Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/g_0zijGqXKRE3ajc96QHov_m9bQ.roa
File:                     g_0zijGqXKRE3ajc96QHov_m9bQ.roa (raw, json)
Hash identifier:          PBxqycgcIuO0WWHXgSbvfsrbhBC3MbMzXVSojdcQj+4=
Subject key identifier:   83:FD:33:8A:31:AA:5C:A4:44:DD:A8:DC:F7:A4:07:A2:FF:E6:F5:B4
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018691FC97696634998BF9226B2D9AFE18B8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/g_0zijGqXKRE3ajc96QHov_m9bQ.roa
Signing time:             Mon 27 Feb 2023 08:28:15 +0000
ROA not before:           Mon 27 Feb 2023 08:28:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61138
IP address blocks:        93.115.255.0/24 maxlen: 24
                          188.212.132.0/24 maxlen: 24
                          188.212.133.0/24 maxlen: 24
                          188.213.202.0/24 maxlen: 24
                          213.232.93.0/24 maxlen: 24
                          213.232.95.0/24 maxlen: 24
                          188.212.159.0/24 maxlen: 24
                          94.176.110.0/24 maxlen: 24
                          188.214.209.0/24 maxlen: 24
                          185.255.168.0/24 maxlen: 24
                          188.214.208.0/24 maxlen: 24
                          91.188.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Mar 2023 16:16:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:91:fc:97:69:66:34:99:8b:f9:22:6b:2d:9a:fe:18:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb 27 08:28:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=83fd338a31aa5ca444dda8dcf7a407a2ffe6f5b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:b7:c1:bf:6d:57:f2:01:21:3b:43:2e:b8:65:
                    c9:33:d8:7d:f4:17:e9:88:39:56:13:f6:dd:36:34:
                    c8:6c:17:9d:ec:8f:e9:b7:49:df:5a:87:48:1d:d5:
                    f0:b7:21:20:67:c2:60:51:d4:a4:82:b4:d9:8e:3d:
                    6a:2e:c0:d0:a4:89:03:e7:8a:41:a6:b0:54:92:32:
                    57:3a:d8:46:93:9c:af:b7:01:e8:67:a1:1a:52:83:
                    4f:c0:3c:6d:36:c3:92:ab:7d:db:65:89:70:d9:98:
                    d6:4b:92:71:45:8e:62:f4:f5:db:93:38:b4:d4:d3:
                    e6:b4:ed:69:e0:91:57:65:05:73:88:72:eb:23:3f:
                    38:36:c2:ee:6e:be:37:33:86:4c:0c:0f:9b:f6:d2:
                    96:4d:39:87:fb:94:21:dc:8d:04:ef:8e:31:58:98:
                    69:e9:e7:ff:23:d2:7d:26:d2:64:c2:a1:31:f8:9d:
                    01:5e:67:51:65:61:cc:34:33:3b:83:3a:c2:1d:50:
                    03:69:68:0d:fc:90:e5:7f:28:f1:fd:11:9c:2e:fc:
                    7d:45:ca:35:38:70:35:bd:93:35:79:a1:d1:1f:14:
                    c5:a4:ca:3b:5b:43:c5:01:74:52:11:82:18:20:a3:
                    af:87:d1:18:e7:23:98:9c:5e:64:43:52:75:07:af:
                    8f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:FD:33:8A:31:AA:5C:A4:44:DD:A8:DC:F7:A4:07:A2:FF:E6:F5:B4
