Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uMcsD5HTB5yNF_JYQa2wmwDXta4.roa
File:                     uMcsD5HTB5yNF_JYQa2wmwDXta4.roa (raw, json)
Hash identifier:          fNV8IIIjeZTOkZi16YDFCsPw14b6vwbRMbTHBKJVgAg=
Subject key identifier:   B8:C7:2C:0F:91:D3:07:9C:8D:17:F2:58:41:AD:B0:9B:00:D7:B5:AE
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01863655A38ED2DBAEAD81FB41593F8719B7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uMcsD5HTB5yNF_JYQa2wmwDXta4.roa
Signing time:             Thu 09 Feb 2023 13:20:27 +0000
ROA not before:           Thu 09 Feb 2023 13:20:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206092
IP address blocks:        45.130.83.0/24 maxlen: 24
                          45.130.81.0/24 maxlen: 24
                          45.130.80.0/24 maxlen: 24
                          203.26.81.0/24 maxlen: 24
                          185.192.71.0/24 maxlen: 24
                          188.212.135.0/24 maxlen: 24
                          89.47.15.0/24 maxlen: 24
                          45.67.96.0/24 maxlen: 24
                          193.19.109.0/24 maxlen: 24
                          45.135.186.0/24 maxlen: 24
                          203.159.81.0/24 maxlen: 24
                          45.135.187.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 06:04:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:36:55:a3:8e:d2:db:ae:ad:81:fb:41:59:3f:87:19:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb  9 13:20:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b8c72c0f91d3079c8d17f25841adb09b00d7b5ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:0f:54:cf:4f:75:56:d3:1f:ee:ae:45:4a:75:
                    35:9d:40:28:4b:66:4b:99:a3:c2:3a:6d:55:a8:cc:
                    08:a8:84:02:63:0b:f5:f6:8f:2d:b7:f4:bd:d4:8b:
                    7e:36:a4:00:de:93:ee:0a:48:ef:9c:29:46:03:37:
                    98:96:f4:df:53:69:16:b3:99:72:92:58:e5:06:5c:
                    bb:26:4d:17:76:3a:79:a5:4d:1d:dc:ce:40:d1:c9:
                    0c:8e:e4:24:64:4d:17:f3:3f:23:ef:07:6a:98:c2:
                    45:0e:db:a6:d1:c0:d5:87:fc:aa:85:52:28:23:70:
                    90:ca:d6:93:77:11:5b:08:4d:07:b0:ab:5c:d1:87:
                    27:a5:b6:7f:77:54:50:aa:51:7a:18:7c:e5:f6:f5:
                    04:4a:fa:47:2b:8a:8c:e6:94:b6:57:78:74:ac:57:
                    c2:64:b1:5f:1e:fa:ab:ac:17:e4:db:e1:95:2d:b3:
                    82:0a:b8:83:25:e5:83:ac:de:1b:c3:80:57:c1:b9:
                    b3:17:d7:2b:da:4a:20:3f:07:a4:4d:a1:b5:4a:73:
                    fd:dc:63:db:aa:95:a4:fe:e2:ea:72:10:23:a3:4d:
                    ee:97:47:07:91:c3:2c:5a:c0:df:3f:6b:6c:9a:e2:
                    26:dc:59:8c:24:2b:fa:8d:66:45:46:b3:f9:ac:24:
                    ca:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:C7:2C:0F:91:D3:07:9C:8D:17:F2:58:41:AD:B0:9B:00:D7:B5:AE
