Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/uGI9GDCHcGfNGY01lgE_VfbHd0w.roa
File:                     uGI9GDCHcGfNGY01lgE_VfbHd0w.roa (raw, json)
Hash identifier:          klJlFe/EhbK5xrl85Su2xx+C0ZffFPE7ZWeZdSUvS00=
Subject key identifier:   B8:62:3D:18:30:87:70:67:CD:19:8D:35:96:01:3F:55:F6:C7:77:4C
Certificate issuer:       /CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Certificate serial:       01890B26295306B9C0DCDAE3B7359F0D9769
Authority key identifier: F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/uGI9GDCHcGfNGY01lgE_VfbHd0w.roa
Signing time:             Fri 30 Jun 2023 07:13:17 +0000
ROA not before:           Fri 30 Jun 2023 07:13:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39923
IP address blocks:        185.58.96.0/22 maxlen: 22
                          185.35.164.0/22 maxlen: 22
                          195.189.202.0/23 maxlen: 23
                          194.146.23.0/24 maxlen: 24
                          185.111.204.0/22 maxlen: 22
                          185.111.204.0/24 maxlen: 24
                          185.111.205.0/24 maxlen: 24
                          185.111.206.0/24 maxlen: 24
                          194.145.127.0/24 maxlen: 24
                          109.68.160.0/21 maxlen: 21
                          109.68.164.0/24 maxlen: 24
                          91.238.219.0/24 maxlen: 24
                          2a02:2a08::/32 maxlen: 32
                          2a04:6480::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:0b:26:29:53:06:b9:c0:dc:da:e3:b7:35:9f:0d:97:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f10d39eddb008d1b89df9741960dbf2044f657fb
        Validity
            Not Before: Jun 30 07:13:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b8623d1830877067cd198d3596013f55f6c7774c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:26:c4:9e:f6:86:95:9e:36:07:33:c4:31:03:
                    de:e6:02:fd:a1:1c:ec:8b:24:7e:93:49:4d:ec:69:
                    5d:0b:ca:ae:8a:f3:2c:27:7c:1a:43:69:c7:dc:29:
                    82:9a:9c:53:00:1f:7d:82:4a:36:16:9c:5e:b3:5a:
                    0e:32:0c:98:a4:32:e8:bb:e0:4f:dd:b7:bc:d6:e0:
                    e8:cf:62:96:ae:de:62:dd:b1:71:e6:b7:2c:8e:ee:
                    66:ca:91:2a:b9:0a:89:45:1f:88:2e:10:0a:64:24:
                    f1:dd:47:7e:61:c8:4b:0e:dc:56:bb:0a:22:b1:d7:
                    13:27:ed:d3:98:ec:2d:d8:6b:18:f3:3d:64:9f:be:
                    95:8d:a5:c6:08:82:25:df:a8:e6:29:5b:b9:67:f0:
                    73:7c:62:6a:a8:ee:0b:6b:70:ba:aa:75:47:ca:81:
                    9c:af:7d:d8:e2:f5:ac:81:cf:22:7d:ce:a2:b5:1c:
                    a9:af:47:f9:63:f0:d5:c3:0f:29:7a:eb:f1:bb:d0:
                    ff:99:02:af:1a:6e:af:53:4c:4a:fb:1f:6a:34:13:
                    97:8a:03:b3:fd:6b:4d:a7:0c:81:cf:b3:18:ed:03:
                    26:1b:ac:87:be:10:b7:19:f5:55:6f:ca:30:99:c6:
                    68:3a:bb:f6:47:67:51:b5:77:1d:ab:39:da:da:16:
                    00:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:62:3D:18:30:87:70:67:CD:19:8D:35:96:01:3F:55:F6:C7:77:4C
            X509v3 Authority Key Identifier:
