Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ab3UzWqHqcSvCVI3jbWKnz17kqs.roa
File:                     ab3UzWqHqcSvCVI3jbWKnz17kqs.roa (raw, json)
Hash identifier:          79ZHoGB+6C9+lylbyE2VIGF+hJtqmrYpPFplU5YYuBg=
Subject key identifier:   69:BD:D4:CD:6A:87:A9:C4:AF:09:52:37:8D:B5:8A:9F:3D:7B:92:AB
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018677B8FFC724513221CF221AA92EFD73F0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ab3UzWqHqcSvCVI3jbWKnz17kqs.roa
Signing time:             Wed 22 Feb 2023 06:04:18 +0000
ROA not before:           Wed 22 Feb 2023 06:04:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206092
IP address blocks:        203.26.81.0/24 maxlen: 24
                          185.192.71.0/24 maxlen: 24
                          188.212.135.0/24 maxlen: 24
                          89.38.70.0/24 maxlen: 24
                          45.67.96.0/24 maxlen: 24
                          193.19.109.0/24 maxlen: 24
                          45.135.186.0/24 maxlen: 24
                          203.159.81.0/24 maxlen: 24
                          45.135.187.0/24 maxlen: 24
                          45.130.83.0/24 maxlen: 24
                          45.130.81.0/24 maxlen: 24
                          45.130.80.0/24 maxlen: 24
                          89.47.15.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 May 2023 06:09:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:77:b8:ff:c7:24:51:32:21:cf:22:1a:a9:2e:fd:73:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb 22 06:04:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=69bdd4cd6a87a9c4af0952378db58a9f3d7b92ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:3f:a9:9e:d9:14:bb:36:33:a9:b7:e0:2a:f5:
                    13:af:31:31:fa:c0:56:c3:a0:26:6d:76:53:54:6d:
                    aa:e9:b6:e2:78:37:5e:85:89:21:1d:97:da:27:bd:
                    56:cf:d3:21:c0:03:00:38:da:23:b5:bd:21:00:87:
                    8f:d1:22:70:78:29:67:77:8c:8c:06:a7:b0:ba:d0:
                    43:f5:8c:89:14:70:2a:63:12:ec:83:09:8d:fc:86:
                    72:f8:3f:fe:6a:57:89:41:c9:92:00:64:68:5d:69:
                    96:22:fc:9f:2a:cd:20:0b:9e:a2:fa:fe:1f:20:da:
                    42:e6:20:9a:17:27:00:76:16:cf:ca:87:e2:59:1e:
                    87:41:80:ed:ac:06:74:be:77:3b:86:78:53:38:1e:
                    82:2a:6a:5f:a5:af:75:e4:67:bb:4e:58:28:2d:f1:
                    c3:57:3d:60:8a:99:f9:ff:a1:4c:17:60:d2:6c:8e:
                    d5:7e:10:72:04:af:fc:12:2a:bb:8f:cc:e9:79:18:
                    44:28:85:67:1b:39:38:5e:dd:95:a9:a3:2c:03:97:
                    a2:a2:95:f9:56:7d:d0:5e:53:6c:b4:27:8e:32:4d:
                    de:b0:97:27:5c:ff:00:1b:e3:d7:4a:81:3f:1e:8d:
                    a4:09:d6:de:e2:3f:64:9f:b0:db:62:c4:97:8c:b6:
                    c0:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:BD:D4:CD:6A:87:A9:C4:AF:09:52:37:8D:B5:8A:9F:3D:7B:92:AB
