Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/6c_8NwuSv0tQQ7cCiLDFlQHnbuk.roa
File:                     6c_8NwuSv0tQQ7cCiLDFlQHnbuk.roa (raw, json)
Hash identifier:          +s8QotbTbkXfMYGHJVYDU/7/HV5pEa0C74vsEFRfh2I=
Subject key identifier:   E9:CF:FC:37:0B:92:BF:4B:50:43:B7:02:88:B0:C5:95:01:E7:6E:E9
Certificate issuer:       /CN=96f71b2273ab34ed4a5481176ef70fad867ef166
Certificate serial:       01856E2FBD62CC107DED9304607C2CBA110D
Authority key identifier: 96:F7:1B:22:73:AB:34:ED:4A:54:81:17:6E:F7:0F:AD:86:7E:F1:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lvcbInOrNO1KVIEXbvcPrYZ-8WY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/6c_8NwuSv0tQQ7cCiLDFlQHnbuk.roa
Signing time:             Sun 01 Jan 2023 16:35:00 +0000
ROA not before:           Sun 01 Jan 2023 16:35:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42947
IP address blocks:        193.31.96.0/22 maxlen: 24
                          176.101.72.0/21 maxlen: 24
                          193.32.72.0/21 maxlen: 24
                          185.152.108.0/23 maxlen: 24
                          185.152.110.0/24 maxlen: 24
                          193.150.16.0/22 maxlen: 24
                          185.50.116.0/22 maxlen: 24
                          193.187.184.0/22 maxlen: 24
                          89.34.28.0/22 maxlen: 24
                          185.88.232.0/22 maxlen: 24
                          185.110.224.0/22 maxlen: 24
                          194.36.200.0/22 maxlen: 24
                          2a02:2b60::/32 maxlen: 64

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:2f:bd:62:cc:10:7d:ed:93:04:60:7c:2c:ba:11:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96f71b2273ab34ed4a5481176ef70fad867ef166
        Validity
            Not Before: Jan  1 16:35:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e9cffc370b92bf4b5043b70288b0c59501e76ee9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:2f:10:d6:0d:cc:a3:84:fd:3b:d6:2b:b8:1a:
                    32:39:00:a8:c3:e7:64:9d:19:3d:89:7d:9d:7a:a3:
                    1c:0c:8a:e0:d3:e7:ff:21:04:b2:25:4f:5d:55:98:
                    f1:24:25:9c:f8:37:b1:7e:63:d3:4c:c8:f6:b7:5e:
                    f9:e8:1e:02:bb:34:6a:55:4c:8c:78:08:1f:c2:3b:
                    de:d3:56:7a:90:52:72:06:bd:02:c9:a7:8d:23:1c:
                    5b:78:4d:fe:1b:ce:79:54:1b:7c:9a:c1:43:0f:c4:
                    55:58:1d:e4:ed:c1:e2:38:ea:25:be:d9:f6:f1:01:
                    16:38:61:cf:8b:c8:bf:9a:e3:8b:e7:bb:a0:c8:71:
                    21:2a:16:d9:c6:2e:be:c1:9c:58:88:e2:9a:16:74:
                    c9:5e:20:70:e1:ac:55:55:57:c5:d9:c6:6b:14:60:
                    05:4b:0f:c5:c9:3e:b3:d2:24:e9:56:54:b7:60:7f:
                    c5:9f:b3:52:5a:96:0b:a1:a5:88:27:79:1f:6d:84:
                    1c:31:2b:0e:f6:2f:37:99:22:ba:45:ca:ab:51:3a:
                    3a:f8:9a:c2:91:79:57:0e:e7:3f:28:b0:43:cb:cd:
                    b4:33:ec:b1:2a:c9:eb:11:cc:bd:e7:a8:12:ec:7d:
                    58:d6:17:e1:2a:57:22:6a:8e:27:f8:19:00:94:69:
                    33:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:CF:FC:37:0B:92:BF:4B:50:43:B7:02:88:B0:C5:95:01:E7:6E:E9
            X509v3 Authority Key Identifier:
                keyid:96:F7:1B:22:73:AB:34:ED:4A:54:81:17:6E:F7:0F:AD:86:7E:F1:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lvcbInOrNO1KVIEXbvcPrYZ-8WY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/6c_8NwuSv0tQQ7cCiLDFlQHnbuk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/lvcbInOrNO1KVIEXbvcPrYZ-8WY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.34.28.0/22
                  176.101.72.0/21
                  185.50.116.0/22
                  185.88.232.0/22
                  185.110.224.0/22
                  185.152.108.0-185.152.110.255
                  193.31.96.0/22
                  193.32.72.0/21
                  193.150.16.0/22
                  193.187.184.0/22
                  194.36.200.0/22
                IPv6:
                  2a02:2b60::/32

    Signature Algorithm: sha256WithRSAEncryption
         19:66:3f:8b:a6:21:ca:7a:e1:1f:76:39:e6:e1:61:ef:9c:87:
         2d:f8:67:72:1a:df:cc:64:2f:e6:b6:6c:10:ed:b1:3c:bb:7c:
         28:87:ea:80:b2:3c:2b:e3:91:58:70:71:db:69:0b:be:c5:bc:
         4d:36:2d:9a:f3:19:10:96:15:1c:24:6b:cf:12:6f:6e:e1:cd:
         77:38:dd:b8:a3:3e:c3:97:24:ab:dc:3b:ee:08:ce:71:80:11:
         c8:13:33:3d:ad:5f:02:67:9c:c5:7c:ea:84:28:7d:7f:eb:cb:
         ac:b4:6d:7c:6d:9f:b9:e2:7b:88:e7:33:a7:85:28:9e:a8:d5:
         a0:09:5b:d8:6b:a8:40:a3:9e:9f:98:00:df:8b:a2:cd:94:71:
         bd:8d:73:cb:0c:cf:12:9a:57:aa:a6:23:58:86:b1:c7:ee:c7:
         0e:d1:c9:32:3a:bd:c3:58:b3:76:70:7e:db:a8:a3:9b:7c:45:
         bf:ff:86:46:f6:9d:31:0e:75:00:9a:4a:25:9f:ad:36:28:f4:
         1d:59:4c:14:3d:9d:55:64:fb:74:69:83:37:84:4e:c7:c7:a2:
         f1:b9:90:7a:95:46:7b:be:c5:d2:54:07:ea:f6:61:ff:26:f3:
         5c:07:c3:88:90:55:20:9f:40:b5:59:81:69:fa:e8:13:a6:8e:
         15:82:d5:16
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYVuL71izBB97ZMEYHwsuhENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZjcxYjIyNzNhYjM0ZWQ0YTU0ODExNzZlZjcwZmFkODY3
ZWYxNjYwHhcNMjMwMTAxMTYzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWNmZmMzNzBiOTJiZjRiNTA0M2I3MDI4OGIwYzU5NTAxZTc2ZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C8Q1g3Mo4T9O9YruBoyOQCow+dk
nRk9iX2deqMcDIrg0+f/IQSyJU9dVZjxJCWc+DexfmPTTMj2t1756B4CuzRqVUyM
eAgfwjve01Z6kFJyBr0CyaeNIxxbeE3+G855VBt8msFDD8RVWB3k7cHiOOolvtn2
8QEWOGHPi8i/muOL57ugyHEhKhbZxi6+wZxYiOKaFnTJXiBw4axVVVfF2cZrFGAF
Sw/FyT6z0iTpVlS3YH/Fn7NSWpYLoaWIJ3kfbYQcMSsO9i83mSK6RcqrUTo6+JrC
kXlXDuc/KLBDy820M+yxKsnrEcy956gS7H1Y1hfhKlciao4n+BkAlGkzHwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFOnP/DcLkr9LUEO3AoiwxZUB527pMB8GA1UdIwQY
MBaAFJb3GyJzqzTtSlSBF273D62GfvFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHZjYkluT3JOTzFLVklFWGJ2Y1ByWVotOFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wN2FlOWUtM2QwNC00NWI2LTlkYjAt
NDY5MzVmY2M4NTVlLzEvNmNfOE53dVN2MHRRUTdjQ2lMREZsUUhuYnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wN2FlOWUtM2QwNC00NWI2LTlkYjAtNDY5MzVmY2M4NTVl
LzEvbHZjYkluT3JOTzFLVklFWGJ2Y1ByWVotOFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQCWSIcAwQD
sGVIAwQCuTJ0AwQCuVjoAwQCuW7gMAwDBAK5mGwDBAC5mG4DBALBH2ADBAPBIEgD
BALBlhADBALBu7gDBALCJMgwDQQCAAIwBwMFACoCK2AwDQYJKoZIhvcNAQELBQAD
ggEBABlmP4umIcp64R92OebhYe+chy34Z3Ia38xkL+a2bBDtsTy7fCiH6oCyPCvj
kVhwcdtpC77FvE02LZrzGRCWFRwka88Sb27hzXc43bijPsOXJKvcO+4IznGAEcgT
Mz2tXwJnnMV86oQofX/ry6y0bXxtn7nie4jnM6eFKJ6o1aAJW9hrqECjnp+YAN+L
os2Ucb2Nc8sMzxKaV6qmI1iGscfuxw7RyTI6vcNYs3Zwftuoo5t8Rb//hkb2nTEO
dQCaSiWfrTYo9B1ZTBQ9nVVk+3RpgzeETsfHovG5kHqVRnu+xdJUB+r2Yf8m81wH
w4iQVSCfQLVZgWn66BOmjhWC1RY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:02 2024 by rpki-client on console-fra.rpki-client.org