Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aZzMULxCqEWMQz4rdfQgp5dn5IQ.roa
File:                     aZzMULxCqEWMQz4rdfQgp5dn5IQ.roa (raw, json)
Hash identifier:          cIAY65yg0m9eZrFj0ExxbqRSqWaIS9bIBw2nSLG94lE=
Subject key identifier:   69:9C:CC:50:BC:42:A8:45:8C:43:3E:2B:75:F4:20:A7:97:67:E4:84
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0188A3B81DB2C1800E6F83253B2AE5B1A7D9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aZzMULxCqEWMQz4rdfQgp5dn5IQ.roa
Signing time:             Sat 10 Jun 2023 05:12:12 +0000
ROA not before:           Sat 10 Jun 2023 05:12:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        89.35.154.0/24 maxlen: 24
                          188.241.243.0/24 maxlen: 24
                          188.212.155.0/24 maxlen: 24
                          87.247.149.0/24 maxlen: 24
                          188.241.182.0/24 maxlen: 24
                          188.240.233.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24
                          89.37.62.0/24 maxlen: 24
                          89.37.63.0/24 maxlen: 24
                          213.232.94.0/23 maxlen: 24
                          185.135.141.0/24 maxlen: 24
                          45.156.159.0/24 maxlen: 24
                          188.241.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Jun 2023 10:15:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:a3:b8:1d:b2:c1:80:0e:6f:83:25:3b:2a:e5:b1:a7:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jun 10 05:12:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=699ccc50bc42a8458c433e2b75f420a79767e484
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ea:8f:bb:af:ec:a7:d5:ea:78:6c:bd:88:9a:
                    a1:e0:87:01:94:c3:50:60:53:f1:b4:39:2a:7c:d9:
                    40:36:40:e5:63:08:2d:0b:c9:5d:05:53:2a:1e:c6:
                    7e:61:19:62:b5:79:ef:34:80:b1:c9:d9:f3:4b:f5:
                    93:d8:72:4e:3b:7e:a5:5b:c5:f7:cd:a0:a1:15:c2:
                    a4:0e:1a:51:cf:74:e5:c3:0b:03:44:d9:5b:34:64:
                    10:c7:51:5b:11:8e:60:f3:9e:b8:c2:f9:4f:d3:51:
                    2c:a2:7c:fe:61:52:8f:d9:d0:c1:4e:32:65:e3:ce:
                    1a:90:5b:5c:4f:65:6e:84:d5:7b:3b:6c:f3:63:b7:
                    45:f7:8f:95:b4:4d:c4:ce:ba:b9:19:65:0f:16:71:
                    a2:63:fd:c6:22:b9:b2:29:56:9f:35:bf:88:67:e5:
                    84:8d:5b:5b:f4:b9:ae:c8:14:50:fd:dd:96:28:4a:
                    ef:8b:bb:4c:4f:6a:43:75:5a:24:a5:df:00:aa:40:
                    cb:81:7f:4c:a9:f0:d0:96:c6:ef:75:c0:28:ed:1a:
                    9a:7b:e4:2f:46:0a:db:b7:6b:f1:f0:97:9d:40:44:
                    6c:f1:2e:26:57:7e:3f:c8:b9:f6:4a:01:f6:e8:5d:
                    3f:36:fd:c1:92:47:75:72:76:11:72:d0:43:a8:ed:
                    42:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:9C:CC:50:BC:42:A8:45:8C:43:3E:2B:75:F4:20:A7:97:67:E4:84