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/g_0zijGqXKRE3ajc96QHov_m9bQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.188.207.0/24
                  93.115.255.0/24
                  94.176.110.0/24
                  185.255.168.0/24
                  188.212.132.0/23
                  188.212.159.0/24
                  188.213.202.0/24
                  188.214.208.0/23
                  213.232.93.0/24
                  213.232.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:f0:24:1f:08:f0:60:0e:79:a2:b4:4c:10:16:31:aa:bb:fb:
         dc:ed:82:fb:b3:05:1c:ef:64:9c:8c:b0:82:63:94:f9:5f:86:
         56:7b:32:a0:72:ef:5d:98:b1:4b:f8:f6:52:db:22:12:91:87:
         7d:32:5d:67:b0:bd:64:76:54:72:61:05:7d:c2:b5:60:e6:1c:
         1d:84:48:90:56:e9:3d:ad:f4:ca:62:22:05:a4:80:d3:df:5f:
         de:2c:07:7c:e1:4f:62:97:11:a5:17:f1:98:73:d6:79:b2:25:
         e2:f1:44:af:6e:3b:6a:dd:0d:3b:56:a2:63:06:40:c2:5b:fa:
         93:92:57:51:e4:69:7e:f3:5c:d4:49:f5:45:b3:5c:04:e5:ef:
         39:9e:a0:c1:5c:b0:4d:b1:f8:f6:5f:ee:79:e5:58:c3:df:83:
         70:ce:2d:79:2a:8f:82:26:cc:c0:97:48:3e:af:8e:d2:47:2c:
         09:c4:9c:19:53:9e:cc:ec:1f:2d:e2:e4:3b:9b:f6:87:f9:07:
         db:d3:d9:2d:53:7a:21:84:b6:d4:19:29:5b:7c:6e:3e:46:81:
         97:5f:dc:4e:b3:4b:e3:89:dc:54:80:28:30:48:74:92:2b:44:
         54:93:f0:bb:94:3e:aa:5d:bb:46:22:6f:dc:59:e3:cd:0d:e9:
         a0:28:e4:12
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYaR/JdpZjSZi/kiay2a/hi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjI3MDgyODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2ZkMzM4YTMxYWE1Y2E0NDRkZGE4ZGNmN2E0MDdhMmZmZTZmNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLfBv21X8gEhO0MuuGXJM9h99Bfp
iDlWE/bdNjTIbBed7I/pt0nfWodIHdXwtyEgZ8JgUdSkgrTZjj1qLsDQpIkD54pB
prBUkjJXOthGk5yvtwHoZ6EaUoNPwDxtNsOSq33bZYlw2ZjWS5JxRY5i9PXbkzi0
1NPmtO1p4JFXZQVziHLrIz84NsLubr43M4ZMDA+b9tKWTTmH+5Qh3I0E744xWJhp
6ef/I9J9JtJkwqEx+J0BXmdRZWHMNDM7gzrCHVADaWgN/JDlfyjx/RGcLvx9Rco1
OHA1vZM1eaHRHxTFpMo7W0PFAXRSEYIYIKOvh9EY5yOYnF5kQ1J1B6+PdwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIP9M4oxqlykRN2o3PekB6L/5vW0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZ18wemlqR3FYS1JFM2FqYzk2UUhvdl9tOWJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAW7zPAwQA
XXP/AwQAXrBuAwQAuf+oAwQBvNSEAwQAvNSfAwQAvNXKAwQBvNbQAwQA1ehdAwQA
1ehfMA0GCSqGSIb3DQEBCwUAA4IBAQAg8CQfCPBgDnmitEwQFjGqu/vc7YL7swUc
72ScjLCCY5T5X4ZWezKgcu9dmLFL+PZS2yISkYd9Ml1nsL1kdlRyYQV9wrVg5hwd
hEiQVuk9rfTKYiIFpIDT31/eLAd84U9ilxGlF/GYc9Z5siXi8USvbjtq3Q07VqJj
BkDCW/qTkldR5Gl+81zUSfVFs1wE5e85nqDBXLBNsfj2X+555VjD34Nwzi15Ko+C
JszAl0g+r47SRywJxJwZU57M7B8t4uQ7m/aH+Qfb09ktU3ohhLbUGSlbfG4+RoGX
X9xOs0vjidxUgCgwSHSSK0RUk/C7lD6qXbtGIm/cWePNDemgKOQS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org