Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qiTe4w64iJBaacAdnQynYY54OIw.roa
File:                     qiTe4w64iJBaacAdnQynYY54OIw.roa (raw, json)
Hash identifier:          yPDNol9GQ66dFpEGpYvOn2C2tLVjtAIz1ivP9eWpDV0=
Subject key identifier:   AA:24:DE:E3:0E:B8:88:90:5A:69:C0:1D:9D:0C:A7:61:8E:78:38:8C
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018B539109FBC3582D642089A6F01DB190C4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qiTe4w64iJBaacAdnQynYY54OIw.roa
Signing time:             Sat 21 Oct 2023 18:48:16 +0000
ROA not before:           Sat 21 Oct 2023 18:48:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        188.241.243.0/24 maxlen: 24
                          185.255.39.0/24 maxlen: 24
                          188.214.209.0/24 maxlen: 24
                          185.241.210.0/23 maxlen: 24
                          93.115.254.0/23 maxlen: 24
                          188.213.203.0/24 maxlen: 24
                          188.213.202.0/24 maxlen: 24
                          193.23.129.0/24 maxlen: 24
                          193.23.128.0/24 maxlen: 24
                          213.232.93.0/24 maxlen: 24
                          213.232.92.0/24 maxlen: 24
                          213.232.94.0/23 maxlen: 24
                          45.156.157.0/24 maxlen: 24
                          89.33.85.0/24 maxlen: 24
                          185.255.169.0/24 maxlen: 24
                          185.255.170.0/23 maxlen: 24
                          185.255.170.0/24 maxlen: 24
                          185.255.168.0/24 maxlen: 24
                          89.35.154.0/24 maxlen: 24
                          188.212.133.0/24 maxlen: 24
                          188.212.155.0/24 maxlen: 24
                          188.212.159.0/24 maxlen: 24
                          87.247.148.0/24 maxlen: 24
                          87.247.150.0/24 maxlen: 24
                          87.247.149.0/24 maxlen: 24
                          87.247.151.0/24 maxlen: 24
                          188.240.224.0/24 maxlen: 24
                          188.240.225.0/24 maxlen: 24
                          188.240.227.0/24 maxlen: 24
                          91.188.205.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24
                          91.188.206.0/24 maxlen: 24
                          91.188.207.0/24 maxlen: 24
                          89.37.63.0/24 maxlen: 24
                          45.146.184.0/22 maxlen: 24
                          185.135.140.0/24 maxlen: 24
                          185.135.141.0/24 maxlen: 24
                          185.135.143.0/24 maxlen: 24
                          185.238.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 23 Oct 2023 17:45:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:53:91:09:fb:c3:58:2d:64:20:89:a6:f0:1d:b1:90:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Oct 21 18:48:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aa24dee30eb888905a69c01d9d0ca7618e78388c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e6:5b:19:87:f3:30:76:62:4d:ce:0c:fa:dd:
                    53:3c:cb:f6:a3:f9:4c:08:0e:23:1b:15:d2:8c:b2:
                    5c:04:3e:ff:f0:99:0d:b6:73:fd:84:a7:13:b9:11:
                    0c:f8:2c:75:eb:39:84:ce:9d:f9:9a:a8:f9:7f:66:
                    1e:40:8e:32:bc:ca:e3:85:d6:b1:33:2f:7c:0d:e7:
                    f2:5f:25:58:66:05:be:d2:a7:25:68:93:ee:3a:9c:
                    e0:ad:67:aa:87:7e:d4:34:6a:41:df:dd:16:69:c8:
                    f2:1f:d8:14:7d:d1:16:17:1a:4f:69:06:38:a6:e3:
                    b3:9c:a6:12:ac:f8:cf:7a:ed:86:24:dd:01:a2:a2:
                    b8:6b:c3:f4:f7:3f:22:db:67:5a:29:4b:ed:f7:b3:
                    77:88:ad:a8:6e:c2:29:fc:5c:3f:47:44:0b:cd:f5:
                    75:b5:fa:dc:42:a1:3e:40:e6:72:7f:b4:a8:d5:dd:
