Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/84b575-5563-4f1b-865a-815eea33b35b/1/luiOOJpmKfc_SyCuTm8UBOs97aI.roa
File:                     luiOOJpmKfc_SyCuTm8UBOs97aI.roa (raw, json)
Hash identifier:          twtrZCK0GbhApxYCzbKOQ1FfYj5P67GXscYkhPAw49A=
Subject key identifier:   96:E8:8E:38:9A:66:29:F7:3F:4B:20:AE:4E:6F:14:04:EB:3D:ED:A2
Certificate issuer:       /CN=34fc1821905516e618320e9e471a13b2aaac96ff
Certificate serial:       01856D4AE7F9FF550014089F923F79FC6F95
Authority key identifier: 34:FC:18:21:90:55:16:E6:18:32:0E:9E:47:1A:13:B2:AA:AC:96:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NPwYIZBVFuYYMg6eRxoTsqqslv8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/84b575-5563-4f1b-865a-815eea33b35b/1/luiOOJpmKfc_SyCuTm8UBOs97aI.roa
Signing time:             Sun 01 Jan 2023 12:25:03 +0000
ROA not before:           Sun 01 Jan 2023 12:25:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35568
IP address blocks:        185.236.132.0/22 maxlen: 24
                          185.236.132.0/24 maxlen: 24
                          87.236.136.0/24 maxlen: 24
                          87.236.136.0/21 maxlen: 21
                          185.236.135.0/24 maxlen: 24
                          185.236.134.0/24 maxlen: 24
                          185.236.133.0/24 maxlen: 24
                          87.236.139.0/24 maxlen: 24
                          87.236.138.0/24 maxlen: 24
                          87.236.137.0/24 maxlen: 24
                          87.236.143.0/24 maxlen: 24
                          87.236.142.0/24 maxlen: 24
                          87.236.141.0/24 maxlen: 24
                          87.236.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:4a:e7:f9:ff:55:00:14:08:9f:92:3f:79:fc:6f:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34fc1821905516e618320e9e471a13b2aaac96ff
        Validity
            Not Before: Jan  1 12:25:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=96e88e389a6629f73f4b20ae4e6f1404eb3deda2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:be:cf:a3:78:fa:2b:fc:ee:7b:08:7d:51:78:
                    97:37:1d:1b:24:db:06:92:46:14:d5:ae:bc:b0:5c:
                    e3:eb:42:88:26:6a:21:fe:24:0f:e0:60:d4:b7:fa:
                    74:28:f7:43:c5:05:b4:a7:49:1b:fa:a1:dc:6c:50:
                    9a:37:fe:e3:d6:ff:29:c7:1a:d0:f5:94:cb:a1:87:
                    d5:aa:66:03:6e:6d:bd:a1:b6:af:57:f1:10:11:73:
                    ef:80:a3:5d:cc:9c:0f:42:dd:8c:4c:99:29:1e:8a:
                    3d:ce:f9:02:51:78:bd:4c:e3:f3:88:73:9c:18:ca:
                    4e:68:49:24:88:db:71:a8:74:16:4a:90:bc:aa:ba:
                    56:c7:88:33:b4:1a:58:53:38:74:e6:60:45:f9:05:
                    dd:14:60:09:aa:48:31:dc:54:13:78:7d:85:3d:c1:
                    e1:3c:9f:95:3f:d0:49:f0:e3:88:d0:97:4b:e3:0d:
                    d2:3a:d0:7d:c8:93:22:9d:8f:d6:a8:b7:f9:48:7a:
                    01:6b:b5:e6:67:53:d4:17:51:c1:0a:6c:87:89:5b:
                    0b:de:de:8b:b5:6b:f7:51:6d:71:b3:d9:f6:40:51:
                    da:09:a5:79:94:ce:c1:54:5d:b5:c5:15:e8:79:46:
                    ef:eb:78:7f:d7:45:05:b3:1d:d8:ea:2c:22:53:74:
                    e4:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:E8:8E:38:9A:66:29:F7:3F:4B:20:AE:4E:6F:14:04:EB:3D:ED:A2
