Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ucnITlPSkwfYJm4b8c_AGDtz43Y.roa
File:                     ucnITlPSkwfYJm4b8c_AGDtz43Y.roa (raw, json)
Hash identifier:          8Ppdq6RwZh4UxPbeWIiNS6/TJGPncuBrZwSWyiGPOVw=
Subject key identifier:   B9:C9:C8:4E:53:D2:93:07:D8:26:6E:1B:F1:CF:C0:18:3B:73:E3:76
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018BDD6BF5E48E46F536A3F8730DAB4F8F5E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ucnITlPSkwfYJm4b8c_AGDtz43Y.roa
Signing time:             Fri 17 Nov 2023 13:15:21 +0000
ROA not before:           Fri 17 Nov 2023 13:15:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7393
IP address blocks:        146.19.151.0/24 maxlen: 24
                          37.140.222.0/24 maxlen: 24
                          188.241.248.0/24 maxlen: 24
                          193.221.210.0/24 maxlen: 24
                          94.154.126.0/24 maxlen: 24
                          146.19.110.0/24 maxlen: 24
                          146.19.132.0/24 maxlen: 24
                          185.161.123.0/24 maxlen: 24
                          194.26.200.0/24 maxlen: 24
                          62.3.57.0/24 maxlen: 24
                          185.151.145.0/24 maxlen: 24
                          185.184.216.0/24 maxlen: 24
                          62.3.5.0/24 maxlen: 24
                          79.110.228.0/24 maxlen: 24
                          79.110.230.0/24 maxlen: 24
                          62.106.91.0/24 maxlen: 24
                          45.86.37.0/24 maxlen: 24
                          188.244.126.0/24 maxlen: 24
                          193.163.192.0/24 maxlen: 24
                          193.163.195.0/24 maxlen: 24
                          194.150.76.0/24 maxlen: 24
                          193.163.193.0/24 maxlen: 24
                          91.247.172.0/24 maxlen: 24
                          37.72.136.0/24 maxlen: 24
                          213.109.149.0/24 maxlen: 24
                          213.109.156.0/24 maxlen: 24
                          213.109.159.0/24 maxlen: 24
                          176.126.119.0/24 maxlen: 24
                          62.106.74.0/24 maxlen: 24
                          193.201.14.0/24 maxlen: 24
                          193.201.12.0/24 maxlen: 24
                          146.19.40.0/24 maxlen: 24
                          188.241.159.0/24 maxlen: 24
                          62.204.60.0/24 maxlen: 24
                          62.197.128.0/24 maxlen: 24
                          5.180.178.0/24 maxlen: 24
                          146.19.30.0/24 maxlen: 24
                          146.19.36.0/24 maxlen: 24
                          212.24.123.0/24 maxlen: 24
                          46.253.135.0/24 maxlen: 24
                          62.122.191.0/24 maxlen: 24
                          89.38.136.0/24 maxlen: 24
                          78.142.243.0/24 maxlen: 24
                          212.52.10.0/24 maxlen: 24
                          212.52.11.0/24 maxlen: 24
                          212.52.9.0/24 maxlen: 24
                          193.38.154.0/24 maxlen: 24
                          212.18.102.0/24 maxlen: 24
                          212.18.106.0/24 maxlen: 24
                          217.119.135.0/24 maxlen: 24
                          185.234.15.0/24 maxlen: 24
                          213.173.37.0/24 maxlen: 24
                          91.209.12.0/24 maxlen: 24
                          176.118.35.0/24 maxlen: 24
                          91.246.32.0/24 maxlen: 24
                          91.246.37.0/24 maxlen: 24
                          193.3.180.0/24 maxlen: 24
                          91.246.63.0/24 maxlen: 24
