Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cGczLCOTxaSPFVmOWPJSguNbGeI.roa
File:                     cGczLCOTxaSPFVmOWPJSguNbGeI.roa (raw, json)
Hash identifier:          lBXrwYfiTDskxB1Oan6VCFWemxlHsFR7JAVT5w3+mEM=
Subject key identifier:   70:67:33:2C:23:93:C5:A4:8F:15:59:8E:58:F2:52:82:E3:5B:19:E2
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0187BBF5D15244147EF1B0DFC6E99CD8390A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cGczLCOTxaSPFVmOWPJSguNbGeI.roa
Signing time:             Wed 26 Apr 2023 05:07:41 +0000
ROA not before:           Wed 26 Apr 2023 05:07:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        89.35.154.0/24 maxlen: 24
                          188.241.243.0/24 maxlen: 24
                          188.212.155.0/24 maxlen: 24
                          87.247.149.0/24 maxlen: 24
                          87.247.151.0/24 maxlen: 24
                          188.241.182.0/24 maxlen: 24
                          188.240.233.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24
                          89.37.62.0/24 maxlen: 24
                          89.37.63.0/24 maxlen: 24
                          213.232.94.0/23 maxlen: 24
                          185.135.141.0/24 maxlen: 24
                          45.156.159.0/24 maxlen: 24
                          185.255.169.0/24 maxlen: 24
                          188.241.110.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 28 Apr 2023 06:17:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:bb:f5:d1:52:44:14:7e:f1:b0:df:c6:e9:9c:d8:39:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr 26 05:07:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7067332c2393c5a48f15598e58f25282e35b19e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:02:d1:c0:4c:b3:15:4f:db:b8:ed:3e:06:bd:
                    e1:6b:bc:f1:da:43:ff:c7:27:86:81:8c:63:56:68:
                    07:12:c3:c4:ed:1a:0d:ea:2e:cd:62:e1:0c:f0:2e:
                    1d:ce:c0:1c:84:83:fc:90:65:44:11:31:32:28:94:
                    43:b9:6f:e7:b2:10:de:10:c0:61:6c:91:3f:8b:b1:
                    cc:6c:d8:9c:e6:6b:78:a0:be:87:ca:de:c4:97:e9:
                    50:de:25:33:44:58:0b:ef:3b:8a:a7:f2:0c:16:48:
                    15:47:f5:35:ea:b5:ea:a9:de:07:91:3c:6f:4a:3f:
                    69:8e:03:9f:2e:ee:84:52:2f:8f:cd:aa:0a:1e:07:
                    b3:a8:0f:17:cb:af:ba:df:1e:1e:d6:a3:8a:cd:78:
                    d6:c7:fe:fd:75:a9:41:97:3a:28:c2:9a:cb:57:08:
                    36:df:57:93:a7:bd:ad:15:0b:dd:b3:41:cc:9a:b7:
                    55:26:71:c3:73:65:96:0f:61:e6:61:ec:b1:2c:0b:
                    34:62:12:ba:25:8f:77:1e:5d:fa:7a:05:28:e0:cc:
                    9a:de:e2:97:13:ae:fd:ce:81:63:34:ec:26:32:6a:
                    4b:74:fa:9a:55:8f:7d:12:24:0e:23:9b:df:15:56:
                    c7:f6:3a:02:4d:fe:b7:2b:14:9f:3c:19:1d:7e:bc:
                    2e:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:67:33:2C:23:93:C5:A4:8F:15:59:8E:58:F2:52:82:E3:5B:19:E2
