Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/p6rqGsIlFcPMd1jarvq7ifUbHO4.roa
File:                     p6rqGsIlFcPMd1jarvq7ifUbHO4.roa (raw, json)
Hash identifier:          BR5bOjDTSoBMd1aGT8EHN/ShNRTUfwxY7ykGTDxgINg=
Subject key identifier:   A7:AA:EA:1A:C2:25:15:C3:CC:77:58:DA:AE:FA:BB:89:F5:1B:1C:EE
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018B1BBC6F247846F106EC4094AF5B330A7D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/p6rqGsIlFcPMd1jarvq7ifUbHO4.roa
Signing time:             Tue 10 Oct 2023 22:36:55 +0000
ROA not before:           Tue 10 Oct 2023 22:36:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        185.112.64.0/22 maxlen: 24
                          188.241.242.0/24 maxlen: 24
                          188.241.243.0/24 maxlen: 24
                          185.255.39.0/24 maxlen: 24
                          188.214.209.0/24 maxlen: 24
                          185.241.210.0/23 maxlen: 24
                          93.115.254.0/23 maxlen: 24
                          188.213.203.0/24 maxlen: 24
                          188.213.202.0/24 maxlen: 24
                          193.23.129.0/24 maxlen: 24
                          193.23.128.0/24 maxlen: 24
                          213.232.93.0/24 maxlen: 24
                          213.232.92.0/24 maxlen: 24
                          213.232.94.0/23 maxlen: 24
                          45.156.157.0/24 maxlen: 24
                          89.33.85.0/24 maxlen: 24
                          185.255.169.0/24 maxlen: 24
                          185.255.170.0/23 maxlen: 24
                          185.255.170.0/24 maxlen: 24
                          185.255.168.0/24 maxlen: 24
                          89.35.154.0/24 maxlen: 24
                          188.212.133.0/24 maxlen: 24
                          188.212.155.0/24 maxlen: 24
                          188.212.159.0/24 maxlen: 24
                          87.247.148.0/24 maxlen: 24
                          87.247.150.0/24 maxlen: 24
                          87.247.149.0/24 maxlen: 24
                          87.247.151.0/24 maxlen: 24
                          188.240.224.0/24 maxlen: 24
                          188.240.225.0/24 maxlen: 24
                          188.240.227.0/24 maxlen: 24
                          188.240.233.0/24 maxlen: 24
                          91.188.205.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24
                          91.188.206.0/24 maxlen: 24
                          91.188.207.0/24 maxlen: 24
                          89.37.63.0/24 maxlen: 24
                          45.146.184.0/22 maxlen: 24
                          185.135.140.0/24 maxlen: 24
                          185.135.141.0/24 maxlen: 24
                          185.135.143.0/24 maxlen: 24
                          185.238.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 14 Oct 2023 10:44:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1b:bc:6f:24:78:46:f1:06:ec:40:94:af:5b:33:0a:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Oct 10 22:36:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a7aaea1ac22515c3cc7758daaefabb89f51b1cee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:d6:86:3c:41:65:30:0e:ba:5a:03:56:43:9d:
                    26:8c:6b:b1:10:12:0f:6e:6b:b2:c0:80:d4:06:2b:
                    78:95:9a:df:0c:f2:60:79:0c:70:91:10:94:00:f5:
                    e8:cc:09:8a:82:04:83:f7:5d:7e:1e:39:55:f3:36:
                    76:b3:a5:de:fc:1c:ef:75:d3:3f:99:9b:cb:f0:e0:
                    71:3b:68:df:01:33:a2:ec:00:76:a7:28:3f:a7:5b:
                    b9:6c:9d:e5:2e:65:95:29:bf:97:d7:96:be:9e:c1:
                    85:7b:10:3a:b5:6e:6d:48:62:51:b4:fa:3e:54:63:
                    94:c3:cf:b6:a1:b0:d0:73:1d:54:88:d6:57:bb:6b:
                    80:7f:64:1e:89:5c:01:d0:93:a5:52:cd:6d:bd:71:
                    6e:03:7a:08:f9:9a:1b:98:2f:f3:25:06:95:46:38:
                    0f:a2:ae:1c:36:1e:12:c6:69:18:88:02:61:60:04:
                    8a:0f:01:46:db:6a:45:63:9d:f8:81:f0:2b:b1:6b:
                    04:56:a2:da:6e:4a:e9:99:d5:c5:73:34:e8:b5:79:
                    40:ca:53:54:25:3c:67:73:e3:ea:6d:7d:8a:1f:77:
                    8a:28:2c:d4:1a:30:76:d6:bc:cd:ec:ba:27:00:c1:
                    e8:c4:fb:8e:1b:64:5c:85:86:b1:e4:89:9d:1e:10:
                    ce:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:AA:EA:1A:C2:25:15:C3:CC:77:58:DA:AE:FA:BB:89:F5:1B:1C:EE
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/p6rqGsIlFcPMd1jarvq7ifUbHO4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.184.0/22
                  45.156.157.0/24
                  87.247.148.0/22
                  89.33.85.0/24
                  89.35.154.0/24
                  89.37.63.0/24
                  91.188.204.0/22
                  93.115.254.0/23
                  185.112.64.0/22
                  185.135.140.0/23
                  185.135.143.0/24
                  185.238.10.0/24
                  185.241.210.0/23
                  185.255.39.0/24
                  185.255.168.0/22
                  188.212.133.0/24
                  188.212.155.0/24
                  188.212.159.0/24
                  188.213.202.0/23
                  188.214.209.0/24
                  188.240.224.0/23
                  188.240.227.0/24
                  188.240.233.0/24
                  188.241.242.0/23
                  193.23.128.0/23
                  213.232.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1f:af:1d:2f:57:89:1f:da:0a:62:bd:95:11:d9:9a:3e:7c:cb:
         8d:c2:9a:ce:28:0a:c7:f8:49:3e:d1:26:1e:fd:7b:a6:2f:c6:
         8a:ec:5a:22:72:62:7c:03:1c:59:23:51:7a:e5:61:4b:fc:da:
         d8:63:21:97:db:9d:ef:97:1a:e3:ef:29:5f:f5:cd:9f:41:87:
         ee:e8:d9:99:0f:5d:13:68:5d:52:2f:05:bc:ac:2d:5a:73:78:
         af:0c:63:82:45:70:b5:1a:8f:24:17:43:cd:9c:9c:66:4a:c2:
         53:20:61:60:51:ec:ab:79:97:fb:6f:43:e8:c1:76:ca:52:ee:
         8a:fc:e1:a3:55:0b:41:d2:b2:5c:88:8e:3a:37:f3:98:cd:9c:
         8d:7f:ac:8b:20:e0:87:ed:9d:7c:11:77:2e:83:fd:84:10:d0:
         91:2e:2f:43:34:a4:82:44:61:db:16:25:1c:94:96:39:75:a2:
         b7:39:23:aa:13:cc:b2:62:3b:d6:27:5f:d6:a6:70:a3:a6:86:
         68:c0:cd:df:15:fc:aa:7c:34:75:35:c7:43:f5:1a:71:00:a2:
         ac:92:32:0d:43:e3:02:d7:59:8a:34:a3:d3:e9:b7:2f:f9:93:
         c9:45:42:17:ee:2e:d1:01:e6:5e:b6:9a:aa:06:3f:46:2f:91:
         9b:6d:6d:c6
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYsbvG8keEbxBuxAlK9bMwp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDEwMjIzNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2FhZWExYWMyMjUxNWMzY2M3NzU4ZGFhZWZhYmI4OWY1MWIxY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNaGPEFlMA66WgNWQ50mjGuxEBIP
bmuywIDUBit4lZrfDPJgeQxwkRCUAPXozAmKggSD911+HjlV8zZ2s6Xe/BzvddM/
mZvL8OBxO2jfATOi7AB2pyg/p1u5bJ3lLmWVKb+X15a+nsGFexA6tW5tSGJRtPo+
VGOUw8+2obDQcx1UiNZXu2uAf2QeiVwB0JOlUs1tvXFuA3oI+ZobmC/zJQaVRjgP
oq4cNh4SxmkYiAJhYASKDwFG22pFY534gfArsWsEVqLabkrpmdXFczTotXlAylNU
JTxnc+PqbX2KH3eKKCzUGjB21rzN7LonAMHoxPuOG2RchYax5ImdHhDOgwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFKeq6hrCJRXDzHdY2q76u4n1GxzuMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcDZycUdzSWxGY1BNZDFqYXJ2cTdpZlViSE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAK5
cEADBAG5h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAC8
1JsDBAC81J8DBAG81coDBAC81tEDBAG88OADBAC88OMDBAC88OkDBAG88fIDBAHB
F4ADBALV6FwwDQYJKoZIhvcNAQELBQADggEBAB+vHS9XiR/aCmK9lRHZmj58y43C
ms4oCsf4ST7RJh79e6YvxorsWiJyYnwDHFkjUXrlYUv82thjIZfbne+XGuPvKV/1
zZ9Bh+7o2ZkPXRNoXVIvBbysLVpzeK8MY4JFcLUajyQXQ82cnGZKwlMgYWBR7Kt5
l/tvQ+jBdspS7or84aNVC0HSslyIjjo385jNnI1/rIsg4IftnXwRdy6D/YQQ0JEu
L0M0pIJEYdsWJRyUljl1orc5I6oTzLJiO9YnX9amcKOmhmjAzd8V/Kp8NHU1x0P1
GnEAoqySMg1D4wLXWYo0o9Ppty/5k8lFQhfuLtEB5l62mqoGP0YvkZttbcY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org