed:62:8a:b7:0e:85:e4:e0:5c:ed:
         ae:37:e0:74:c3:71:ed:3b:dc:17:d7:cd:c2:aa:bc:13:78:85:
         e4:09:1a:a5:26:12:fb:ec:18:90:b4:de:d0:c8:c9:35:15:85:
         d4:37:d2:b6:73:d3:9f:d1:b9:b9:cd:bc:02:eb:2f:d0:5d:72:
         d9:12:af:13
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY0GwwacfquP3LZxDAce3LcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTE0MDY1NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTVlN2MxNzA2Yzk3ZjRiZGJjMzM1YmE5ZTI1NmNhM2Y5NGFlNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDPqsUgAurLTbOsm31kQKtCWeVAm
9Hzjf79OtFH/75CB5mzxkSIBgQFnqWkZHHDE+4XSqoR7HEWVxBWtcKMggEjc8BJr
BEm+b1xml4T/QOVzTsMQ63dZCL8vXw+fhGvLjWCIvHQHb8oEwJgHtwFY5Feqhhtl
np9+eQ7kSAU2yrnAmrri3tMWuIWqHSN8ZTFusnvGSqh3+zUK3Lfk1w48qIibUcao
paGPhX65NJVrd8jZjc7GCYgC4EjNrqQzIjpUCMVWv1rD0OGhu8pr22OGw3b56Bjv
KDG2gBSxJVh8HK3VyZ2RqRjtKa7tvIc23PMGfGacKiewz8CS10JrfGTykQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFCVefBcGyX9L28M1up4lbKP5SuRhMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSlY1OEZ3YkpmMHZid3pXNm5pVnNvX2xLNUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAIt
krgDBAAtnJ0DBABZIVQDBABZI5oDBAFZJT4DBABZKEwDBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAC81IUDBAG81J4DBAG81tADBAG8
8OADBAC88OMDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcNAQELBQAD
ggEBAI9y6UdEcCsONkduH39l+uRLC3lpXV4Sc8eeScxgFNC4t+QeiKdt4Lg+l+CN
6BbIiUqR/pDFBmaFEV9MQYIXvK3iNL0Jpg34Kn/WlMAlZP5jme7H66Gl4BAxl6nv
SvXZeyVZMp9XN6ykPR+55G5FVfCjx/QVMwpS/XF3So53ZDLLgYKo+IPxSNIaS838
cuP0wt/Y8rz5S0RNz+D0DqhBCe4c/azYp59kj79eaRQe1JGQDBVrR3G27NxZ9yvW
7WKKtw6F5OBc7a434HTDce073BfXzcKqvBN4heQJGqUmEvvsGJC03tDIyTUVhdQ3
0rZz05/RubnNvALrL9BdctkSrxM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org