Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kovb9s9X6E5DjRGZkn3Zpp5vUVE.roa
File:                     kovb9s9X6E5DjRGZkn3Zpp5vUVE.roa (raw, json)
Hash identifier:          wQgP1Mu2adYKb155/FSsKFN4aCogLigzy1RCCqDutM8=
Subject key identifier:   92:8B:DB:F6:CF:57:E8:4E:43:8D:11:99:92:7D:D9:A6:9E:6F:51:51
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018F2986FAB6372DB6E85B74020A4505EEED
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kovb9s9X6E5DjRGZkn3Zpp5vUVE.roa
Signing time:             Mon 29 Apr 2024 11:04:22 +0000
ROA not before:           Mon 29 Apr 2024 11:04:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     5511
IP address blocks:        45.83.29.0/24 maxlen: 24
                          45.88.20.0/24 maxlen: 24
                          45.88.22.0/24 maxlen: 24
                          45.89.36.0/24 maxlen: 24
                          45.89.38.0/24 maxlen: 24
                          45.92.2.0/24 maxlen: 24
                          45.134.138.0/24 maxlen: 24
                          45.143.54.0/24 maxlen: 24
                          45.145.46.0/24 maxlen: 24
                          45.146.187.0/24 maxlen: 24
                          87.247.148.0/22 maxlen: 24
                          89.31.216.0/24 maxlen: 24
                          91.190.96.0/24 maxlen: 24
                          91.190.99.0/24 maxlen: 24
                          91.190.104.0/24 maxlen: 24
                          91.217.236.0/24 maxlen: 24
                          91.217.250.0/24 maxlen: 24
                          185.184.135.0/24 maxlen: 24
                          185.205.189.0/24 maxlen: 24
                          185.239.241.0/24 maxlen: 24
                          185.244.137.0/24 maxlen: 24
                          185.245.5.0/24 maxlen: 24
                          185.245.7.0/24 maxlen: 24
                          188.240.75.0/24 maxlen: 24
                          217.74.16.0/24 maxlen: 24
                          2a0b:64c1::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 10 May 2024 14:35:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:29:86:fa:b6:37:2d:b6:e8:5b:74:02:0a:45:05:ee:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr 29 11:04:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=928bdbf6cf57e84e438d1199927dd9a69e6f5151
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f4:14:c0:7b:ac:5d:e6:57:bd:47:b3:26:67:
                    07:b2:aa:21:8c:4a:7b:ab:0a:6e:9f:c2:50:e1:b3:
                    64:1f:76:d5:b9:06:15:b4:e3:5a:9a:c8:05:5f:19:
                    30:db:39:df:cf:3d:2f:2d:79:8a:8d:e6:d6:d5:aa:
                    4a:69:95:0d:f0:41:4d:6f:f6:82:10:1f:84:85:df:
                    d7:13:a9:bb:a0:02:e3:f9:ee:57:9a:e9:70:8b:b9:
                    58:71:50:de:f6:6c:d9:e3:3f:3d:07:52:75:ce:4e:
                    a8:db:93:28:22:30:88:36:b9:54:0b:5a:10:36:3f:
                    1a:6c:18:20:7e:a1:c6:38:fc:be:4a:cc:b7:68:b1:
                    4f:6a:95:4f:64:17:c7:03:16:3c:6e:34:9d:d2:ce:
                    63:9f:cf:8d:0e:2a:52:33:55:eb:5c:31:2c:e4:b0:
                    85:26:43:bc:fa:d0:b1:61:ae:60:e7:96:40:3c:6f:
                    3c:46:3a:66:2c:0d:cf:04:a8:94:9f:e8:1b:8e:2a:
                    01:a4:01:65:13:5d:82:61:5a:fa:26:18:0a:65:71:
                    10:b6:eb:92:1c:a9:78:c4:97:a9:63:8d:49:d4:1f:
                    31:7b:67:c8:f5:92:64:df:51:34:c8:e2:9b:77:a4:
                    63:a3:41:31:48:9a:8e:45:93:12:74:56:28:d2:0a:
                    7c:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:8B:DB:F6:CF:57:E8:4E:43:8D:11:99:92:7D:D9:A6:9E:6F:51:51
