Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_oUR29xsnGr5sjcN-QdjFhTNbJM.roa
File:                     _oUR29xsnGr5sjcN-QdjFhTNbJM.roa (raw, json)
Hash identifier:          m5Ki7xpRJ7+iYbpO2PCoY19vwbiweX8znzriGUnCFAk=
Subject key identifier:   FE:85:11:DB:DC:6C:9C:6A:F9:B2:37:0D:F9:07:63:16:14:CD:6C:93
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018944FC98F5766856BB5177E46150BA2A54
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_oUR29xsnGr5sjcN-QdjFhTNbJM.roa
Signing time:             Tue 11 Jul 2023 12:45:52 +0000
ROA not before:           Tue 11 Jul 2023 12:45:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213035
IP address blocks:        185.121.122.0/23 maxlen: 24
                          185.121.121.0/24 maxlen: 24
                          185.239.243.0/24 maxlen: 24
                          220.158.198.0/24 maxlen: 24
                          45.144.226.0/24 maxlen: 24
                          220.158.196.0/23 maxlen: 24
                          62.197.138.0/23 maxlen: 24
                          193.239.164.0/23 maxlen: 24
                          62.197.137.0/24 maxlen: 24
                          62.197.140.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Sep 2023 08:17:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:44:fc:98:f5:76:68:56:bb:51:77:e4:61:50:ba:2a:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jul 11 12:45:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fe8511dbdc6c9c6af9b2370df907631614cd6c93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:72:d2:1b:03:0e:e0:a1:14:48:56:f4:35:ef:
                    60:d2:96:22:0f:4a:4b:6a:da:d3:94:cb:a3:62:d6:
                    f2:06:79:b8:6b:7a:1c:4b:08:a0:71:d9:82:22:55:
                    b9:a4:7b:91:7a:6d:28:7c:29:49:8e:de:27:bb:6f:
                    04:bb:42:9d:ce:00:e6:6f:91:b1:76:12:34:ff:15:
                    8d:04:9a:b4:75:3e:45:9a:d9:01:d0:58:a2:b4:06:
                    44:c2:dd:14:85:a8:09:ab:5e:71:29:5a:5a:fc:44:
                    7a:2f:78:e4:19:97:cc:67:fb:52:68:61:05:14:f5:
                    b7:28:b1:19:92:9c:4f:2d:b0:41:fa:a1:b9:75:46:
                    4a:1c:ba:90:a0:e9:39:0d:5d:1a:1b:89:56:c0:38:
                    58:a2:9e:82:ce:74:aa:2a:df:cf:cf:67:ee:77:6f:
                    91:e6:03:7b:b4:21:b2:8d:ed:1f:27:5d:60:5c:4f:
                    e4:7f:6a:05:b9:3e:5e:7c:44:99:34:39:91:a5:e7:
                    c2:54:12:a6:8a:a8:d8:6b:6f:13:eb:77:ff:cc:f9:
                    52:36:73:a1:e1:da:12:bd:07:fe:42:22:85:3f:f5:
                    a6:67:7d:e8:11:82:e0:0a:c3:ae:9e:71:1c:ae:06:
                    c5:a3:f3:dc:93:06:28:38:f6:5b:76:00:0d:f7:fa:
                    d5:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:85:11:DB:DC:6C:9C:6A:F9:B2:37:0D:F9:07:63:16:14:CD:6C:93