                keyid:F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/uGI9GDCHcGfNGY01lgE_VfbHd0w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/8Q057dsAjRuJ35dBlg2_IET2V_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.238.219.0/24
                  109.68.160.0/21
                  185.35.164.0/22
                  185.58.96.0/22
                  185.111.204.0/22
                  194.145.127.0/24
                  194.146.23.0/24
                  195.189.202.0/23
                IPv6:
                  2a02:2a08::/32
                  2a04:6480::/29

    Signature Algorithm: sha256WithRSAEncryption
         3b:80:78:70:e7:d5:73:2d:9f:cb:a8:04:7b:27:de:b6:d0:38:
         32:1e:b2:a8:90:c2:81:e1:49:ea:ff:44:5c:21:de:68:88:61:
         77:0c:26:42:08:e0:da:8e:87:72:c3:b4:fc:11:4c:a7:14:cf:
         c7:e8:a6:a4:05:69:31:b0:10:5d:f1:7c:fb:0d:fe:8c:24:33:
         81:6b:8e:61:39:2a:08:b2:cf:6a:bc:8a:21:fc:c7:df:34:ae:
         72:5f:ab:f5:f1:90:4b:e5:6d:e8:d4:a8:0a:95:84:01:b2:42:
         65:8b:9a:53:ca:8b:13:8f:c6:0a:a8:b7:1e:a8:19:b9:e8:5a:
         be:84:06:eb:8f:84:25:fc:a0:2c:30:aa:d7:22:f7:40:27:53:
         e9:0a:7c:bd:33:e8:fc:6c:9d:a7:fc:17:cd:e9:30:eb:18:5f:
         f1:04:d8:d5:fb:3d:2e:68:1e:47:94:dc:79:d7:ab:6c:e7:ee:
         6c:b4:b4:e8:9a:df:28:c3:d3:4b:39:4e:6a:bb:2b:bd:b0:96:
         7a:27:8e:d8:71:41:b4:06:7e:c9:00:3d:4d:2f:fe:5b:36:e4:
         fe:b1:8e:c0:48:ae:8a:30:8e:b3:b8:b7:4b:99:25:a1:b0:7c:
         91:a1:ad:95:09:97:22:dc:61:95:99:c5:89:a8:f1:b7:35:a9:
         f8:9e:cc:d7
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYkLJilTBrnA3NrjtzWfDZdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMGQzOWVkZGIwMDhkMWI4OWRmOTc0MTk2MGRiZjIwNDRm
NjU3ZmIwHhcNMjMwNjMwMDcxMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODYyM2QxODMwODc3MDY3Y2QxOThkMzU5NjAxM2Y1NWY2Yzc3NzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtibEnvaGlZ42BzPEMQPe5gL9oRzs
iyR+k0lN7GldC8quivMsJ3waQ2nH3CmCmpxTAB99gko2Fpxes1oOMgyYpDLou+BP
3be81uDoz2KWrt5i3bFx5rcsju5mypEquQqJRR+ILhAKZCTx3Ud+YchLDtxWuwoi
sdcTJ+3TmOwt2GsY8z1kn76VjaXGCIIl36jmKVu5Z/BzfGJqqO4La3C6qnVHyoGc
r33Y4vWsgc8ifc6itRypr0f5Y/DVww8peuvxu9D/mQKvGm6vU0xK+x9qNBOXigOz
/WtNpwyBz7MY7QMmG6yHvhC3GfVVb8owmcZoOrv2R2dRtXcdqzna2hYA1QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLhiPRgwh3BnzRmNNZYBP1X2x3dMMB8GA1UdIwQY
MBaAFPENOe3bAI0bid+XQZYNvyBE9lf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFEwNTdkc0FqUnVKMzVkQmxnMl9JRVQyVl9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mNzBlMWEtNzMyZS00ZTZiLWIzYjUt
ZjU2MmI4OTc0ZDhiLzEvdUdJOUdEQ0hjR2ZOR1kwMWxnRV9WZmJIZDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mNzBlMWEtNzMyZS00ZTZiLWIzYjUtZjU2MmI4OTc0ZDhi
LzEvOFEwNTdkc0FqUnVKMzVkQmxnMl9JRVQyVl9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQAW+7bAwQD
bUSgAwQCuSOkAwQCuTpgAwQCuW/MAwQAwpF/AwQAwpIXAwQBw73KMBQEAgACMA4D
BQAqAioIAwUDKgRkgDANBgkqhkiG9w0BAQsFAAOCAQEAO4B4cOfVcy2fy6gEeyfe
ttA4Mh6yqJDCgeFJ6v9EXCHeaIhhdwwmQgjg2o6HcsO0/BFMpxTPx+impAVpMbAQ
XfF8+w3+jCQzgWuOYTkqCLLParyKIfzH3zSucl+r9fGQS+Vt6NSoCpWEAbJCZYua
U8qLE4/GCqi3HqgZuehavoQG64+EJfygLDCq1yL3QCdT6Qp8vTPo/Gydp/wXzekw
6xhf8QTY1fs9LmgeR5TcederbOfubLS06JrfKMPTSzlOarsrvbCWeieO2HFBtAZ+
yQA9TS/+Wzbk/rGOwEiuijCOs7i3S5klobB8kaGtlQmXItxhlZnFiajxtzWp+J7M
1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:00 2024 by rpki-client on console-fra.rpki-client.org