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kovb9s9X6E5DjRGZkn3Zpp5vUVE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.83.29.0/24
                  45.88.20.0/24
                  45.88.22.0/24
                  45.89.36.0/24
                  45.89.38.0/24
                  45.92.2.0/24
                  45.134.138.0/24
                  45.143.54.0/24
                  45.145.46.0/24
                  45.146.187.0/24
                  87.247.148.0/22
                  89.31.216.0/24
                  91.190.96.0/24
                  91.190.99.0/24
                  91.190.104.0/24
                  91.217.236.0/24
                  91.217.250.0/24
                  185.184.135.0/24
                  185.205.189.0/24
                  185.239.241.0/24
                  185.244.137.0/24
                  185.245.5.0/24
                  185.245.7.0/24
                  188.240.75.0/24
                  217.74.16.0/24
                IPv6:
                  2a0b:64c1::/32

    Signature Algorithm: sha256WithRSAEncryption
         40:81:27:d5:ef:e8:a7:3f:2a:2e:ba:2d:f6:25:e8:37:0c:29:
         dc:08:4f:7b:0d:a7:b9:55:01:ee:a5:9b:20:72:24:34:04:1c:
         2d:a0:bd:7f:43:df:b0:ae:5b:1d:3f:81:d9:b2:3a:7e:80:99:
         e7:b6:2e:e6:fa:0c:e8:ce:2a:20:a8:1d:3f:6e:f7:b2:e1:74:
         eb:d8:f2:8d:49:46:f6:fa:84:22:92:93:b0:f0:57:0c:84:47:
         1c:aa:b6:f3:21:52:88:4a:be:d6:0c:82:d3:36:41:b6:53:0b:
         e6:43:0b:9c:9a:6e:7a:9a:86:60:1a:61:fe:ad:10:6a:8f:3b:
         a2:02:be:3b:f0:90:e6:b9:44:8e:be:d6:74:d4:4e:39:bf:d2:
         0e:be:ec:36:8e:a4:35:80:81:fa:c1:ab:de:3d:b0:f8:70:e0:
         8a:d7:ed:ac:bf:61:09:41:65:88:fd:c3:65:92:7b:36:c9:96:
         6b:cb:97:9b:cd:28:93:5d:70:81:8f:2c:28:6b:04:45:18:a3:
         8b:1d:85:92:79:68:f2:8b:b7:76:97:bb:4d:52:c7:f5:3b:4a:
         3e:00:fc:0e:c8:d6:43:9a:57:3f:ab:69:c4:53:b7:46:53:fe:
         7b:53:6e:05:48:62:1c:b5:0b:c6:1c:f8:39:42:b6:75:3d:7a:
         77:71:8e:c8
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAY8phvq2Ny226Ft0AgpFBe7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNDI5MTEwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjhiZGJmNmNmNTdlODRlNDM4ZDExOTk5MjdkZDlhNjllNmY1MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvQUwHusXeZXvUezJmcHsqohjEp7
qwpun8JQ4bNkH3bVuQYVtONamsgFXxkw2znfzz0vLXmKjebW1apKaZUN8EFNb/aC
EB+Ehd/XE6m7oALj+e5Xmulwi7lYcVDe9mzZ4z89B1J1zk6o25MoIjCINrlUC1oQ
Nj8abBggfqHGOPy+Ssy3aLFPapVPZBfHAxY8bjSd0s5jn8+NDipSM1XrXDEs5LCF
JkO8+tCxYa5g55ZAPG88RjpmLA3PBKiUn+gbjioBpAFlE12CYVr6JhgKZXEQtuuS
HKl4xJepY41J1B8xe2fI9ZJk31E0yOKbd6Rjo0ExSJqORZMSdFYo0gp8tQIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFJKL2/bPV+hOQ40RmZJ92aaeb1FRMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEva292YjlzOVg2RTVEalJHWmtuM1pwcDV2VVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAAt
Ux0DBAAtWBQDBAAtWBYDBAAtWSQDBAAtWSYDBAAtXAIDBAAthooDBAAtjzYDBAAt
kS4DBAAtkrsDBAJX95QDBABZH9gDBABbvmADBABbvmMDBABbvmgDBABb2ewDBABb
2foDBAC5uIcDBAC5zb0DBAC57/EDBAC59IkDBAC59QUDBAC59QcDBAC88EsDBADZ
ShAwDQQCAAIwBwMFACoLZMEwDQYJKoZIhvcNAQELBQADggEBAECBJ9Xv6Kc/Ki66
LfYl6DcMKdwIT3sNp7lVAe6lmyByJDQEHC2gvX9D37CuWx0/gdmyOn6Amee2Lub6
DOjOKiCoHT9u97LhdOvY8o1JRvb6hCKSk7DwVwyERxyqtvMhUohKvtYMgtM2QbZT
C+ZDC5yabnqahmAaYf6tEGqPO6ICvjvwkOa5RI6+1nTUTjm/0g6+7DaOpDWAgfrB
q949sPhw4IrX7ay/YQlBZYj9w2WSezbJlmvLl5vNKJNdcIGPLChrBEUYo4sdhZJ5
aPKLt3aXu01Sx/U7Sj4A/A7I1kOaVz+racRTt0ZT/ntTbgVIYhy1C8Yc+DlCtnU9
endxjsg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org