            X509v3 Authority Key Identifier:
                keyid:34:FC:18:21:90:55:16:E6:18:32:0E:9E:47:1A:13:B2:AA:AC:96:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPwYIZBVFuYYMg6eRxoTsqqslv8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/84b575-5563-4f1b-865a-815eea33b35b/1/luiOOJpmKfc_SyCuTm8UBOs97aI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/84b575-5563-4f1b-865a-815eea33b35b/1/NPwYIZBVFuYYMg6eRxoTsqqslv8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.236.136.0/21
                  185.236.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         24:41:45:34:35:a4:db:a7:41:6f:7a:d1:13:9e:e1:5d:b9:2c:
         2a:03:11:2c:eb:fa:60:e1:b2:0a:58:67:74:1f:39:2b:0e:8e:
         dd:c5:af:62:0c:7d:6b:a7:ba:39:61:ba:d8:64:69:f7:41:9f:
         0a:3c:c6:cc:62:d9:49:a1:55:03:25:3d:79:ef:b5:30:5a:a8:
         44:ea:8a:8b:e3:54:59:09:3d:a1:76:a1:29:17:f6:dc:80:68:
         3d:b8:6d:58:b4:bf:ec:95:a8:53:03:cc:2b:25:9e:29:85:09:
         11:5f:e8:8a:35:a6:ce:3f:c2:01:00:84:1b:2e:6a:e5:89:2f:
         68:b3:91:8c:f5:86:73:12:97:ad:12:c9:6d:1c:68:a1:5f:f9:
         45:32:43:3e:46:df:df:d2:c4:e2:22:5c:e1:e6:0a:b4:c3:09:
         af:7f:6f:2b:df:26:7c:98:c1:fd:dd:59:93:f4:4a:49:70:35:
         27:f1:4c:1f:2c:2e:98:b8:04:a2:62:8c:29:bb:58:a5:b7:4c:
         d2:73:c3:52:98:31:35:d9:50:ed:c7:f6:6b:4d:41:b0:2e:52:
         28:ba:45:ee:1b:8c:fb:75:ee:36:00:a9:cd:8b:be:c7:71:cc:
         4a:29:e3:7c:32:7d:fa:7c:92:72:c5:48:e8:42:ab:87:8d:cc:
         58:b9:a0:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtSuf5/1UAFAifkj95/G+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZmMxODIxOTA1NTE2ZTYxODMyMGU5ZTQ3MWExM2IyYWFh
Yzk2ZmYwHhcNMjMwMTAxMTIyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmU4OGUzODlhNjYyOWY3M2Y0YjIwYWU0ZTZmMTQwNGViM2RlZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0b7Po3j6K/zuewh9UXiXNx0bJNsG
kkYU1a68sFzj60KIJmoh/iQP4GDUt/p0KPdDxQW0p0kb+qHcbFCaN/7j1v8pxxrQ
9ZTLoYfVqmYDbm29obavV/EQEXPvgKNdzJwPQt2MTJkpHoo9zvkCUXi9TOPziHOc
GMpOaEkkiNtxqHQWSpC8qrpWx4gztBpYUzh05mBF+QXdFGAJqkgx3FQTeH2FPcHh
PJ+VP9BJ8OOI0JdL4w3SOtB9yJMinY/WqLf5SHoBa7XmZ1PUF1HBCmyHiVsL3t6L
tWv3UW1xs9n2QFHaCaV5lM7BVF21xRXoeUbv63h/10UFsx3Y6iwiU3Tk6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJbojjiaZin3P0sgrk5vFATrPe2iMB8GA1UdIwQY
MBaAFDT8GCGQVRbmGDIOnkcaE7KqrJb/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlB3WUlaQlZGdVlZTWc2ZVJ4b1RzcXFzbHY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84NGI1NzUtNTU2My00ZjFiLTg2NWEt
ODE1ZWVhMzNiMzViLzEvbHVpT09KcG1LZmNfU3lDdVRtOFVCT3M5N2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84NGI1NzUtNTU2My00ZjFiLTg2NWEtODE1ZWVhMzNiMzVi
LzEvTlB3WUlaQlZGdVlZTWc2ZVJ4b1RzcXFzbHY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDV+yIAwQC
ueyEMA0GCSqGSIb3DQEBCwUAA4IBAQAkQUU0NaTbp0FvetETnuFduSwqAxEs6/pg
4bIKWGd0HzkrDo7dxa9iDH1rp7o5YbrYZGn3QZ8KPMbMYtlJoVUDJT1577UwWqhE
6oqL41RZCT2hdqEpF/bcgGg9uG1YtL/slahTA8wrJZ4phQkRX+iKNabOP8IBAIQb
LmrliS9os5GM9YZzEpetEsltHGihX/lFMkM+Rt/f0sTiIlzh5gq0wwmvf28r3yZ8
mMH93VmT9EpJcDUn8UwfLC6YuASiYowpu1ilt0zSc8NSmDE12VDtx/ZrTUGwLlIo
ukXuG4z7de42AKnNi77HccxKKeN8Mn36fJJyxUjoQquHjcxYuaBI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:11 2024 by rpki-client on console-fra.rpki-client.org