Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/w5A2DrJomIBx5eFNmARBi3uAQ-g.roa
File:                     w5A2DrJomIBx5eFNmARBi3uAQ-g.roa (raw, json)
Hash identifier:          2yP0kZk7onwwlTdVcsWmNyKbxu15uKeGKSv2/cfIVEU=
Subject key identifier:   C3:90:36:0E:B2:68:98:80:71:E5:E1:4D:98:04:41:8B:7B:80:43:E8
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0188AF1D317F75039725AAFE57D13B52D3A5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/w5A2DrJomIBx5eFNmARBi3uAQ-g.roa
Signing time:             Mon 12 Jun 2023 10:18:25 +0000
ROA not before:           Mon 12 Jun 2023 10:18:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15731
IP address blocks:        89.35.154.0/24 maxlen: 24
                          188.241.243.0/24 maxlen: 24
                          213.232.94.0/23 maxlen: 24
                          185.135.141.0/24 maxlen: 24
                          188.212.155.0/24 maxlen: 24
                          188.241.182.0/24 maxlen: 24
                          188.240.233.0/24 maxlen: 24
                          188.241.110.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24
                          89.37.62.0/24 maxlen: 24
                          89.37.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 21 Jun 2023 04:04:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:af:1d:31:7f:75:03:97:25:aa:fe:57:d1:3b:52:d3:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jun 12 10:18:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c390360eb268988071e5e14d9804418b7b8043e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ca:9d:6f:ed:86:ac:6c:b5:25:d7:5d:ca:aa:
                    22:44:c0:c4:c3:d0:36:11:d0:ff:ae:24:19:45:05:
                    55:1d:52:53:4e:59:91:ae:55:22:59:d1:fb:bd:89:
                    bc:e3:47:c0:6c:50:b4:4c:09:a4:0f:be:65:67:71:
                    a6:df:c5:ab:b6:b1:0e:8c:c8:f5:b1:b5:72:91:3f:
                    d8:85:b5:8c:0d:0b:87:95:d0:8c:39:ff:05:38:f3:
                    ff:97:9a:c6:2b:c0:83:a7:55:d6:bd:99:17:44:c9:
                    76:8a:53:f5:6d:d0:c5:20:d8:53:18:77:3f:81:68:
                    7e:44:17:34:87:3d:b3:ec:61:51:5e:54:bf:96:f8:
                    de:a9:3f:77:43:7b:8b:66:02:9b:de:26:75:e9:ab:
                    66:6d:a3:fe:e8:df:c7:e6:d6:ed:fd:c6:27:5d:7c:
                    79:da:23:b3:55:1c:b5:ef:a3:ff:e3:b1:aa:0d:32:
                    21:7c:47:15:d7:5a:24:a8:f0:39:f4:1c:23:7f:a1:
                    78:35:a0:51:0e:5b:ca:49:07:03:bc:96:72:d7:e8:
                    e1:42:12:36:45:84:3c:07:5a:39:f9:78:8c:29:e4:
                    45:72:5f:78:c2:3c:b2:c9:79:ff:5c:e3:96:0f:26:
                    d4:9a:bb:04:48:16:15:34:6e:08:f7:5d:78:db:b4:
                    ad:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:90:36:0E:B2:68:98:80:71:E5:E1:4D:98:04:41:8B:7B:80:43:E8
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/w5A2DrJomIBx5eFNmARBi3uAQ-g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.35.154.0/24
                  89.37.62.0/23
                  91.188.204.0/24
                  185.135.141.0/24
                  188.212.155.0/24
                  188.240.233.0/24
                  188.241.110.0/24
                  188.241.182.0/24
                  188.241.243.0/24
                  213.232.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:35:9d:41:2c:c3:b6:13:4d:a0:7a:b1:29:3b:80:95:68:e5:
         71:a7:37:cd:db:b5:e8:77:0f:da:d7:c1:c0:f9:f5:35:74:53:
         cb:af:37:1f:b0:e2:08:8d:85:86:e1:19:de:85:f1:00:16:22:
         e5:b0:88:fd:22:fe:8d:bc:80:c7:b5:b9:d4:d4:6e:da:a1:c8:
         80:cc:30:a5:4e:49:a1:28:e4:63:b9:ae:58:bf:19:e7:f9:49:
         52:8e:51:ca:f5:66:1b:10:71:01:24:67:a3:8d:ed:d1:88:9a:
         15:a6:e4:8e:d1:4c:8a:73:f1:8e:12:a3:26:b0:ef:c5:f4:57:
         c1:0c:16:95:f5:b9:17:d3:70:93:c0:a0:58:43:fe:4f:33:d8:
         61:b0:4f:07:ff:85:24:13:41:97:f5:65:6d:32:3f:e0:f0:f6:
         61:e3:ef:a5:93:24:0f:a4:56:a2:e3:13:4c:5e:df:e6:f1:15:
         a4:6c:e2:cc:82:c6:f5:7e:93:bc:c6:f0:bd:59:5a:e5:b1:50:
         92:e3:ed:ec:77:cf:eb:2b:68:19:30:35:3c:17:cc:8f:18:4f:
         93:c6:d2:c8:c7:ce:b7:6d:58:e4:fd:bb:fd:62:3a:db:1c:d4:
         32:bc:f4:48:8b:eb:b3:ab:be:50:07:1d:d3:80:25:bf:e6:4c:
         4f:71:be:e2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYivHTF/dQOXJar+V9E7UtOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjEyMTAxODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzkwMzYwZWIyNjg5ODgwNzFlNWUxNGQ5ODA0NDE4YjdiODA0M2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8qdb+2GrGy1JdddyqoiRMDEw9A2
EdD/riQZRQVVHVJTTlmRrlUiWdH7vYm840fAbFC0TAmkD75lZ3Gm38WrtrEOjMj1
sbVykT/YhbWMDQuHldCMOf8FOPP/l5rGK8CDp1XWvZkXRMl2ilP1bdDFINhTGHc/
gWh+RBc0hz2z7GFRXlS/lvjeqT93Q3uLZgKb3iZ16atmbaP+6N/H5tbt/cYnXXx5
2iOzVRy176P/47GqDTIhfEcV11okqPA59Bwjf6F4NaBRDlvKSQcDvJZy1+jhQhI2
RYQ8B1o5+XiMKeRFcl94wjyyyXn/XOOWDybUmrsESBYVNG4I911427St5QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMOQNg6yaJiAceXhTZgEQYt7gEPoMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdzVBMkRySm9tSUJ4NWVGTm1BUkJpM3VBUS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAWSOaAwQB
WSU+AwQAW7zMAwQAuYeNAwQAvNSbAwQAvPDpAwQAvPFuAwQAvPG2AwQAvPHzAwQB
1eheMA0GCSqGSIb3DQEBCwUAA4IBAQABNZ1BLMO2E02gerEpO4CVaOVxpzfN27Xo
dw/a18HA+fU1dFPLrzcfsOIIjYWG4RnehfEAFiLlsIj9Iv6NvIDHtbnU1G7aociA
zDClTkmhKORjua5Yvxnn+UlSjlHK9WYbEHEBJGejje3RiJoVpuSO0UyKc/GOEqMm
sO/F9FfBDBaV9bkX03CTwKBYQ/5PM9hhsE8H/4UkE0GX9WVtMj/g8PZh4++lkyQP
pFai4xNMXt/m8RWkbOLMgsb1fpO8xvC9WVrlsVCS4+3sd8/rK2gZMDU8F8yPGE+T
xtLIx863bVjk/bv9YjrbHNQyvPRIi+uzq75QBx3TgCW/5kxPcb7i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org