                    97:28:c2:17:70:28:1c:ea:22:80:b1:36:29:0f:9f:
                    f9:93:19:c4:2b:25:ff:18:2f:2b:86:f8:e4:1c:d0:
                    7f:c6:68:6e:ea:98:30:d5:d4:f7:5e:38:38:79:60:
                    8f:ad:6d:83:a9:4e:49:15:0f:8f:48:d9:93:20:bd:
                    17:6e:d2:1e:4b:91:18:e8:2d:e5:25:be:e1:cd:eb:
                    5d:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:24:DE:E3:0E:B8:88:90:5A:69:C0:1D:9D:0C:A7:61:8E:78:38:8C
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qiTe4w64iJBaacAdnQynYY54OIw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.184.0/22
                  45.156.157.0/24
                  87.247.148.0/22
                  89.33.85.0/24
                  89.35.154.0/24
                  89.37.63.0/24
                  91.188.204.0/22
                  93.115.254.0/23
                  185.135.140.0/23
                  185.135.143.0/24
                  185.238.10.0/24
                  185.241.210.0/23
                  185.255.39.0/24
                  185.255.168.0/22
                  188.212.133.0/24
                  188.212.155.0/24
                  188.212.159.0/24
                  188.213.202.0/23
                  188.214.209.0/24
                  188.240.224.0/23
                  188.240.227.0/24
                  188.241.243.0/24
                  193.23.128.0/23
                  213.232.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         47:2e:9d:45:20:51:06:ab:47:e8:13:83:c0:db:d2:34:32:6a:
         63:2c:fc:7f:26:a7:a5:f5:b7:f8:9b:65:0e:90:f0:ce:92:70:
         34:f1:55:14:3b:01:3c:e8:dd:64:2f:8c:17:a3:14:6a:c4:d5:
         db:e4:5e:07:53:21:76:69:67:18:1c:6c:9c:f9:75:27:66:8a:
         38:84:89:8f:24:99:54:29:ae:b2:00:6b:26:8e:94:9a:73:2b:
         99:d0:46:42:92:a0:1a:1a:dd:7a:b7:07:57:fa:8a:af:99:ba:
         ab:b2:b7:59:27:07:1b:b1:f6:14:a4:d0:91:0f:73:79:24:53:
         d3:de:b2:af:08:e7:38:1c:6f:05:9e:28:5a:e8:bf:ed:7c:7a:
         34:9a:59:1b:69:5c:61:ef:5a:a3:47:2f:0a:21:57:6e:59:74:
         e4:ac:24:de:9a:dc:c5:e1:73:d7:00:cd:11:ae:8a:dd:af:5c:
         49:90:30:18:93:4d:af:6b:89:76:a8:3e:ea:4a:fd:f1:c4:e7:
         14:33:10:b8:c9:fd:25:5c:c3:f1:a5:25:22:74:d6:8e:8f:bb:
         37:ac:66:3a:41:76:e1:92:70:81:7e:0f:6c:e8:74:4e:d3:e1:
         a4:cd:17:99:96:60:08:1e:bf:2b:10:c8:32:92:d7:f8:54:be:
         ed:a3:2c:93
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYtTkQn7w1gtZCCJpvAdsZDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDIxMTg0ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTI0ZGVlMzBlYjg4ODkwNWE2OWMwMWQ5ZDBjYTc2MThlNzgzODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOZbGYfzMHZiTc4M+t1TPMv2o/lM
CA4jGxXSjLJcBD7/8JkNtnP9hKcTuREM+Cx16zmEzp35mqj5f2YeQI4yvMrjhdax
My98DefyXyVYZgW+0qclaJPuOpzgrWeqh37UNGpB390WacjyH9gUfdEWFxpPaQY4
puOznKYSrPjPeu2GJN0BoqK4a8P09z8i22daKUvt97N3iK2obsIp/Fw/R0QLzfV1
tfrcQqE+QOZyf7So1d2XKMIXcCgc6iKAsTYpD5/5kxnEKyX/GC8rhvjkHNB/xmhu
6pgw1dT3Xjg4eWCPrW2DqU5JFQ+PSNmTIL0XbtIeS5EY6C3lJb7hzetddwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFKok3uMOuIiQWmnAHZ0Mp2GOeDiMMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcWlUZTR3NjRpSkJhYWNBZG5ReW5ZWTU0T0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBABZJT8DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAC81IUDBAC81JsDBAC8
1J8DBAG81coDBAC81tEDBAG88OADBAC88OMDBAC88fMDBAHBF4ADBALV6FwwDQYJ
KoZIhvcNAQELBQADggEBAEcunUUgUQarR+gTg8Db0jQyamMs/H8mp6X1t/ibZQ6Q
8M6ScDTxVRQ7ATzo3WQvjBejFGrE1dvkXgdTIXZpZxgcbJz5dSdmijiEiY8kmVQp
rrIAayaOlJpzK5nQRkKSoBoa3Xq3B1f6iq+Zuquyt1knBxux9hSk0JEPc3kkU9Pe
sq8I5zgcbwWeKFrov+18ejSaWRtpXGHvWqNHLwohV25ZdOSsJN6a3MXhc9cAzRGu
it2vXEmQMBiTTa9riXaoPupK/fHE5xQzELjJ/SVcw/GlJSJ01o6PuzesZjpBduGS
cIF+D2zodE7T4aTNF5mWYAgevysQyDKS1/hUvu2jLJM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org