Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Tw3UaQf8ekbIUFYtrSmlR5JsswY.roa
File:                     Tw3UaQf8ekbIUFYtrSmlR5JsswY.roa (raw, json)
Hash identifier:          WFrCgJv2t/Mh8ePNmhR/2hsjBa/94u1QHBmiuDEPffc=
Subject key identifier:   4F:0D:D4:69:07:FC:7A:46:C8:50:56:2D:AD:29:A5:47:92:6C:B3:06
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018A667AA453B52FBDD0E4D3CA4CBD76D178
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Tw3UaQf8ekbIUFYtrSmlR5JsswY.roa
Signing time:             Tue 05 Sep 2023 17:53:48 +0000
ROA not before:           Tue 05 Sep 2023 17:53:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        188.241.242.0/24 maxlen: 24
                          188.241.243.0/24 maxlen: 24
                          185.255.39.0/24 maxlen: 24
                          188.214.209.0/24 maxlen: 24
                          185.241.210.0/23 maxlen: 24
                          93.115.255.0/24 maxlen: 24
                          93.115.254.0/23 maxlen: 24
                          188.213.203.0/24 maxlen: 24
                          188.213.202.0/24 maxlen: 24
                          193.23.129.0/24 maxlen: 24
                          193.23.128.0/24 maxlen: 24
                          213.232.93.0/24 maxlen: 24
                          213.232.92.0/24 maxlen: 24
                          217.74.16.0/24 maxlen: 24
                          213.232.94.0/23 maxlen: 24
                          45.156.157.0/24 maxlen: 24
                          89.33.85.0/24 maxlen: 24
                          89.33.84.0/24 maxlen: 24
                          185.255.169.0/24 maxlen: 24
                          185.255.170.0/23 maxlen: 24
                          185.255.170.0/24 maxlen: 24
                          89.35.154.0/24 maxlen: 24
                          188.212.133.0/24 maxlen: 24
                          188.212.155.0/24 maxlen: 24
                          188.212.158.0/24 maxlen: 24
                          87.247.148.0/24 maxlen: 24
                          87.247.150.0/24 maxlen: 24
                          87.247.149.0/24 maxlen: 24
                          87.247.151.0/24 maxlen: 24
                          188.240.224.0/24 maxlen: 24
                          188.240.225.0/24 maxlen: 24
                          188.240.227.0/24 maxlen: 24
                          188.240.233.0/24 maxlen: 24
                          91.188.205.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24
                          91.188.206.0/24 maxlen: 24
                          91.188.207.0/24 maxlen: 24
                          89.37.63.0/24 maxlen: 24
                          185.135.140.0/24 maxlen: 24
                          185.135.141.0/24 maxlen: 24
                          185.135.143.0/24 maxlen: 24
                          185.238.10.0/24 maxlen: 24
                          188.241.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Sep 2023 08:17:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:66:7a:a4:53:b5:2f:bd:d0:e4:d3:ca:4c:bd:76:d1:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Sep  5 17:53:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4f0dd46907fc7a46c850562dad29a547926cb306
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:d8:d0:8c:43:f5:1d:92:a4:b4:67:f7:67:ad:
                    05:78:8d:f4:e5:cb:76:71:de:7c:b2:88:b5:dc:48:
                    ba:0d:ed:4e:7b:fd:a0:a1:e9:75:45:de:1a:e4:46:
                    a9:2e:cb:56:0f:67:ce:0b:7d:ff:55:de:68:4a:62:
                    17:16:f2:85:16:9e:d5:4b:be:9f:dc:53:4d:1b:2b:
                    19:14:29:8e:76:8b:c9:8b:02:9f:4e:b2:a0:54:24:
                    e4:1b:31:e3:b1:a6:c8:d4:91:e4:b0:b6:9b:da:12:
                    fd:46:ba:93:ef:64:25:ff:4e:e4:54:91:5d:c6:fe:
                    23:f7:a6:e6:86:3d:1c:6f:bb:36:ac:12:0b:36:f5:
                    5a:c3:c8:f8:23:9c:ca:0e:42:2c:47:a9:93:63:e3:
                    0e:12:ff:4a:0c:a2:6b:ed:76:e0:2e:58:e2:57:7e:
                    86:f3:64:13:d4:13:f4:3f:74:94:91:65:65:3d:2e:
                    0a:9a:a7:e3:bd:5c:20:70:c9:c7:d6:93:f9:9f:c6:
                    2d:03:73:9c:f8:82:d7:55:8b:e2:df:ae:4a:5a:1d:
                    84:b8:19:40:77:f1:ba:56:3f:21:fa:23:df:eb:cb:
                    48:d3:8a:fa:bc:79:50:63:8c:75:81:41:f2:c2:21:
                    5c:2d:32:02:6c:24:59:4f:d8:15:46:f3:3b:b4:c8:
                    f2:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:0D:D4:69:07:FC:7A:46:C8:50:56:2D:AD:29:A5:47:92:6C:B3:06
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Tw3UaQf8ekbIUFYtrSmlR5JsswY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.157.0/24
                  87.247.148.0/22
                  89.33.84.0/23
                  89.35.154.0/24
                  89.37.63.0/24
                  91.188.204.0/22
                  93.115.254.0/23
                  185.135.140.0/23
                  185.135.143.0/24
                  185.238.10.0/24
                  185.241.210.0/23
                  185.255.39.0/24
                  185.255.169.0-185.255.171.255
                  188.212.133.0/24
                  188.212.155.0/24
                  188.212.158.0/24
                  188.213.202.0/23
                  188.214.209.0/24
                  188.240.224.0/23
                  188.240.227.0/24
                  188.240.233.0/24
                  188.241.110.0/24
                  188.241.242.0/23
                  193.23.128.0/23
                  213.232.92.0/22
                  217.74.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:49:a0:31:ad:5f:34:a2:51:c2:fc:e7:71:21:3b:7b:5c:b4:
         a3:62:1e:1a:94:c6:a5:61:56:3e:0f:a8:59:bf:35:86:47:00:
         a8:1e:24:72:24:5d:7f:6d:72:04:e6:56:34:9a:dc:40:67:04:
         2a:64:cc:1b:d7:b8:79:22:91:07:86:16:b8:84:09:51:a8:7a:
         0e:7d:f6:cd:c8:7e:80:42:f5:dd:a2:fc:f9:24:4e:11:c5:db:
         a6:30:f6:c8:7d:08:ac:4b:f1:36:21:ba:1f:16:9f:10:34:f3:
         66:77:ac:67:c4:2d:33:a8:38:37:e3:7e:20:83:98:ba:65:6a:
         0e:c9:de:b8:34:c9:9b:f5:21:15:94:80:9b:56:7c:4b:3b:63:
         a5:9e:6f:90:fc:d7:76:82:fe:bc:de:63:e9:1e:33:1c:81:e0:
         60:3f:97:eb:b2:16:7e:23:c6:e5:60:e7:53:ac:f4:d1:93:45:
         b5:26:52:96:e0:f7:6e:07:34:f4:1b:91:1e:a2:ef:8f:1f:31:
         19:74:57:10:da:cf:20:a9:0e:3b:aa:d4:5c:33:70:a8:d2:e2:
         17:ae:c3:8f:87:1a:f9:07:ac:07:31:73:ae:c4:88:fe:c2:00:
         aa:e5:5e:46:7d:79:d6:b7:f0:16:3d:70:ff:e6:b5:ac:11:f9:
         e6:d9:d3:86
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYpmeqRTtS+90OTTyky9dtF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTA1MTc1MzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjBkZDQ2OTA3ZmM3YTQ2Yzg1MDU2MmRhZDI5YTU0NzkyNmNiMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidjQjEP1HZKktGf3Z60FeI305ct2
cd58soi13Ei6De1Oe/2goel1Rd4a5EapLstWD2fOC33/Vd5oSmIXFvKFFp7VS76f
3FNNGysZFCmOdovJiwKfTrKgVCTkGzHjsabI1JHksLab2hL9RrqT72Ql/07kVJFd
xv4j96bmhj0cb7s2rBILNvVaw8j4I5zKDkIsR6mTY+MOEv9KDKJr7XbgLljiV36G
82QT1BP0P3SUkWVlPS4KmqfjvVwgcMnH1pP5n8YtA3Oc+ILXVYvi365KWh2EuBlA
d/G6Vj8h+iPf68tI04r6vHlQY4x1gUHywiFcLTICbCRZT9gVRvM7tMjyCQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFE8N1GkH/HpGyFBWLa0ppUeSbLMGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVHczVWFRZjhla2JJVUZZdHJTbWxSNUpzc3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAt
nJ0DBAJX95QDBAFZIVQDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5h4wDBAC5
h48DBAC57goDBAG58dIDBAC5/ycwDAMEALn/qQMEArn/qAMEALzUhQMEALzUmwME
ALzUngMEAbzVygMEALzW0QMEAbzw4AMEALzw4wMEALzw6QMEALzxbgMEAbzx8gME
AcEXgAMEAtXoXAMEANlKEDANBgkqhkiG9w0BAQsFAAOCAQEAd0mgMa1fNKJRwvzn
cSE7e1y0o2IeGpTGpWFWPg+oWb81hkcAqB4kciRdf21yBOZWNJrcQGcEKmTMG9e4
eSKRB4YWuIQJUah6Dn32zch+gEL13aL8+SROEcXbpjD2yH0IrEvxNiG6HxafEDTz
ZnesZ8QtM6g4N+N+IIOYumVqDsneuDTJm/UhFZSAm1Z8SztjpZ5vkPzXdoL+vN5j
6R4zHIHgYD+X67IWfiPG5WDnU6z00ZNFtSZSluD3bgc09BuRHqLvjx8xGXRXENrP
IKkOO6rUXDNwqNLiF67Dj4ca+QesBzFzrsSI/sIAquVeRn151rfwFj1w/+a1rBH5
5tnThg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org