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ab3UzWqHqcSvCVI3jbWKnz17kqs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.96.0/24
                  45.130.80.0/23
                  45.130.83.0/24
                  45.135.186.0/23
                  89.38.70.0/24
                  89.47.15.0/24
                  185.192.71.0/24
                  188.212.135.0/24
                  193.19.109.0/24
                  203.26.81.0/24
                  203.159.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:fa:91:9c:f7:7a:a1:c7:74:2e:e2:fa:7b:cb:49:ce:c6:c7:
         60:a2:e3:ac:22:8c:bf:af:90:d0:70:59:da:62:a5:5f:49:7d:
         df:65:e6:3c:a2:cd:9c:43:78:2d:72:0e:76:c0:74:bd:4e:a6:
         54:ba:cc:8a:32:f1:f1:3c:51:fc:42:06:89:94:9e:ac:44:3b:
         2f:f3:37:84:33:c1:23:7a:09:19:c8:cb:a5:3b:3b:1a:0e:d5:
         37:f6:4f:83:d4:81:c0:9f:b6:2b:f4:a3:7e:39:d6:e3:7e:3e:
         48:07:26:99:31:a4:c6:c0:51:97:80:3e:34:80:77:fc:97:7e:
         ca:74:2b:63:15:20:a3:05:16:03:40:ec:b8:5d:57:02:14:ee:
         a8:34:3d:57:a3:b9:79:58:87:ac:46:31:a0:7e:e5:62:02:34:
         c9:1f:ed:ab:af:4b:ed:c5:ac:18:8c:a3:db:94:7f:bb:4f:17:
         4f:b8:8b:17:d7:00:0d:3b:fb:c0:14:95:d5:a5:c2:be:d5:4a:
         2d:68:73:79:e9:a4:02:3a:fe:45:96:69:77:6a:38:1b:9f:9b:
         e6:3a:6a:e8:13:4d:ef:f5:f8:d9:aa:35:d7:0a:79:3a:49:86:
         bf:8b:37:8b:15:b8:4b:3b:6f:44:2d:b5:0f:b3:cb:6e:8f:ad:
         f1:e3:41:23
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYZ3uP/HJFEyIc8iGqku/XPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjIyMDYwNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWJkZDRjZDZhODdhOWM0YWYwOTUyMzc4ZGI1OGE5ZjNkN2I5MmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT+pntkUuzYzqbfgKvUTrzEx+sBW
w6AmbXZTVG2q6bbieDdehYkhHZfaJ71Wz9MhwAMAONojtb0hAIeP0SJweClnd4yM
BqewutBD9YyJFHAqYxLsgwmN/IZy+D/+aleJQcmSAGRoXWmWIvyfKs0gC56i+v4f
INpC5iCaFycAdhbPyofiWR6HQYDtrAZ0vnc7hnhTOB6CKmpfpa915Ge7TlgoLfHD
Vz1gipn5/6FMF2DSbI7VfhByBK/8Eiq7j8zpeRhEKIVnGzk4Xt2VqaMsA5eiopX5
Vn3QXlNstCeOMk3esJcnXP8AG+PXSoE/Ho2kCdbe4j9kn7DbYsSXjLbAxwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFGm91M1qh6nErwlSN421ip89e5KrMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYWIzVXpXcUhxY1N2Q1ZJM2piV0tuejE3a3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALUNgAwQB
LYJQAwQALYJTAwQBLYe6AwQAWSZGAwQAWS8PAwQAucBHAwQAvNSHAwQAwRNtAwQA
yxpRAwQAy59RMA0GCSqGSIb3DQEBCwUAA4IBAQCP+pGc93qhx3Qu4vp7y0nOxsdg
ouOsIoy/r5DQcFnaYqVfSX3fZeY8os2cQ3gtcg52wHS9TqZUusyKMvHxPFH8QgaJ
lJ6sRDsv8zeEM8EjegkZyMulOzsaDtU39k+D1IHAn7Yr9KN+Odbjfj5IByaZMaTG
wFGXgD40gHf8l37KdCtjFSCjBRYDQOy4XVcCFO6oND1Xo7l5WIesRjGgfuViAjTJ
H+2rr0vtxawYjKPblH+7TxdPuIsX1wANO/vAFJXVpcK+1UotaHN56aQCOv5Flml3
ajgbn5vmOmroE03v9fjZqjXXCnk6SYa/izeLFbhLO29ELbUPs8tuj63x40Ej
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org