                          193.3.181.0/24 maxlen: 24
                          91.242.233.0/24 maxlen: 24
                          193.3.187.0/24 maxlen: 24
                          176.97.198.0/24 maxlen: 24
                          176.97.195.0/24 maxlen: 24
                          185.235.225.0/24 maxlen: 24
                          176.97.200.0/24 maxlen: 24
                          185.235.228.0/24 maxlen: 24
                          176.97.211.0/24 maxlen: 24
                          185.252.213.0/24 maxlen: 24
                          62.233.32.0/24 maxlen: 24
                          62.233.38.0/24 maxlen: 24
                          91.242.252.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 Nov 2023 09:04:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:dd:6b:f5:e4:8e:46:f5:36:a3:f8:73:0d:ab:4f:8f:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Nov 17 13:15:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b9c9c84e53d29307d8266e1bf1cfc0183b73e376
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b3:f0:6f:54:60:66:d9:a7:44:88:ad:85:c6:
                    ec:20:3b:bd:c0:cb:f4:72:30:38:bc:6f:f3:89:a4:
                    6a:f5:b7:9e:e6:11:e9:6a:78:30:63:d6:ce:e8:fa:
                    2e:dd:e8:c7:b6:38:62:76:ab:6b:97:d7:a1:5b:e0:
                    2d:7f:71:d9:28:f1:b9:8b:8a:aa:4a:53:e4:7d:0e:
                    20:65:a7:f9:42:a7:25:da:bd:e1:2b:27:0b:5b:c4:
                    4d:f7:ff:da:73:e8:69:26:a8:4f:90:9c:77:56:7c:
                    26:c5:84:0a:e5:a2:1b:86:a6:34:4a:15:0b:00:18:
                    74:2a:18:b9:b1:a4:2b:9c:aa:2e:cd:e1:8c:92:58:
                    df:65:e5:e8:d4:3c:e8:2a:c8:06:ba:f0:d9:48:47:
                    d9:b1:bc:2b:64:15:7f:78:a5:20:9d:bc:7a:7b:d0:
                    d2:6f:70:d2:32:fb:47:b1:09:ed:7d:5e:45:c1:a9:
                    67:b4:f0:b8:5f:1b:eb:1d:2b:a2:83:2d:ac:3d:5a:
                    7e:b0:2e:8b:d2:60:3c:63:db:b0:6d:87:ac:e9:34:
                    96:70:12:ec:f0:bc:4f:2e:62:35:11:a7:9f:75:df:
                    18:b6:60:5a:93:80:ec:a6:60:5a:8e:bc:63:d6:6c:
                    c6:9a:47:01:93:d0:39:a8:5c:b5:ca:a1:6d:22:12:
                    bf:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:C9:C8:4E:53:D2:93:07:D8:26:6E:1B:F1:CF:C0:18:3B:73:E3:76
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ucnITlPSkwfYJm4b8c_AGDtz43Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.178.0/24
                  37.72.136.0/24
                  37.140.222.0/24
                  45.86.37.0/24
                  46.253.135.0/24
                  62.3.5.0/24
                  62.3.57.0/24
                  62.106.74.0/24
                  62.106.91.0/24
                  62.122.191.0/24
                  62.197.128.0/24
                  62.204.60.0/24
                  62.233.32.0/24
                  62.233.38.0/24
                  78.142.243.0/24
                  79.110.228.0/24
                  79.110.230.0/24
                  89.38.136.0/24
                  91.209.12.0/24
                  91.242.233.0/24
                  91.242.252.0/24
                  91.246.32.0/24
                  91.246.37.0/24
                  91.246.63.0/24
                  91.247.172.0/24
                  94.154.126.0/24
                  146.19.30.0/24
                  146.19.36.0/24
                  146.19.40.0/24
                  146.19.110.0/24
                  146.19.132.0/24
                  146.19.151.0/24
                  176.97.195.0/24
                  176.97.198.0/24
                  176.97.200.0/24
                  176.97.211.0/24
                  176.118.35.0/24
                  176.126.119.0/24
                  185.151.145.0/24
                  185.161.123.0/24
                  185.184.216.0/24