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aZzMULxCqEWMQz4rdfQgp5dn5IQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.159.0/24
                  87.247.149.0/24
                  89.35.154.0/24
                  89.37.62.0/23
                  91.188.204.0/24
                  185.135.141.0/24
                  188.212.155.0/24
                  188.240.233.0/24
                  188.241.110.0/24
                  188.241.182.0/24
                  188.241.243.0/24
                  213.232.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         40:a3:d0:a4:33:77:da:f8:5c:cc:39:de:ac:8f:a0:e1:ad:7e:
         3c:e2:e4:86:31:20:3a:4b:d7:c6:49:4b:9e:c1:e8:21:26:00:
         1b:6b:2f:ff:f7:57:57:82:60:29:c5:b0:68:b3:cb:c7:8d:d6:
         1d:f5:c3:3f:f3:ef:0a:0a:a3:6e:8e:00:65:ff:e4:1f:e7:22:
         f1:9c:4f:f6:6b:2d:23:78:21:6b:b8:18:43:38:77:13:19:24:
         4b:e4:f0:8b:c0:94:44:e2:cc:4c:61:d6:41:c9:ef:c7:37:3e:
         30:b8:b7:05:54:40:72:84:6d:b0:7a:b9:f2:34:e5:bd:eb:7c:
         bb:7a:43:8c:6a:eb:ee:b7:74:93:a7:d6:84:33:a1:8b:84:d4:
         45:5c:9c:b8:32:cf:84:2a:ae:67:4b:7a:e4:e4:57:60:45:5f:
         08:c0:43:fe:df:75:6c:a2:de:ab:38:36:74:f5:9f:28:12:23:
         3d:d8:3b:61:7e:7f:e3:47:66:ba:7e:6d:25:ff:7f:da:9c:52:
         e6:d4:13:3b:b7:df:6d:b0:fe:ec:24:20:73:15:5f:56:8e:e5:
         2b:b7:48:cb:ef:c5:ab:8f:dd:b9:75:23:1f:97:cb:b9:97:f6:
         5c:13:fe:77:da:cb:e4:fb:41:4b:84:a7:39:e9:c2:7c:4a:2a:
         5f:02:f8:a6
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYijuB2ywYAOb4MlOyrlsafZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjEwMDUxMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTljY2M1MGJjNDJhODQ1OGM0MzNlMmI3NWY0MjBhNzk3NjdlNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOqPu6/sp9XqeGy9iJqh4IcBlMNQ
YFPxtDkqfNlANkDlYwgtC8ldBVMqHsZ+YRlitXnvNICxydnzS/WT2HJOO36lW8X3
zaChFcKkDhpRz3TlwwsDRNlbNGQQx1FbEY5g8564wvlP01Esonz+YVKP2dDBTjJl
484akFtcT2VuhNV7O2zzY7dF94+VtE3Ezrq5GWUPFnGiY/3GIrmyKVafNb+IZ+WE
jVtb9LmuyBRQ/d2WKErvi7tMT2pDdVokpd8AqkDLgX9MqfDQlsbvdcAo7Rqae+Qv
Rgrbt2vx8JedQERs8S4mV34/yLn2SgH26F0/Nv3Bkkd1cnYRctBDqO1CWwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGmczFC8QqhFjEM+K3X0IKeXZ+SEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYVp6TVVMeENxRVdNUXo0cmRmUWdwNWRuNUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALZyfAwQA
V/eVAwQAWSOaAwQBWSU+AwQAW7zMAwQAuYeNAwQAvNSbAwQAvPDpAwQAvPFuAwQA
vPG2AwQAvPHzAwQB1eheMA0GCSqGSIb3DQEBCwUAA4IBAQBAo9CkM3fa+FzMOd6s
j6DhrX484uSGMSA6S9fGSUueweghJgAbay//91dXgmApxbBos8vHjdYd9cM/8+8K
CqNujgBl/+Qf5yLxnE/2ay0jeCFruBhDOHcTGSRL5PCLwJRE4sxMYdZBye/HNz4w
uLcFVEByhG2wernyNOW963y7ekOMauvut3STp9aEM6GLhNRFXJy4Ms+EKq5nS3rk
5FdgRV8IwEP+33Vsot6rODZ09Z8oEiM92Dthfn/jR2a6fm0l/3/anFLm1BM7t99t
sP7sJCBzFV9WjuUrt0jL78Wrj925dSMfl8u5l/ZcE/532svk+0FLhKc56cJ8Sipf
Avim
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org