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_oUR29xsnGr5sjcN-QdjFhTNbJM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.144.226.0/24
                  62.197.137.0-62.197.143.255
                  185.121.121.0-185.121.123.255
                  185.239.243.0/24
                  193.239.164.0/23
                  220.158.196.0-220.158.198.255

    Signature Algorithm: sha256WithRSAEncryption
         94:a2:96:70:b4:91:69:06:d1:3d:5d:b1:8c:56:9b:30:69:6f:
         7b:eb:cb:99:d8:13:04:24:3e:ea:d9:ba:88:c2:7c:53:1f:f2:
         ba:a2:24:3c:dd:8a:a9:fc:71:c8:3d:08:10:e0:04:8c:58:5b:
         03:a9:66:02:51:ad:8a:ec:6a:6b:4c:e3:60:c3:9c:4d:3e:ee:
         2b:c1:b9:ab:f5:89:53:14:96:ab:c4:49:0d:49:81:78:73:6d:
         85:8e:10:88:7d:06:b9:5e:b5:2c:2a:ed:19:91:62:f6:d1:d5:
         65:d5:a8:14:bd:f3:dd:3d:27:95:a3:6e:51:88:58:37:8a:08:
         cd:a3:13:05:be:61:93:22:9c:0c:51:48:fd:ba:a5:2b:b7:b3:
         69:3d:19:f4:c0:bc:a7:97:f9:ed:b7:3d:e2:e9:d6:5e:16:30:
         49:03:82:78:c0:a2:3d:a5:c4:39:e0:8b:38:2b:2a:5d:f2:15:
         07:e1:7d:5e:13:a9:a5:10:d9:c4:6d:78:6c:0f:1c:41:67:67:
         56:0a:a3:d4:a6:ed:80:d3:23:df:14:fd:0b:cb:96:f1:11:d7:
         fd:f0:e4:fe:b4:4d:a9:59:01:0d:a1:57:46:b2:03:8e:5b:ed:
         6b:f4:67:78:2e:8f:9a:b1:ba:da:43:bf:a5:b7:cb:1b:cd:59:
         38:91:3c:58
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYlE/Jj1dmhWu1F35GFQuipUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzExMTI0NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg1MTFkYmRjNmM5YzZhZjliMjM3MGRmOTA3NjMxNjE0Y2Q2YzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXLSGwMO4KEUSFb0Ne9g0pYiD0pL
atrTlMujYtbyBnm4a3ocSwigcdmCIlW5pHuRem0ofClJjt4nu28Eu0KdzgDmb5Gx
dhI0/xWNBJq0dT5FmtkB0FiitAZEwt0UhagJq15xKVpa/ER6L3jkGZfMZ/tSaGEF
FPW3KLEZkpxPLbBB+qG5dUZKHLqQoOk5DV0aG4lWwDhYop6CznSqKt/Pz2fud2+R
5gN7tCGyje0fJ11gXE/kf2oFuT5efESZNDmRpefCVBKmiqjYa28T63f/zPlSNnOh
4doSvQf+QiKFP/WmZ33oEYLgCsOunnEcrgbFo/PckwYoOPZbdgAN9/rVXQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFP6FEdvcbJxq+bI3DfkHYxYUzWyTMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvX29VUjI5eHNuR3I1c2pjTi1RZGpGaFROYkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALZDiMAwD
BAA+xYkDBAQ+xYAwDAMEALl5eQMEArl5eAMEALnv8wMEAcHvpDAMAwQC3J7EAwQA
3J7GMA0GCSqGSIb3DQEBCwUAA4IBAQCUopZwtJFpBtE9XbGMVpswaW9768uZ2BME
JD7q2bqIwnxTH/K6oiQ83Yqp/HHIPQgQ4ASMWFsDqWYCUa2K7GprTONgw5xNPu4r
wbmr9YlTFJarxEkNSYF4c22FjhCIfQa5XrUsKu0ZkWL20dVl1agUvfPdPSeVo25R
iFg3igjNoxMFvmGTIpwMUUj9uqUrt7NpPRn0wLynl/nttz3i6dZeFjBJA4J4wKI9
pcQ54Is4Kypd8hUH4X1eE6mlENnEbXhsDxxBZ2dWCqPUpu2A0yPfFP0Ly5bxEdf9
8OT+tE2pWQENoVdGsgOOW+1r9Gd4Lo+asbraQ7+lt8sbzVk4kTxY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org