Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/QUX9DD8sdSsduUWBAAIt9w3GLwI.roa
File:                     QUX9DD8sdSsduUWBAAIt9w3GLwI.roa (raw, json)
Hash identifier:          lyoKpmhQq4CrfkWmwjlmKh2gLgcYjCFDy/5UdILDKHI=
Subject key identifier:   41:45:FD:0C:3F:2C:75:2B:1D:B9:45:81:00:02:2D:F7:0D:C6:2F:02
Certificate issuer:       /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial:       018C01E396468129BFCB14AC11F995D0C501
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/QUX9DD8sdSsduUWBAAIt9w3GLwI.roa
Signing time:             Fri 24 Nov 2023 15:12:21 +0000
ROA not before:           Fri 24 Nov 2023 15:12:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49223
IP address blocks:        185.145.233.0/24 maxlen: 24
                          146.19.159.0/24 maxlen: 24
                          193.228.127.0/24 maxlen: 24
                          5.44.250.0/24 maxlen: 24
                          212.6.63.0/24 maxlen: 24
                          193.56.147.0/24 maxlen: 24
                          194.56.149.0/24 maxlen: 24
                          212.18.97.0/24 maxlen: 24
                          185.249.54.0/24 maxlen: 24
                          193.163.6.0/24 maxlen: 24
                          185.99.23.0/24 maxlen: 24
                          185.218.186.0/24 maxlen: 24
                          109.107.143.0/24 maxlen: 24
                          109.205.59.0/24 maxlen: 24
                          62.106.82.0/24 maxlen: 24
                          213.109.195.0/24 maxlen: 24
                          194.126.176.0/24 maxlen: 24
                          195.234.29.0/24 maxlen: 24
                          176.126.108.0/24 maxlen: 24
                          178.23.191.0/24 maxlen: 24
                          185.252.209.0/24 maxlen: 24
                          91.242.246.0/24 maxlen: 24
                          185.197.151.0/24 maxlen: 24
                          195.69.149.0/24 maxlen: 24
                          91.224.141.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:01:e3:96:46:81:29:bf:cb:14:ac:11:f9:95:d0:c5:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
        Validity
            Not Before: Nov 24 15:12:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4145fd0c3f2c752b1db9458100022df70dc62f02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:4c:8c:d8:c2:d8:d2:d9:8b:e3:f8:18:f8:31:
                    47:c6:dd:e8:fc:e4:2b:13:aa:5a:4e:d1:d3:4f:c0:
                    80:a9:f3:88:b0:26:d4:58:cb:37:95:50:6c:8e:2d:
                    ab:4e:54:42:31:82:40:c9:7c:79:4a:97:0a:c7:36:
                    40:25:a1:55:0f:ff:b4:32:b7:71:df:eb:32:99:37:
                    3f:1b:93:ba:0e:81:05:49:ea:0e:91:c2:65:7f:87:
                    fb:d6:b7:b1:aa:b4:03:6b:73:bb:b0:be:9f:0d:07:
                    fc:d5:76:63:6f:3a:ad:bf:05:eb:38:b0:42:86:ca:
                    10:45:c6:09:c2:4b:d0:4a:4a:1c:45:92:9c:68:8d:
                    2d:6f:ea:7c:4b:84:e7:ca:3f:58:60:ae:b6:11:9b:
                    40:fa:4b:15:f9:e0:0a:b7:c0:6b:6a:5a:17:9b:a6:
                    79:75:6b:e0:3f:74:37:31:e9:1b:12:61:67:20:5d:
                    a2:a2:1a:9c:fe:1d:9f:37:1e:56:ba:70:94:ba:10:
                    ae:cc:10:a5:b7:d3:db:5c:78:c5:df:c8:6d:32:08:
                    eb:bf:a9:58:44:38:44:3b:0e:bd:47:14:64:32:28:
                    25:5d:4a:59:a7:f3:db:d0:2a:d9:b4:c3:0d:f8:4e:
                    9f:16:7a:36:64:2d:cc:6b:39:98:c6:2a:43:16:6c:
                    c6:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:45:FD:0C:3F:2C:75:2B:1D:B9:45:81:00:02:2D:F7:0D:C6:2F:02
            X509v3 Authority Key Identifier:
                keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/QUX9DD8sdSsduUWBAAIt9w3GLwI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.44.250.0/24
                  62.106.82.0/24
                  91.224.141.0/24
                  91.242.246.0/24
                  109.107.143.0/24
                  109.205.59.0/24
                  146.19.159.0/24
                  176.126.108.0/24
                  178.23.191.0/24
                  185.99.23.0/24
                  185.145.233.0/24
                  185.197.151.0/24
                  185.218.186.0/24
                  185.249.54.0/24
                  185.252.209.0/24
                  193.56.147.0/24
                  193.163.6.0/24
                  193.228.127.0/24
                  194.56.149.0/24
                  194.126.176.0/24
                  195.69.149.0/24
                  195.234.29.0/24
                  212.6.63.0/24
                  212.18.97.0/24
                  213.109.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:fa:55:95:b5:fb:48:04:6d:e9:e6:1b:13:80:f8:97:5f:09:
         f8:85:c5:e6:7b:9f:ef:64:ca:49:30:dc:d2:a8:fd:1b:dd:a0:
         73:65:6e:67:9a:74:0c:ee:56:d2:a1:e3:a2:a6:6a:91:df:33:
         2e:b1:57:c5:3f:87:4b:4b:f8:6d:24:b3:b1:b1:4e:d2:78:bc:
         a5:4b:87:68:7d:07:45:33:df:11:48:96:b8:e2:e0:fd:04:76:
         cf:a2:40:8f:c9:2d:46:c9:ee:47:b3:58:39:38:5d:3e:21:15:
         87:99:47:5b:21:50:8a:1a:2f:77:64:8c:be:d8:83:60:1a:a8:
         b3:f3:15:9b:01:d0:94:45:75:90:ba:0e:84:35:d9:4d:36:df:
         7e:9d:5d:71:76:8d:87:17:7f:34:e7:26:14:ab:27:dd:14:27:
         72:00:a3:0f:94:86:5e:c9:f1:e1:37:fc:48:f8:6b:bf:fd:ca:
         73:15:e9:0c:be:d0:56:cc:66:aa:6f:51:62:53:6e:c5:ee:f3:
         d0:bc:31:2d:73:f9:08:d0:30:20:2d:d8:41:27:ab:c8:d0:33:
         48:84:a1:80:1d:d5:5c:18:12:c8:52:a5:56:21:d3:f7:9b:33:
         80:9d:9e:a3:32:de:02:7a:52:5e:e0:2c:17:5f:da:1e:37:c3:
         19:bd:da:06
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYwB45ZGgSm/yxSsEfmV0MUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjA3NmYyN2UxM2QxODAwZTc3ZDE2ZTRiNjBiMjNiNmY1
OGM4MjAwHhcNMjMxMTI0MTUxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQ1ZmQwYzNmMmM3NTJiMWRiOTQ1ODEwMDAyMmRmNzBkYzYyZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkyM2MLY0tmL4/gY+DFHxt3o/OQr
E6paTtHTT8CAqfOIsCbUWMs3lVBsji2rTlRCMYJAyXx5SpcKxzZAJaFVD/+0Mrdx
3+symTc/G5O6DoEFSeoOkcJlf4f71rexqrQDa3O7sL6fDQf81XZjbzqtvwXrOLBC
hsoQRcYJwkvQSkocRZKcaI0tb+p8S4Tnyj9YYK62EZtA+ksV+eAKt8BraloXm6Z5
dWvgP3Q3MekbEmFnIF2iohqc/h2fNx5WunCUuhCuzBClt9PbXHjF38htMgjrv6lY
RDhEOw69RxRkMiglXUpZp/Pb0CrZtMMN+E6fFno2ZC3MazmYxipDFmzGMQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFEFF/Qw/LHUrHblFgQACLfcNxi8CMB8GA1UdIwQY
MBaAFOVgdvJ+E9GADnfRbktgsjtvWMggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgt
NThjZjg5ODg4ZTJhLzEvUVVYOUREOHNkU3NkdVVXQkFBSXQ5dzNHTHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgtNThjZjg5ODg4ZTJh
LzEvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAAF
LPoDBAA+alIDBABb4I0DBABb8vYDBABta48DBABtzTsDBACSE58DBACwfmwDBACy
F78DBAC5YxcDBAC5kekDBAC5xZcDBAC52roDBAC5+TYDBAC5/NEDBADBOJMDBADB
owYDBADB5H8DBADCOJUDBADCfrADBADDRZUDBADD6h0DBADUBj8DBADUEmEDBADV
bcMwDQYJKoZIhvcNAQELBQADggEBAFj6VZW1+0gEbenmGxOA+JdfCfiFxeZ7n+9k
ykkw3NKo/RvdoHNlbmeadAzuVtKh46KmapHfMy6xV8U/h0tL+G0ks7GxTtJ4vKVL
h2h9B0Uz3xFIlrji4P0Eds+iQI/JLUbJ7kezWDk4XT4hFYeZR1shUIoaL3dkjL7Y
g2AaqLPzFZsB0JRFdZC6DoQ12U02336dXXF2jYcXfzTnJhSrJ90UJ3IAow+Uhl7J
8eE3/Ej4a7/9ynMV6Qy+0FbMZqpvUWJTbsXu89C8MS1z+QjQMCAt2EEnq8jQM0iE
oYAd1VwYEshSpVYh0/ebM4CdnqMy3gJ6Ul7gLBdf2h43wxm92gY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:49 2024 by rpki-client on console-fra.rpki-client.org