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/cGczLCOTxaSPFVmOWPJSguNbGeI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.159.0/24
                  87.247.149.0/24
                  87.247.151.0/24
                  89.35.154.0/24
                  89.37.62.0/23
                  91.188.204.0/24
                  185.135.141.0/24
                  185.255.169.0/24
                  188.212.155.0/24
                  188.240.233.0/24
                  188.241.110.0/24
                  188.241.182.0/24
                  188.241.243.0/24
                  213.232.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         17:e2:18:7a:3d:ee:20:35:00:d4:00:c0:8c:91:03:df:61:aa:
         82:66:8a:fc:0a:a8:5f:7d:63:bf:0d:40:f6:ba:12:d1:38:9b:
         a7:3a:89:cc:47:68:5b:cd:63:95:cc:bb:3d:05:d5:44:3a:96:
         4a:da:4e:de:e2:ef:7a:20:4e:84:20:9d:64:64:a3:9c:be:97:
         e9:de:42:29:ad:a7:cd:ac:b9:46:5a:5d:a0:2c:29:03:1d:eb:
         38:07:98:78:37:2d:ce:72:df:16:50:7b:b1:49:39:d9:bd:cd:
         0c:b7:8f:a7:88:e0:67:6c:b5:a7:80:b2:e1:94:42:a5:b5:24:
         9e:5d:74:8e:18:51:a5:b6:04:80:64:f1:de:fa:27:3a:c1:01:
         f6:68:6d:9d:f6:9d:47:70:ee:97:da:0a:72:38:8b:4e:1b:18:
         dc:85:ff:25:7f:78:d2:80:96:57:2f:be:b2:2a:20:a7:3b:3a:
         6f:77:0c:fa:b1:9b:57:94:89:1b:d2:16:e8:f3:c0:cb:47:9e:
         47:22:96:4d:0c:af:d6:fb:16:6c:63:8b:ae:2e:f3:55:78:bd:
         04:08:e6:6e:90:60:e5:a5:41:05:31:f7:08:37:95:c9:a3:65:
         e9:91:da:8c:63:1c:26:f0:3b:e4:29:3b:e3:6d:16:95:bf:9d:
         98:7b:38:20
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYe79dFSRBR+8bDfxumc2DkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDI2MDUwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDY3MzMyYzIzOTNjNWE0OGYxNTU5OGU1OGYyNTI4MmUzNWIxOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQLRwEyzFU/buO0+Br3ha7zx2kP/
xyeGgYxjVmgHEsPE7RoN6i7NYuEM8C4dzsAchIP8kGVEETEyKJRDuW/nshDeEMBh
bJE/i7HMbNic5mt4oL6Hyt7El+lQ3iUzRFgL7zuKp/IMFkgVR/U16rXqqd4HkTxv
Sj9pjgOfLu6EUi+PzaoKHgezqA8Xy6+63x4e1qOKzXjWx/79dalBlzoowprLVwg2
31eTp72tFQvds0HMmrdVJnHDc2WWD2HmYeyxLAs0YhK6JY93Hl36egUo4Mya3uKX
E679zoFjNOwmMmpLdPqaVY99EiQOI5vfFVbH9joCTf63KxSfPBkdfrwuwwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHBnMywjk8WkjxVZjljyUoLjWxniMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvY0djekxDT1R4YVNQRlZtT1dQSlNndU5iR2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALZyfAwQA
V/eVAwQAV/eXAwQAWSOaAwQBWSU+AwQAW7zMAwQAuYeNAwQAuf+pAwQAvNSbAwQA
vPDpAwQAvPFuAwQAvPG2AwQAvPHzAwQB1eheMA0GCSqGSIb3DQEBCwUAA4IBAQAX
4hh6Pe4gNQDUAMCMkQPfYaqCZor8CqhffWO/DUD2uhLROJunOonMR2hbzWOVzLs9
BdVEOpZK2k7e4u96IE6EIJ1kZKOcvpfp3kIprafNrLlGWl2gLCkDHes4B5h4Ny3O
ct8WUHuxSTnZvc0Mt4+niOBnbLWngLLhlEKltSSeXXSOGFGltgSAZPHe+ic6wQH2
aG2d9p1HcO6X2gpyOItOGxjchf8lf3jSgJZXL76yKiCnOzpvdwz6sZtXlIkb0hbo
88DLR55HIpZNDK/W+xZsY4uuLvNVeL0ECOZukGDlpUEFMfcIN5XJo2XpkdqMYxwm
8DvkKTvjbRaVv52Yezgg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org