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uMcsD5HTB5yNF_JYQa2wmwDXta4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.67.96.0/24
                  45.130.80.0/23
                  45.130.83.0/24
                  45.135.186.0/23
                  89.47.15.0/24
                  185.192.71.0/24
                  188.212.135.0/24
                  193.19.109.0/24
                  203.26.81.0/24
                  203.159.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:4d:9c:b3:b8:d4:85:32:57:40:ae:96:80:a8:31:98:a5:e2:
         dc:e3:ab:a0:45:93:82:b6:f3:49:91:33:9b:4a:5b:bd:d7:f1:
         8b:29:10:08:8f:55:f2:76:0d:5f:02:42:fa:a4:89:e6:65:f1:
         75:a6:55:06:d3:25:db:64:86:40:d8:df:bf:eb:54:29:cd:ec:
         32:ba:f2:fa:06:34:1c:08:a3:87:8c:01:d1:2a:5d:bc:0f:62:
         f9:a9:61:c5:a7:4c:29:da:92:2b:e5:21:d2:c1:4c:42:dd:c5:
         23:72:85:b3:cf:58:77:1e:e6:0a:03:25:6b:85:09:07:72:b8:
         80:2e:0c:50:8a:4e:e8:a6:0a:5a:0e:b2:14:ef:22:d8:90:04:
         ac:86:fb:81:5e:db:18:8f:1c:73:e8:39:69:2d:41:ad:e0:af:
         12:3e:1c:bd:b7:46:f1:b6:8d:77:a4:a6:dd:1e:93:ce:b6:69:
         23:e8:b7:62:99:e5:50:bd:e9:18:dc:c5:94:be:65:e7:60:c1:
         aa:81:ff:66:19:d0:55:75:d2:eb:08:df:70:06:67:b6:8d:1e:
         e6:9f:ee:24:29:fd:3d:4d:f3:7a:fb:7d:9f:18:e0:88:ab:66:
         b8:f2:aa:cd:ff:f4:35:de:c5:ac:2f:46:b1:87:fb:57:e3:17:
         b6:f5:18:a7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYY2VaOO0tuurYH7QVk/hxm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA5MTMyMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGM3MmMwZjkxZDMwNzljOGQxN2YyNTg0MWFkYjA5YjAwZDdiNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA9Uz091VtMf7q5FSnU1nUAoS2ZL
maPCOm1VqMwIqIQCYwv19o8tt/S91It+NqQA3pPuCkjvnClGAzeYlvTfU2kWs5ly
kljlBly7Jk0Xdjp5pU0d3M5A0ckMjuQkZE0X8z8j7wdqmMJFDtum0cDVh/yqhVIo
I3CQytaTdxFbCE0HsKtc0YcnpbZ/d1RQqlF6GHzl9vUESvpHK4qM5pS2V3h0rFfC
ZLFfHvqrrBfk2+GVLbOCCriDJeWDrN4bw4BXwbmzF9cr2kogPwekTaG1SnP93GPb
qpWk/uLqchAjo03ul0cHkcMsWsDfP2tsmuIm3FmMJCv6jWZFRrP5rCTKvwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFLjHLA+R0wecjRfyWEGtsJsA17WuMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdU1jc0Q1SFRCNXlORl9KWVFhMndtd0RYdGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALUNgAwQB
LYJQAwQALYJTAwQBLYe6AwQAWS8PAwQAucBHAwQAvNSHAwQAwRNtAwQAyxpRAwQA
y59RMA0GCSqGSIb3DQEBCwUAA4IBAQCITZyzuNSFMldArpaAqDGYpeLc46ugRZOC
tvNJkTObSlu91/GLKRAIj1Xydg1fAkL6pInmZfF1plUG0yXbZIZA2N+/61Qpzewy
uvL6BjQcCKOHjAHRKl28D2L5qWHFp0wp2pIr5SHSwUxC3cUjcoWzz1h3HuYKAyVr
hQkHcriALgxQik7opgpaDrIU7yLYkASshvuBXtsYjxxz6DlpLUGt4K8SPhy9t0bx
to13pKbdHpPOtmkj6LdimeVQvekY3MWUvmXnYMGqgf9mGdBVddLrCN9wBme2jR7m
n+4kKf09TfN6+32fGOCIq2a48qrN//Q13sWsL0axh/tX4xe29Rin
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org