                  185.234.15.0/24
                  185.235.225.0/24
                  185.235.228.0/24
                  185.252.213.0/24
                  188.241.159.0/24
                  188.241.248.0/24
                  188.244.126.0/24
                  193.3.180.0/23
                  193.3.187.0/24
                  193.38.154.0/24
                  193.163.192.0/23
                  193.163.195.0/24
                  193.201.12.0/24
                  193.201.14.0/24
                  193.221.210.0/24
                  194.26.200.0/24
                  194.150.76.0/24
                  212.18.102.0/24
                  212.18.106.0/24
                  212.24.123.0/24
                  212.52.9.0-212.52.11.255
                  213.109.149.0/24
                  213.109.156.0/24
                  213.109.159.0/24
                  213.173.37.0/24
                  217.119.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:af:e3:ff:31:a6:1e:e7:bd:b5:21:d6:37:97:59:84:d6:1d:
         cf:87:11:fb:45:18:6a:d7:59:03:6c:22:08:50:6a:c8:0e:65:
         aa:15:e3:58:46:8e:a4:18:84:bd:8a:73:24:f4:d8:94:e5:f5:
         f6:cd:22:25:87:f4:0c:6f:aa:64:01:fb:06:3c:42:17:7f:88:
         55:24:ee:a1:f3:4c:4a:38:9d:61:b7:a3:f8:d7:84:3e:d0:01:
         10:0c:61:be:a4:cf:84:dc:08:6b:3e:ea:8d:0c:fe:ff:6b:59:
         a0:8d:89:49:39:cc:23:3d:5c:17:55:dc:f4:ae:2e:88:92:0d:
         c9:3f:d3:86:95:40:16:ea:bd:ea:51:6e:5e:81:50:5f:4c:4d:
         48:8d:e2:fd:4e:f8:17:c9:90:23:57:06:e8:f0:d2:ed:e4:a7:
         07:c6:04:9e:22:91:82:4c:fc:eb:32:6c:2d:0a:b5:b3:64:fd:
         b4:73:c2:a9:83:25:e8:ce:32:ed:58:76:e5:bb:60:c3:9d:56:
         24:38:f0:86:01:5e:7a:2d:6f:6f:47:ec:4c:16:08:25:5c:e5:
         cf:4b:d9:32:92:70:e7:47:05:41:56:6e:2a:a8:1f:36:0e:65:
         60:3d:c3:f7:f8:0e:33:58:26:1a:be:87:c6:3c:85:de:d7:3a:
         98:34:b1:93
-----BEGIN CERTIFICATE-----
MIIGmzCCBYOgAwIBAgISAYvda/Xkjkb1NqP4cw2rT49eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTE3MTMxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWM5Yzg0ZTUzZDI5MzA3ZDgyNjZlMWJmMWNmYzAxODNiNzNlMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbPwb1RgZtmnRIithcbsIDu9wMv0
cjA4vG/ziaRq9bee5hHpangwY9bO6Pou3ejHtjhidqtrl9ehW+Atf3HZKPG5i4qq
SlPkfQ4gZaf5Qqcl2r3hKycLW8RN9//ac+hpJqhPkJx3VnwmxYQK5aIbhqY0ShUL
ABh0Khi5saQrnKouzeGMkljfZeXo1DzoKsgGuvDZSEfZsbwrZBV/eKUgnbx6e9DS
b3DSMvtHsQntfV5FwalntPC4XxvrHSuigy2sPVp+sC6L0mA8Y9uwbYes6TSWcBLs
8LxPLmI1Eaefdd8YtmBak4DspmBajrxj1mzGmkcBk9A5qFy1yqFtIhK/hQIDAQAB
o4IDpzCCA6MwHQYDVR0OBBYEFLnJyE5T0pMH2CZuG/HPwBg7c+N2MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdWNuSVRsUFNrd2ZZSm00YjhjX0FHRHR6NDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBuwYIKwYBBQUHAQcBAf8EggGqMIIBpjCCAaIEAgABMIIB
mgMEAAW0sgMEACVIiAMEACWM3gMEAC1WJQMEAC79hwMEAD4DBQMEAD4DOQMEAD5q
SgMEAD5qWwMEAD56vwMEAD7FgAMEAD7MPAMEAD7pIAMEAD7pJgMEAE6O8wMEAE9u
5AMEAE9u5gMEAFkmiAMEAFvRDAMEAFvy6QMEAFvy/AMEAFv2IAMEAFv2JQMEAFv2
PwMEAFv3rAMEAF6afgMEAJITHgMEAJITJAMEAJITKAMEAJITbgMEAJIThAMEAJIT
lwMEALBhwwMEALBhxgMEALBhyAMEALBh0wMEALB2IwMEALB+dwMEALmXkQMEALmh
ewMEALm42AMEALnqDwMEALnr4QMEALnr5AMEALn81QMEALzxnwMEALzx+AMEALz0
fgMEAcEDtAMEAMEDuwMEAMEmmgMEAcGjwAMEAMGjwwMEAMHJDAMEAMHJDgMEAMHd
0gMEAMIayAMEAMKWTAMEANQSZgMEANQSagMEANQYezAMAwQA1DQJAwQC1DQIAwQA
1W2VAwQA1W2cAwQA1W2fAwQA1a0lAwQA2XeHMA0GCSqGSIb3DQEBCwUAA4IBAQAy
r+P/MaYe5721IdY3l1mE1h3PhxH7RRhq11kDbCIIUGrIDmWqFeNYRo6kGIS9inMk
9NiU5fX2zSIlh/QMb6pkAfsGPEIXf4hVJO6h80xKOJ1ht6P414Q+0AEQDGG+pM+E
3AhrPuqNDP7/a1mgjYlJOcwjPVwXVdz0ri6Ikg3JP9OGlUAW6r3qUW5egVBfTE1I
jeL9TvgXyZAjVwbo8NLt5KcHxgSeIpGCTPzrMmwtCrWzZP20c8KpgyXozjLtWHbl
u2DDnVYkOPCGAV56LW9vR+xMFgglXOXPS9kyknDnRwVBVm4qqB82DmVgPcP3+A4z
WCYavofGPIXe1zqYNLGT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org