Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/NWoafxMHk5Vz4Tj-kqMP1G5m5Xk.roa
File:                     NWoafxMHk5Vz4Tj-kqMP1G5m5Xk.roa (raw, json)
Hash identifier:          3GPpTjJ5n4u/6RREzWRr+zSrReVZgyEDis7B9maSHls=
Subject key identifier:   35:6A:1A:7F:13:07:93:95:73:E1:38:FE:92:A3:0F:D4:6E:66:E5:79
Certificate issuer:       /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial:       0188B8BAB3BEFD2F8E5496462D7915467BA6
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/NWoafxMHk5Vz4Tj-kqMP1G5m5Xk.roa
Signing time:             Wed 14 Jun 2023 07:07:03 +0000
ROA not before:           Wed 14 Jun 2023 07:07:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204548
IP address blocks:        81.28.6.0/24 maxlen: 24
                          83.229.84.0/24 maxlen: 24
                          83.229.85.0/24 maxlen: 24
                          83.229.86.0/24 maxlen: 24
                          83.229.87.0/24 maxlen: 24
                          194.36.88.0/24 maxlen: 24
                          63.250.59.0/24 maxlen: 24
                          63.250.60.0/24 maxlen: 24
                          195.238.122.0/24 maxlen: 24
                          45.83.41.0/24 maxlen: 24
                          185.237.97.0/24 maxlen: 24
                          185.237.96.0/24 maxlen: 24
                          185.53.210.0/24 maxlen: 24
                          185.237.14.0/24 maxlen: 24
                          185.237.15.0/24 maxlen: 24
                          91.202.170.0/24 maxlen: 24
                          2a06:c5c0:1100::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 15 Aug 2023 10:50:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b8:ba:b3:be:fd:2f:8e:54:96:46:2d:79:15:46:7b:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
        Validity
            Not Before: Jun 14 07:07:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=356a1a7f1307939573e138fe92a30fd46e66e579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b7:00:e0:a5:53:d6:46:37:34:99:ca:72:f2:
                    93:e7:62:98:89:fd:55:dc:c8:e5:51:ec:c5:4f:82:
                    0e:52:3e:a5:b4:37:f9:00:b3:44:3b:73:76:7b:f7:
                    d0:22:f6:35:32:fd:b0:8b:38:29:64:a2:d0:68:53:
                    03:0f:e1:6a:50:af:f2:c3:78:6e:bc:80:0b:a2:a0:
                    d3:ae:eb:50:4a:76:83:6a:83:2a:3e:3f:c1:23:0f:
                    9d:30:7b:8d:8d:b4:7d:08:42:65:43:7f:e4:9f:d4:
                    0b:78:45:e4:d4:8a:c8:72:72:df:4e:de:19:c3:f8:
                    37:08:5f:39:7b:06:fc:d0:6f:5f:15:03:7b:d7:96:
                    06:f5:5b:24:c5:66:47:24:03:89:bd:f4:0e:4e:fd:
                    49:32:65:7b:e0:94:b2:8a:ee:83:95:01:b9:a8:7b:
                    99:ee:34:61:51:de:fd:61:7f:e8:e1:5d:78:29:61:
                    14:50:56:c7:9e:09:be:7f:3f:9e:86:18:1b:d7:3c:
                    de:46:2e:a6:d0:81:79:01:ec:b7:04:37:82:a1:d0:
                    56:bf:e5:56:47:46:11:36:12:dd:8a:a5:21:db:6c:
                    5a:8c:91:52:9a:7f:01:f1:d1:c9:35:f5:ca:61:5e:
                    87:6b:1b:b9:35:b8:54:09:7a:82:f3:1f:77:bc:cb:
                    f0:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:6A:1A:7F:13:07:93:95:73:E1:38:FE:92:A3:0F:D4:6E:66:E5:79
            X509v3 Authority Key Identifier:
                keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/NWoafxMHk5Vz4Tj-kqMP1G5m5Xk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.83.41.0/24
                  63.250.59.0-63.250.60.255
                  81.28.6.0/24
                  83.229.84.0/22
                  91.202.170.0/24
                  185.53.210.0/24
                  185.237.14.0/23
                  185.237.96.0/23
                  194.36.88.0/24
                  195.238.122.0/24
                IPv6:
                  2a06:c5c0:1100::/48

    Signature Algorithm: sha256WithRSAEncryption
         81:68:40:f3:83:7c:43:e7:ee:f1:db:20:d2:2f:f2:ec:43:f6:
         af:b9:69:7d:05:28:8c:5f:22:b6:64:30:31:5d:03:c9:8c:1b:
         72:59:6f:c3:81:7a:f9:94:a8:82:bd:1e:ba:c3:af:8b:8e:12:
         a7:26:3c:c7:47:ff:05:ba:3c:3f:76:86:2b:08:ed:9e:2d:93:
         94:d4:8e:e2:2d:5a:d9:a5:94:ee:86:98:a6:1c:88:a6:34:26:
         3f:67:bd:73:85:f8:b5:61:c1:72:08:1f:93:12:5c:dd:52:44:
         a8:27:b8:47:67:b7:d2:26:95:bd:36:e1:37:ea:e8:ec:4f:d5:
         e7:27:45:6f:57:31:12:bb:f0:f9:43:dd:d0:71:3a:e4:c4:c6:
         d0:3b:da:8f:de:7d:6e:cc:ef:4c:65:4c:a5:6e:e7:53:7e:7c:
         a0:29:57:f1:ec:f4:c3:03:94:81:37:76:11:b3:ac:e2:a1:e8:
         7d:14:32:62:c2:d7:20:a3:ee:d8:d1:13:f0:c0:6a:cb:26:8c:
         1a:84:c1:cd:5f:ee:98:72:f5:e1:dc:bc:f9:e0:44:6d:4a:60:
         2c:b9:be:4a:86:f4:b3:0d:8a:1b:c5:b6:fc:06:52:c5:f8:cf:
         21:d5:b2:4e:24:61:cc:62:50:80:bd:ed:c0:03:d7:1b:5f:5e:
         45:5b:5f:45
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYi4urO+/S+OVJZGLXkVRnumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjMwNjE0MDcwNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTZhMWE3ZjEzMDc5Mzk1NzNlMTM4ZmU5MmEzMGZkNDZlNjZlNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7cA4KVT1kY3NJnKcvKT52KYif1V
3MjlUezFT4IOUj6ltDf5ALNEO3N2e/fQIvY1Mv2wizgpZKLQaFMDD+FqUK/yw3hu
vIALoqDTrutQSnaDaoMqPj/BIw+dMHuNjbR9CEJlQ3/kn9QLeEXk1IrIcnLfTt4Z
w/g3CF85ewb80G9fFQN715YG9VskxWZHJAOJvfQOTv1JMmV74JSyiu6DlQG5qHuZ
7jRhUd79YX/o4V14KWEUUFbHngm+fz+ehhgb1zzeRi6m0IF5Aey3BDeCodBWv+VW
R0YRNhLdiqUh22xajJFSmn8B8dHJNfXKYV6Haxu5NbhUCXqC8x93vMvwcwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFDVqGn8TB5OVc+E4/pKjD9RuZuV5MB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvTldvYWZ4TUhrNVZ6NFRqLWtxTVAxRzVtNVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBKBAIAATBEAwQALVMpMAwD
BAA/+jsDBAA/+jwDBABRHAYDBAJT5VQDBABbyqoDBAC5NdIDBAG57Q4DBAG57WAD
BADCJFgDBADD7nowDwQCAAIwCQMHACoGxcARADANBgkqhkiG9w0BAQsFAAOCAQEA
gWhA84N8Q+fu8dsg0i/y7EP2r7lpfQUojF8itmQwMV0DyYwbcllvw4F6+ZSogr0e
usOvi44SpyY8x0f/Bbo8P3aGKwjtni2TlNSO4i1a2aWU7oaYphyIpjQmP2e9c4X4
tWHBcggfkxJc3VJEqCe4R2e30iaVvTbhN+ro7E/V5ydFb1cxErvw+UPd0HE65MTG
0Dvaj959bszvTGVMpW7nU358oClX8ez0wwOUgTd2EbOs4qHofRQyYsLXIKPu2NET
8MBqyyaMGoTBzV/umHL14dy8+eBEbUpgLLm+Sob0sw2KG8W2/AZSxfjPIdWyTiRh
zGJQgL3twAPXG19eRVtfRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:32 2024 by rpki-client on console-fra.rpki-client.org